sjat/boma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix(reverse_proxy): plain {% %} tags so the Caddyfile renders under ansible trim_blocks

Browse source 
The tls-internal/acme_ca knobs used {%- -%} trims validated only against raw jinja2; ansible (trim_blocks=True) double-stripped newlines and collapsed the Caddyfile onto single lines, crash-looping caddy. Match the role's existing plain {% %} style.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
sjat 2026-06-18 16:35:15 +02:00
parent 941141e270
commit 83983d739c
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
roles/reverse_proxy/templates/Caddyfile.j2
View file

@ -1,9 +1,9 @@
# {{ ansible_managed }} # {{ ansible_managed }}
{ {
email {{ reverse_proxy__acme_email }} email {{ reverse_proxy__acme_email }}
{%- if reverse_proxy__acme_ca %} {% if reverse_proxy__acme_ca %}
acme_ca {{ reverse_proxy__acme_ca }} acme_ca {{ reverse_proxy__acme_ca }}
{%- endif %} {% endif %}
{% if reverse_proxy__acme_dns_provider == 'gandi' %} {% if reverse_proxy__acme_dns_provider == 'gandi' %}
# ACME DNS-01 via Gandi (mesh/LAN-only hosts, incl. wildcard certs). Token is the # ACME DNS-01 via Gandi (mesh/LAN-only hosts, incl. wildcard certs). Token is the
# Gandi PAT, injected from the env file as a Bearer token (ADR-024). Needs the custom # Gandi PAT, injected from the env file as a Bearer token (ADR-024). Needs the custom
@ -13,9 +13,9 @@
} }
{% for r in reverse_proxy__routes %} {% for r in reverse_proxy__routes %}
{{ r['host'] }} { {{ r['host'] }} {
{%- if reverse_proxy__tls_internal %} {% if reverse_proxy__tls_internal %}
tls internal tls internal
{%- endif %} {% endif %}
{% if r['caddy'] is defined %} {% if r['caddy'] is defined %}
{{ r['caddy'] | trim | indent(2, first=true) }} {{ r['caddy'] | trim | indent(2, first=true) }}
{% elif r['upstream'] is defined %} {% elif r['upstream'] is defined %}