Remove auth and LE requirements (nginx replaces)

2022-11-17 01:59:04 -05:00 · 2022-11-17 01:59:04 -05:00 · b0ca4dc906
commit b0ca4dc906
parent a68ef1fffc
6 changed files with 3 additions and 10 deletions
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@ -47,7 +47,6 @@
    labels:
      traefik.http.routers.gitea.rule: "Host(`{{ gitea_domain }}`)"
      traefik.http.routers.gitea.entrypoints: websecure
      traefik.http.routers.gitea.tls.certresolver: letsencrypt
      traefik.http.routers.gitea.middlewares: "securehttps@file"
      traefik.http.services.gitea.loadbalancer.server.port: "3000"
      traefik.docker.network: traefik
--- a/roles/jenkins/tasks/server.yml
+++ b/roles/jenkins/tasks/server.yml
@ -20,7 +20,6 @@
    labels:
      traefik.http.routers.jenkins.rule: "Host(`{{ jenkins_domain }}`)"
      traefik.http.routers.jenkins.entrypoints: websecure
      traefik.http.routers.jenkins.tls.certresolver: letsencrypt
      traefik.http.routers.jenkins.middlewares: "securehttps@file"
      traefik.docker.network: traefik
      traefik.enable: "true"
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@ -32,7 +32,6 @@
    labels:
      traefik.http.routers.nextcloud.rule: "Host(`{{ nextcloud_domain }}`)"
      traefik.http.routers.nextcloud.entrypoints: websecure
      traefik.http.routers.nextcloud.tls.certresolver: letsencrypt
      traefik.http.routers.nextcloud.middlewares: "securehttps@file,nextcloud-webdav"
      traefik.http.middlewares.nextcloud-webdav.redirectregex.regex: "https://(.*)/.well-known/(card|cal)dav"
      traefik.http.middlewares.nextcloud-webdav.redirectregex.replacement: "https://${1}/remote.php/dav/"
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@ -31,7 +31,6 @@
      traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)"
      #traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
      traefik.http.routers.nginx.entrypoints: websecure
-      traefik.http.routers.nginx.tls.certresolver: letsencrypt
+      traefik.http.routers.nginx.middlewares: "securehttps@file"
      traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth"
      traefik.docker.network: traefik
      traefik.enable: "true"
--- a/roles/prometheus/tasks/main.yml
+++ b/roles/prometheus/tasks/main.yml
@ -45,7 +45,6 @@
      traefik.http.routers.prometheus.rule: "Host(`{{ prom_domain }}`)"
      traefik.http.routers.prometheus.entrypoints: websecure
      traefik.http.routers.prometheus.middlewares: "securehttps@file,localonly"
      traefik.http.routers.prometheus.tls.certresolver: letsencrypt
      traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
      traefik.docker.network: traefik
      traefik.enable: "true"
@ -65,7 +64,6 @@
    labels:
      traefik.http.routers.grafana.rule: "Host(`{{ grafana_domain }}`)"
      traefik.http.routers.grafana.entrypoints: websecure
      traefik.http.routers.grafana.tls.certresolver: letsencrypt
      traefik.http.routers.grafana.middlewares: "securehttps@file"
      traefik.docker.network: traefik
      traefik.enable: "true"
--- a/roles/traefik/tasks/main.yml
+++ b/roles/traefik/tasks/main.yml
@ -42,9 +42,8 @@
    labels:
      traefik.http.routers.traefik.rule: "Host(`{{ traefik_domain }}`)"
      #traefik.http.middlewares.auth.basicauth.users: "{{ traefik_auth }}"
-      traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
+      #traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
-      traefik.http.routers.traefik.tls.certresolver: letsencrypt
+      traefik.http.routers.traefik.middlewares: "securehttps@file,auth@docker"
      traefik.http.routers.traefik.middlewares: "securehttps@file,auth@docker,localonly"
      traefik.http.routers.traefik.service: "api@internal"
      traefik.http.routers.traefik.entrypoints: websecure
      traefik.http.routers.traefik.tls: "true"