---
- name: install caddy from binary
  ansible.builtin.get_url:
    url: https://caddyserver.com/api/download?os=linux&arch=amd64&p=github.com%2Fcaddy-dns%2Fcloudflare&idempotency=54951177807414
    dest: /usr/bin/caddy
    mode: '0751'

- name: save a copy of old file
  ansible.builtin.fetch:
    src: "{{ CADDYFILE_DEST }}"
    dest: './caddyfile/Caddyfile.old'
  when: SAVE_OLD

- name: create caddyfile if it does not exist
  ansible.builtin.blockinfile:
    block: |
      localhost {
        respond "200"
      }
    path: "{{ CADDYFILE_DEST }}"
    create: true
    marker: "### {mark} Caddy configure setup stuffs ###"

- name: create Caddy systemd file
  ansible.builtin.copy:
    content: |
      [Unit]
      Description=Caddy
      Documentation=https://caddyserver.com/docs/
      After=network.target network-online.target
      Requires=network-online.target

      [Service]
      Type=notify
      User=root
      Group=root
      ExecStart=/usr/bin/caddy run --environ --config {{ CADDYFILE_DEST }}
      ExecReload=/usr/bin/caddy reload --config {{ CADDYFILE_DEST }} --force
      TimeoutStopSec=5s
      LimitNOFILE=1048576
      LimitNPROC=512
      PrivateTmp=true
      ProtectSystem=full
      AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE

      [Install]
      WantedBy=multi-user.target
    dest: /etc/systemd/system/caddy.service

- name: Start Caddy on startup
  ansible.builtin.systemd_service:
    name: 'caddy'
    state: 'started'
    enabled: yes
    daemon_reload: true

- name: install caddy trust
  ansible.builtin.shell: "caddy trust"