--- - include: preflight.yml - include: packages-{{ ansible_pkg_mgr }}.yml - name: Create Caddy user user: name: "{{ caddy_user }}" group: "{{ group }}" system: true createhome: true home: "{{ caddy_home }}" shell: /bin/bash register: caddy_user_details become: yes - name: Build headers to use when making requests to github set_fact: caddy_github_headers: "{{ caddy_github_headers | combine({'Authorization': 'token ' + caddy_github_token}) }}" when: caddy_github_token | length > 0 - name: Get all Caddy releases get_url: url: https://api.github.com/repos/caddyserver/caddy/git/refs/tags dest: "{{ caddy_home }}/releases.txt" force: true headers: '{{ caddy_github_headers }}' owner: "{{ caddy_user }}" group: "{{ caddy_user_details.group }}" retries: 3 delay: 2 when: caddy_update register: caddy_releases_cache become: yes - name: Set Caddy features copy: content: "{{ ','.join(caddy_packages) }}" dest: "{{ caddy_home }}/features.txt" mode: 0640 owner: "{{ caddy_user }}" group: "{{ caddy_user_details.group }}" when: caddy_update register: caddy_features_cache become: yes - include: github-url.yml when: caddy_use_github - name: Download Caddy get_url: url: "{{ caddy_url }}" checksum: "{{ caddy_checksum_url | default(omit) }}" dest: "{{ caddy_home }}/{{ 'caddy.tar.gz' if caddy_use_github else 'caddy' }}" force: true timeout: 300 mode: 0644 owner: "{{ caddy_user }}" group: "{{ caddy_user_details.group }}" retries: 3 delay: 2 when: caddy_releases_cache.changed or caddy_features_cache.changed register: caddy_binary_cache tags: skip_ansible_lint become: yes - name: Download Caddy get_url: url: "{{ caddy_url }}" checksum: "{{ caddy_checksum_url | default(omit) }}" dest: "{{ caddy_home }}/{{ 'caddy.tar.gz' if caddy_use_github else 'caddy' }}" timeout: 300 mode: 0644 owner: "{{ caddy_user }}" group: "{{ caddy_user_details.group }}" retries: 3 delay: 2 register: caddy_download tags: skip_ansible_lint become: yes - include: github-extract.yml when: caddy_use_github - name: Copy Caddy Binary copy: src: "{{ caddy_home }}/caddy" dest: "{{ caddy_bin }}" mode: 0755 remote_src: true notify: - Restart caddy - name: Create directories file: path: "{{ item }}" state: directory owner: "{{ caddy_user }}" mode: 0770 with_items: - "{{ caddy_conf_dir }}" - "{{ caddy_certs_dir }}" - name: Create log directory file: path: "{{ caddy_log_dir }}" state: directory owner: "{{ caddy_user }}" mode: 0775 - name: Create caddy config copy: content: "{{ caddy_config }}" dest: "{{ caddy_conf_dir }}/{{ caddy_conf_filename }}" owner: "{{ caddy_user }}" mode: 0640 notify: - Reload caddy - name: Template systemd service template: src: caddy.service dest: /etc/systemd/system/caddy.service owner: root group: root mode: 0644 notify: - Restart caddy - name: Set capability on the binary file to be able to bind to TCP port <1024 capabilities: path: "{{ caddy_bin }}" capability: cap_net_bind_service+eip state: present when: caddy_setcap - name: Ensue caddy service is up-to-date before starting it meta: flush_handlers - name: Start Caddy service systemd: name: caddy state: started enabled: true