Improve ansible stuff and prepare caddy

_ansible/README.md

@@ -0,0 +1,13 @@
+# Ansible project to deploy services
+
+## Variables
+
+### CLI variable overwrites
+
+#### force_gitea_runner_registration
+`-e force_gitea_runner_registration=True`  
+Force gitea-runner to prompt a new registration token.
+
+#### docker_update
+`-e docker_update=True`  
+Pull and build the docker compose services

_ansible/inventory/group_vars/all/main.yml

@@ -11,3 +11,4 @@ mailer:
 
 services_path: /opt/services/
 caddy_config_path: "{{ (services_path, 'caddy', 'config', 'conf.d') | path_join }}"
+managed_sites: []

_ansible/local-dev.yml

@@ -14,3 +14,5 @@
     - umami
     - watchtower
     - wiki-js
+
+    - caddy

_ansible/roles/caddy/tasks/clean-sites.yml

@@ -0,0 +1,11 @@
+- name: Find caddy site configs, but exclude managed sites
+  ansible.builtin.find:
+    paths: "{{ caddy_config_path }}"
+    excludes: "{{ managed_sites | default([]) }}"
+  register: files_to_delete
+
+- name: Remove unmanaged sites
+  file:
+    path: "{{ item.path }}"
+    state: absent
+  with_items: "{{ files_to_delete.files }}"

_ansible/roles/caddy/tasks/main.yml

@@ -0,0 +1,11 @@
+---
+- name: Deploy {{ svc.name }}
+  tags:
+    - caddy
+    - reverse_proxy
+    - webserver
+  block:
+    - import_tasks: deploy-common-service.yml
+
+    - import_tasks: clean-sites.yml
+    - import_tasks: reload-caddy.yml

_ansible/roles/caddy/tasks/reload-caddy.yml

@@ -0,0 +1,16 @@
+- name: Check caddy configuration
+  ansible.builtin.command:
+    cmd: docker compose exec app sh -c "caddy validate --config /etc/caddy/Caddyfile"
+    chdir: "{{ service_path }}"
+  when: "'local-dev' != inventory_hostname"
+  register: cmd_result
+  changed_when: false
+
+- name: Reload caddy configuration
+  ansible.builtin.command:
+    cmd: docker compose exec app sh -c "caddy reload --config /etc/caddy/Caddyfile"
+    chdir: "{{ service_path }}"
+  when:
+    - "'local-dev' != inventory_hostname"
+    - cmd_result.rc == 0
+  changed_when: true # TODO find a way to detect changes

_ansible/tasks/deploy-common-service.yml

@@ -1,5 +1,6 @@
 - import_tasks: steps/create-service-directory.yml
 - import_tasks: steps/template-docker-compose.yml
 - import_tasks: steps/template-service-env.yml
-- import_tasks: steps/template-site-config.yml
+- include_tasks: steps/template-site-config.yml
+  when: svc.domain is defined
 - import_tasks: steps/start-service.yml

_ansible/tasks/steps/start-service.yml

@@ -1,3 +1,25 @@
+- name: Build service
+  ansible.builtin.command:
+    cmd: docker compose build --pull
+    chdir: "{{ service_path }}"
+  when:
+    - "'local-dev' != inventory_hostname"
+    - docker_update is defined
+    - docker_update
+  register: cmd_result
+  changed_when: True
+
+- name: Pull service
+  ansible.builtin.command:
+    cmd: docker compose pull --ignore-buildable
+    chdir: "{{ service_path }}"
+  when:
+    - "'local-dev' != inventory_hostname"
+    - docker_update is defined
+    - docker_update
+  register: cmd_result
+  changed_when: True
+
 - name: Start service
   ansible.builtin.command:
     cmd: docker compose up -d

_ansible/tasks/steps/template-site-config.yml

@@ -1,6 +1,9 @@
-- name: Template caddy config
+- name: Template caddy site
   ansible.builtin.template:
     src: caddy_site.conf.j2
     dest: "{{ (caddy_config_path, svc.domain + '.conf') | path_join }}"
     mode: "0644"
-  when: svc.domain is defined
+
+- name: Register caddy site
+  ansible.builtin.set_fact:
+    managed_sites: "{{ managed_sites + [svc.domain + '.conf'] }}"