javif89/homelab-ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
homelab-ansible/roles/caddy/install/tasks/main.yml

79 lines
2.0 KiB
YAML
Raw Blame History

- name: Install dependencies
apt:
name: apt-transport-https
state: present
update_cache: true
- name: Download and install XCaddy GPG key
ansible.builtin.shell:
cmd: >
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/gpg.key' |
gpg --dearmor -o /usr/share/keyrings/caddy-xcaddy-archive-keyring.gpg
args:
creates: /usr/share/keyrings/caddy-xcaddy-archive-keyring.gpg
become: true
- name: Add XCaddy repository list
ansible.builtin.get_url:
url: https://dl.cloudsmith.io/public/caddy/xcaddy/debian.deb.txt
dest: /etc/apt/sources.list.d/caddy-xcaddy.list
mode: '0644'
force: true
- name: Update apt cache
ansible.builtin.apt:
update_cache: true
- name: Install xcaddy
ansible.builtin.apt:
name: xcaddy
state: present
- name: Build Caddy with Cloudflare DNS plugin
ansible.builtin.shell: |
xcaddy build \
--with github.com/caddy-dns/cloudflare \
--output /usr/local/bin/caddy
args:
creates: /usr/local/bin/caddy
- name: Create systemd service for custom Caddy binary
ansible.builtin.copy:
dest: /etc/systemd/system/caddy.service
owner: root
group: root
mode: '0644'
content: |
[Unit]
Description=Caddy
[Service]
User=root
Group=root
ExecStart=/usr/local/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/local/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
Restart=on-failure
[Install]
WantedBy=multi-user.target
- name: Unmask Caddy service
ansible.builtin.systemd:
name: caddy
masked: false
- name: Allow Caddy to bind to ports <1024
command: setcap 'cap_net_bind_service=+ep' /usr/local/bin/caddy
- name: Reload systemd to pick up caddy.service changes
ansible.builtin.systemd:
daemon_reload: true
- name: Enable and start Caddy service
ansible.builtin.systemd:
name: caddy
enabled: true
state: started
Reference in New Issue View Git Blame Copy Permalink