Add a vhost role

docs/all.md

@@ -9,6 +9,6 @@ admin_email: 'admin@domain.tld'
 These variables are used by multiple roles and have the following default values:
 
 ```
-reverse_proxy_type: caddy # Allowed values: caddy, none
+web_server: caddy # Allowed values: caddy, none
 ```
 

docs/vhost.md

@@ -0,0 +1,44 @@
+# Required variables
+These variables are required for this role to function. Example values provided
+
+```
+vhost_id: myservice # A unique identifier for this vhost. Not visible to end users.
+vhost_type: reverse_proxy # Supported values: reverse_proxy, redirect
+vhost_domains:
+  - www.domain.tld
+  - domain.tld
+```
+
+# Optional variables
+These variables have the following default values.
+
+```
+web_server: caddy # Supported values: caddy, none
+```
+
+# Variables specific to vhost type
+## reverse\_proxy
+
+Required:
+```
+proxy_target_port: 8080
+```
+
+Optional:
+```
+proxy_target_host: localhost
+proxy_target_protocol: http
+```
+
+## redirect
+
+Required:
+```
+redirect_target: https://www.domain.tld/location
+```
+
+Optional:
+```
+redirect_type: temporary # Supported values: temporary, permanent
+```
+

roles/vhost/README.md

@@ -0,0 +1 @@
+Sets up a vhost on web server defined by the `web_server` variable

roles/vhost/meta/argument_specs.yml

@@ -0,0 +1,52 @@
+---
+
+argument_specs:
+  main:
+    short_description: Sets up a vhost
+    options:
+      vhost_id:
+        description: A unique identifier for this vhost. Not visible to end users.
+        type: str
+        required: true
+      vhost_type:
+        type: str
+        required: true
+        choices:
+          - reverse_proxy
+          - redirect
+      vhost_domains:
+        type: list
+        required: true
+        elements: str
+      web_server:
+        description: Defines which server software to use for vhost. This role does nothing if set to none
+        type: str
+        required: false
+        default: caddy
+        choices:
+          - caddy
+          - none
+
+      proxy_target_port:
+        description: Required and only applicable if vhost_type is reverse_proxy
+        type: int
+      proxy_target_host:
+        description: Only applicable if vhost_type is reverse_proxy
+        type: str
+        default: localhost
+      proxy_target_protocol:
+        description: Only applicable if vhost_type is reverse_proxy
+        type: str
+        default: http
+
+      redirect_target:
+        description: "Required and only applicable if vhost_type is redirect. Example: https://www.domain.tld/location"
+        type: str
+      redirect type:
+        description: Only applicable if vhost_type is reverse_proxy
+        type: str
+        default: temporary
+        choices:
+          - temporary
+          - permanent
+

roles/vhost/meta/main.yml

@@ -0,0 +1,6 @@
+---
+
+dependencies:
+  - role: caddy
+    when: web_server == 'caddy'
+

roles/vhost/tasks/caddy.yml

@@ -0,0 +1,25 @@
+---
+
+- name: Add caddy vhost config
+  blockinfile:
+    path: /etc/caddy/Caddyfile
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ vhost_id }}"
+    block: |
+      {{ vhost_domains | join(' ') }} {
+      {% if vhost_type == 'reverse_proxy' %}
+        reverse_proxy {{ proxy_target_protocol }}://{{ proxy_target_host }}:{{ proxy_target_port }} {
+        {% if proxy_target_protocol == 'https' and proxy_target_host == 'localhost' %}
+          transport http {
+            tls_insecure_skip_verify
+          }
+        {% endif %}
+        }
+      {% endif %}
+      {% if vhost_type == 'redirect' %}
+        redir {{ redirect_target }} {{ redirect_type }}
+      {% endif %}
+      }
+    validate: 'caddy validate --config %s --adapter caddyfile'
+    backup: true
+  notify: reload caddy
+

roles/vhost/tasks/main.yml

@@ -0,0 +1,6 @@
+---
+
+
+- name: "Setup {{ vhost_id }} vhost on {{ web_server }}"
+  include_tasks: "{{ web_server }}.yml"
+  when: web_server != 'none'

roles/vhost/vars/main.yml

@@ -0,0 +1,8 @@
+---
+
+web_server: caddy
+
+proxy_target_protocol: http
+proxy_target_host: localhost
+
+redirect_type: temporary