more modular reverse proxy config

roles/reverse_proxy/defaults/main.yml

@@ -1,3 +1,5 @@
 ---
 
 reverse_proxy_type: caddy
+proxy_target_protocol: http
+proxy_target_host: localhost

roles/reverse_proxy/tasks/caddy.yml

@@ -6,7 +6,13 @@
     marker: "# {mark} ANSIBLE MANAGED BLOCK {{ vhost_id }}"
     block: |
       {{ vhost_domains | join(' ') }} {
-        reverse_proxy {{ proxy_target }}
+        reverse_proxy {{ proxy_target_protocol }}://{{ proxy_target_host }}:{{ proxy_target_port }} {
+        {% if proxy_target_protocol == 'https' and proxy_target_host == 'localhost' %}
+          transport http {
+            tls_insecure_skip_verify
+          }
+        {% endif %}
+        }
       }
     validate: 'caddy validate --config %s --adapter caddyfile'
     backup: true

roles/reverse_proxy/tasks/main.yml

@@ -1,5 +1,20 @@
 ---
 
+- block:
+  - name: Split legacy proxy_target to protocol, host and port
+    set_fact:
+      proxy_target_split_protocol: "{{ proxy_target.split('://') }}"
+      proxy_target_split_host: "{{ (proxy_target_split_protocol | last).split(':') }}"
+      proxy_target_host: "{{ proxy_target_split_host[0] }}"
+      proxy_target_port: "{{ proxy_target_split_host[1] }}"
+
+  - name: Set proxy_target_protocol based on proxy_target
+    set_fact:
+      proxy_target_protocol: "{{ proxy_target_split_protocol[0] }}"
+    when: proxy_target_split_protocol | length == 2
+
+  when: proxy_target is defined and proxy_target_port is not defined
+
 - name: Setup {{ vhost_id }} reverse proxy
   include_tasks: "{{ reverse_proxy_type }}.yml"
   when: reverse_proxy_type != 'none'