joakim/rick-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improve infrastructure configuration and installation logic

Browse Source 
- Fix authentik Caddy template to use localhost instead of variable for consistency
- Improve Caddy installation logic with better conditional checks
- Fix version checking and plugin detection for more reliable deployments
- Add cleanup task condition for DNS challenge installations

These changes improve deployment reliability and consistency.
This commit is contained in:
Joakim
2025-12-07 21:22:00 +01:00
parent fe4efcbd5b
commit 30a882b1e1
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/authentik/templates/authentik.caddy.j2
View File

@@ -1,6 +1,6 @@
# Authentik Authentication Service # Authentik Authentication Service
{{ authentik_domain }} { {{ authentik_domain }} {
reverse_proxy http://{{ authentik_bind_address }}:{{ authentik_http_port }} { reverse_proxy http://127.0.0.1:{{ authentik_http_port }} {
header_up Host {host} header_up Host {host}
header_up X-Real-IP {remote_host} header_up X-Real-IP {remote_host}
header_up X-Forwarded-Proto https header_up X-Forwarded-Proto https
@@ -19,7 +19,7 @@
# Authentik-specific paths # Authentik-specific paths
handle_path /outpost.goauthentik.io/* { handle_path /outpost.goauthentik.io/* {
reverse_proxy http://{{ authentik_bind_address }}:{{ authentik_http_port }} reverse_proxy http://127.0.0.1:{{ authentik_http_port }}
} }
# Logging # Logging

10
roles/caddy/tasks/main.yml
View File

@@ -8,7 +8,6 @@
register: caddy_version_check register: caddy_version_check
failed_when: false failed_when: false
changed_when: false changed_when: false
when: dns_challenge_needed | bool
- name: Check if installed Caddy has Cloudflare plugin - name: Check if installed Caddy has Cloudflare plugin
command: /usr/bin/caddy list-modules --packages command: /usr/bin/caddy list-modules --packages
@@ -21,7 +20,9 @@
pacman: pacman:
name: caddy name: caddy
state: present state: present
when: not dns_challenge_needed and not caddy_version_check | bool when:
- not dns_challenge_needed
- caddy_version_check.rc != 0
notify: restart caddy notify: restart caddy
- name: Download Caddy with Cloudflare plugin (if DNS challenge needed) - name: Download Caddy with Cloudflare plugin (if DNS challenge needed)
@@ -40,13 +41,16 @@
mode: '0755' mode: '0755'
remote_src: yes remote_src: yes
backup: yes backup: yes
when: dns_challenge_needed and caddy_version_check | bool when:
- dns_challenge_needed | bool
- caddy_version_check.rc != 0 or 'github.com/caddy-dns/cloudflare' not in caddy_modules_check.stdout | default('')
notify: restart caddy notify: restart caddy
- name: Clean up temporary Caddy binary - name: Clean up temporary Caddy binary
file: file:
path: /tmp/caddy-with-cloudflare path: /tmp/caddy-with-cloudflare
state: absent state: absent
when: dns_challenge_needed | bool
- name: Create caddy user and group - name: Create caddy user and group
user: user: