hosting/cloudserve-infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
cloudserve-infrastructure/roles/caddy
History
Exact
Marty Oehme b3f201ed7d
Pin exact caddy version 
Stay on the exact version unless it is specifically told to upgrade.
This is a first-step workaround for the (non-)idempodency issue of the
caddy container's json config injection.
2024-06-24 20:50:58 +02:00
..
defaults Pin exact caddy version 2024-06-24 20:50:58 +02:00
meta Apply prettier formatting 2024-06-24 20:36:55 +02:00
tasks Separate caddy container id grabbing into own role 2023-12-08 20:35:51 +01:00
templates Make zerossl usage depend on having an api key 2024-06-24 18:56:37 +02:00
vars Apply prettier formatting 2024-06-24 20:36:55 +02:00
README.md Apply prettier formatting 2024-06-24 20:36:55 +02:00

README.md

Caddy

Caddy is the reverse proxy for all other services running on the infrastructure. It was chosen for its relative ease of use, interactible API and https-by-default setup.

Variables

caddy_caddyfile_dir: "{{ docker_stack_files_dir }}/caddy"

Sets up the on-target directory where important caddy files should be stored.

caddy_email: <your@email.here>

Which e-mail should be used to provision https certificates with. I believe theoretically caddy will work and provision you with certificates even without providing an e-mail, but I would strongly urge providing one.

caddy_tls_use_staging: no

If turned on will use the staging servers of the acme certificate service, which is useful for testing and playing around with https (due to higher API limits and less severe restrictions).

caddy_use_api: yes

If turned off, will turn off the admin api for caddy. Should only be used if no other services are intended to be provisioned on the target, since most other service stacks rely on the API to set up their proxy targets.

caddy_use_debug: no

If true, will turn on caddy's debug logging.

caddy_use_https: yes

If turned off will turn of all auto-provisioning of https certificates by caddy.

caddy_version: alpine

Sets the docker image version to be used.

Internal variables

caddy_stack:
  name: caddy
  compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}"

Defines the actual docker stack which will later run on the target. The name can be changed and will be used as a proxy target (caddy.mydomain.com or 192.168.1.1/caddy) --- though to be clear there is no intention currently to expose the caddy to the web at the moment.
The compose option defines which template to use for the docker-stack.yml file. You can either change options for the stack in the template file, or directly here like the following:

compose:
  - "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}"
  - version: "3"
    services:
      another-container:
        image: nginx:latest
#           ...

caddy_http_server_name: http

caddy_https_server_name: https

The internal representation of the http and https servers respectively.