michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c06a9ec1341ef1af54e98eb665e8e35bc2bc4dc5
michaelschiemer/deployment/ansible/playbooks/restart-traefik.yml
Michael Schiemer c06a9ec134 fix: Use internal healthcheck instead of HTTP ping endpoint 
- Change health check to use docker exec traefik healthcheck
- HTTP ping endpoint requires BasicAuth (401), internal check is more reliable
- Improves health check accuracy in restart-traefik.yml playbook
2025-11-08 18:53:07 +01:00

124 lines
4.8 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
- name: Restart Traefik and Verify Configuration
hosts: production
gather_facts: yes
become: no
vars:
traefik_stack_path: "{{ stacks_base_path | default('/home/deploy/deployment/stacks') }}/traefik"
traefik_container_name: "traefik"
traefik_url: "https://traefik.michaelschiemer.de"
tasks:
- name: Check if Traefik stack directory exists
stat:
path: "{{ traefik_stack_path }}"
register: traefik_stack_exists
- name: Fail if Traefik stack directory does not exist
fail:
msg: "Traefik stack directory not found at {{ traefik_stack_path }}"
when: not traefik_stack_exists.stat.exists
- name: Check Traefik container status before restart
shell: |
cd {{ traefik_stack_path }}
docker compose ps {{ traefik_container_name }} --format json
register: traefik_status_before
changed_when: false
failed_when: false
- name: Display Traefik status before restart
debug:
msg: |
================================================================================
Traefik Container Status (Before Restart):
{{ traefik_status_before.stdout | default('Container not found or Docker not running') }}
================================================================================
- name: Restart Traefik container
shell: |
cd {{ traefik_stack_path }}
docker compose restart {{ traefik_container_name }}
register: traefik_restart
changed_when: traefik_restart.rc == 0
- name: Wait for Traefik to be ready
wait_for:
timeout: 30
changed_when: false
- name: Check Traefik container status after restart
shell: |
cd {{ traefik_stack_path }}
docker compose ps {{ traefik_container_name }} --format json
register: traefik_status_after
changed_when: false
failed_when: false
- name: Check Traefik health endpoint (ping endpoint requires auth, use internal check)
shell: |
cd {{ traefik_stack_path }}
docker compose exec -T {{ traefik_container_name }} traefik healthcheck --ping 2>&1 || echo "HEALTH_CHECK_FAILED"
register: traefik_health
ignore_errors: yes
changed_when: false
- name: Get Traefik logs (last 50 lines)
shell: |
cd {{ traefik_stack_path }}
docker compose logs --tail=50 {{ traefik_container_name }}
register: traefik_logs
changed_when: false
failed_when: false
ignore_errors: yes
- name: Check for ACME challenge errors in logs
shell: |
cd {{ traefik_stack_path }}
docker compose logs {{ traefik_container_name }} 2>&1 | grep -i "acme challenge" | tail -10 || echo "No ACME challenge errors found"
register: acme_errors
changed_when: false
failed_when: false
- name: Display Traefik logs
debug:
msg: |
================================================================================
Traefik Container Logs (last 50 lines):
{{ traefik_logs.stdout | default('No logs available') }}
================================================================================
- name: Display ACME challenge status
debug:
msg: |
================================
ACME Challenge Status:
{{ acme_errors.stdout | default('No ACME errors found in recent logs') }}
================================
- name: Display final status
debug:
msg: |
========================================
========================================
Traefik Restart Summary
========================================
Container Status: {% if 'State":"running' in (traefik_status_after.stdout | default('')) %}✅ RUNNING{% else %}❌ NOT RUNNING{% endif %}
Health Check: {% if traefik_health.status | default(0) == 200 %}✅ HEALTHY{% else %}❌ UNHEALTHY or TIMEOUT{% endif %}
Restart Action: {% if traefik_restart.changed | default(false) %}🔄 Container restarted{% else %} No restart needed{% endif %}
========================================
{% if 'State":"running' in (traefik_status_after.stdout | default('')) and traefik_health.status | default(0) == 200 %}
✅ Traefik is running and healthy!
Next steps:
1. Monitor logs for ACME challenge errors: tail -f {{ traefik_stack_path }}/logs/traefik.log | grep -i acme
2. Check certificate status in Traefik dashboard: {{ traefik_url }}
3. Wait for next certificate renewal attempt (usually hourly)
{% else %}
❌ Traefik is not fully healthy. Check logs for details:
docker logs {{ traefik_container_name }}
{% endif %}
========================================
Reference in New Issue View Git Blame Copy Permalink