# vim: ft=yaml.ansible
---
- name: Create Caddy volume directories
  ansible.builtin.file:
    name: "{{ services.caddy.volume }}/{{ dir }}"
    owner: root
    mode: u=rwx,g=rx,o=rx
    state: directory
  loop:
    - config
    - data
  loop_control:
    loop_var: dir

- name: Copy Caddyfile
  ansible.builtin.template:
    src: Caddyfile.j2
    dest: "{{ services.caddy.volume }}/Caddyfile"
    owner: root
    mode: u=rw,g=r,o=r

- name: Copy caddy.Dockerfile
  ansible.builtin.template:
    src: caddy.Dockerfile.j2
    dest: "{{ services.caddy.volume }}/caddy.Dockerfile"
    owner: root
    mode: u=rw,g=r,o=r
  register: dockerfile
  notify: Build Caddy Docker image

- name: Flush handlers
  ansible.builtin.meta: flush_handlers

- name: Deploy Caddy Docker container
  community.docker.docker_container:
    name: caddy
    state: "{{ 'absent' if down is defined and down else 'started' }}"
    restart: "{{ restart is defined and restart }}"
    recreate: "{{ dockerfile.changed or (recreate is defined and recreate) }}"
    image: custom/caddy:{{ services.caddy.version }}-alpine
    restart_policy: always
    default_host_ip: ''
    networks:
      - name: services
        ipv4_address: 172.16.3.2
    published_ports:
      - 80:80/tcp
      - 443:443/tcp
      - 443:443/udp
      - 18089:18089/tcp
    volumes:
      - "{{ services.caddy.volume }}/Caddyfile:/etc/caddy/Caddyfile:ro"
      - "{{ services.caddy.volume }}/config:/config:rw"
      - "{{ services.caddy.volume }}/data:/data:rw"
    capabilities:
      - net_bind_service
      - dac_override
    cap_drop:
      - all