Skip to content

Commit dbe8ed4

Browse files
sorrowlesssorrowless
committed
Add new host
1 parent 6a9f715 commit dbe8ed4

7 files changed

Lines changed: 160 additions & 1 deletion

File tree

host_vars/ru02.sbog.org/3x-ui.yml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
---
2+
ui3x_ports: []
3+
ui3x_web_host: x-web.us03.sbog.ru
4+
ui3x_vless_host: dl.google.com
5+
ui3x_swarm_deploy:
6+
labels:
7+
- "traefik.enable=true"
8+
- "traefik.swarm.network={{ traefik_docker_network_name }}"
9+
- "traefik.http.routers.3xui.rule=Host(`{{ ui3x_web_host }}`)"
10+
- "traefik.http.routers.3xui.tls=true"
11+
- "traefik.http.routers.3xui.tls.certResolver=acmeDNS"
12+
- "traefik.http.services.3xui.loadbalancer.server.port=2053"
13+
- "traefik.tcp.routers.vless.rule=HostSNI(`{{ ui3x_vless_host }}`)"
14+
- "traefik.tcp.routers.vless.tls.passthrough=true"
15+
- "traefik.tcp.routers.vless.entrypoints=websecure"
16+
- "traefik.tcp.services.vless.loadbalancer.server.port=443"

host_vars/ru02.sbog.org/common.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
---
2+
placement: "Rostelekom macmini, RU"
3+
ansible_host: 10.10.10.196
4+
ansible_port: "{{ sshd_port }}"
5+
ansible_user: sbog
6+
ansible_become: true
7+
8+
server_common_host:
9+
dns_hostname: "ru02.sbog.org"

host_vars/ru02.sbog.org/common_vault.yml

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
$ANSIBLE_VAULT;1.1;AES256
2+
38613731663038366661313130613438313761373031656234636661656235393330326135353935
3+
6466646230303866653065346234613430353966653131330a633231313435396536633036323534
4+
30636538333434346332313432646434666434643131383732643264393863633930376334316636
5+
3433666565636262650a343138366538383961623633396635333332653130333239623163623138
6+
31376466643230333736646533646539663732343934316233363130626261623930343231653461
7+
30643832623937373837666364373166643935333661356431633061663062366337663530353631
8+
33616532613435313838393765616466626233656434333430623136393530613662386366363963
9+
30333262343633346436363030306134386533393230326565393532643437393935306234386339
10+
35643038343531313039386130323733353433666539343835363130393938653932643362366366
11+
66363937303934376230306231666163343165333839393034623934376437383765626639303738
12+
30633062323663363432663133346530313766313530323939613037396364353139383032353337
13+
62323231643837343063656131326331616331636337393363373431393961663563613136333061
14+
36393333613235396264643036343432623333626662373836376363656130636364343561363539
15+
32333439633635373731633161633838336361653431376661363637346263663339386535656532
16+
36306439323066616636653534646333333035386130646463313235646161333137333563396462
17+
62643731623032306563633662636566373437343962386537323665333434373231633338306232
18+
36643830613832383437336363636530383430373837363761636237653666346236346439353537
19+
32396561343365633230313536343730333037343463363561313932343664663166363538636462
20+
35646466633438663631363166393265643231363539336436666636643437343833623831353962
21+
39353566623262386539353630616330303836623165663333656136353337363538356163336266
22+
64633430383032646132326266613236623962363939626165323866386630356430

host_vars/ru02.sbog.org/docker.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
---
2+
# Docker config
3+
docker_additional_networks:
4+
- name: tf_net
5+
bridge_name: tf_bridge
6+
subnet: 10.210.0.0/16
7+
gateway: 10.210.0.1
8+
iprange: 10.210.128.0/17
9+
10+
docker_live_restore: false
11+
docker_swarm_manager: true
12+
docker_swarm_configure: true
13+
14+
docker_swarm_node_labels:
15+
traefik: "yes"

