-
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 693e544
Showing
9 changed files
with
235 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
--- | ||
caddy_apt_key_fingerprint: "65760C51EDEA2017CEA2CA15155B6D79CA56EA34" | ||
caddy_apt_key_url: "https://dl.cloudsmith.io/public/caddy/stable/gpg.key" | ||
caddy_apt_repo: "https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main" | ||
|
||
caddy_apt_packages: | ||
- caddy | ||
|
||
caddy_packages: [] | ||
|
||
caddy_dpkg_hook_script: "/usr/local/bin/caddy-upgrade" | ||
|
||
caddy_file: "" | ||
|
||
caddy_files: [] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
--- | ||
- name: restart caddy | ||
ansible.builtin.service: | ||
name: caddy | ||
state: restarted | ||
|
||
- name: reload caddy | ||
ansible.builtin.service: | ||
name: caddy | ||
state: reloaded |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
--- | ||
- name: Configure /etc/caddy/Caddyfile | ||
ansible.builtin.template: | ||
src: "Caddyfile" | ||
dest: "/etc/caddy/Caddyfile" | ||
owner: "root" | ||
group: "root" | ||
mode: "u=rw,g=r,o=r" | ||
when: caddy_file != "" | ||
notify: reload caddy | ||
|
||
- name: Configure Caddyfiles | ||
ansible.builtin.template: | ||
src: "Caddyfile" | ||
dest: "/etc/caddy/{{ item.name }}" | ||
owner: "root" | ||
group: "root" | ||
mode: "u=rw,g=r,o=r" | ||
notify: reload caddy | ||
loop: "{{ caddy_files | selectattr('dir', 'undefined') }}" | ||
loop_control: | ||
label: "/etc/caddy/{{ item.name }}" | ||
|
||
- name: Create subdirectories for Caddyfiles | ||
ansible.builtin.file: | ||
path: "/etc/caddy/{{ item }}" | ||
owner: "root" | ||
group: "root" | ||
mode: "u=rwx,g=rx,o=rx" | ||
state: "directory" | ||
loop: >- | ||
{{ caddy_files | ||
| selectattr('dir', 'defined') | ||
| map(attribute="dir") | ||
| unique }} | ||
- name: Configure Caddyfiles in subdirectory | ||
ansible.builtin.template: | ||
src: "Caddyfile" | ||
dest: "/etc/caddy/{{ item.dir }}/{{ item.name }}" | ||
owner: "root" | ||
group: "root" | ||
mode: "u=rw,g=r,o=r" | ||
notify: reload caddy | ||
loop: "{{ caddy_files | selectattr('dir', 'defined') }}" | ||
loop_control: | ||
label: "/etc/caddy/{{ item.dir }}/{{ item.name }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
--- | ||
- name: Create apt keyrings directory | ||
ansible.builtin.file: | ||
path: /etc/apt/keyrings | ||
state: directory | ||
owner: root | ||
group: root | ||
mode: u=rwx,g=rx,o=rx | ||
|
||
- name: Add caddy apt signing key | ||
ansible.builtin.apt_key: | ||
id: "{{ caddy_apt_key_fingerprint }}" | ||
url: "{{ caddy_apt_key_url }}" | ||
keyring: /etc/apt/keyrings/caddy.gpg | ||
state: present | ||
|
||
- name: Add caddy apt repository | ||
ansible.builtin.apt_repository: | ||
repo: >- | ||
deb [signed-by=/etc/apt/keyrings/caddy.gpg] | ||
{{ caddy_apt_repo }} | ||
filename: caddy | ||
update_cache: true | ||
state: present | ||
|
||
- name: Install caddy | ||
ansible.builtin.apt: | ||
name: "{{ caddy_apt_packages }}" | ||
install_recommends: false | ||
state: present |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
--- | ||
- name: Install caddy | ||
ansible.builtin.import_tasks: | ||
file: install.yml | ||
|
||
- name: Install caddy packages | ||
ansible.builtin.import_tasks: | ||
file: packages.yml | ||
|
||
- name: Configure caddy | ||
ansible.builtin.import_tasks: | ||
file: configure.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
--- | ||
- name: Divert caddy binary provided by apt package | ||
community.general.dpkg_divert: | ||
path: /usr/bin/caddy | ||
rename: true | ||
force: true | ||
state: "{{ 'present' if caddy_packages | length >= 1 else 'absent' }}" | ||
notify: restart caddy | ||
|
||
