--- # Devigo Deployment - Main Tasks # OAuth Service Setup - name: Create decap-oauth user user: name: "{{ devigo_oauth_user }}" system: yes shell: /usr/sbin/nologin home: "{{ devigo_oauth_home }}" create_home: yes - name: Create decap-oauth directories file: path: "{{ devigo_oauth_home }}" state: directory owner: "{{ devigo_oauth_user }}" group: "{{ devigo_oauth_user }}" mode: '0755' - name: Deploy OAuth environment file template: src: devigo-decap-oauth.env.j2 dest: "{{ devigo_oauth_home }}/decap-oauth.env" owner: "{{ devigo_oauth_user }}" group: "{{ devigo_oauth_user }}" mode: '0600' notify: restart devigo-decap-oauth - name: Create Quadlet systemd directory file: path: /etc/containers/systemd state: directory owner: root group: root mode: '0755' - name: Deploy Quadlet container file template: src: devigo-decap-oauth.container dest: "/etc/containers/systemd/{{ devigo_oauth_container_name }}.container" owner: root group: root mode: '0644' register: quadlet_deployed - name: Reload systemd to discover Quadlet container systemd: daemon_reload: yes - name: Deploy OAuth Caddy configuration template: src: devigo-decap-oauth.caddy.j2 dest: "{{ caddy_sites_enabled_dir }}/devigo-decap-oauth.caddy" owner: root group: "{{ caddy_user }}" mode: '0644' notify: reload caddy - name: Enable and start decap-oauth service systemd: name: "{{ devigo_oauth_container_name }}" enabled: yes state: started # Devigo Site Quadlet Setup - name: Deploy devigo-site Quadlet container file template: src: devigo-site.container dest: "/etc/containers/systemd/devigo-site.container" owner: root group: root mode: '0644' register: devigo_site_quadlet - name: Reload systemd to discover devigo-site Quadlet systemd: daemon_reload: yes - name: Deploy Caddy configuration for devigo site template: src: devigo.caddy.j2 dest: "{{ caddy_sites_enabled_dir }}/devigo.caddy" owner: root group: "{{ caddy_user }}" mode: '0644' notify: reload caddy - name: Enable and start devigo-site service systemd: name: devigo-site enabled: yes state: started