60 lines
2.2 KiB
YAML
60 lines
2.2 KiB
YAML
---
|
|
- name: Add caddy vhost config
|
|
ansible.builtin.blockinfile:
|
|
path: /etc/caddy/Caddyfile
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ vhost_id }}"
|
|
# yamllint disable rule:line-length
|
|
block: |
|
|
{{ vhost_domains | join(' ') }} {
|
|
{% for location in vhost_locations_all %}
|
|
handle {{ location.path }} {
|
|
{% for header in location.delete_headers %}
|
|
header -{{ header }}
|
|
{% endfor %}
|
|
{% for header in location.headers | dict2items %}
|
|
header {{ header.key }} `{{ header.value }}`
|
|
{% endfor %}
|
|
{% if location.basicauth %}
|
|
basicauth {
|
|
{% for user in location.basicauth_users | dict2items %}
|
|
{{ user.key }} {{ user.value }}
|
|
{% endfor %}
|
|
}
|
|
{% endif %}
|
|
{% if location.type == 'reverse_proxy' %}
|
|
reverse_proxy {
|
|
{% if location.proxy_target_netproto == 'tcp' %}
|
|
to tcp/{{ location.proxy_target_host }}:{{ location.proxy_target_port }}
|
|
{% else %}
|
|
to unix/{{ location.proxy_target_socket }}
|
|
{% endif %}
|
|
{% if location.proxy_target_protocol == 'https' %}
|
|
transport http {
|
|
tls
|
|
{% if location.proxy_target_host == 'localhost' %}
|
|
tls_insecure_skip_verify
|
|
{% endif %}
|
|
}
|
|
{% endif %}
|
|
}
|
|
{% for header in location.proxy_delete_headers %}
|
|
request_header -{{ header }}
|
|
{% endfor %}
|
|
{% elif location.type == 'redirect' %}
|
|
redir * {{ location.redirect_target }}{{ '{path}' if location.redirect_preserve_path }}{{ '?{query}' if location.redirect_preserve_query }} {{ location.redirect_type }}
|
|
{% elif location.type == 'respond' %}
|
|
{% if location.respond_content_type == 'json' %}
|
|
respond `{{ location.respond_content | to_json }}`
|
|
{% else %}
|
|
respond `{{ location.respond_content }}`
|
|
{% endif %}
|
|
{% endif %}
|
|
}
|
|
{% endfor %}
|
|
}
|
|
# yamllint enable rule:line-length
|
|
validate: 'caddy validate --config %s --adapter caddyfile'
|
|
backup: true
|
|
state: "{{ vhost_state }}"
|
|
notify: Reload caddy
|