diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml index 451112e4b7..22341f435b 100644 --- a/roles/traefik/tasks/main.yml +++ b/roles/traefik/tasks/main.yml @@ -7,12 +7,18 @@ - "{{ traefik_data_directory }}" - "{{ traefik_data_directory }}/letsencrypt" -- name: Template Traefik config.toml +- name: Template Traefik traefik.toml template: src: traefik.toml dest: "{{ traefik_data_directory }}/traefik.toml" register: template_config +- name: Template Traefik dynamic_config.toml + template: + src: dynamic_config.toml + dest: "{{ traefik_data_directory }}/dynamic_config.toml" + register: template_dynamic_config + - name: Traefik Docker Container docker_container: name: traefik @@ -21,9 +27,10 @@ network_mode: host volumes: - "{{ traefik_data_directory }}/traefik.toml:/etc/traefik/traefik.toml:ro" + - "{{ traefik_data_directory }}/dynamic_config.toml:/etc/traefik/dynamic_config.toml:ro" - "{{ traefik_data_directory }}/letsencrypt:/letsencrypt:rw" - "/var/run/docker.sock:/var/run/docker.sock:ro" env: "{{ traefik_environment_variables }}" restart_policy: unless-stopped memory: "{{ traefik_memory }}" - recreate: "{{ template_config is changed }}" + recreate: "{{ template_config is changed or template_dynamic_config is changed }}" diff --git a/roles/traefik/templates/dynamic_config.toml b/roles/traefik/templates/dynamic_config.toml new file mode 100644 index 0000000000..3df7a7fe30 --- /dev/null +++ b/roles/traefik/templates/dynamic_config.toml @@ -0,0 +1,7 @@ +[tls.options] + + [tls.options.default] + minVersion = "VersionTLS12" + + [tls.options.mintls13] + minVersion = "VersionTLS13" \ No newline at end of file diff --git a/roles/traefik/templates/traefik.toml b/roles/traefik/templates/traefik.toml index 51555ba1d4..df52805a6b 100644 --- a/roles/traefik/templates/traefik.toml +++ b/roles/traefik/templates/traefik.toml @@ -24,6 +24,8 @@ providersThrottleDuration = "2s" [providers.docker] exposedbydefault = false + [providers.file] + filename = "/etc/traefik/dynamic_config.toml" [api] insecure = true