This role installs a plain caddy server on a Debian-based system and can, if you want, also place a basic reverse proxy configuration.
N/A
If you only want to install Caddy, you don't need to set any variables. If you want to configure Caddy as a reverse proxy as well, you can provide an array of objects named caddy_sites with the following values:
additional_forwarding_ports: Allows to define a list with additional ports where Caddy should listen for this domain and forward to HTTPS.allowlist: An array if IP addresses in CIDR-notation which are allowed to access this route (Optional). All other visitors receive a 404 error.certificate_file: You can set this variable if you want to provide the certificate by yourself (Optional). The certificate needs permissions0640, with root as Owner and Caddy as Group.certificate_key: You can set this variable if you want to provide the certificate by yourself (Optional).domain: The domain caddy should listen to.
Afterwards, you can define a list of routes composing of the following values:
path: Path that should be matched. Let it empty for everything or e.g./api/*for something specific.ignore_allowlist: Iftruethe site'sallowlistwill not be applied to this route, thus making this route publicly available. Defaults tofalse.reverse_proxy_destination: Where the requested should be proxied.strip_prefix: If set, the matchedpathwill be removed from the request to the destination system. This means, if somebody requests the route/api/v1/helloat the reverse proxy and you set/api/*as path, the request will be sent as/v1/helloto the destination system.
Additionally, you can also define a list of redirects composing of the following values:
source: Path that should be matched. Let it empty for everything or e.g./api/*for something specific.target: Target location. Becomes the response's Location header.code: HTTP status code to use for the redirect. Can be an integer in the 3xx range, or 401,temporaryfor temporary redirect (302),permanentfor a permanent redirect (301, default),htmlto use an HTML document to perform the redirect (will redirect browsers, but not API clients).
Certificates, domain etc. are always defined for one site and cannot be redefined for a route.
The parameter additional_template_path defines a path to a template that gets appended to a Caddy site. This option can be helpful if you generally use the options from the YAML for your configuration but have one or two routes with special requirements. The template is inserted after rendering allowlist so you can apply rewrites to your routes before the code generated by this role is applied.
None.
Basic installation:
---
- name: Converge
hosts: all
become: true
roles:
- role: simplificator.caddyWith reverse proxy configuration and redirects:
---
- name: Converge
hosts: all
become: true
roles:
- role: simplificator.caddy
vars:
caddy_sites:
- domain: example.com
tls_insecure: true
routes:
- path: ''
reverse_proxy_destination: 192.168.50.2
allowlist:
- 8.8.8.8/32
redirects:
- source: ''
target: '/'
additional_forwarding_ports:
- '8080'
- '1337'
![simplificator-renovate[bot] avatar](https://avatars.githubusercontent.com/u/16284?v=4 "simplificator-renovate[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent