fix: https in docker compose deploy and ansible and terraform with script

DuGuYifei · DuGuYifei · commit 0fb7a20c046c · 2025-07-18T12:36:10.000+02:00
diff --git a/ansible/ansible.sh b/ansible/ansible.sh
@@ -0,0 +1 @@
+ansible-playbook -i hosts.ini deploy.yml
diff --git a/ansible/deploy.yml b/ansible/deploy.yml
@@ -8,13 +8,13 @@
         update_cache: yes
       when: ansible_os_family == "Debian"
 
-    - name: Install Docker and Docker Compose plugin (for Ubuntu)
-      apt:
-        name:
-          - docker.io
-          - docker-compose-plugin
-        state: present
+    - name: Install Docker using official script (for Ubuntu)
+      shell: |
+        curl -fsSL https://get.docker.com | bash
+      args:
+        executable: /bin/bash
       when: ansible_os_family == "Debian"
+      become: true
 
     - name: Add the user to the docker group
       user:
@@ -28,14 +28,14 @@
         state: directory
         mode: '0755'
 
-    - name: Copy .env to server
-      copy:
-        src: .env
-        dest: /srv/app/.env
-        mode: '0600'
+    - name: Create letsencrypt
+      file:
+        path: /srv/app/letsencrypt
+        state: directory
+        mode: '0755'
 
-    - name: Copy docker-compose.prod.yml to server
-      copy:
-        src: docker-compose.prod.yml
-        dest: /srv/app/docker-compose.prod.yml
-        mode: '0644'
+    - name: Create acme.json
+      file:
+        path: /srv/app/letsencrypt/acme.json
+        state: touch
+        mode: '0600'
diff --git a/ansible/hosts.ini.example b/ansible/hosts.ini.example
@@ -0,0 +1,2 @@
+[aws]
+xxx.xxx.xxx.xxx ansible_user=xxx ansible_ssh_private_key_file=/home/xxx/.pem_temp/xxx.pem
diff --git a/docker-compose.prod.deploy.yml b/docker-compose.prod.deploy.yml
@@ -23,13 +23,17 @@ services:
       - "8080:8080" # Traefik dashboard
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./letsencrypt:/letsencrypt
     networks:
       - ai-hr-network
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.traefik.rule=Host(`traefik.localhost`)"
+      - "traefik.http.routers.traefik.rule=Host(`ec2-34-236-4-221.compute-1.amazonaws.com`)"
       - "traefik.http.routers.traefik.service=api@internal"
       - "traefik.http.routers.traefik.entrypoints=web"
+      - "traefik.http.routers.traefik.entrypoints=websecure"
+      - "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.traefik.tls=true"
 
   # PostgreSQL database
   postgresql:
diff --git a/terraform/terraform.sh b/terraform/terraform.sh
@@ -0,0 +1,3 @@
+terraform init
+terraform plan -out=tfplan
+terraform apply "tfplan"

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+ansible-playbook -i hosts.ini deploy.yml`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+[aws]`
	`2`	`+xxx.xxx.xxx.xxx ansible_user=xxx ansible_ssh_private_key_file=/home/xxx/.pem_temp/xxx.pem`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+terraform init`
	`2`	`+terraform plan -out=tfplan`
	`3`	`+terraform apply "tfplan"`