From 4164ebb829fd9292a3de9cc65bcb3f56aaffa9b5 Mon Sep 17 00:00:00 2001
From: Wilfried OLLIVIER <wollivier@bearstech.com>
Date: Fri, 1 Feb 2019 18:50:35 +0100
Subject: [PATCH] Bootstrap caddy http sync role

---
 LICENCE                 | 13 +++++++++++++
 README.md               | 37 ++++++++++++++++++++++++++++++++++++
 defaults/main.yml       | 12 ++++++++++++
 handlers/main.yml       | 13 +++++++++++++
 meta/main.yml           | 20 ++++++++++++++++++++
 tasks/main.yml          | 25 ++++++++++++++++++++++++
 templates/http.caddy.j2 | 42 +++++++++++++++++++++++++++++++++++++++++
 7 files changed, 162 insertions(+)
 create mode 100644 LICENCE
 create mode 100644 README.md
 create mode 100644 defaults/main.yml
 create mode 100644 handlers/main.yml
 create mode 100644 meta/main.yml
 create mode 100644 tasks/main.yml
 create mode 100644 templates/http.caddy.j2

diff --git a/LICENCE b/LICENCE
new file mode 100644
index 0000000..5568253
--- /dev/null
+++ b/LICENCE
@@ -0,0 +1,13 @@
+         DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+                    Version 2, December 2004
+
+ Copyright (C) 2019 Wilfried OLLIVIER <wollivier@fdn.fr>
+
+ Everyone is permitted to copy and distribute verbatim or modified
+ copies of this license document, and changing it is allowed as long
+ as the name is changed.
+
+            DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. You just DO WHAT THE FUCK YOU WANT TO.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..894013a
--- /dev/null
+++ b/README.md
@@ -0,0 +1,37 @@
+galaxy-caddy.http.sync
+======================
+
+Push config file and sync code source of a basic html site
+
+Requirements
+------------
+
+Caddy webserver up and running
+
+Role Variables
+--------------
+
+- vhost_url: vhost url
+- vhost_name: name of the vhost
+- caddy_home: path to caddy home directory
+- caddy_logs: path to caddy logs directory
+- caddy_conf: path to caddy config directory
+- caddy_confd: path to caddy confd directory
+- caddy_logs: path to caddy vhost log directory
+- caddy_www: path to caddy www dir
+- custom_errors: yes/no - use custom errors or not
+- www_redirect: yes/no - redirect www. to .
+
+Dependencies
+------------
+
+galaxy-caddy
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: galaxy-caddy.http.sync, custom_errors: no, vhost_name: test, vhost_url: test.test, syncpath: path/to/some/directory }
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..f09ae7f
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,12 @@
+---
+# defaults file for galaxy-caddy.http.sync
+
+caddy_home: /srv/caddy
+caddy_logs: /srv/caddy/logs
+caddy_conf: /etc/caddy
+caddy_confd: /etc/caddy/conf.d
+caddy_www: /var/www/caddy
+
+www_redirect: no
+
+custom_errors: no
\ No newline at end of file
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..303b456
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,13 @@
+---
+# handlers file for galaxy-caddy.http.sync
+
+- name: start caddy
+  service: name=caddy
+           state=started
+           enabled=yes
+           daemon_reload=yes
+
+- name: restart caddy
+  service: name=caddy
+           state=restarted
+           enabled=yes
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..03489eb
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,20 @@
+galaxy_info:
+  author: Wilfried OLLIVIER
+  description: Push caddy config file and sync code
+  company: none
+
+  license: WTFPL
+
+  min_ansible_version: 2.4
+
+  platforms:
+  - name: Debian
+    versions:
+    - Stretch
+
+  galaxy_tags:
+    - caddy
+    - webserver
+    - http
+
+dependencies: []
\ No newline at end of file
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..8d72002
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+# tasks file for galaxy-caddy.http.sync
+
+- name: Push caddy config file
+  template:
+    src: http.caddy.j2
+    dest: "{{ caddy_confd }}/{{ vhost_name }}.caddy"
+  notify: restart caddy
+
+- name: Ensure caddy log dir
+  file:
+    path: "{{ caddy_logs }}/{{ vhost_name }}"
+    state: directory
+    owner: caddy
+
+- name: Ensure vhost www dir
+  file: path={{ caddy_www }}/{{ vhost_name }}
+        state=directory
+        owner=caddy
+        group=caddy
+
+- name: Synchronize
+  synchronize: src={{ syncpath }}
+               dest={{ caddy_www }}/{{ vhost_name }}
+               delete=yes
diff --git a/templates/http.caddy.j2 b/templates/http.caddy.j2
new file mode 100644
index 0000000..e058712
--- /dev/null
+++ b/templates/http.caddy.j2
@@ -0,0 +1,42 @@
+{{ vhost_url }} {
+
+    header / {
+        # Enable HTTP Strict Transport Security (HSTS) to force clients to always
+        # connect via HTTPS (do not use if only testing)
+        Strict-Transport-Security "max-age=31536000;"
+        # Enable cross-site filter (XSS) and tell browser to block detected attacks
+        X-XSS-Protection "1; mode=block"
+        # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
+        X-Content-Type-Options "nosniff"
+        # Disallow the site to be rendered within a frame (clickjacking protection)
+        X-Frame-Options "DENY"
+    }
+
+    log {{ caddy_logs }}/{{ vhost_name }}/access.log {
+        rotate_size  100
+        rotate_age   30
+        rotate_keep  10
+    }
+
+    root {{ caddy_www }}/{{ vhost_name }}
+
+    gzip {
+        ext .jpg
+        level 9
+    }
+
+{% if custom_errors %}
+    errors {
+	    404 404.html # Not Found
+    }
+{% endif %}
+
+}
+
+{% if www_redirect %}
+www.{{ vhost_url }} {
+
+    redir https://{{ vhost_url }}
+
+}
+{% endif %}
\ No newline at end of file