# Role: deploy_container_traefik

## Purpose
This role deploys and configures a Traefik reverse proxy using Docker Compose.  
It supports TLS, host-specific certificates, and renders all configuration files using Jinja2 templates.  
The configuration includes a fallback router/service to ensure safe defaults.

## Variables

### Default Variables (`defaults/main.yml`)
```yaml

container_traefik_create_network: true
container_traefik_subnet: 192.168.222.0/24
container_traefik_gateway: 192.168.222.1

container_traefik_url: "traefik.example.com"
container_traefik_version: "latest"

# Create with: echo $(htpasswd -nB user) | sed -e s/\\$/\\$\\$/g
container_traefik_basicuser: "admin"
container_traefik_basicpassword: "changeme"

container_traefik_http_port: 80
container_traefik_https_port: 443

# Dummy router/service to avoid template errors if nothing is defined
container_traefik_routers:
  dummy:
    entryPoints: ["https"]
    rule: "Host(`dummy.local`)"
    service: dummy
    tls: true

container_traefik_services:
  dummy:
    loadBalancer:
      servers:
        - url: "https://127.0.0.1:443"
      passHostHeader: true
```

### Static Variables (`vars/main.yml`)
```yaml
container_traefik_base_dir: /opt/docker/traefik
```

### Role Usage

```yaml
- name: Deploy Traefik container
  hosts: traefik
  roles:
    - role: container_traefik
      vars:
        container_traefik_url: "traefik.example.com"
        container_traefik_basicuser: "admin"
        container_traefik_basicpassword: "$2y$05$<bcrypt_hash>"
```

## Requirements

* Linux system (tested on Debian)
* Docker Engine
* Docker Compose v2 plugin (`docker compose` CLI)
* Ansible 2.11 or higher
* `community.docker` collection

Install the required collection:

```bash
ansible-galaxy collection install community.docker
```

Or via `requirements.yml`:

```yaml
collections:
  - name: community.docker
    version: ">=3.4.0"
```

## Host-Specific Certificates

Location: `host_files/<inventory_hostname>/certs/`

Required files:

* `wildcard.crt`
* `wildcard.key`

## Handlers

* `Stop traefik container`
* `Start traefik container`

## Rendered Templates

| Template File             | Description                        |
| ------------------------- | ---------------------------------- |
| `docker-compose.yml.j2`   | Docker Compose definition          |
| `.env.j2`                 | Environment variable file          |
| `traefik.yml.j2`          | Main Traefik config (static)       |
| `tls.yml.j2`              | TLS certificate reference          |
| `routers_services.yml.j2` | Static routers and services config |

## Authors

* Kevin Heyer
  📧 [kevin.heyer@wira-gmbh.de](mailto:kevin.heyer@wira-gmbh.de)

```