--- - name: Setup Caddy hosts: privfrontends roles: - role: caddy-ansible caddy_systemd_capabilities_enabled: true caddy_config: "{{ lookup('template', './templates/Caddyfile.j2') }}" caddy_user: "caddy" caddy_home: "/var/lib/caddy" caddy_packages: ["github.com/caddy-dns/rfc2136@master"] # Static weekly builds of caddy with rfc2136 dns plugin caddy_url_base: "https://cb.projectsegfau.lt/api/download" tasks: - name: Copy per-server caddy extras copy: src: "./templates/{{ inventory_hostname }}/" dest: /etc/caddy/ directory_mode: true - name: Restart service: name: caddy enabled: yes state: restarted - name: Setup docker compose for privacy frontends hosts: privfrontends vars: docker_services: - anonymousoverflow #- beatbump - breezewiki - gothub - gothub-dev #- invidious - librarian - libreddit - nitter - rimgo - scribe - teddit - watchtower non_pizza_docker_services: #- piped - searxng tasks: # # community.docker does not support compose 2.0 right now. # https://github.com/ansible-collections/community.docker/issues/216 # - name: Update docker compose files and restart those with changes include_tasks: docker-tasks.yaml with_items: "{{ docker_services }}" - name: Update docker compose files and restart those with changes (Privacy Frontends but without Pizza1) include_tasks: docker-tasks.yaml with_items: "{{ non_pizza_docker_services }}" - name: Setup cron jobs hosts: privfrontends tasks: - name: Restart invidious every hour cron: name: "hourly invidious restart" special_time: hourly job: "docker restart invidious-invidious-1 && curl https://healthchecks.projectsegfau.lt/ping/{{invidious_hc_uuid}}" - name: Restart teddit every hour cron: name: "hourly teddit restart" special_time: hourly job: "docker restart teddit && curl https://healthchecks.projectsegfau.lt/ping/{{teddit_hc_uuid}}"