Switch from a custom caddy-dns/gandi image built on-host to the official caddy:2 image with per-host ACME HTTP-01 certificates. Removes the Dockerfile, env.j2 (Gandi token), on-host image build/ship/load tasks, the caddy-image Makefile target, and the wildcard DNS-01 Caddyfile. Each route now gets its own server block and automatic certificate. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
29 lines
741 B
YAML
29 lines
741 B
YAML
---
|
|
- name: Ensure the service directory exists
|
|
ansible.builtin.file:
|
|
path: "{{ reverse_proxy__base_dir }}"
|
|
state: directory
|
|
mode: "0750"
|
|
tags: [config]
|
|
|
|
- name: Render the Caddyfile
|
|
ansible.builtin.template:
|
|
src: Caddyfile.j2
|
|
dest: "{{ reverse_proxy__base_dir }}/Caddyfile"
|
|
mode: "0644"
|
|
notify: reload caddy
|
|
tags: [config]
|
|
|
|
- name: Render the compose file
|
|
ansible.builtin.template:
|
|
src: docker-compose.yml.j2
|
|
dest: "{{ reverse_proxy__base_dir }}/docker-compose.yml"
|
|
mode: "0644"
|
|
tags: [config]
|
|
|
|
- name: Bring the reverse proxy up
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{ reverse_proxy__base_dir }}"
|
|
state: present
|
|
when: reverse_proxy__manage | bool
|
|
tags: [deploy]
|