134 lines
3.1 KiB
YAML
134 lines
3.1 KiB
YAML
|
---
|
||
|
- include: packages-{{ ansible_pkg_mgr }}.yml
|
||
|
|
||
|
- name: Create Caddy user
|
||
|
user:
|
||
|
name: "{{ caddy_user }}"
|
||
|
system: true
|
||
|
createhome: true
|
||
|
home: "{{ caddy_home }}"
|
||
|
register: caddy_user_details
|
||
|
|
||
|
- name: Build headers to use when making requests to github
|
||
|
set_fact:
|
||
|
caddy_github_headers: "{{ caddy_github_headers | combine({'Authorization': 'token ' + caddy_github_token}) }}"
|
||
|
when: caddy_github_token | length > 0
|
||
|
|
||
|
- name: Get all Caddy releases
|
||
|
get_url:
|
||
|
url: https://api.github.com/repos/mholt/caddy/git/refs/tags
|
||
|
dest: "{{ caddy_home }}/releases.txt"
|
||
|
force: true
|
||
|
headers: '{{ caddy_github_headers }}'
|
||
|
owner: "{{ caddy_user }}"
|
||
|
group: "{{ caddy_user_details.group }}"
|
||
|
retries: 3
|
||
|
delay: 2
|
||
|
when: caddy_update
|
||
|
register: caddy_releases_cache
|
||
|
|
||
|
- name: Set Caddy features
|
||
|
copy:
|
||
|
content: "{{ ','.join(caddy_packages) }}"
|
||
|
dest: "{{ caddy_home }}/features.txt"
|
||
|
mode: 0640
|
||
|
owner: "{{ caddy_user }}"
|
||
|
group: "{{ caddy_user_details.group }}"
|
||
|
when: caddy_update
|
||
|
register: caddy_features_cache
|
||
|
|
||
|
- include: github-url.yml
|
||
|
when: caddy_use_github
|
||
|
|
||
|
- name: Download Caddy
|
||
|
get_url:
|
||
|
url: "{{ caddy_url }}"
|
||
|
dest: "{{ caddy_home }}/{{ 'caddy.tar.gz' if caddy_use_github else 'caddy' }}"
|
||
|
force: true
|
||
|
timeout: 300
|
||
|
mode: 0644
|
||
|
owner: "{{ caddy_user }}"
|
||
|
group: "{{ caddy_user_details.group }}"
|
||
|
retries: 3
|
||
|
delay: 2
|
||
|
when: caddy_releases_cache.changed or caddy_features_cache.changed
|
||
|
register: caddy_binary_cache
|
||
|
tags: skip_ansible_lint
|
||
|
|
||
|
- name: Download Caddy
|
||
|
get_url:
|
||
|
url: "{{ caddy_url }}"
|
||
|
dest: "{{ caddy_home }}/{{ 'caddy.tar.gz' if caddy_use_github else 'caddy' }}"
|
||
|
timeout: 300
|
||
|
mode: 0644
|
||
|
owner: "{{ caddy_user }}"
|
||
|
group: "{{ caddy_user_details.group }}"
|
||
|
retries: 3
|
||
|
delay: 2
|
||
|
register: caddy_download
|
||
|
tags: skip_ansible_lint
|
||
|
|
||
|
- include: github-extract.yml
|
||
|
when: caddy_use_github
|
||
|
|
||
|
- name: Copy Caddy Binary
|
||
|
copy:
|
||
|
src: "{{ caddy_home }}/caddy"
|
||
|
dest: "{{ caddy_bin }}"
|
||
|
mode: 0755
|
||
|
remote_src: true
|
||
|
notify:
|
||
|
- Restart caddy
|
||
|
|
||
|
- name: Create directories
|
||
|
file:
|
||
|
path: "{{ item }}"
|
||
|
state: directory
|
||
|
owner: "{{ caddy_user }}"
|
||
|
mode: 0770
|
||
|
with_items:
|
||
|
- "{{ caddy_conf_dir }}"
|
||
|
- "{{ caddy_certs_dir }}"
|
||
|
|
||
|
- name: Create log directory
|
||
|
file:
|
||
|
path: "{{ caddy_log_dir }}"
|
||
|
state: directory
|
||
|
owner: "{{ caddy_user }}"
|
||
|
mode: 0775
|
||
|
|
||
|
- name: Create Caddyfile
|
||
|
copy:
|
||
|
content: "{{ caddy_config }}"
|
||
|
dest: "{{ caddy_conf_dir }}/Caddyfile"
|
||
|
owner: "{{ caddy_user }}"
|
||
|
mode: 0640
|
||
|
notify:
|
||
|
- Reload caddy
|
||
|
|
||
|
- name: Template systemd service
|
||
|
template:
|
||
|
src: caddy.service
|
||
|
dest: /etc/systemd/system/caddy.service
|
||
|
owner: root
|
||
|
group: root
|
||
|
mode: 0644
|
||
|
notify:
|
||
|
- Restart caddy
|
||
|
|
||
|
- name: Set capability on the binary file to be able to bind to TCP port <1024
|
||
|
capabilities:
|
||
|
path: "{{ caddy_bin }}"
|
||
|
capability: cap_net_bind_service+eip
|
||
|
state: present
|
||
|
when: caddy_setcap
|
||
|
|
||
|
- name: Ensue caddy service is up-to-date before starting it
|
||
|
meta: flush_handlers
|
||
|
|
||
|
- name: Start Caddy service
|
||
|
systemd:
|
||
|
name: caddy
|
||
|
state: started
|
||
|
enabled: true
|