av/pet-project-server
1
0
Fork 0
Code Pull Requests Actions Activity
Files
3b1736534d951961e637428cce5ca8ba6ccca650
pet-project-server/playbook-caddyproxy.yml
T
av 4d92b3bd3e
Linting / YAML Lint (push) Successful in 10s
Details
Linting / Ansible Lint (push) Failing after 33s
Details
GoAccess: add for caddy logs monitoring
2026-04-29 20:10:08 +03:00

112 lines
3.3 KiB
YAML
Raw Blame History

---
- name: "Configure caddy reverse proxy service"
hosts: all
vars_files:
- vars/secrets.yml
- vars/vars.yml
vars:
app_name: "caddyproxy"
app_user: "{{ app_name }}"
app_owner_uid: 1010
app_owner_gid: 1011
base_dir: "{{ (application_dir, app_name) | path_join }}"
data_dir: "{{ (base_dir, 'data') | path_join }}"
config_dir: "{{ (base_dir, 'config') | path_join }}"
caddy_file_dir: "{{ (base_dir, 'caddy_file') | path_join }}"
service_name: "{{ app_name }}"
tasks:
- name: "Create user and environment"
ansible.builtin.import_role:
name: owner
vars:
owner_name: "{{ app_user }}"
owner_uid: "{{ app_owner_uid }}"
owner_gid: "{{ app_owner_gid }}"
owner_extra_groups: ["docker"]
- name: "Create internal application directories"
ansible.builtin.file:
path: "{{ item }}"
state: "directory"
owner: "{{ app_user }}"
group: "{{ app_user }}"
mode: "0770"
loop:
- "{{ base_dir }}"
- "{{ data_dir }}"
- "{{ config_dir }}"
- "{{ caddy_file_dir }}"
# Shared HTTP access log directory: caddy writes here, other
# containers (goaccess, etc.) mount it read-only. Dir mode 0755
# so anyone can list/read; the file mode itself comes from the
# `mode 644` option in the Caddyfile log snippet.
- name: "Create shared caddy logs directory"
ansible.builtin.file:
path: "{{ caddy_logs_dir }}"
state: "directory"
owner: "{{ app_user }}"
group: "{{ app_user }}"
mode: "0755"
- name: "Find pre-existing caddy log files"
ansible.builtin.find:
paths: "{{ caddy_logs_dir }}"
file_type: "file"
register: caddy_log_files
# Lumberjack created earlier files with 0600 before we set `mode`
# in the Caddyfile; relax them so existing rotated archives stay
# readable to consumers.
- name: "Relax mode on pre-existing caddy log files"
ansible.builtin.file:
path: "{{ item.path }}"
mode: "0644"
loop: "{{ caddy_log_files.files }}"
loop_control:
label: "{{ item.path }}"
- name: "Copy caddy file"
ansible.builtin.template:
src: "./files/{{ app_name }}/Caddyfile.j2"
dest: "{{ (caddy_file_dir, 'Caddyfile') | path_join }}"
owner: "{{ app_user }}"
group: "{{ app_user }}"
mode: "0640"
- name: "Copy docker compose file"
ansible.builtin.template:
src: "./files/{{ app_name }}/docker-compose.yml.j2"
dest: "{{ base_dir }}/docker-compose.yml"
owner: "{{ app_user }}"
group: "{{ app_user }}"
mode: "0640"
- name: "Run application with docker compose"
community.docker.docker_compose_v2:
project_src: "{{ base_dir }}"
state: "present"
remove_orphans: true
tags:
- run-app
# - name: "Reload caddy"
# community.docker.docker_compose_v2_exec:
# project_src: '{{ base_dir }}'
# service: "{{ service_name }}"
# command: caddy reload --config /etc/caddy/Caddyfile
# tags:
# - run-app
- name: "Restart application with docker compose"
community.docker.docker_compose_v2:
project_src: "{{ base_dir }}"
state: "restarted"
tags:
- run-app
View Git Blame Copy Permalink