68 lines
2.0 KiB
YAML
68 lines
2.0 KiB
YAML
---
|
|
- name: Fix Grafana VPN Access - Update Middleware to ipAllowList
|
|
hosts: production
|
|
gather_facts: no
|
|
become: no
|
|
|
|
tasks:
|
|
- name: Backup current middlewares.yml
|
|
shell: |
|
|
cd ~/deployment/stacks/traefik/dynamic
|
|
cp middlewares.yml middlewares.yml.backup.$(date +%Y%m%d_%H%M%S)
|
|
args:
|
|
executable: /bin/bash
|
|
|
|
- name: Update middlewares.yml - Change ipWhiteList to ipAllowList
|
|
shell: |
|
|
cd ~/deployment/stacks/traefik/dynamic
|
|
sed -i 's/ipWhiteList:/ipAllowList:/g' middlewares.yml
|
|
sed -i 's/ipWhitelist/ipAllowList/g' middlewares.yml
|
|
# Validate YAML syntax
|
|
python3 -c "import yaml; yaml.safe_load(open('middlewares.yml')); print('YAML valid')"
|
|
args:
|
|
executable: /bin/bash
|
|
|
|
- name: Display updated grafana-vpn-only middleware
|
|
shell: |
|
|
cd ~/deployment/stacks/traefik/dynamic
|
|
grep -A 6 'grafana-vpn-only:' middlewares.yml
|
|
args:
|
|
executable: /bin/bash
|
|
register: grafana_middleware
|
|
|
|
- name: Show updated middleware
|
|
debug:
|
|
msg: "{{ grafana_middleware.stdout_lines }}"
|
|
|
|
- name: Restart Traefik to apply changes
|
|
command: docker compose restart traefik
|
|
args:
|
|
chdir: ~/deployment/stacks/traefik
|
|
register: traefik_restart
|
|
|
|
- name: Wait for Traefik to restart
|
|
pause:
|
|
seconds: 5
|
|
|
|
- name: Check Traefik logs for deprecation warnings
|
|
shell: |
|
|
cd ~/deployment/stacks/traefik
|
|
docker compose logs traefik --tail=20 2>&1 | grep -i 'allowlist\|whitelist\|deprecated' || echo "No warnings found"
|
|
args:
|
|
executable: /bin/bash
|
|
register: traefik_warnings
|
|
|
|
- name: Display Traefik warnings
|
|
debug:
|
|
msg: "{{ traefik_warnings.stdout_lines }}"
|
|
|
|
- name: Verify Traefik status
|
|
command: docker compose ps traefik
|
|
args:
|
|
chdir: ~/deployment/stacks/traefik
|
|
register: traefik_status
|
|
|
|
- name: Display Traefik status
|
|
debug:
|
|
msg: "{{ traefik_status.stdout_lines }}"
|