add deskwork caddy

2026-02-06 20:16:51 -05:00
parent 495cacfb96
commit d089c981c8
3 changed files with 64 additions and 4 deletions
--- a/active/podman_caddy/caddy.md
+++ b/active/podman_caddy/caddy.md
@@ -37,15 +37,37 @@ https://something-else.reeseapps.com:443 {
 }
 ```

+Make sure to add [your route53 configuration](https://github.com/caddy-dns/route53?tab=readme-ov-file#configuration)
+
+```conf
+tls {
+    dns route53 {
+        access_key_id "..."
+        secret_access_key "..."
+        region "us-east-1"
+        wait_for_route53_sync true
+        skip_route53_sync_on_delete true
+        route53_max_wait 2m
+        max_retries 5
+    }
+}
+```
+
 The playbook limits the installer to `hosts: caddy` so make sure you have a caddy
 host in your inventory.

 Now you can install the Caddy service with something like:

 ```bash
+# Base Proxy
 ansible-playbook \
 -i ansible/inventory.yaml \
-active/podman_caddy/install_caddy.yaml
+active/podman_caddy/install_caddy_proxy.yaml
+
+# Deskwork (AI) Proxy
+ansible-playbook \
+-i ansible/inventory.yaml \
+active/podman_caddy/install_caddy_deskwork.yaml
 ```

 See ansible playbook [install_caddy.yaml](/active/podman_caddy/install_caddy.yaml)
--- a/active/podman_caddy/install_caddy_deskwork.yaml
+++ b/active/podman_caddy/install_caddy_deskwork.yaml
@@ -1,5 +1,5 @@
- name: Create DDNS Service
-  hosts: caddy
+- name: Create Caddy Proxy
+  hosts: deskwork-root
  tasks:
  - name: Create /etc/caddy dir
    ansible.builtin.file:
@@ -8,7 +8,7 @@
      mode: '0755'
  - name: Copy Caddyfile
    template:
-      src: secrets/Caddyfile
+      src: secrets/deskwork.Caddyfile
      dest: /etc/caddy/Caddyfile
      owner: root
      group: root
--- a/active/podman_caddy/install_caddy_proxy.yaml
+++ b/active/podman_caddy/install_caddy_proxy.yaml
@@ -0,0 +1,38 @@
+- name: Create Caddy Proxy
+  hosts: caddy
+  tasks:
+  - name: Copy Containerfile for build
+    template:
+      src: Containerfile
+      dest: /etc/caddy/Containerfile
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Build Caddy Image
+    shell:
+      cmd: podman build -t gitea.reeseapps.com/services/caddy:latest -f /etc/caddy/Containerfile
+  - name: Create /etc/caddy dir
+    ansible.builtin.file:
+      path: /etc/caddy
+      state: directory
+      mode: '0755'
+  - name: Copy Caddyfile
+    template:
+      src: secrets/proxy.Caddyfile
+      dest: /etc/caddy/Caddyfile
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Template Caddy Container Services
+    template:
+      src: caddy.container
+      dest: /etc/containers/systemd/caddy.container
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Reload and start the Caddy service
+    ansible.builtin.systemd_service:
+      state: restarted
+      name: caddy.service
+      enabled: true
+      daemon_reload: true