Switch caddy to use json configuration

roles/caddy/defaults/main.yml

@@ -10,5 +10,3 @@ caddy_use_https: yes
 caddy_tls_use_staging: no
 # caddy_email: your@email.here
 
-# sets up a quick test server on port 80 to see if the container is set up correctly
-caddy_create_test_file_server: no

roles/caddy/tasks/main.yml

@@ -12,9 +12,9 @@
 
 - name: Ensure Caddyfile exists
   ansible.builtin.template:
-    src: Caddyfile.j2
+    src: config.json.j2
-    dest: "{{ caddy_caddyfile_dir }}/Caddyfile"
+    dest: "{{ caddy_caddyfile_dir }}/config.json"
-    validate: "docker run --rm -v %s:/Caddyfile caddy caddy validate --config /Caddyfile"
+    validate: "docker run --rm -v %s:/config.json peterdavehello/jsonlint jsonlint -q /config.json"
   become: true
   tags:
     - fs

roles/caddy/templates/Caddyfile.j2

@@ -1,29 +0,0 @@
-{
-{%- if caddy_email is not undefined and not none %}   
-    email "{{ caddy_email }}"
-{% endif %}
-
-{% if caddy_tls_use_staging is sameas true %}
-    acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
-{% endif %}
-
-{% if caddy_use_debug is sameas true %}
-    debug
-{% endif %}
-{% if caddy_use_api is sameas false %}
-    admin off
-{% endif %}
-
-{% if caddy_use_https is sameas false %}
-    auto_https off
-{% endif %}
-}
-
-{% if caddy_create_test_file_server is sameas true %}
-:80 {
-    file_server {
-        browse
-    }
-}
-{% endif %}
-

roles/caddy/templates/config.json.j2

@@ -0,0 +1,79 @@
+{
+{% if caddy_use_api is sameas false %}
+  "admin": {
+    "disabled": true
+  },
+{% endif %}
+{% if caddy_use_debug is sameas true %}
+  "logging": {
+    "logs": {
+      "default": {
+        "level": "DEBUG"
+      }
+    }
+  },
+{% endif %}
+  "apps": {
+    "http": {
+      "servers": {
+        "{{ caddy_http_server_name }}": {
+          "listen": [
+            ":80"
+          ],
+          "routes": []
+{% if caddy_use_https is sameas true %},
+          "automatic_https": {
+            "disable": true
+          }
+{% endif %}
+        },
+        "{{ caddy_https_server_name }}": {
+          "listen": [
+            ":443"
+          ],
+          "routes": []
+{% if caddy_use_https is sameas true %},
+          "automatic_https": {
+            "disable": true
+          }
+{% endif %}
+        }
+      }
+    }
+{% if caddy_use_https is sameas true %},
+    "tls": {
+      "automation": {
+        "policies": [
+          {
+            "subjects": [],
+            "issuers": [
+    {% if caddy_tls_use_staging is sameas true %}
+              {
+                "ca": "https://acme-staging-v02.api.letsencrypt.org/directory",
+        {%- if caddy_email is not undefined and not none %}   
+                "email": "{{ caddy_email }}",
+        {% endif %}
+                "module": "acme"
+              }
+    {% else %}
+              {
+        {%- if caddy_email is not undefined and not none %}   
+                "email": "{{ caddy_email }}",
+        {% endif %}
+                "module": "acme"
+              },
+              {
+        {%- if caddy_email is not undefined and not none %}   
+                "email": "{{ caddy_email }}",
+        {% endif %}
+                "module": "zerossl"
+              }
+    {% endif %}
+            ]
+          }
+        ]
+      }
+    }
+{% endif %}
+  }
+}

roles/caddy/templates/docker-stack.yml.j2

@@ -3,6 +3,7 @@ version: "3.7"
 services:
   app:
     image: caddy:{{ caddy_version }}
+    command: caddy run --config /etc/caddy/config.json
     ports:
       - "80:80"
       - "443:443"

roles/caddy/vars/main.yml

@@ -3,3 +3,6 @@
 caddy_stack:
   name: caddy
   compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}"
+
+caddy_http_server_name: http
+caddy_https_server_name: https