ansible/roles/deploy_container_booklore/templates/docker-compose.yml.j2

@@ -1,7 +1,7 @@
 ---
 services:
   booklore:
-    image: booklore/booklore:${BOOKLORE_VERSION:-latest}
+    image: ghcr.io/adityachandelgit/booklore-app:${BOOKLORE_VERSION:-latest}
     container_name: booklore
     restart: unless-stopped
     depends_on:

ansible/roles/deploy_container_traefik_with_letsencrypt/defaults/main.yml

@@ -3,17 +3,14 @@
 ######################
 container_traefik_url: "traefik.example.com"
 container_traefik_version: "latest"
-container_traefik_http_port: 8080
+container_traefik_basicuser: "admin"
-container_traefik_https_port: 8443
+container_traefik_basicpassword: "changeme"
+container_traefik_http_port: 80
+container_traefik_https_port: 443
 container_traefik_auth: "basic" # Options: basic, sso
 container_traefik_dashboard_enabled: false
 container_traefik_letsencrypt_email: "mail@example.com"
 
-# To create user:password pair for basic Auth, it's possible to use this command:
-# echo $(htpasswd -nB user) | sed -e s/\\$/\\$\\$/g
-container_traefik_basicuser: "admin"
-container_traefik_basicpassword: "changeme"
-
 container_traefik_routers:
   dummy:
     entryPoints: ["https"]

ansible/roles/deploy_container_traefik_with_letsencrypt/tasks/main.yml

@@ -4,8 +4,6 @@
     path: "{{ container_base_dir }}/data/{{ item }}"
     state: directory
     mode: '0755'
-    owner: "{{ ansible_user }}"
-    group: "{{ ansible_user }}"
   loop:
     - "certs"
     - "config.d"
@@ -16,8 +14,6 @@
     path: "{{ container_base_dir }}/data/logs/{{ item }}"
     state: touch
     mode: '0644'
-    owner: "{{ ansible_user }}"
-    group: "{{ ansible_user }}"
   loop:
     - "traefik.log"
     - "access.log"
@@ -27,8 +23,6 @@
     path: "{{ container_base_dir }}/data/certs/{{ item }}"
     state: touch
     mode: '0600'
-    owner: "{{ ansible_user }}"
-    group: "{{ ansible_user }}"
   loop:
     - "acme.json"
 
@@ -45,8 +39,6 @@
     src: "{{ item.src }}"
     dest: "{{ container_base_dir }}/data/{{ item.dest }}"
     mode: '0644'
-    owner: "{{ ansible_user }}"
-    group: "{{ ansible_user }}"
   loop:
     - { src: 'middlewares.yml', dest: 'config.d/middlewares.yml' }
   become: false
@@ -56,37 +48,16 @@
     src: "{{ item.src }}"
     dest: "{{ container_base_dir }}/{{ item.dest }}"
     mode: '0644'
-    owner: "{{ ansible_user }}"
-    group: "{{ ansible_user }}"
   loop:
     - { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
     - { src: '.env.j2', dest: '.env' }
     - { src: 'routers_services.yml.j2', dest: 'data/config.d/routers_services.yml' }
     - { src: 'traefik.yml.j2', dest: 'data/traefik.yml' }
 
-- name: Redirect privileged ports 80 and 443 to 8080 and 8443
-  become: true
-  ansible.builtin.iptables:
-    table: nat
-    chain: PREROUTING
-    protocol: tcp
-    destination_port: "{{ item.src_port }}"
-    jump: REDIRECT
-    to_ports: "{{ item.dst_port }}"
-  loop:
-    - { src_port: 80,  dst_port: "{{ container_traefik_http_port }}" }
-    - { src_port: 443, dst_port: "{{ container_traefik_https_port }}" }
-  when: >
-    (container_traefik_http_port| int != 80) or
-    (container_traefik_https_port | int != 443)
-
 - name: Stop Container
   community.docker.docker_compose_v2:
     project_src: "{{ container_base_dir }}"
     state: absent
-  environment:
-    XDG_RUNTIME_DIR: "/run/user/1000"
-    DOCKER_HOST: "unix:///run/user/1000/docker.sock"
 
 - name: Start Container
   community.docker.docker_compose_v2:
@@ -94,6 +65,3 @@
     state: present
     pull: always
     recreate: always
-  environment:
-    XDG_RUNTIME_DIR: "/run/user/1000"
-    DOCKER_HOST: "unix:///run/user/1000/docker.sock"