123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 |
- ---
- - include: preflight.yml
- - include: packages-{{ ansible_pkg_mgr }}.yml
- - name: Create Caddy user
- user:
- name: "{{ caddy_user }}"
- system: true
- createhome: true
- home: "{{ caddy_home }}"
- register: caddy_user_details
- - name: Build headers to use when making requests to github
- set_fact:
- caddy_github_headers: "{{ caddy_github_headers | combine({'Authorization': 'token ' + caddy_github_token}) }}"
- when: caddy_github_token | length > 0
- - name: Get all Caddy releases
- get_url:
- url: https://api.github.com/repos/mholt/caddy/git/refs/tags
- dest: "{{ caddy_home }}/releases.txt"
- force: true
- headers: '{{ caddy_github_headers }}'
- owner: "{{ caddy_user }}"
- group: "{{ caddy_user_details.group }}"
- retries: 3
- delay: 2
- when: caddy_update
- register: caddy_releases_cache
- - name: Set Caddy features
- copy:
- content: "{{ ','.join(caddy_packages) }}"
- dest: "{{ caddy_home }}/features.txt"
- mode: 0640
- owner: "{{ caddy_user }}"
- group: "{{ caddy_user_details.group }}"
- when: caddy_update
- register: caddy_features_cache
- - include: github-url.yml
- when: caddy_use_github
- - name: Download Caddy
- get_url:
- url: "{{ caddy_url }}"
- dest: "{{ caddy_home }}/{{ 'caddy.tar.gz' if caddy_use_github else 'caddy' }}"
- force: true
- timeout: 300
- mode: 0644
- owner: "{{ caddy_user }}"
- group: "{{ caddy_user_details.group }}"
- retries: 3
- delay: 2
- when: caddy_releases_cache.changed or caddy_features_cache.changed
- register: caddy_binary_cache
- tags: skip_ansible_lint
- - name: Download Caddy
- get_url:
- url: "{{ caddy_url }}"
- dest: "{{ caddy_home }}/{{ 'caddy.tar.gz' if caddy_use_github else 'caddy' }}"
- timeout: 300
- mode: 0644
- owner: "{{ caddy_user }}"
- group: "{{ caddy_user_details.group }}"
- retries: 3
- delay: 2
- register: caddy_download
- tags: skip_ansible_lint
- - include: github-extract.yml
- when: caddy_use_github
- - name: Copy Caddy Binary
- copy:
- src: "{{ caddy_home }}/caddy"
- dest: "{{ caddy_bin }}"
- mode: 0755
- remote_src: true
- notify:
- - Restart caddy
- - name: Create directories
- file:
- path: "{{ item }}"
- state: directory
- owner: "{{ caddy_user }}"
- mode: 0770
- with_items:
- - "{{ caddy_conf_dir }}"
- - "{{ caddy_certs_dir }}"
- - name: Create log directory
- file:
- path: "{{ caddy_log_dir }}"
- state: directory
- owner: "{{ caddy_user }}"
- mode: 0775
- - name: Create Caddyfile
- copy:
- content: "{{ caddy_config }}"
- dest: "{{ caddy_conf_dir }}/Caddyfile"
- owner: "{{ caddy_user }}"
- mode: 0640
- notify:
- - Reload caddy
- - name: Template systemd service
- template:
- src: caddy.service
- dest: /etc/systemd/system/caddy.service
- owner: root
- group: root
- mode: 0644
- notify:
- - Restart caddy
- - name: Set capability on the binary file to be able to bind to TCP port <1024
- capabilities:
- path: "{{ caddy_bin }}"
- capability: cap_net_bind_service+eip
- state: present
- when: caddy_setcap
- - name: Ensue caddy service is up-to-date before starting it
- meta: flush_handlers
- - name: Start Caddy service
- systemd:
- name: caddy
- state: started
- enabled: true
|