Add support for APISIX Dashboard
This commit is contained in:
parent
395994ebc1
commit
71b167a4bc
5 changed files with 132 additions and 0 deletions
63
docs/services/apisix-dashboard.md
Normal file
63
docs/services/apisix-dashboard.md
Normal file
|
@ -0,0 +1,63 @@
|
|||
# APISIX Dashboard
|
||||
|
||||
[APISIX Dashboard](https://apisix.apache.org/docs/dashboard/USER_GUIDE/) is a web UI for [APISIX Gateway](./apisix-gateway.md).
|
||||
|
||||
It works by directly editing the [etcd](./etcd.md) database that APISIX Gateway stores its data in.
|
||||
|
||||
|
||||
## Dependencies
|
||||
|
||||
This service requires the following other services:
|
||||
|
||||
- a [Traefik](traefik.md) reverse-proxy server
|
||||
- an [etcd](etcd.md) key-value store
|
||||
- (optional) [APISIX Gateway](./apisix-gateway.md) - there's no point in administrating APISIX Gateway configuration stored in etcd without having an APISIX Gateway instance to initialize and consume it
|
||||
|
||||
|
||||
## Configuration
|
||||
|
||||
To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process:
|
||||
|
||||
```yaml
|
||||
########################################################################
|
||||
# #
|
||||
# apisix_dashboard #
|
||||
# #
|
||||
########################################################################
|
||||
|
||||
apisix_dashboard_enabled: true
|
||||
|
||||
apisix_dashboard_hostname: dashboard.api.example.com
|
||||
|
||||
# A strong secret for JWT authentication
|
||||
apisix_dashboard_config_authentication_secret: ''
|
||||
|
||||
apisix_dashboard_config_authentication_users:
|
||||
- username: admin
|
||||
password: password-here
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# /apisix_dashboard #
|
||||
# #
|
||||
########################################################################
|
||||
```
|
||||
|
||||
If you'd like to do something more advanced, the [`ansible-role-apisix-dashboard` Ansible role](https://github.com/mother-of-all-self-hosting/ansible-role-apisix-dashboard) is very configurable and should not get in your way of exposing ports or configuring arbitrary settings.
|
||||
|
||||
Take a look at [its `default/main.yml` file](https://github.com/mother-of-all-self-hosting/ansible-role-apisix-dashboard/blob/main/defaults/main.yml) for available Ansible variables you can use in your own `vars.yml` configuration file.
|
||||
|
||||
### URL
|
||||
|
||||
In the example configuration above, we configure APISIX Dashboard to expose itself at: `https://dashboard.api.example.com`
|
||||
|
||||
### Authentication
|
||||
|
||||
The example above uses the built-in login page of APISIX Dashboard with a list of users is defined via `apisix_dashboard_config_authentication_users`.
|
||||
|
||||
APISIX Dashboard also supports OpenID Connect providers. It can be enabled and configured via various `apisix_dashboard_config_oidc_*` Ansible variables.
|
||||
|
||||
|
||||
## Usage
|
||||
|
||||
After installation, you can visit the APISIX Dashboard URL and authenticate with a credential as specified in `apisix_dashboard_config_authentication_users`. If you've enabled OpenID Connect, you may also be able to authenticate with that.
