lab-ansible/roles/docker_services/tasks/services/caddy.yml
2023-10-29 01:00:05 +02:00

60 lines
1.6 KiB
YAML

# vim: ft=yaml.ansible
---
- name: Create Caddy volume directories
ansible.builtin.file:
name: "{{ services.caddy.volume }}/{{ dir }}"
owner: root
mode: u=rwx,g=rx,o=rx
state: directory
loop:
- config
- data
loop_control:
loop_var: dir
- name: Copy Caddyfile
ansible.builtin.template:
src: Caddyfile.j2
dest: "{{ services.caddy.volume }}/Caddyfile"
owner: root
mode: u=rw,g=r,o=r
- name: Copy caddy.Dockerfile
ansible.builtin.template:
src: caddy.Dockerfile.j2
dest: "{{ services.caddy.volume }}/caddy.Dockerfile"
owner: root
mode: u=rw,g=r,o=r
register: dockerfile
notify: Build Caddy Docker image
- name: Flush handlers
ansible.builtin.meta: flush_handlers
- name: Deploy Caddy Docker container
community.docker.docker_container:
name: caddy
state: "{{ 'absent' if down is defined and down else 'started' }}"
restart: "{{ restart is defined and restart }}"
recreate: "{{ dockerfile.changed or (recreate is defined and recreate) }}"
image: custom/caddy:{{ services.caddy.version }}-alpine
restart_policy: always
default_host_ip: ''
networks:
- name: services
ipv4_address: 172.16.3.2
published_ports:
- 80:80/tcp
- 443:443/tcp
- 443:443/udp
- 18089:18089/tcp
volumes:
- "{{ services.caddy.volume }}/Caddyfile:/etc/caddy/Caddyfile:ro"
- "{{ services.caddy.volume }}/config:/config:rw"
- "{{ services.caddy.volume }}/data:/data:rw"
capabilities:
- net_bind_service
- dac_override
cap_drop:
- all