Add systemd role for restarting multiple services in same transaction

roles/borgmatic/tasks/target.yaml

@@ -7,7 +7,7 @@
 
 - name: Add ssh key to authorized_keys
   ansible.posix.authorized_key:
-    user: "{{ hostvars[target.host].ansible_user_id }}"
+    user: "{{ hostvars[target.host].ansible_facts.user_id }}"
     key: >-
       {{
         _borgmatic_key.public_key + ' ' + _borgmatic_key.comment
@@ -22,7 +22,7 @@
 
 - name: Create backup directories
   ansible.builtin.file:
-    path: "{{ hostvars[target.host].ansible_user_dir }}/{{ item }}/{{ ansible_fqdn }}"
+    path: "{{ hostvars[target.host].ansible_facts.user_dir }}/{{ item }}/{{ ansible_facts.fqdn }}"
     state: directory
     mode: "0700"
   loop: "{{ target.directories }}"

roles/caddy/tasks/main.yaml

@@ -4,6 +4,14 @@
     path: /etc/apt/sources.list.d/caddy-stable.list
     state: absent
 
+- name: Ensure caddy apt repository not present
+  ansible.builtin.file:
+    path: /etc/apt/sources.list.d/caddy-stable.list
+    state: absent
+  when: >
+    (ansible_facts.distribution == 'Debian' and ansible_facts.distribution_major_version | int > 11) or
+    (ansible_facts.distribution == 'Ubuntu' and ansible_facts.distribution_major_version | int >= 24)
+
 - name: Add caddy apt repository
   ansible.builtin.deb822_repository:
     name: caddy-stable
@@ -13,8 +21,8 @@
     components:
       - main
   when: >
-    (ansible_distribution == 'Debian' and ansible_distribution_major_version | int == 11) or
+    (ansible_facts.distribution == 'Debian' and ansible_facts.distribution_major_version | int == 11) or
-    (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version | int < 24)
+    (ansible_facts.distribution == 'Ubuntu' and ansible_facts.distribution_major_version | int < 24)
 
 - name: Install caddy
   ansible.builtin.apt:

roles/locale/tasks/main.yaml

@@ -1,5 +1,5 @@
 ---
-- name: Include variables for os family {{ ansible_os_family }}
+- name: Include variables for os family {{ ansible_facts.os_family }}
   ansible.builtin.include_vars: "{{ ansible_facts.os_family }}.yaml"
 
 - name: Install locales package

roles/systemd/defaults/main.yaml

@@ -0,0 +1,2 @@
+---
+systemd_restart_units: []

roles/systemd/handlers/main.yaml

@@ -0,0 +1,14 @@
+---
+- name: Reload systemd daemon
+  ansible.builtin.systemd_service:
+    daemon_reload: true
+
+- name: Apply systemd unit restarts # noqa: command-instead-of-module
+  ansible.builtin.command:
+    cmd: systemctl restart {{ systemd_restart_units | join(' ') }}
+  changed_when: true
+
+- name: Reset systemd restart units
+  listen: Apply systemd units restart
+  ansible.builtin.set_fact:
+    systemd_restart_units: []

roles/vhost/defaults/main.yaml

@@ -6,6 +6,7 @@ vhost_web_server: caddy
 
 vhost_locations: []
 vhost_headers: {}
+vhost_find_replace_headers: []
 vhost_delete_headers: []
 
 vhost_basicauth: false

roles/vhost/meta/argument_specs.yaml

@@ -46,6 +46,25 @@ argument_specs:
         type: dict
         required: false
         default: {}
+      vhost_find_replace_headers:
+        description: Response headers to find and replace
+        type: list
+        elements: dict
+        required: false
+        default: []
+        options:
+          header:
+            description: Header to modify
+            type: str
+            required: true
+          find:
+            description: Header content to find
+            type: str
+            required: true
+          replace:
+            description: Content to replace matching headers with
+            type: str
+            required: true
       vhost_delete_headers:
         description: List of reponse headers to delete
         type: list
@@ -242,6 +261,25 @@ argument_specs:
             type: dict
             required: false
             default: "{{ vhost_headers }}"
+          find_replace_headers:
+            description: Response headers to find and replace
+            type: list
+            elements: dict
+            required: false
+            default: "{{ vhost_find_replace_headers }}"
+            options:
+              header:
+                description: Header to modify
+                type: str
+                required: true
+              find:
+                description: Header content to find
+                type: str
+                required: true
+              replace:
+                description: Content to replace matching headers with
+                type: str
+                required: true
           delete_headers:
             description: List of response headers to delete
             type: list
@@ -414,6 +452,25 @@ argument_specs:
             type: dict
             required: false
             default: "{{ vhost_headers }}"
+          find_replace_headers:
+            description: Response headers to find and replace
+            type: list
+            elements: dict
+            required: false
+            default: "{{ vhost_find_replace_headers }}"
+            options:
+              header:
+                description: Header to modify
+                type: str
+                required: true
+              find:
+                description: Header content to find
+                type: str
+                required: true
+              replace:
+                description: Content to replace matching headers with
+                type: str
+                required: true
           delete_headers:
             description: List of response headers to delete
             type: list
@@ -610,6 +667,24 @@ argument_specs:
                 description: Dict of response headers and their values
                 type: dict
                 required: false
+              find_replace_headers:
+                description: Response headers to find and replace
+                type: list
+                elements: dict
+                required: false
+                options:
+                  header:
+                    description: Header to modify
+                    type: str
+                    required: true
+                  find:
+                    description: Header content to find
+                    type: str
+                    required: true
+                  replace:
+                    description: Content to replace matching headers with
+                    type: str
+                    required: true
               delete_headers:
                 description: List of response headers to delete
                 type: list

roles/vhost/templates/Caddyfile_block.j2

@@ -22,6 +22,12 @@
           {% for header in matcher.delete_headers %}
             header -{{ header }}
           {% endfor %}
+          {% for header in matcher.find_replace_headers %}
+            header {
+                {{ header.header }} `^{{ header.find }}$` `{{ header.replace }}`
+                defer
+            }
+          {% endfor %}
           {% for header in matcher.headers | dict2items %}
             header {{ header.key }} `{{ header.value }}`
           {% endfor %}

roles/vhost/vars/main.yaml

@@ -13,6 +13,7 @@ _vhost_matchers: >-
 _vhost_location_defaults:
   type: "{{ vhost_type }}"
   headers: "{{ vhost_headers }}"
+  find_replace_headers: "{{ vhost_find_replace_headers }}"
   delete_headers: "{{ vhost_delete_headers }}"
 
   basicauth: "{{ vhost_basicauth }}"