From 06a60630a3fc54d88529283ac67eda62a74e9274 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?ok=C3=A4nd?= <git@okand.email>
Date: Tue, 5 Sep 2023 13:46:02 +0200
Subject: [PATCH] create folders and services

---
 roles/caddy/files/caddy.service | 31 +++++++++++++++++++++++++++++++
 roles/caddy/handlers/main.yml   |  3 +++
 roles/caddy/tasks/main.yml      | 24 ++++++++++++++++++++++++
 3 files changed, 58 insertions(+)
 create mode 100644 roles/caddy/files/caddy.service
 create mode 100644 roles/caddy/handlers/main.yml

diff --git a/roles/caddy/files/caddy.service b/roles/caddy/files/caddy.service
new file mode 100644
index 0000000..20b5729
--- /dev/null
+++ b/roles/caddy/files/caddy.service
@@ -0,0 +1,31 @@
+# caddy.service
+#
+# For using Caddy with a config file.
+#
+# Make sure the ExecStart and ExecReload commands are correct
+# for your installation.
+#
+# See https://caddyserver.com/docs/install for instructions.
+#
+
+[Unit]
+Description=Caddy
+Documentation=https://caddyserver.com/docs/
+After=network.target network-online.target
+Requires=network-online.target
+
+[Service]
+Type=notify
+User=caddy
+Group=caddy
+ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
+ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
+TimeoutStopSec=5s
+LimitNOFILE=1048576
+LimitNPROC=512
+PrivateTmp=true
+ProtectSystem=full
+AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
+
+[Install]
+WantedBy=multi-user.target
diff --git a/roles/caddy/handlers/main.yml b/roles/caddy/handlers/main.yml
new file mode 100644
index 0000000..57fcca9
--- /dev/null
+++ b/roles/caddy/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: Reload systemd
+  ansible.builtin.systemd:
+    daemon_reload: true
diff --git a/roles/caddy/tasks/main.yml b/roles/caddy/tasks/main.yml
index c20f0ae..44df490 100644
--- a/roles/caddy/tasks/main.yml
+++ b/roles/caddy/tasks/main.yml
@@ -30,3 +30,27 @@
     shell: /usr/sbin/nologin
     system: true
     state: present
+
+- name: Create /etc/caddy folder
+  ansible.builtin.file:
+    path: /etc/caddy
+    owner: root
+    group: caddy
+    mode: "0755"
+    state: directory
+
+- name: Insert systemd unit
+  ansible.builtin.copy:
+    src: caddy.service
+    dest: /etc/systemd/system/caddy.service
+    mode: "0644"
+  notify:
+    - Reload systemd
+
+- name: Create /var/www folder
+  ansible.builtin.file:
+    path: /var/www
+    owner: caddy
+    group: caddy
+    mode: "2775"
+    state: directory