From 6d2d305fd0113ee6501bee9653fb9c356f75be84 Mon Sep 17 00:00:00 2001
From: uumas <gitcommit@uumas.fi>
Date: Sun, 14 Sep 2025 03:02:59 +0300
Subject: [PATCH] caddy: Use firewalld

---
 roles/caddy/meta/main.yaml  |  3 ++-
 roles/caddy/tasks/main.yaml | 11 +++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/roles/caddy/meta/main.yaml b/roles/caddy/meta/main.yaml
index d322ec7..4ee7a8b 100644
--- a/roles/caddy/meta/main.yaml
+++ b/roles/caddy/meta/main.yaml
@@ -4,6 +4,7 @@ dependencies:
     vars:
       compatcheck_supported_distributions:
         - name: debian
-          version_min: 11
+          version_min: 12
         - name: ubuntu
           version_min: 22
+  - role: uumas.general.firewalld
diff --git a/roles/caddy/tasks/main.yaml b/roles/caddy/tasks/main.yaml
index 925e37f..4081537 100644
--- a/roles/caddy/tasks/main.yaml
+++ b/roles/caddy/tasks/main.yaml
@@ -41,3 +41,14 @@
     validate: 'caddy validate --config %s --adapter caddyfile'
     backup: true
   notify: Reload caddy
+
+- name: Open ports for caddy
+  ansible.posix.firewalld:
+    service: "{{ item }}"
+    state: enabled
+    permanent: true
+    immediate: true
+  loop:
+    - http
+    - https
+    - http3