- name: Create custom caddy binary | ||
ansible.builtin.copy: | ||
src: /usr/bin/caddy.distrib | ||
dest: /usr/bin/caddy.custom | ||
force: false | ||
remote_src: true | ||
owner: root | ||
group: root | ||
mode: "u=rwx,g=rx,o=rx" | ||
when: "caddy_packages | length >= 1" | ||
|
||
- name: Configure alternative link for original caddy binary | ||
community.general.alternatives: | ||
name: caddy | ||
link: /usr/bin/caddy | ||
path: /usr/bin/caddy.distrib | ||
priority: 10 | ||
state: "{{ 'auto' if caddy_packages | length >= 1 else 'absent' }}" | ||
notify: restart caddy | ||
|
||
- name: Configure alternative link for custom caddy binary | ||
community.general.alternatives: | ||
name: caddy | ||
link: /usr/bin/caddy | ||
path: /usr/bin/caddy.custom | ||
priority: 50 | ||
state: "{{ 'auto' if caddy_packages | length >= 1 else 'absent' }}" | ||
notify: restart caddy | ||
|
||
- name: Remove custom caddy binary | ||
ansible.builtin.file: | ||
path: /usr/bin/caddy.custom | ||
state: absent | ||
when: "caddy_packages | length == 0" | ||
|
||
- name: Get list of installed caddy packages | ||
ansible.builtin.command: | ||
cmd: caddy list-modules --skip-standard --packages | ||
register: _caddy_list_modules_cmd | ||
changed_when: false | ||
|
||
- name: Set installed packages fact | ||
ansible.builtin.set_fact: | ||
_caddy_packages: >- | ||
{{ _caddy_list_modules_cmd.stdout_lines | ||
| select("search", "^[\w.]+ \S+$") | ||
| map("split", " ") | ||
| map("last") }} | ||
- name: Install caddy packages | ||
ansible.builtin.command: | ||
cmd: caddy add-package {{ item }} | ||
register: _caddy_add_package_cmd | ||
changed_when: "'requesting build' in _caddy_add_package_cmd.stderr" | ||
failed_when: >- | ||
_caddy_add_package_cmd.rc != 0 | ||
and 'package is already added' not in _caddy_add_package_cmd.stderr | ||
loop: "{{ caddy_packages }}" | ||
when: "item not in _caddy_packages" | ||
notify: restart caddy | ||
|
||
- name: Remove caddy packages | ||
ansible.builtin.command: | ||
cmd: caddy remove-package {{ _caddy_packages_remove | join(" ") }} | ||
vars: | ||
_caddy_packages_remove: "{{ _caddy_packages | difference(caddy_packages) }}" | ||
register: _caddy_remove_package_cmd | ||
changed_when: "'requesting build' in _caddy_remove_package_cmd.stderr" | ||
when: "_caddy_packages_remove | length >= 1" | ||
notify: restart caddy | ||
|
||
- name: Add caddy upgrade apt hook script | ||
ansible.builtin.template: | ||
src: "caddy-upgrade.sh" | ||
dest: "{{ caddy_dpkg_hook_script }}" | ||
owner: "root" | ||
group: "root" | ||
mode: "u=rwx,g=rx,o=rx" | ||
when: "caddy_packages | length >= 1" | ||
|
||
- name: Configure caddy upgrade apt hook script | ||
ansible.builtin.template: | ||
src: "apt.conf.d" | ||
dest: "/etc/apt/apt.conf.d/99caddy-upgrade" | ||
owner: "root" | ||
group: "root" | ||
mode: "u=rw,g=r,o=r" | ||
when: "caddy_packages | length >= 1" | ||
|
||
- name: Remove caddy upgrade apt hook script | ||
ansible.builtin.file: | ||
path: "{{ item }}" | ||
state: absent | ||
loop: | ||
- "{{ caddy_dpkg_hook_script }}" | ||
- "/etc/apt/apt.conf.d/99caddy-upgrade" | ||
when: "caddy_packages | length == 0" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# {{ ansible_managed }} | ||
|
||
{{ item.config if item.config is defined else caddy_file }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# {{ ansible_managed }} | ||
|
||
DPkg::Pre-Install-Pkgs { "{{ caddy_dpkg_hook_script }} || true"; }; | ||
DPkg::Tools::Options::{{ caddy_dpkg_hook_script }}::Version "3"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
#!/bin/bash | ||
# {{ ansible_managed }} | ||
|
||
set -euo pipefail | ||
|
||
if grep -q "^caddy .* \*\*CONFIGURE\*\*$"; then | ||
caddy upgrade | ||
fi |