82 lines
		
	
	
	
		
			2.1 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			82 lines
		
	
	
	
		
			2.1 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
| ---
 | |
| - name: Deploy Caddy
 | |
|   hosts: all
 | |
|   tasks:
 | |
|     - name: Ensure group "caddy" exists
 | |
|       ansible.builtin.group:
 | |
|         name: caddy
 | |
|         state: present
 | |
| 
 | |
|     - name: Ensure user "caddy" exists
 | |
|       user:
 | |
|         name: caddy
 | |
|         system: yes
 | |
|         shell: /usr/sbin/nologin
 | |
|         home: /var/lib/caddy
 | |
|         create_home: yes
 | |
|         group: caddy
 | |
| 
 | |
|     - name: Ensure directory "/etc/caddy" exists
 | |
|       file:
 | |
|         path: /etc/caddy
 | |
|         state: directory
 | |
| 
 | |
|     - name: Ensure file "/etc/caddy/Caddyfile" exists
 | |
|       file:
 | |
|         path: /etc/caddy/Caddyfile
 | |
|         state: touch
 | |
| 
 | |
|     - name: Ensure file "/etc/caddy/.env" exists"
 | |
|       file:
 | |
|         path: /etc/caddy/.env
 | |
|         state: touch
 | |
| 
 | |
|     - name: Copy Caddy binary
 | |
|       copy:
 | |
|         src: caddy
 | |
|         dest: /usr/bin/caddy
 | |
|         mode: "0755"
 | |
| 
 | |
|     - name: Check if systemd unit file exists
 | |
|       stat:
 | |
|         path: /etc/systemd/system/caddy.service
 | |
|       register: systemd_unit_file
 | |
| 
 | |
|     - name: Create systemd unit file for Caddy
 | |
|       copy:
 | |
|         dest: /etc/systemd/system/caddy.service
 | |
|         content: |
 | |
|           # caddy.service
 | |
|           # See: https://github.com/caddyserver/dist/blob/master/init/caddy.service
 | |
|           [Unit]
 | |
|           Description=Caddy
 | |
|           Documentation=https://caddyserver.com/docs/
 | |
|           After=network.target network-online.target
 | |
|           Requires=network-online.target
 | |
| 
 | |
|           [Service]
 | |
|           Type=notify
 | |
|           User=caddy
 | |
|           Group=caddy
 | |
|           ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
 | |
|           ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
 | |
|           TimeoutStopSec=5s
 | |
|           LimitNOFILE=1048576
 | |
|           PrivateTmp=true
 | |
|           ProtectSystem=full
 | |
|           AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
 | |
| 
 | |
|           [Install]
 | |
|           WantedBy=multi-user.target
 | |
|       when: not systemd_unit_file.stat.exists
 | |
| 
 | |
|     - name: Enable and start Caddy service
 | |
|       systemd:
 | |
|         name: caddy
 | |
|         enabled: yes
 | |
|         state: started
 | |
| 
 | |
|     - name: Restart Caddy service
 | |
|       systemd:
 | |
|         name: caddy
 | |
|         state: reloaded
 |