# vim: ft=yaml.ansible
---
- name: Create Caddy volume directories
  file:
    name: "{{ services.caddy.volume }}/{{ dir }}"
    owner: root
    mode: u=rwx,g=rx,o=rx
    state: directory
  loop:
    - config
    - data
  loop_control:
    loop_var: dir

- name: Copy Caddyfile
  template:
    src: Caddyfile.j2
    dest: "{{ services.caddy.volume }}/Caddyfile"
    owner: root
    mode: u=rw,g=r,o=r

- name: Deploy Caddy Docker container
  docker_container:
    name: caddy
    image: caddy:{{ services.caddy.version }}
    restart_policy: unless-stopped
    networks:
      - name: services
        ipv4_address: 172.16.0.2
    published_ports:
      - 80:80/tcp
      - 443:443/tcp
    volumes:
      - "{{ services.caddy.volume }}/Caddyfile:/etc/caddy/Caddyfile:ro"
      - "{{ services.caddy.volume }}/config:/config:rw"
      - "{{ services.caddy.volume }}/data:/data:rw"
    capabilities:
      - net_bind_service
      - dac_override
    cap_drop:
      - all