Add sites to LE resolver & securehttps middleware

roles/gitea/tasks/main.yml

@@ -43,6 +43,8 @@
     labels:
       traefik.http.routers.gitea.rule: "Host(`{{ gitea_domain }}`)"
       traefik.http.routers.gitea.entrypoints: websecure
+      traefik.http.routers.gitea.tls.certresolver: letsencrypt
+      traefik.http.routers.gitea.middlewares: "securehttps@file"
       traefik.http.services.gitea.loadbalancer.server.port: "3000"
       traefik.docker.network: traefik
       traefik.enable: "true"

roles/jenkins/tasks/main.yml

@@ -40,5 +40,7 @@
     labels:
       traefik.http.routers.jenkins.rule: "Host(`{{ jenkins_domain }}`)"
       traefik.http.routers.jenkins.entrypoints: websecure
+      traefik.http.routers.jenkins.tls.certresolver: letsencrypt
+      traefik.http.routers.jenkins.middlewares: "securehttps@file"
       traefik.docker.network: traefik
       traefik.enable: "true"

roles/nextcloud/tasks/main.yml

@@ -32,7 +32,7 @@
     labels:
       traefik.http.routers.nextcloud.rule: "Host(`{{ nextcloud_domain }}`)"
       traefik.http.routers.nextcloud.entrypoints: websecure
-      traefik.http.routers.nextcloud.tls.certresolver: resolver
+      traefik.http.routers.nextcloud.tls.certresolver: letsencrypt
       traefik.http.routers.nextcloud.middlewares: "securehttps@file,nextcloud-webdav"
       traefik.http.middlewares.nextcloud-webdav.redirectregex.regex: "https://(.*)/.well-known/(card|cal)dav"
       traefik.http.middlewares.nextcloud-webdav.redirectregex.replacement: "https://${1}/remote.php/dav/"

roles/prometheus/tasks/main.yml

@@ -62,5 +62,7 @@
     labels:
       traefik.http.routers.grafana.rule: "Host(`{{ grafana_domain }}`)"
       traefik.http.routers.grafana.entrypoints: websecure
+      traefik.http.routers.grafana.tls.certresolver: letsencrypt
+      traefik.http.routers.grafana.middlewares: "securehttps@file"
       traefik.docker.network: traefik
       traefik.enable: "true"

roles/traefik/tasks/main.yml

@@ -35,7 +35,8 @@
     labels:
       traefik.http.routers.traefik.rule: "Host(`{{ traefik_domain }}`)"
       traefik.http.middlewares.auth.basicauth.users: "{{ traefik_auth }}"
-      traefik.http.routers.traefik.middlewares: "auth@docker"
+      traefik.http.routers.traefik.tls.certresolver: letsencrypt
+      traefik.http.routers.traefik.middlewares: "securehttps@file,auth@docker"
       traefik.http.routers.traefik.service: "api@internal"
       traefik.http.routers.traefik.entrypoints: websecure
       traefik.http.routers.traefik.tls: "true"

roles/traefik/templates/traefik.yml.j2

@@ -23,7 +23,7 @@ entrypoints:
 
 {% if traefik_acme_email is defined %}
 certificatesResolvers:
-  resolver:
+  letsencrypt:
     acme:
       email: {{ traefik_acme_email }}
       storage: /etc/traefik/acme.json