Compare commits
10 commits
b9477be1b3
...
b6a8bb2ab8
| Author | SHA1 | Date | |
|---|---|---|---|
b6a8bb2ab8
|
|||
|
d0ad9e6c7a
|
|||
|
21bb91be7d
|
|||
|
dfdcf551fc
|
|||
|
3ff9c88db7
|
|||
|
2d1f9cd955
|
|||
|
cdbd1e6dcc
|
|||
|
b6d419db88
|
|||
|
1619192748
|
|||
|
92948eb258
|
3 changed files with 44 additions and 12 deletions
|
|
@ -4,13 +4,14 @@ stages:
|
|||
|
||||
build:
|
||||
stage: build
|
||||
image: golang:bookworm
|
||||
image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/golang:bookworm
|
||||
before_script:
|
||||
- bash hack/install-xcaddy.sh
|
||||
script:
|
||||
- >
|
||||
xcaddy
|
||||
build
|
||||
v2.10.0
|
||||
--output ./caddy
|
||||
--with github.com/caddy-dns/cloudflare
|
||||
artifacts:
|
||||
|
|
@ -19,7 +20,7 @@ build:
|
|||
|
||||
deploy:
|
||||
stage: deploy
|
||||
image: alpine/ansible:latest
|
||||
image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/alpine/ansible:latest
|
||||
before_script:
|
||||
- "command -v ssh-agent >/dev/null || ( apk add --no-cache openssh-client )"
|
||||
- eval $(ssh-agent -s)
|
||||
|
|
@ -27,5 +28,6 @@ deploy:
|
|||
- mkdir -p ~/.ssh
|
||||
- chmod 700 ~/.ssh
|
||||
- ssh-keyscan -H valhalla.vxm.cz >> ~/.ssh/known_hosts
|
||||
- ssh-keyscan -H alfheim.vxm.cz >> ~/.ssh/known_hosts
|
||||
script:
|
||||
- ansible-playbook -i inventory.ini playbook.yml
|
||||
|
|
|
|||
|
|
@ -1 +1,2 @@
|
|||
valhalla.vxm.cz ansible_user=root
|
||||
alfheim.vxm.cz ansible_user=root
|
||||
|
|
|
|||
49
playbook.yml
49
playbook.yml
|
|
@ -8,28 +8,57 @@
|
|||
state: present
|
||||
|
||||
- name: Ensure user "caddy" exists
|
||||
user:
|
||||
ansible.builtin.user:
|
||||
name: caddy
|
||||
system: yes
|
||||
system: true
|
||||
shell: /usr/sbin/nologin
|
||||
home: /var/lib/caddy
|
||||
create_home: yes
|
||||
create_home: true
|
||||
group: caddy
|
||||
|
||||
- name: Ensure directory "/etc/caddy" exists
|
||||
ansible.builtin.file:
|
||||
path: /etc/caddy
|
||||
state: directory
|
||||
mode: "0755"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Ensure file "/etc/caddy/Caddyfile" exists
|
||||
ansible.builtin.file:
|
||||
path: /etc/caddy/Caddyfile
|
||||
state: touch
|
||||
mode: "0644"
|
||||
owner: caddy
|
||||
group: caddy
|
||||
|
||||
- name: Ensure file "/etc/caddy/.env" exists"
|
||||
ansible.builtin.file:
|
||||
path: /etc/caddy/.env
|
||||
state: touch
|
||||
mode: "0600"
|
||||
owner: caddy
|
||||
group: caddy
|
||||
|
||||
- name: Copy Caddy binary
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: caddy
|
||||
dest: /usr/local/bin/caddy
|
||||
dest: /usr/bin/caddy
|
||||
mode: "0755"
|
||||
owner: root
|
||||
group: root
|
||||
|
||||
- name: Check if systemd unit file exists
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: /etc/systemd/system/caddy.service
|
||||
register: systemd_unit_file
|
||||
|
||||
- name: Create systemd unit file for Caddy
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/systemd/system/caddy.service
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
content: |
|
||||
# caddy.service
|
||||
# See: https://github.com/caddyserver/dist/blob/master/init/caddy.service
|
||||
|
|
@ -56,12 +85,12 @@
|
|||
when: not systemd_unit_file.stat.exists
|
||||
|
||||
- name: Enable and start Caddy service
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: caddy
|
||||
enabled: yes
|
||||
enabled: true
|
||||
state: started
|
||||
|
||||
- name: Restart Caddy service
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: caddy
|
||||
state: reloaded
|
||||
|
|
|
|||
Reference in a new issue