host_vars/ru02.sbog.org/traefik-vault.yml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
$ANSIBLE_VAULT;1.1;AES256
2+
66616634373533666131386661393733373330656331633562336130383137393437663935306562
3+
6639303335663538326561393565613038333665376539660a393035656136326130363333666333
4+
37646133303866623933386462326465643566323931343432643562376535333538636230393061
5+
6332366539346532340a393533316232363733343965633361633965326631343934373432643135
6+
63643531323061383738313365303062343961343834656335356636366463646330393433343564
7+
64613737643030393937633164323831366338663633323734653763666237303738353731313532
8+
65323838376431613038623138623534376565386266356138666635363235333731663463313630
9+
61396132666262376461366661356165306439623239343233386232356232646339323665343230
10+
63386266643765346333303965323363346265373661333763313438393664653734343532643836
11+
39666466396438393038633735333435643064343566656464653636386164653366373762376535
12+
31356630653734636635326537366632313130393939623633313731613633373365303831636431
13+
39613764666632653864346235643565323564353964373334643437303666303765313062313739
14+
36626332393330373936386238323234313661663235663934393063663138386566363631646132
15+
32393264363132326432656536613966646135393035396130396633316161653031386130613235
16+
33373364303435393962643633613033303338306637316433656366363736303531383135363566
17+
39323161306565366239623833333039373261373562326166316639353935666330653463393538
18+
65623532393832346239666166623064363732366339386534366234656538333130

host_vars/ru02.sbog.org/traefik.yml

Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
---
2+
traefik_config:
3+
# Global configuration
4+
checkNewVersion: true
5+
api:
6+
basePath: /traefik # so now api and dashboard will be accessible by /traefik/{api, dashboard}
7+
dashboard: true
8+
insecure: false
9+
10+
log:
11+
level: INFO
12+
13+
accesslog:
14+
addInternals: true
15+
16+
# Entrypoints configuration
17+
entryPoints:
18+
web:
19+
address: :80
20+
http:
21+
redirections:
22+
entryPoint:
23+
to: websecure
24+
scheme: https
25+
websecure:
26+
address: :443
27+
http:
28+
tls:
29+
certResolver: acmeDNS
30+
31+
certificatesResolvers:
32+
acmeTLS:
33+
acme:
34+
email: s@sbog.org
35+
storage: /etc/traefik/ssl-certs/acme.json
36+
tlsChallenge: true
37+
#caserver: https://acme-v02.api.letsencrypt.org/directory
38+
acmeDNS:
39+
acme:
40+
email: s@sbog.org
41+
storage: /etc/traefik/ssl-certs/acme.json
42+
dnsChallenge:
43+
provider: cloudflare
44+
resolvers:
45+
- 1.1.1.1:53
46+
- 8.8.8.8:53
47+
#caserver: https://acme-v02.api.letsencrypt.org/directory
48+
49+
# Providers configuration
50+
providers:
51+
swarm:
52+
endpoint: unix:///var/run/docker.sock
53+
watch: true
54+
exposedbydefault: false
55+
file:
56+
directory: "{{ traefik_host_confdir }}/dynamic-conf"
57+
watch: true
58+
59+
traefik_ports:
60+
- "80:80"
61+
- "443:443"
62+
63+
traefik_environment_vars:
64+
- CF_API_EMAIL={{ vault_tls_host.acme_ch_dns_vars.CF_Email }}
65+
- CF_API_KEY={{ vault_tls_host.acme_ch_dns_vars.CF_Key }}
66+
67+
traefik_docker_network_name: tf_net
68+
traefik_docker_networks:
69+
tf_net:
70+
name: "tf_net"
71+
external: true
72+
73+
traefik_swarm_cluster: true
74+
# traefik_swarm_manager value is inventory/hosts name, not actual DNS one
75+
traefik_swarm_manager: us03.sbog.org
76+
traefik_web_host: us03.sbog.ru
77+
78+
traefik_dynamic_confs:
79+
global_basicauth.yml: "{{ vault_traefik_global_basicauth }}"

host_vars/us03.sbog.org/bitwarden.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ pg4bw_postgres_password: "{{ vault_pg4bw_postgres_password }}"
1414
pg4bw_vaultwarden_user: "{{ vault_pg4bw_vaultwarden_user }}"
1515
pg4bw_vaultwarden_password: "{{ vault_pg4bw_vaultwarden_password }}"
1616

17-
bw_image: vaultwarden/server:1.34.1
17+
bw_image: vaultwarden/server:1.35.2
1818
bw_network_name: tf_net
1919
bw_web_host: bw.sbog.org
2020
bw_swarm_deploy:

0 commit comments

Comments
 (0)