|
|
@ -4,6 +4,7 @@
|
|||
| ------------------------------ | ------------------------------------- | ------------- |
|
||||
| [AUX](https://github.com/mother-of-all-self-hosting/ansible-role-aux) | Auxiliary file/directory management on your server via Ansible | [Link](services/auxiliary.md) |
|
||||
| [AdGuard Home](https://adguard.com/en/adguard-home/overview.html/) | A network-wide DNS software for blocking ads & tracking | [Link](services/adguard-home.md) |
|
||||
| [APISIX Dashboard](https://apisix.apache.org/docs/dashboard/USER_GUIDE/) | A web UI for [APISIX Gateway](services/apisix-gateway.md) | [Link](services/apisix-dashboard.md) |
|
||||
| [APISIX Gateway](https://apisix.apache.org/docs/apisix/getting-started/README/) | An API Gateway, Ingress Controller, etc | [Link](services/apisix-gateway.md) |
|
||||
| [Appsmith](https://www.appsmith.com/) | Platform for building and deploying custom internal tools and applications without writing code | [Link](services/appsmith.md) |
|
||||
| [Authelia](https://www.authelia.com/) | An open-source authentication and authorization server that can work as a companion to [common reverse proxies](https://www.authelia.com/overview/prologue/supported-proxies/) (like [Traefik](traefik.md) frequently used by this playbook) | [Link](services/authelia.md) |
|
||||
|
|
|
@ -159,6 +159,11 @@ mash_playbook_devture_systemd_service_manager_services_list_auto_itemized:
|
|||
{{ ({'name': (adguard_home_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'adguard-home']} if adguard_home_enabled else omit) }}
|
||||
# /role-specific:adguard_home
|
||||
|
||||
# role-specific:apisix_dashboard
|
||||
- |-
|
||||
{{ ({'name': (apisix_dashboard_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'apisix-dashboard']} if apisix_dashboard_enabled else omit) }}
|
||||
# /role-specific:apisix_dashboard
|
||||
|
||||
# role-specific:apisix_gateway
|
||||
- |-
|
||||
{{ ({'name': (apisix_gateway_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'apisix-gateway']} if apisix_gateway_enabled else omit) }}
|
||||
|
@ -1101,6 +1106,61 @@ adguard_home_container_labels_traefik_tls_certResolver: "{{ devture_traefik_cert
|
|||
|
||||
|
||||
|
||||
# role-specific:apisix_dashboard
|
||||
########################################################################
|
||||
# #
|
||||
# apisix_dashboard #
|
||||
# #
|
||||
########################################################################
|
||||
|
||||
apisix_dashboard_enabled: false
|
||||
|
||||
apisix_dashboard_identifier: "{{ mash_playbook_service_identifier_prefix }}apisix-dashboard"
|
||||
|
||||
apisix_dashboard_uid: "{{ mash_playbook_uid }}"
|
||||
apisix_dashboard_gid: "{{ mash_playbook_gid }}"
|
||||
|
||||
apisix_dashboard_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}apisix-dashboard"
|
||||
|
||||
apisix_dashboard_container_additional_networks_auto: |
|
||||
{{
|
||||
([mash_playbook_reverse_proxyable_services_additional_network] if (mash_playbook_reverse_proxyable_services_additional_network and apisix_dashboard_container_labels_traefik_enabled) else [])
|
||||
}}
|
||||
|
||||
apisix_dashboard_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
|
||||
apisix_dashboard_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
|
||||
apisix_dashboard_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
|
||||
apisix_dashboard_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
|
||||
|
||||
# role-specific:etcd
|
||||
apisix_dashboard_config_conf_etcd_endpoints: |
|
||||
{{
|
||||
([(etcd_identifier + ':2379')] if etcd_enabled else [])
|
||||
}}
|
||||
|
||||
apisix_dashboard_config_conf_etcd_username: "{{ ('root' if (etcd_enabled and not etcd_environment_variable_allow_none_authentication) else '') }}"
|
||||
apisix_dashboard_config_conf_etcd_password: "{{ (etcd_environment_variable_etcd_root_password if (etcd_enabled and not etcd_environment_variable_allow_none_authentication) else '') }}"
|
||||
|
||||
apisix_dashboard_container_additional_networks_custom: |
|
||||
{{
|
||||
([etcd_container_network] if etcd_enabled else [])
|
||||
}}
|
||||
|
||||
apisix_dashboard_systemd_required_systemd_services_list_auto: |
|
||||
{{
|
||||
([(etcd_identifier + '.service')] if etcd_enabled else [])
|
||||
}}
|
||||
# /role-specific:etcd
|
||||
|
||||
########################################################################
|
||||
# #
|
||||
# /apisix_dashboard #
|
||||
# #
|
||||
########################################################################
|
||||
# /role-specific:apisix_dashboard
|
||||
|
||||
|
||||
|
||||
# role-specific:apisix_gateway
|
||||
########################################################################
|
||||
# #
|
||||
|
|
|
@ -8,6 +8,10 @@
|
|||
version: v1.9.50-0
|
||||
name: appsmith
|
||||
activation_prefix: appsmith_
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-apisix-dashboard.git
|
||||
version: v3.0.1-0
|
||||
name: apisix_dashboard
|
||||
activation_prefix: apisix_dashboard_
|
||||
- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-apisix-gateway.git
|
||||
version: v3.8.0-0
|
||||
name: apisix_gateway
|
||||
|
|
|
@ -98,6 +98,10 @@
|
|||
- role: galaxy/appsmith
|
||||
# /role-specific:appsmith
|
||||
|
||||
# role-specific:apisix_dashboard
|
||||
- role: galaxy/apisix_dashboard
|
||||
# /role-specific:apisix_dashboard
|
||||
|
||||
# role-specific:apisix_gateway
|
||||
- role: galaxy/apisix_gateway
|
||||
# /role-specific:apisix_gateway
|
||||
|
|
Loading…
Reference in a new issue