uumas/ansible-general
1
0
Fork 0
Code Issues 5 Pull Requests Projects Releases Wiki Activity

vhost: Make caddy config use template. Also fix whitespace.

Browse Source
This commit is contained in:
uumas
2025-04-05 02:59:47 +03:00
parent cebe1eb957
commit 6234c0c459
2 changed files with 49 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
roles/vhost/tasks/caddy.yaml
View File

@@ -3,56 +3,7 @@
ansible.builtin.blockinfile: ansible.builtin.blockinfile:
path: /etc/caddy/Caddyfile path: /etc/caddy/Caddyfile
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ vhost_id }}" marker: "# {mark} ANSIBLE MANAGED BLOCK {{ vhost_id }}"
# yamllint disable rule:line-length block: "{{ lookup('ansible.builtin.template', 'Caddyfile_block.j2') }}"
block: |
{{ vhost_domains | join(' ') }} {
{% for location in _vhost_locations_complete %}
handle {{ location.path }} {
{% for header in location.delete_headers %}
header -{{ header }}
{% endfor %}
{% for header in location.headers | dict2items %}
header {{ header.key }} `{{ header.value }}`
{% endfor %}
{% if location.basicauth %}
basicauth {
{% for user in location.basicauth_users | dict2items %}
{{ user.key }} {{ user.value }}
{% endfor %}
}
{% endif %}
{% if location.type == 'reverse_proxy' %}
reverse_proxy {
{% if location.proxy_target_netproto == 'tcp' %}
to tcp/{{ location.proxy_target_host }}:{{ location.proxy_target_port }}
{% else %}
to unix/{{ location.proxy_target_socket }}
{% endif %}
{% if location.proxy_target_protocol == 'https' %}
transport http {
tls
{% if location.proxy_target_host == 'localhost' %}
tls_insecure_skip_verify
{% endif %}
}
{% endif %}
}
{% for header in location.proxy_delete_headers %}
request_header -{{ header }}
{% endfor %}
{% elif location.type == 'redirect' %}
redir * {{ location.redirect_target }}{{ '{path}' if location.redirect_preserve_path }}{{ '?{query}' if location.redirect_preserve_query }} {{ location.redirect_type }}
{% elif location.type == 'respond' %}
{% if location.respond_content_type == 'json' %}
respond `{{ location.respond_content | to_json }}`
{% else %}
respond `{{ location.respond_content }}`
{% endif %}
{% endif %}
}
{% endfor %}
}
# yamllint enable rule:line-length
validate: 'caddy validate --config %s --adapter caddyfile' validate: 'caddy validate --config %s --adapter caddyfile'
backup: true backup: true
state: "{{ vhost_state }}" state: "{{ vhost_state }}"

48
roles/vhost/templates/Caddyfile_block.j2 Normal file
View File

@@ -0,0 +1,48 @@
#jinja2: lstrip_blocks: True
{{ vhost_domains | join(' ') }} {
{% for location in _vhost_locations_complete %}
handle {{ location.path }} {
{% for header in location.delete_headers %}
header -{{ header }}
{% endfor %}
{% for header in location.headers | dict2items %}
header {{ header.key }} `{{ header.value }}`
{% endfor %}
{% if location.basicauth %}
basicauth {
{% for user in location.basicauth_users | dict2items %}
{{ user.key }} {{ user.value }}
{% endfor %}
}
{% endif %}
{% if location.type == 'reverse_proxy' %}
reverse_proxy {
{% if location.proxy_target_netproto == 'tcp' %}
to tcp/{{ location.proxy_target_host }}:{{ location.proxy_target_port }}
{% else %}
to unix/{{ location.proxy_target_socket }}
{% endif %}
{% if location.proxy_target_protocol == 'https' %}
transport http {
tls
{% if location.proxy_target_host == 'localhost' %}
tls_insecure_skip_verify
{% endif %}
}
{% endif %}
{% for header in location.proxy_delete_headers %}
header_up -{{ header }}
{% endfor %}
}
{% elif location.type == 'redirect' %}
redir * {{ location.redirect_target }}{{ '{path}' if location.redirect_preserve_path }}{{ '?{query}' if location.redirect_preserve_query }} {{ location.redirect_type }}
{% elif location.type == 'respond' %}
{% if location.respond_content_type == 'json' %}
respond `{{ location.respond_content | to_json }}`
{% else %}
respond `{{ location.respond_content }}`
{% endif %}
{% endif %}
}
{% endfor %}
}