diff --git a/roles/caddy/defaults/main.yml b/roles/caddy/defaults/main.yml
new file mode 100644
index 0000000..a830f81
--- /dev/null
+++ b/roles/caddy/defaults/main.yml
@@ -0,0 +1,13 @@
+---
+
+caddy_version: alpine
+caddy_caddyfile_dir: "{{ docker_stack_files_dir }}/caddy"
+
+caddy_use_debug: no
+
+caddy_use_https: yes
+caddy_tls_use_staging: no
+# caddy_email: your@email.here
+
+# sets up a quick test server on port 80 to see if the container is set up correctly
+caddy_create_test_file_server: no
diff --git a/roles/caddy/meta/main.yml b/roles/caddy/meta/main.yml
new file mode 100644
index 0000000..5863772
--- /dev/null
+++ b/roles/caddy/meta/main.yml
@@ -0,0 +1,5 @@
+---
+
+dependencies:
+  - docker
+  - docker-swarm
diff --git a/roles/caddy/tasks/main.yml b/roles/caddy/tasks/main.yml
new file mode 100644
index 0000000..4484e8a
--- /dev/null
+++ b/roles/caddy/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+# install caddy as a docker stack
+
+- name: Ensure Caddyfile directory exists
+  ansible.builtin.file:
+    path: "{{ caddy_caddyfile_dir }}"
+    state: directory
+    mode: '0755'
+  become: true
+
+- name: Ensure Caddyfile exists
+  ansible.builtin.template:
+    src: Caddyfile.j2
+    dest: "{{ caddy_caddyfile_dir }}/Caddyfile"
+    validate: "docker run --rm -v %s:/Caddyfile caddy caddy validate --config /Caddyfile"
+  become: true
+
+- name: Deploy caddy to swarm
+  community.general.docker_stack:
+    name: "{{ item.name }}"
+    state: present
+    prune: yes
+    compose:
+      - "{{ item.compose }}"
+  with_items: "{{ caddy_stack }}"
+  when: caddy_stack is defined
+  become: yes
diff --git a/roles/caddy/templates/Caddyfile.j2 b/roles/caddy/templates/Caddyfile.j2
new file mode 100644
index 0000000..5af154e
--- /dev/null
+++ b/roles/caddy/templates/Caddyfile.j2
@@ -0,0 +1,26 @@
+{
+{%- if caddy_email is not none %}   
+    email {{ caddy_email }}
+{% endif %}
+
+{% if caddy_tls_use_staging is sameas true %}
+    acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
+{% endif %}
+
+{% if caddy_use_debug is sameas true %}
+    debug
+{% endif %}
+
+{% if caddy_use_https is sameas false %}
+    auto_https off
+{% endif %}
+}
+
+{% if caddy_create_test_file_server is sameas true %}
+:80 {
+    file_server {
+        browse
+    }
+}
+{% endif %}
+
diff --git a/roles/caddy/templates/docker-stack.yml.j2 b/roles/caddy/templates/docker-stack.yml.j2
new file mode 100644
index 0000000..1ceb8ce
--- /dev/null
+++ b/roles/caddy/templates/docker-stack.yml.j2
@@ -0,0 +1,22 @@
+version: "3.7"
+
+services:
+  app:
+    image: caddy:{{ caddy_version }}
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - "{{ caddy_caddyfile_dir }}:/etc/caddy"
+      - data:/data
+      - config:/config
+    networks:
+      - "{{ docker_swarm_public_network_name }}"
+
+volumes:
+  data:
+  config:
+
+networks:
+  "{{ docker_swarm_public_network_name }}":
+    external: true
diff --git a/roles/caddy/vars/main.yml b/roles/caddy/vars/main.yml
new file mode 100644
index 0000000..3edaa66
--- /dev/null
+++ b/roles/caddy/vars/main.yml
@@ -0,0 +1,5 @@
+---
+
+caddy_stack:
+  - name: caddy
+    compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}"
diff --git a/playbook.yml b/site.yml
similarity index 58%
rename from playbook.yml
rename to site.yml
index 3e181ca..c6c0fa6 100644
--- a/playbook.yml
+++ b/site.yml
@@ -5,3 +5,7 @@
     - system-upgrade
     - docker
     - docker-swarm
+
+- hosts: docker_swarm_manager_node
+  roles:
+    - caddy