1
0
Fork 0
This repository has been archived on 2025-08-23. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.
build-custom-caddy-and-inst.../playbook.yml

82 lines
2.1 KiB
YAML

---
- name: Deploy Caddy
hosts: all
tasks:
- name: Ensure group "caddy" exists
ansible.builtin.group:
name: caddy
state: present
- name: Ensure user "caddy" exists
user:
name: caddy
system: yes
shell: /usr/sbin/nologin
home: /var/lib/caddy
create_home: yes
group: caddy
- name: Ensure directory "/etc/caddy" exists
file:
path: /etc/caddy
state: directory
- name: Ensure file "/etc/caddy/Caddyfile" exists
file:
path: /etc/caddy/Caddyfile
state: touch
- name: Ensure file "/etc/caddy/.env" exists"
file:
path: /etc/caddy/.env
state: touch
- name: Copy Caddy binary
copy:
src: caddy
dest: /usr/local/bin/caddy
mode: "0755"
- name: Check if systemd unit file exists
stat:
path: /etc/systemd/system/caddy.service
register: systemd_unit_file
- name: Create systemd unit file for Caddy
copy:
dest: /etc/systemd/system/caddy.service
content: |
# caddy.service
# See: https://github.com/caddyserver/dist/blob/master/init/caddy.service
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
when: not systemd_unit_file.stat.exists
- name: Enable and start Caddy service
systemd:
name: caddy
enabled: yes
state: started
- name: Restart Caddy service
systemd:
name: caddy
state: reloaded