Update to caddy2

README.md

@@ -19,7 +19,7 @@ Role Variables
 - caddy_email: email used to register ACME/Let's Encrypt stuff
 - caddy_update: yes/no - activate caddy updates
 - test_url: url used for the test page
-- test_https: should the test page use https
+- test_acme: should the test page use acme or internal HTTPS
 - test_name: name of the test
 - test_code: test page source code directory
 - test_www: yes/no - enable redirection from www. to .

defaults/main.yml

@@ -6,11 +6,11 @@ caddy_logs: /var/log/caddy
 caddy_conf: /etc/caddy
 caddy_confd: /etc/caddy/conf.d
 caddy_www: /var/www/caddy
-caddy_email: none@none.com
-caddy_update: yes
 
 test_url: none.none
-test_https: no
+test_acme: no
 test_name: test
 test_code: /var/www/caddy/test
 test_www: no
+
+caddy_version: 2.0.0

meta/main.yml

@@ -1,6 +1,6 @@
 galaxy_info:
   author: Wilfried OLLIVIER
-  description: Install Caddy webserver on Debian
+  description: Install Caddy (2) webserver on Debian
   company: none
 
   license: WTFPL

tasks/main.yml

@@ -9,22 +9,14 @@
         shell=/bin/nologin
   tags: user
 
-- name: Get all Caddy releases
-  get_url: url=https://api.github.com/repos/mholt/caddy/git/refs/tags
-           dest={{ caddy_home }}/releases
-           force=yes
-  when: caddy_update
-  register: caddy_releases_cache
-
 - name: Download new Caddy version or build
-  get_url: url=https://caddyserver.com/download/linux/amd64?license=personal&telemetry=off
-           dest=/tmp/caddy.tar.gz
+  get_url: url=https://github.com/caddyserver/caddy/releases/download/v{{ caddy_version }}/caddy_{{ caddy_version }}_linux_amd64.tar.gz
+           dest=/tmp/caddy_{{ caddy_version }}.tar.gz
            force=yes
-  when: caddy_releases_cache.changed
   register: caddy_binary_cache
 
 - name: Extract new Caddy version or build
-  unarchive: src=/tmp/caddy.tar.gz
+  unarchive: src=/tmp/caddy_{{ caddy_version }}.tar.gz
              dest=/usr/bin/
              copy=no
   when: caddy_binary_cache.changed

templates/caddy.service.j2

@@ -8,8 +8,8 @@ After=network.target
 WorkingDirectory={{ caddy_home }}
 User=caddy
 LimitNOFILE=8192
-ExecStart=/usr/bin/caddy -agree=true -email={{ caddy_email }} -conf=/etc/caddy/Caddyfile
-ExecReload=/bin/kill -USR1 $MAINPID
+ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
+ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
 Restart=on-failure
 StartLimitInterval=600
 TimeoutStopSec=5s

templates/http.caddy.j2

@@ -1,10 +1,6 @@
-{% if test_https %}
 {{ test_url }} {
-{% else %}
-http://{{ test_url }}
-{% endif %}
 
-    {% if test_https %}
+    {% if test_acme %}
 header / {
     # Enable HTTP Strict Transport Security (HSTS) to force clients to always
     # connect via HTTPS (do not use if only testing)
@@ -17,27 +13,16 @@ http://{{ test_url }}
     X-Frame-Options "DENY"
 }
     {% else %}
-    tls off
+tls internal
     {% endif %}
 
-    log {{ caddy_logs }}/{{ test_name }}/access.log {
-        rotate_size  100
-        rotate_age   30
-        rotate_keep  10
+    log  {
+        output file {{ caddy_logs }}/{{ test_name }}/vhost.log
     }
 
-    errors {{ caddy_logs }}/{{ test_name }}/errors.log {
-        rotate_size  100
-        rotate_age   30
-        rotate_keep  10
-    }
-
-    root {{ test_code }}/
-
-    gzip {
-        ext .jpg
-        level 9
-    }
+    root * {{ test_code }}
+    file_server
+    encode zstd gzip
 
 }