Added gluetun role

2023-02-05 17:52:40 -05:00
parent bae3aee014
commit 3984421380
4 changed files with 102 additions and 0 deletions
--- a/ansible/roles/gluetun/vars/main.yml
+++ b/ansible/roles/gluetun/vars/main.yml
@@ -0,0 +1,8 @@
+wireguard_private_key: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  62616131323464616463333937343464626530313632376239316433666139383333653561363761
+  3738643265356437636233326364373832353263653961380a646362353962383939626430383831
+  37333138616635643961303164356137653461333964386163306237323031656164656430373138
+  3964636266646266390a336133633931336662663831643134303935363730616365373139613631
+  64306332313632303935633661313137663366353130656437343336383136623335613961373033
+  3031646661323438333261353634623863616330306365663133
--- a/ansible/roles/gluetun/vars/tasks/main.yml
+++ b/ansible/roles/gluetun/vars/tasks/main.yml
@@ -0,0 +1,21 @@
+- name: Create install directory
+  file:
+    path: "{{ install_directory }}/{{ role_name }}"
+    state: directory
+    owner: "{{ docker_user }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Copy docker-compose file to destination
+  template:
+    src: docker-compose.yml
+    dest: "{{ install_directory }}/{{ role_name }}/docker-compose.yml"
+    mode: "{{ docker_compose_file_mask }}"
+    validate: docker-compose -f %s config
+  become: true
+
+- name: Start docker container
+  community.docker.docker_compose:
+    project_src: "{{ install_directory }}/{{ role_name }}"
+    pull: true
+    remove_orphans: yes
--- a/ansible/roles/gluetun/vars/templates/docker-compose.yml
+++ b/ansible/roles/gluetun/vars/templates/docker-compose.yml
@@ -0,0 +1,31 @@
+version: "3"
+
+networks:
+  traefik:
+    external: true
+
+services:
+  gluetun:
+    container_name: gluetun
+    image: qmcgaw/gluetun
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+    networks:
+      - traefik
+    ports:
+      - 8888:8888 # HTTP Proxy
+    devices:
+      - /dev/net/tun:/dev/net/tun
+    environment:
+      VPN_TYPE: wireguard
+      VPN_SERVICE_PROVIDER: mullvad
+      WIREGUARD_PRIVATE_KEY: "{{ wireguard_private_key }}"
+      WIREGUARD_ADDRESSES: 10.65.71.171/32
+      SERVER_CITIES: Ashburn VA
+      DOT: "off"
+      DNS_ADRESS: 10.64.0.1
+      TZ: "{{ timezone }}"
+      HTTPPROXY: "on"
+      HTTPPROXY_USER: httpproxy
+      HTTPPROXY_PASSWORD: httpproxy
--- a/ansible/roles/traefik/tasks/main.yml
+++ b/ansible/roles/traefik/tasks/main.yml
@@ -0,0 +1,42 @@
+- name: Create docker network for Traefik
+  community.docker.docker_network:
+    name: traefik
+
+- name: Create install directory
+  file:
+    path: "{{ install_directory }}/traefik"
+    state: directory
+    owner: "{{ docker_user }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Copy docker-compose file to destination
+  template:
+    src: docker-compose.yml
+    dest: "{{ install_directory}}/traefik/docker-compose.yml"
+    mode: "{{ docker_compose_file_mask }}"
+    validate: docker-compose -f %s config
+  become: true
+
+- name: Start docker container
+  community.docker.docker_compose:
+    project_src: "{{ install_directory }}/traefik"
+    pull: true
+    remove_orphans: yes
+
+- name: Install config
+  template:
+    src: traefik.yml
+    dest: "{{ data_dir }}/traefik/traefik.yml"
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ primary_user }}"
+  notify: restart traefik
+  become: true
+
+- name: Create file provider directory
+  file:
+    path: "{{ data_dir }}/traefik/conf"
+    state: directory
+    mode: "{{ docker_compose_directory_mask }}"
+    owner: "{{ primary_user }}"
+  become: true