88723b5e5f
Self-contained playbook intended to be run locally on the target server, where this repo is already cloned (typically at /var/www/e-auth). No SSH / inventory needed — hosts: localhost with connection: local. What it does: - Installs Docker Engine + compose plugin from the official repo (idempotent, no-op if already present). - Ensures /etc/caddy/site exists and templates the vhost file at /etc/caddy/site/e-auth.conf with the Cloudflare DNS-01 token for caddy-dns/cloudflare, reverse-proxying to 127.0.0.1:9450. - Validates the Caddy config and reloads the service on change. - Runs `docker compose pull` and `docker compose up -d` from the repo root. Assumes Caddy is already installed with the caddy-dns/cloudflare plugin and loads per-site files from /etc/caddy/site/*.conf. Usage (on the server): cd /var/www/e-auth/ansible && ansible-playbook deploy.yml Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
15 lines
478 B
YAML
15 lines
478 B
YAML
---
|
|
# ecosplay-auth deploy vars
|
|
|
|
deploy_dir: /var/www/e-auth
|
|
auth_domain: auth.e-cosplay.fr
|
|
keycloak_local_port: 9450
|
|
|
|
# Caddy (assumed already installed with the caddy-dns/cloudflare plugin
|
|
# and configured to load per-site files from /etc/caddy/site/*.conf)
|
|
caddy_site_file: /etc/caddy/site/e-auth.conf
|
|
|
|
# Cloudflare API token consumed by the caddy-dns/cloudflare plugin
|
|
# for the ACME DNS-01 challenge.
|
|
cloudflare_token: cfat_rIHZqzCm9GKK3xVnQDNGfu6J91TseIDdTKeuWSFUdf6ccd31
|