diff --git a/ansible/roles/gluetun/vars/main.yml b/ansible/roles/gluetun/vars/main.yml new file mode 100644 index 0000000..ff6fdf9 --- /dev/null +++ b/ansible/roles/gluetun/vars/main.yml @@ -0,0 +1,8 @@ +wireguard_private_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 62616131323464616463333937343464626530313632376239316433666139383333653561363761 + 3738643265356437636233326364373832353263653961380a646362353962383939626430383831 + 37333138616635643961303164356137653461333964386163306237323031656164656430373138 + 3964636266646266390a336133633931336662663831643134303935363730616365373139613631 + 64306332313632303935633661313137663366353130656437343336383136623335613961373033 + 3031646661323438333261353634623863616330306365663133 diff --git a/ansible/roles/gluetun/vars/tasks/main.yml b/ansible/roles/gluetun/vars/tasks/main.yml new file mode 100644 index 0000000..edd3091 --- /dev/null +++ b/ansible/roles/gluetun/vars/tasks/main.yml @@ -0,0 +1,21 @@ +- name: Create install directory + file: + path: "{{ install_directory }}/{{ role_name }}" + state: directory + owner: "{{ docker_user }}" + mode: "{{ docker_compose_directory_mask }}" + become: true + +- name: Copy docker-compose file to destination + template: + src: docker-compose.yml + dest: "{{ install_directory }}/{{ role_name }}/docker-compose.yml" + mode: "{{ docker_compose_file_mask }}" + validate: docker-compose -f %s config + become: true + +- name: Start docker container + community.docker.docker_compose: + project_src: "{{ install_directory }}/{{ role_name }}" + pull: true + remove_orphans: yes diff --git a/ansible/roles/gluetun/vars/templates/docker-compose.yml b/ansible/roles/gluetun/vars/templates/docker-compose.yml new file mode 100644 index 0000000..7912dff --- /dev/null +++ b/ansible/roles/gluetun/vars/templates/docker-compose.yml @@ -0,0 +1,31 @@ +version: "3" + +networks: + traefik: + external: true + +services: + gluetun: + container_name: gluetun + image: qmcgaw/gluetun + restart: unless-stopped + cap_add: + - NET_ADMIN + networks: + - traefik + ports: + - 8888:8888 # HTTP Proxy + devices: + - /dev/net/tun:/dev/net/tun + environment: + VPN_TYPE: wireguard + VPN_SERVICE_PROVIDER: mullvad + WIREGUARD_PRIVATE_KEY: "{{ wireguard_private_key }}" + WIREGUARD_ADDRESSES: 10.65.71.171/32 + SERVER_CITIES: Ashburn VA + DOT: "off" + DNS_ADRESS: 10.64.0.1 + TZ: "{{ timezone }}" + HTTPPROXY: "on" + HTTPPROXY_USER: httpproxy + HTTPPROXY_PASSWORD: httpproxy diff --git a/ansible/roles/traefik/tasks/main.yml b/ansible/roles/traefik/tasks/main.yml index e69de29..2961a0e 100644 --- a/ansible/roles/traefik/tasks/main.yml +++ b/ansible/roles/traefik/tasks/main.yml @@ -0,0 +1,42 @@ +- name: Create docker network for Traefik + community.docker.docker_network: + name: traefik + +- name: Create install directory + file: + path: "{{ install_directory }}/traefik" + state: directory + owner: "{{ docker_user }}" + mode: "{{ docker_compose_directory_mask }}" + become: true + +- name: Copy docker-compose file to destination + template: + src: docker-compose.yml + dest: "{{ install_directory}}/traefik/docker-compose.yml" + mode: "{{ docker_compose_file_mask }}" + validate: docker-compose -f %s config + become: true + +- name: Start docker container + community.docker.docker_compose: + project_src: "{{ install_directory }}/traefik" + pull: true + remove_orphans: yes + +- name: Install config + template: + src: traefik.yml + dest: "{{ data_dir }}/traefik/traefik.yml" + mode: "{{ docker_compose_file_mask }}" + owner: "{{ primary_user }}" + notify: restart traefik + become: true + +- name: Create file provider directory + file: + path: "{{ data_dir }}/traefik/conf" + state: directory + mode: "{{ docker_compose_directory_mask }}" + owner: "{{ primary_user }}" + become: true