Simplify Caddy infrastructure to use file-based configuration instead of complex API registration system

2025-11-15 00:11:46 +01:00
parent 7788410bfc
commit 8162e789ee
13 changed files with 706 additions and 216 deletions
--- a/site.yml
+++ b/site.yml
@@ -1,13 +1,38 @@
 ---
- name: Secure VPS Infrastructure Setup  
+# Core infrastructure deployment with security hardening first
+
+# Security hardening establishes secure foundation before web services
+- import_playbook: playbooks/security.yml
+
+- name: Deploy Core Infrastructure
  hosts: arch-vps
  become: yes
  gather_facts: yes
  
  roles:
    - role: caddy
-      tags: ['caddy', 'web', 'https']
+      tags: ['caddy', 'infrastructure', 'web']
  
-  # Optional: Include security playbook
-  # - import_playbook: playbooks/security.yml
-  #   tags: ['security', 'firewall', 'ssh']
+  post_tasks:
+    - name: Verify Caddy API is accessible
+      uri:
+        url: "http://{{ caddy_admin_listen }}/config/"
+        method: GET
+        status_code: 200
+      retries: 5
+      delay: 2
+
+    - name: Display infrastructure status
+      debug:
+        msg: |
+          ✅ Core infrastructure deployment completed!
+          
+          🌐 Primary domain: {{ caddy_domain }}
+          🔒 HTTPS: {{ 'Enabled with DNS challenge (' + caddy_dns_provider + ')' if caddy_dns_provider else 'Enabled with HTTP challenge' }}
+          🚀 API registration: {{ 'Ready' if caddy_api_enabled else 'Disabled' }}
+          
+          📍 Admin API: http://{{ caddy_admin_listen }} (localhost only)
+          📁 Web root: {{ caddy_web_root }}
+          📝 Logs: {{ caddy_log_dir }}
+          
+           📖 Documentation: docs/caddy-api-registration.md