Use caddy instead of socat for http proxying

2026-03-15 22:30:36 +02:00
parent 77768e5483
commit 615c4013c1
8 changed files with 101 additions and 10 deletions
--- a/roles/caddy_socket_proxy/tasks/main.yaml
+++ b/roles/caddy_socket_proxy/tasks/main.yaml
@@ -0,0 +1,45 @@
+---
+- name: Create caddy socket proxy mount directories for {{ caddy_socket_proxy_service_name }}
+  ansible.builtin.file:
+    path: "{{ item.key }}"
+    state: directory
+    mode: "{{ item.value }}"
+  with_dict:
+    "/srv/{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy/": "0755"
+    "/srv/{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy/mounts": "0700"
+    "/srv/{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy/mounts/caddy": "0755"
+
+- name: Configure caddy socket proxy for {{ caddy_socket_proxy_service_name }}
+  ansible.builtin.template:
+    src: Caddyfile.j2
+    dest: "/srv/{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy/mounts/caddy/Caddyfile"
+    mode: "0644"
+  notify: Restart container service {{ caddy_socket_proxy_service_name }}-caddy-socket-proxy
+
+- name: Caddy socket proxy socket for {{ caddy_socket_proxy_service_name }}
+  ansible.builtin.import_role:
+    name: uumas.general.systemd_socket
+  vars:
+    systemd_socket_name: "{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy"
+    systemd_socket_requires:
+      - "{{ caddy_socket_proxy_target_container }}.service"
+
+- name: Caddy container for {{ caddy_socket_proxy_service_name }}
+  ansible.builtin.import_role:
+    name: container
+  vars:
+    container_name: "{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy"
+    container_image: "docker.io/library/caddy:2-alpine"
+    container_mounts:
+      - type: bind
+        source: "/srv/{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy/mounts/caddy"
+        destination: /etc/caddy
+        readonly: true
+    container_networks:
+      - name: "{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy"
+        ip: "{{ caddy_socket_proxy_container_ip }}"
+    container_requires:
+      - "{{ caddy_socket_proxy_service_name }}-caddy-socket-proxy.socket"
+      - "{{ caddy_socket_proxy_target_container }}.service"
+    container_auto_start: false
+    container_auto_update: "{{ caddy_socket_proxy_auto_update }}"