Compare commits
No commits in common. "b6a8bb2ab84036cb706c0233378791591c5bfa95" and "b9477be1b31da336ab1c4b9af6bf6ff3f181d9a2" have entirely different histories.
b6a8bb2ab8
...
b9477be1b3
3 changed files with 12 additions and 44 deletions
|
|
@ -4,14 +4,13 @@ stages:
|
|||
|
||||
build:
|
||||
stage: build
|
||||
image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/golang:bookworm
|
||||
image: golang:bookworm
|
||||
before_script:
|
||||
- bash hack/install-xcaddy.sh
|
||||
script:
|
||||
- >
|
||||
xcaddy
|
||||
build
|
||||
v2.10.0
|
||||
--output ./caddy
|
||||
--with github.com/caddy-dns/cloudflare
|
||||
artifacts:
|
||||
|
|
@ -20,7 +19,7 @@ build:
|
|||
|
||||
deploy:
|
||||
stage: deploy
|
||||
image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/alpine/ansible:latest
|
||||
image: alpine/ansible:latest
|
||||
before_script:
|
||||
- "command -v ssh-agent >/dev/null || ( apk add --no-cache openssh-client )"
|
||||
- eval $(ssh-agent -s)
|
||||
|
|
@ -28,6 +27,5 @@ deploy:
|
|||
- mkdir -p ~/.ssh
|
||||
- chmod 700 ~/.ssh
|
||||
- ssh-keyscan -H valhalla.vxm.cz >> ~/.ssh/known_hosts
|
||||
- ssh-keyscan -H alfheim.vxm.cz >> ~/.ssh/known_hosts
|
||||
script:
|
||||
- ansible-playbook -i inventory.ini playbook.yml
|
||||
|
|
|
|||
|
|
@ -1,2 +1 @@
|
|||
valhalla.vxm.cz ansible_user=root
|
||||
alfheim.vxm.cz ansible_user=root
|
||||
|
|
|
|||
49
playbook.yml
49
playbook.yml
|
|
@ -8,57 +8,28 @@
|
|||
state: present
|
||||
|
||||
- name: Ensure user "caddy" exists
|
||||
ansible.builtin.user:
|
||||
user:
|
||||
name: caddy
|
||||
system: true
|
||||
system: yes
|
||||
shell: /usr/sbin/nologin
|
||||
home: /var/lib/caddy
|
||||
create_home: true
|
||||
group: caddy
|
||||
|
||||
- name: Ensure directory "/etc/caddy" exists
|
||||
ansible.builtin.file:
|
||||
path: /etc/caddy
|
||||
state: directory
|
||||
mode: "0755"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Ensure file "/etc/caddy/Caddyfile" exists
|
||||
ansible.builtin.file:
|
||||
path: /etc/caddy/Caddyfile
|
||||
state: touch
|
||||
mode: "0644"
|
||||
owner: caddy
|
||||
group: caddy
|
||||
|
||||
- name: Ensure file "/etc/caddy/.env" exists"
|
||||
ansible.builtin.file:
|
||||
path: /etc/caddy/.env
|
||||
state: touch
|
||||
mode: "0600"
|
||||
owner: caddy
|
||||
create_home: yes
|
||||
group: caddy
|
||||
|
||||
- name: Copy Caddy binary
|
||||
ansible.builtin.copy:
|
||||
copy:
|
||||
src: caddy
|
||||
dest: /usr/bin/caddy
|
||||
dest: /usr/local/bin/caddy
|
||||
mode: "0755"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Check if systemd unit file exists
|
||||
ansible.builtin.stat:
|
||||
stat:
|
||||
path: /etc/systemd/system/caddy.service
|
||||
register: systemd_unit_file
|
||||
|
||||
- name: Create systemd unit file for Caddy
|
||||
ansible.builtin.copy:
|
||||
copy:
|
||||
dest: /etc/systemd/system/caddy.service
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
content: |
|
||||
# caddy.service
|
||||
# See: https://github.com/caddyserver/dist/blob/master/init/caddy.service
|
||||
|
|
@ -85,12 +56,12 @@
|
|||
when: not systemd_unit_file.stat.exists
|
||||
|
||||
- name: Enable and start Caddy service
|
||||
ansible.builtin.systemd:
|
||||
systemd:
|
||||
name: caddy
|
||||
enabled: true
|
||||
enabled: yes
|
||||
state: started
|
||||
|
||||
- name: Restart Caddy service
|
||||
ansible.builtin.systemd:
|
||||
systemd:
|
||||
name: caddy
|
||||
state: reloaded
|
||||
|
|
|
|||
Reference in a new issue