cloudserve-infrastructure/roles/caddy/tasks/main.yml

---
# install caddy as a docker stack

- name: Ensure Caddyfile directory exists
  ansible.builtin.file:
    path: "{{ caddy_caddyfile_dir }}"
    state: directory
    mode: '0755'
  become: true
  tags: 
    - fs

- name: Ensure Caddyfile exists
  ansible.builtin.template:
    src: Caddyfile.j2
    dest: "{{ caddy_caddyfile_dir }}/Caddyfile"
    validate: "docker run --rm -v %s:/Caddyfile caddy caddy validate --config /Caddyfile"
  become: true
  tags:
    - fs

- name: Deploy caddy to swarm
  community.general.docker_stack:
    name: "{{ item.name }}"
    state: present
    prune: yes
    compose:
      - "{{ item.compose }}"
  with_items: "{{ caddy_stack }}"
  when: caddy_stack is defined
  become: yes
  tags:
    - docker-swarm

- name: Register caddy container id
  ansible.builtin.command:
    cmd: docker ps -q -f name={{ item.name }}
  with_items: "{{ caddy_stack }}"
  become: yes
  register: caddy_container_info

- name: Set fact
  ansible.builtin.set_fact: caddy_container_id={{ caddy_container_info.results[0].stdout }}
  notify: 
    - debug caddy container

# FIXME this should be taken care of in Dockerfile not here
- name: Ensure caddy curl available
  community.docker.docker_container_exec:
    container: "{{ caddy_container_id }}"
    command: >
      apk add curl
  become: yes

# TODO FIXME UP
# - name: Allow access to services
#   firewalld:
#     service: "{{ item }}"
#     permanent: true
#     state: enabled
#   with_items:
#     - http
#     - https
#   become: true
#   tags:
#     - firewall