vhost: add support for locations, headers, and responds

roles/vhost/tasks/caddy.yml

@@ -6,18 +6,30 @@
     marker: "# {mark} ANSIBLE MANAGED BLOCK {{ vhost_id }}"
     block: |
       {{ vhost_domains | join(' ') }} {
-      {% if vhost_type == 'reverse_proxy' %}
-        reverse_proxy {{ proxy_target_protocol }}://{{ proxy_target_host }}:{{ proxy_target_port }} {
-        {% if proxy_target_protocol == 'https' and proxy_target_host == 'localhost' %}
-          transport http {
-            tls_insecure_skip_verify
+        {% for location in vhost_locations_all %}
+        handle {{ location.path }} {
+          {% for header in location.headers | dict2items %}
+          header {{ header.key }} `{{ header.value }}`
+          {% endfor %}
+          {% if location.type == 'reverse_proxy' %}
+          reverse_proxy {{ location.proxy_target_protocol }}://{{ location.proxy_target_host }}:{{ location.proxy_target_port }} {
+            {% if location.proxy_target_protocol == 'https' and location.proxy_target_host == 'localhost' %}
+            transport http {
+              tls_insecure_skip_verify
+            }
+            {% endif %}
           }
-        {% endif %}
+          {% elif location.type == 'redirect' %}
+          redir {{ location.redirect_target }}{{ '{uri}' if location.redirect_preserve_path }} {{ location.redirect_type }}
+          {% elif location.type == 'respond' %}
+          {% if location.respond_content_type == 'json' %}
+          respond `{{ location.respond_content | to_json }}`
+          {% else %}
+          respond `{{ location.respond_content }}`
+          {% endif %}
+          {% endif %}
         }
-      {% endif %}
-      {% if vhost_type == 'redirect' %}
-        redir {{ redirect_target }} {{ redirect_type }}
-      {% endif %}
+        {% endfor %}
       }
     validate: 'caddy validate --config %s --adapter caddyfile'
     backup: true

roles/vhost/tasks/main.yml

@@ -1,6 +1,44 @@
 ---
 
+- name: Fail if redirect_target is a relative path and redirect_preserve_path is true
+  fail:
+    msg: redirect_target must be an absolute url or absolute path if redirect_preserve_path is true
+  when:
+    - redirect_preserve_path
+    - redirect_target.split('://') | length < 2
+    - not redirect_target.startswith('/')
 
-- name: "Setup {{ vhost_id }} vhost on {{ web_server }}"
+- name: Fail if redirect_tartget ends with / and redirect_preserve_path is true
+  fail:
+    msg: redirect_target must not end with / if redirect_preserve_path is true
+  when:
+    - redirect_preserve_path
+    - redirect_target.endswith('/')
+
+- name: Reset vhost_locations_all
+  set_fact:
+    vhost_locations_all: []
+- name: Set vhost_locations_all reverse proxies
+  set_fact:
+    vhost_locations_all: >
+      {{ vhost_locations_all + [{
+      'path': item.path,
+      'type': item.type | default(vhost_type),
+      'headers': item.headers | default(vhost_headers),
+
+      'proxy_target_port': item.proxy_target_port | default(proxy_target_port if vhost_type == 'reverse_proxy' else ''),
+      'proxy_target_host': item.proxy_target_host | default(proxy_target_host),
+      'proxy_target_protocol': item.proxy_target_protocol | default(proxy_target_protocol),
+
+      'redirect_target': item.redirect_target | default(redirect_target if vhost_type == 'redirect' else ''),
+      'redirect_preserve_path': item.redirect_preserve_path | default(redirect_preserve_path),
+      'redirect_type': item.redirect_type | default(redirect_type),
+
+      'respond_content': item.respond_content | default(respond_content if vhost_type == 'respond' else ''),
+      'respond_content_type': item.respond_content_type | default(respond_content_type)
+      }] }}
+  loop: "{{ vhost_locations + [{'path': ''}] }}"
+
+- name: "Setup {{ vhost_id + ' vhost on ' + web_server }}"
   include_tasks: "{{ web_server }}.yml"
   when: web_server != 'none'