From 0139850ee3ded81ce6d61d1e267e8c6cab6c1267 Mon Sep 17 00:00:00 2001 From: Tuan-Dat Tran Date: Tue, 22 Jul 2025 21:26:11 +0200 Subject: [PATCH] feat(reverse_proxy): fix caddy letsencrypt Signed-off-by: Tuan-Dat Tran --- roles/reverse_proxy/tasks/00_go_install.yml | 1 + roles/reverse_proxy/templates/Caddyfile.j2 | 23 ++++++++++++--------- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/roles/reverse_proxy/tasks/00_go_install.yml b/roles/reverse_proxy/tasks/00_go_install.yml index 250585f..b4dea2a 100644 --- a/roles/reverse_proxy/tasks/00_go_install.yml +++ b/roles/reverse_proxy/tasks/00_go_install.yml @@ -6,6 +6,7 @@ - debian-archive-keyring - apt-transport-https - curl + - qemu-guest-agent state: present update_cache: true become: true diff --git a/roles/reverse_proxy/templates/Caddyfile.j2 b/roles/reverse_proxy/templates/Caddyfile.j2 index 634a13b..cf82ba2 100644 --- a/roles/reverse_proxy/templates/Caddyfile.j2 +++ b/roles/reverse_proxy/templates/Caddyfile.j2 @@ -1,14 +1,6 @@ { - acme_dns netcup { - customer_number {{ netcup_customer_id }} - api_key {{ netcup_api_key }} - api_password {{ netcup_api_password }} - } - email {{ caddy.admin_email | default('admin@example.com') }} - acme_ca {{ caddy.acme_ca | default('https://acme-v02.api.letsencrypt.org/directory') }} -} - -*.{{ domain }} { + email {{ caddy.admin_email | default('admin@example.com') }} + acme_ca {{ caddy.acme_ca | default('https://acme-v02.api.letsencrypt.org/directory') }} } {% for service in services %} @@ -24,6 +16,17 @@ output file /var/log/caddy/{{ service.name }}.log format json } + + tls { + dns netcup { + customer_number {{ netcup_customer_id }} + api_key {{ netcup_api_key }} + api_password {{ netcup_api_password }} + } + propagation_timeout 900s + propagation_delay 600s + resolvers 1.1.1.1 + } } {% endif %}