dave
/
ansible-playbooks
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
๐Ÿ“— Ansible playbooks and roles for building an idempotent, interconnected and scalable infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5 Commits
2 Branches
0 Tags
425 KiB
 
 
Tag: Branch: Tree: 5ca943312c
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5ca943312c'
${ noResults }
ansible-playbooks/roles/caddy/tasks/main.yml

141 lines
3.0 KiB
Raw Blame History

- name: determine if custom caddy build should be used
set_fact:
caddy_custom_build: "{{ (((caddy_default_plugins | d([])) + (caddy_custom_plugins | d([]))) | length > 0) or (caddy_use_xcaddy | d(false) == true) }}"
caddy_has_reverse_proxy: "{{ reverse_proxy_port is number or reverse_proxy_port is string }}"
- name: import vars for automatic caddy tls
include_vars:
file: tls_caddy.yml
when: not caddy_use_lego
- name: import vars for lego tls
include_vars:
file: tls_lego.yml
when: caddy_use_lego
- name: import reverse proxy vars
include_vars:
file: reverse_proxy.yml
when: caddy_has_reverse_proxy
- name: set caddy_cfg
set_fact:
caddy_cfg: "{{ caddy_default_config | d({}) |
combine(caddy_tls_config | d({}), recursive=true) |
combine(caddy_reverse_proxy_config | d({}), recursive=true) |
combine(caddy_config | d({}), recursive=true) }}"
- name: create user and group
include_tasks: tasks/create_user.yml
vars:
user:
name: "{{ caddy_user }}"
group: "{{ caddy_group }}"
dir: "{{ caddy_conf_dir }}"
create_home: no
- name: create caddy directories
file:
path: "{{ item }}"
state: directory
owner: "{{ caddy_user }}"
group: "{{ caddy_group }}"
loop:
- "{{ caddy_conf_dir }}"
- "{{ caddy_asset_dir }}"
- name: create caddy bin dir
file:
path: "{{ caddy_bin_dir }}"
state: directory
- name: build caddy
include_tasks: build_caddy.yml
when: caddy_custom_build
- name: install prebuilt caddy
include_tasks: install_prebuilt_caddy.yml
when: not caddy_custom_build
- name: setup acme-dns-client for auto-tls
include_tasks: setup_acme_client.yml
when: not caddy_use_lego
- name: setup lego for unmanaged tls
include_tasks: setup_lego.yml
when: caddy_use_lego
- name: template caddy config
template:
src: caddy.j2
dest: "{{ caddy_conf_file }}"
force: yes
owner: "{{ caddy_user }}"
group: "{{ caddy_group }}"
mode: 0400
validate: "{{ (caddy_bin_dir, 'caddy') | path_join }} validate --config %s"
notify: restart caddy
- name: template systemd file
template:
src: systemd.j2
dest: /etc/systemd/system/caddy.service
force: yes
lstrip_blocks: yes
notify:
- reload systemd daemons
- restart caddy
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
- name: template init script
template:
src: init.j2
dest: /etc/init.d/caddy
force: yes
mode: 0755
notify: restart caddy
when: ansible_distribution == 'Alpine'
- name: change permissions on asset dir contents
file:
path: "{{ caddy_asset_dir }}"
recurse: yes
owner: "{{ caddy_user }}"
group: "{{ caddy_group }}"
notify: restart caddy
- name: flush handlers
meta: flush_handlers
- name: add directories to backup plan
include_role:
name: backup
tasks_from: add.yml
vars:
backup_items:
- "{{ caddy_asset_dir }}"
- "{{ caddy_conf_dir }}"
- name: enable and start caddy
service:
name: caddy
enabled: yes
state: started