Separate caddy container id grabbing into own role

Since other roles often rely on this not an actual new caddy server installation we should probably have it as its own little role.
2023-12-08 20:35:51 +01:00 · 2023-12-08 20:35:51 +01:00 · 388a1d8cfc
commit 388a1d8cfc
parent a52cab2f61
8 changed files with 246 additions and 41 deletions
--- a/roles/caddy_id/templates/config.json.j2
+++ b/roles/caddy_id/templates/config.json.j2
@ -0,0 +1,72 @@
+{
+{% if caddy_use_api is sameas false %}
+  "admin": {
+    "disabled": true
+  },
+{% endif %}
+{% if caddy_use_debug is sameas true %}
+  "logging": {
+    "logs": {
+      "default": {
+        "level": "DEBUG"
+      }
+    }
+  },
+{% endif %}
+  "apps": {
+    "http": {
+      "servers": {
+        "{{ caddy_http_server_name }}": {
+          "listen": [
+            ":80"
+          ],
+          "routes": []
+{% if caddy_use_https is sameas false %},
+          "automatic_https": {
+            "disable": true
+          }
+{% endif %}
+        },
+        "{{ caddy_https_server_name }}": {
+          "listen": [
+            ":443"
+          ],
+          "routes": []
+{% if caddy_use_https is sameas false %},
+          "automatic_https": {
+            "disable": true
+          }
+{% endif %}
+        }
+      }
+    }
+{% if caddy_use_https is sameas true %},
+    "tls": {
+      "automation": {
+        "policies": [
+          {
+            "subjects": [],
+            "issuers": [
+              {
+    {% if caddy_tls_use_staging is sameas true %}
+                "ca": "https://acme-staging-v02.api.letsencrypt.org/directory",
+    {% endif %}
+    {%- if caddy_email is not undefined and not none %}   
+                "email": "{{ caddy_email }}",
+    {% endif %}
+                "module": "acme"
+              },
+              {
+        {%- if caddy_email is not undefined and not none %}   
+                "email": "{{ caddy_email }}",
+        {% endif %}
+                "module": "zerossl"
+              }
+            ]
+          }
+        ]
+      }
+    }
+{% endif %}
+  }
+}
--- a/roles/caddy_id/templates/docker-stack.yml.j2
+++ b/roles/caddy_id/templates/docker-stack.yml.j2
@ -0,0 +1,30 @@
+version: "3.7"
+
+services:
+  app:
+    image: caddy:{{ caddy_version }}
+    command: caddy run --config /etc/caddy/config.json
+    healthcheck:
+        test: ["CMD", "wget", "--quiet", "--spider", "--tries=1", "http://localhost:2019/metrics"]
+        interval: 1m
+        timeout: 10s
+        retries: 3
+        start_period: 1m
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - "{{ caddy_caddyfile_dir }}:/etc/caddy"
+      - "{{ docker_stack_files_dir }}:/stacks:ro"
+      - data:/data
+      - config:/config
+    networks:
+      - "{{ docker_swarm_public_network_name }}"
+
+volumes:
+  data:
+  config:
+
+networks:
+  "{{ docker_swarm_public_network_name }}":
+    external: true