Ensure stacks can inject their upstream to caddy

Created bind volume for caddy which takes the json fragments which will
later be injected through the caddy api to dynamically set their
individual reverse proxy addresses.

This is not entirely necessary if the injection should be done as a
variable instead, but makes it easier to change routes and especially
more complicated ones (I'm thinking of gitea with ssh access e.g.).

roles/caddy/tasks/main.yml

@@ -31,3 +31,36 @@
   become: yes
   tags:
     - docker-swarm
+
+- name: Register caddy container id
+  ansible.builtin.command:
+    cmd: docker ps -q -f name={{ item.name }}
+  with_items: "{{ caddy_stack }}"
+  become: yes
+  register: caddy_container_info
+
+- name: Set fact
+  ansible.builtin.set_fact: caddy_container_id={{ caddy_container_info.results[0].stdout }}
+  notify: 
+    - debug caddy container
+
+# FIXME this should be taken care of in Dockerfile not here
+- name: Ensure caddy curl available
+  community.docker.docker_container_exec:
+    container: "{{ caddy_container_id }}"
+    command: >
+      apk add curl
+  become: yes
+
+# TODO FIXME UP
+# - name: Allow access to services
+#   firewalld:
+#     service: "{{ item }}"
+#     permanent: true
+#     state: enabled
+#   with_items:
+#     - http
+#     - https
+#   become: true
+#   tags:
+#     - firewall

roles/caddy/templates/docker-stack.yml.j2

@@ -8,6 +8,7 @@ services:
       - "443:443"
     volumes:
       - "{{ caddy_caddyfile_dir }}:/etc/caddy"
+      - "{{ docker_stack_files_dir }}:/stacks:ro"
       - data:/data
       - config:/config
     networks: