135 lines
4.9 KiB
YAML
135 lines
4.9 KiB
YAML
---
|
|
# =============================================================================
|
|
# Shared Caddy Reverse Proxy Playbook
|
|
# =============================================================================
|
|
# Deploys single Caddy instance that proxies to Gitea and NetBird.
|
|
# Run AFTER deploying Gitea and NetBird (needs their networks).
|
|
#
|
|
# Prerequisites:
|
|
# 1. Gitea deployed (creates gitea_gitea network)
|
|
# 2. NetBird deployed (creates netbird_netbird network)
|
|
# 3. DNS records pointing to VPS
|
|
#
|
|
# Usage:
|
|
# ansible-playbook -i poc-inventory.yml playbook.yml
|
|
# =============================================================================
|
|
|
|
- name: Deploy Shared Caddy Reverse Proxy
|
|
hosts: caddy_servers
|
|
become: true
|
|
vars_files:
|
|
- group_vars/caddy_servers.yml
|
|
|
|
pre_tasks:
|
|
- name: Check if Gitea network exists
|
|
ansible.builtin.command:
|
|
cmd: docker network inspect {{ gitea_network }}
|
|
register: gitea_network_check
|
|
failed_when: false
|
|
changed_when: false
|
|
|
|
- name: Check if NetBird network exists
|
|
ansible.builtin.command:
|
|
cmd: docker network inspect {{ netbird_network }}
|
|
register: netbird_network_check
|
|
failed_when: false
|
|
changed_when: false
|
|
|
|
- name: Warn about missing networks
|
|
ansible.builtin.debug:
|
|
msg: |
|
|
WARNING: Some service networks don't exist yet.
|
|
Gitea network ({{ gitea_network }}): {{ 'EXISTS' if gitea_network_check.rc == 0 else 'MISSING - deploy Gitea first' }}
|
|
NetBird network ({{ netbird_network }}): {{ 'EXISTS' if netbird_network_check.rc == 0 else 'MISSING - deploy NetBird first' }}
|
|
|
|
Caddy will fail to start until both networks exist.
|
|
when: gitea_network_check.rc != 0 or netbird_network_check.rc != 0
|
|
|
|
tasks:
|
|
# =========================================================================
|
|
# Stop existing Caddy if running elsewhere
|
|
# =========================================================================
|
|
- name: Check for Caddy in Gitea deployment
|
|
ansible.builtin.stat:
|
|
path: /opt/gitea/docker-compose.yml
|
|
register: gitea_compose
|
|
|
|
- name: Stop Caddy in Gitea deployment
|
|
ansible.builtin.shell: |
|
|
cd /opt/gitea && docker compose stop caddy && docker compose rm -f caddy
|
|
when: gitea_compose.stat.exists
|
|
failed_when: false
|
|
changed_when: true
|
|
|
|
# =========================================================================
|
|
# Caddy Directory Structure
|
|
# =========================================================================
|
|
- name: Create Caddy directory
|
|
ansible.builtin.file:
|
|
path: "{{ caddy_base_dir }}"
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
# =========================================================================
|
|
# Deploy Configuration Files
|
|
# =========================================================================
|
|
- name: Deploy docker-compose.yml
|
|
ansible.builtin.template:
|
|
src: templates/docker-compose.yml.j2
|
|
dest: "{{ caddy_base_dir }}/docker-compose.yml"
|
|
mode: "0644"
|
|
|
|
- name: Deploy Caddyfile
|
|
ansible.builtin.template:
|
|
src: templates/Caddyfile.j2
|
|
dest: "{{ caddy_base_dir }}/Caddyfile"
|
|
mode: "0644"
|
|
register: caddyfile_changed
|
|
|
|
# =========================================================================
|
|
# Start Caddy
|
|
# =========================================================================
|
|
- name: Pull Caddy image
|
|
ansible.builtin.command:
|
|
cmd: docker compose pull
|
|
chdir: "{{ caddy_base_dir }}"
|
|
changed_when: true
|
|
|
|
- name: Start Caddy
|
|
ansible.builtin.command:
|
|
cmd: docker compose up -d
|
|
chdir: "{{ caddy_base_dir }}"
|
|
changed_when: true
|
|
|
|
- name: Reload Caddy config if changed
|
|
ansible.builtin.command:
|
|
cmd: docker compose exec caddy caddy reload --config /etc/caddy/Caddyfile
|
|
chdir: "{{ caddy_base_dir }}"
|
|
when: caddyfile_changed.changed
|
|
failed_when: false
|
|
changed_when: true
|
|
|
|
# =========================================================================
|
|
# Deployment Summary
|
|
# =========================================================================
|
|
- name: Display deployment status
|
|
ansible.builtin.debug:
|
|
msg: |
|
|
============================================
|
|
Shared Caddy Deployed!
|
|
============================================
|
|
|
|
Proxying:
|
|
- https://{{ gitea_domain }} -> gitea:{{ gitea_http_port }}
|
|
- https://{{ netbird_domain }} -> netbird services
|
|
|
|
============================================
|
|
|
|
View logs:
|
|
ssh root@{{ ansible_host }} "cd {{ caddy_base_dir }} && docker compose logs -f"
|
|
|
|
Reload config after changes:
|
|
ssh root@{{ ansible_host }} "cd {{ caddy_base_dir }} && docker compose exec caddy caddy reload --config /etc/caddy/Caddyfile"
|
|
|
|
============================================
|