Add .vscode to .gitignore

.gitignore

@@ -1,4 +1,5 @@
 .vagrant
+.vscode
 .playbook
 /*.yml
 /*.yaml

Vagrantfile

@@ -20,7 +20,7 @@ else
 end
 
 Vagrant.configure("2") do |config|
-  config.vm.box = "debian/bullseye64"
+  config.vm.box = "debian/contrib-buster64"
   config.vm.network "private_network", type: "dhcp"
   config.vm.synced_folder ".", "/vagrant", disabled: true
   config.vm.synced_folder "./scratch", "/vagrant/scratch"

dev/host_vars/jekyll.yml

@@ -1,27 +0,0 @@
-# base
-allow_reboot: false
-manage_network: false
-
-# docker
-docker_users:
-  - vagrant
-
-# traefik
-traefik_version: latest
-traefik_dashboard: true
-traefik_domain: traefik.vm.krislamo.org
-traefik_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
-#traefik_acme_email: realemail@example.com # Let's Encrypt settings
-#traefik_production: true
-
-# jekyll
-jekyll_project: example
-jekyll_repo_url: https://git.krislamo.org/kris/example-jekyll/
-jekyll_repo_branch: master
-
-# nginx
-nginx_domain: nginx.vm.krislamo.org
-nginx_name: staticsite
-nginx_repo_url: https://git.krislamo.org/kris/example-website/
-nginx_auth: admin:$apr1$T1l.BCFz$Jyg8msXYEAUi3LLH39I9d1 # admin:admin
-nginx_version: latest

dev/jekyll.yml

@@ -1,11 +0,0 @@
-- name: Install Jekyll server
-  hosts: all
-  become: true
-  vars_files:
-    - host_vars/jekyll.yml
-  roles:
-    - base
-    - docker
-    #- traefik
-    - jekyll
-    #- nginx

dockerbox.yml

@@ -20,7 +20,7 @@
     - docker
     - traefik
     - nextcloud
-    - gitea
+#    - gitea
     - jenkins
     - prometheus
     - nginx

roles/gitea/tasks/main.yml

@@ -47,7 +47,6 @@
     labels:
       traefik.http.routers.gitea.rule: "Host(`{{ gitea_domain }}`)"
       traefik.http.routers.gitea.entrypoints: websecure
-      traefik.http.routers.gitea.tls.certresolver: letsencrypt
       traefik.http.routers.gitea.middlewares: "securehttps@file"
       traefik.http.services.gitea.loadbalancer.server.port: "3000"
       traefik.docker.network: traefik

roles/jenkins/tasks/server.yml

@@ -20,7 +20,6 @@
     labels:
       traefik.http.routers.jenkins.rule: "Host(`{{ jenkins_domain }}`)"
       traefik.http.routers.jenkins.entrypoints: websecure
-      traefik.http.routers.jenkins.tls.certresolver: letsencrypt
       traefik.http.routers.jenkins.middlewares: "securehttps@file"
       traefik.docker.network: traefik
       traefik.enable: "true"

roles/nextcloud/tasks/main.yml

@@ -32,7 +32,6 @@
     labels:
       traefik.http.routers.nextcloud.rule: "Host(`{{ nextcloud_domain }}`)"
       traefik.http.routers.nextcloud.entrypoints: websecure
-      traefik.http.routers.nextcloud.tls.certresolver: letsencrypt
       traefik.http.routers.nextcloud.middlewares: "securehttps@file,nextcloud-webdav"
       traefik.http.middlewares.nextcloud-webdav.redirectregex.regex: "https://(.*)/.well-known/(card|cal)dav"
       traefik.http.middlewares.nextcloud-webdav.redirectregex.replacement: "https://${1}/remote.php/dav/"

roles/nginx/tasks/main.yml

@@ -29,9 +29,8 @@
       - "{{ nginx_html }}:/usr/share/nginx/html:ro"
     labels:
       traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)"
-      traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
+      #traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
       traefik.http.routers.nginx.entrypoints: websecure
-      traefik.http.routers.nginx.tls.certresolver: letsencrypt
+      traefik.http.routers.nginx.middlewares: "securehttps@file"
-      traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth"
       traefik.docker.network: traefik
       traefik.enable: "true"

roles/prometheus/tasks/main.yml

@@ -45,7 +45,6 @@
       traefik.http.routers.prometheus.rule: "Host(`{{ prom_domain }}`)"
       traefik.http.routers.prometheus.entrypoints: websecure
       traefik.http.routers.prometheus.middlewares: "securehttps@file,localonly"
-      traefik.http.routers.prometheus.tls.certresolver: letsencrypt
       traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
       traefik.docker.network: traefik
       traefik.enable: "true"
@@ -65,7 +64,6 @@
     labels:
       traefik.http.routers.grafana.rule: "Host(`{{ grafana_domain }}`)"
       traefik.http.routers.grafana.entrypoints: websecure
-      traefik.http.routers.grafana.tls.certresolver: letsencrypt
       traefik.http.routers.grafana.middlewares: "securehttps@file"
       traefik.docker.network: traefik
       traefik.enable: "true"

roles/traefik/tasks/main.yml

@@ -41,10 +41,9 @@
       - name: traefik
     labels:
       traefik.http.routers.traefik.rule: "Host(`{{ traefik_domain }}`)"
-      traefik.http.middlewares.auth.basicauth.users: "{{ traefik_auth }}"
+      #traefik.http.middlewares.auth.basicauth.users: "{{ traefik_auth }}"
-      traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
+      #traefik.http.middlewares.localonly.ipwhitelist.sourcerange: "{{ traefik_localonly }}"
-      traefik.http.routers.traefik.tls.certresolver: letsencrypt
+      traefik.http.routers.traefik.middlewares: "securehttps@file"
-      traefik.http.routers.traefik.middlewares: "securehttps@file,auth@docker,localonly"
       traefik.http.routers.traefik.service: "api@internal"
       traefik.http.routers.traefik.entrypoints: websecure
       traefik.http.routers.traefik.tls: "true"