freezer/build-custom-caddy-and-install-with-ansible
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2025-08-23. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.
build-custom-caddy-and-inst.../playbook.yml
Vojtěch Mareš dfdcf551fc
fix(playbook): ansible-lint issues 
- prefix functions with ansible.builtin
- missing mode for file and copy functions
- boolean values use true|false values and no other (yes,no,...)

Signed-off-by: Vojtěch Mareš <vojtech@mares.cz>
2025-05-15 14:14:46 +02:00

86 lines
2.3 KiB
YAML
Raw Blame History

---
- name: Deploy Caddy
hosts: all
tasks:
- name: Ensure group "caddy" exists
ansible.builtin.group:
name: caddy
state: present
- name: Ensure user "caddy" exists
ansible.builtin.user:
name: caddy
system: true
shell: /usr/sbin/nologin
home: /var/lib/caddy
create_home: true
group: caddy
- name: Ensure directory "/etc/caddy" exists
ansible.builtin.file:
path: /etc/caddy
state: directory
mode: "0644"
- name: Ensure file "/etc/caddy/Caddyfile" exists
ansible.builtin.file:
path: /etc/caddy/Caddyfile
state: touch
mode: "0644"
- name: Ensure file "/etc/caddy/.env" exists"
ansible.builtin.file:
path: /etc/caddy/.env
state: touch
mode: "0600"
- name: Copy Caddy binary
ansible.builtin.copy:
src: caddy
dest: /usr/bin/caddy
mode: "0755"
- name: Check if systemd unit file exists
ansible.builtin.stat:
path: /etc/systemd/system/caddy.service
register: systemd_unit_file
- name: Create systemd unit file for Caddy
ansible.builtin.copy:
dest: /etc/systemd/system/caddy.service
mode: "0644"
content: |
# caddy.service
# See: https://github.com/caddyserver/dist/blob/master/init/caddy.service
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
when: not systemd_unit_file.stat.exists
- name: Enable and start Caddy service
ansible.builtin.systemd:
name: caddy
enabled: true
state: started
- name: Restart Caddy service
ansible.builtin.systemd:
name: caddy
state: reloaded
View git blame Copy permalink