From 03db3241b3d231a55b51d527aab637683563c8bd Mon Sep 17 00:00:00 2001 From: Anton Vakhrushev Date: Sat, 21 Dec 2024 15:38:54 +0300 Subject: [PATCH] Extract caddy to separate playbook --- playbook-caddy.yml | 27 +++++++++++++++++++++++++++ playbook-configuration.yml | 20 -------------------- playbook-upgrade.yml | 8 ++++---- templates/Caddyfile.j2 | 35 +++++++---------------------------- 4 files changed, 38 insertions(+), 52 deletions(-) create mode 100644 playbook-caddy.yml diff --git a/playbook-caddy.yml b/playbook-caddy.yml new file mode 100644 index 0000000..d2a4112 --- /dev/null +++ b/playbook-caddy.yml @@ -0,0 +1,27 @@ +--- +- name: 'Install and configure Caddy server' + hosts: all + + vars_files: + - vars/ports.yml + - vars/vars.yml + + tasks: + + - name: 'Ensure networkd service is started (required by Caddy).' + ansible.builtin.systemd: + name: systemd-networkd + state: started + enabled: true + + - name: 'Install and configure Caddy server' + ansible.builtin.import_role: + name: caddy_ansible.caddy_ansible + vars: + caddy_github_token: '{{ caddy_vars.github_token }}' + caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}' + caddy_setcap: true + caddy_systemd_capabilities_enabled: true + caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE" + # Поменяй на true, чтобы обновить Caddy + caddy_update: false diff --git a/playbook-configuration.yml b/playbook-configuration.yml index 9e97258..81f62ff 100644 --- a/playbook-configuration.yml +++ b/playbook-configuration.yml @@ -7,26 +7,6 @@ tasks: - - name: 'Ensure networkd service is started (required by Caddy).' - systemd: - name: systemd-networkd - state: started - enabled: true - tags: - - webserver - - - import_role: - name: caddy_ansible.caddy_ansible - vars: - caddy_github_token: '{{ caddy_vars.github_token }}' - caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}' - caddy_update: False - caddy_setcap: True - caddy_systemd_capabilities_enabled: True - caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE" - tags: - - webserver - # Applications - import_role: diff --git a/playbook-upgrade.yml b/playbook-upgrade.yml index 8802c2e..e273304 100644 --- a/playbook-upgrade.yml +++ b/playbook-upgrade.yml @@ -10,18 +10,18 @@ - name: Perform an upgrade of packages ansible.builtin.apt: upgrade: 'yes' - update_cache: yes + update_cache: true - name: Check if a reboot is required ansible.builtin.stat: path: /var/run/reboot-required - get_checksum: no + get_checksum: false register: reboot_required_file - name: Reboot the server (if required) ansible.builtin.reboot: - when: reboot_required_file.stat.exists == true + when: reboot_required_file.stat.exists - name: Remove dependencies that are no longer required ansible.builtin.apt: - autoremove: yes + autoremove: true diff --git a/templates/Caddyfile.j2 b/templates/Caddyfile.j2 index ae5c87b..c21214d 100644 --- a/templates/Caddyfile.j2 +++ b/templates/Caddyfile.j2 @@ -7,18 +7,9 @@ } # ------------------------------------------------------------------- -# Proxy services +# Netdata service # ------------------------------------------------------------------- -vakhrushev.me { - tls anwinged@ya.ru - - reverse_proxy { - to 127.0.0.1:{{ homepage_port }} - } -} - -# NetData proxy status.vakhrushev.me, :29999 { tls anwinged@ya.ru @@ -31,27 +22,15 @@ status.vakhrushev.me, :29999 { } } -wiki.vakhrushev.me { +# ------------------------------------------------------------------- +# Applications +# ------------------------------------------------------------------- + +vakhrushev.me { tls anwinged@ya.ru reverse_proxy { - to 127.0.0.1:{{ wiki_port }} - } -} - -nomie.vakhrushev.me { - tls anwinged@ya.ru - - reverse_proxy { - to 127.0.0.1:{{ nomie_port }} - } -} - -nomie-db.vakhrushev.me { - tls anwinged@ya.ru - - reverse_proxy { - to 127.0.0.1:{{ nomie_db_port }} + to 127.0.0.1:{{ homepage_port }} } }