Skip to content

Commit de64fb7

Browse files
QuLogicQuLogic
committed
Add TLS config to Caddy
1 parent f6fad32 commit de64fb7

File tree

5 files changed

+117
-4
lines changed

5 files changed

+117
-4
lines changed

caddy/Caddyfile

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,11 @@
1414

1515
# Set this variable in the environment when running in production.
1616
{$SITE_ADDRESS::2015} {
17+
# Set the variable in the environment to the Caddy directive for tls
18+
# support. By default, this is empty so you can test it locally, but
19+
# the Ansible config sets it up with the right certificate paths.
20+
{$TLS_CONFIG:}
21+
1722
root * {$SITE_DIR:.}
1823

1924
# Setup a webhook

caddy/caddy.service.override

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
11
[Service]
22
Environment="SITE_DIR=/usr/share/caddy"
33
Environment="SITE_ADDRESS=https://do.matplotlib.org, https://matplotlib.org"
4+
Environment="TLS_CONFIG=tls /etc/caddy/tls/cert.pem /etc/caddy/tls/privkey.pem"

files/tls-cert.pem

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,63 @@
1+
$ANSIBLE_VAULT;1.1;AES256
2+
63373333393661613738643337653438636564316132386161383862656364613766663166633532
3+
6331376238343931386161393836666131623338643161330a663366656130633339373664643536
4+
32316665336531633538643566303738303761663562363761623061666665633966626134636464
5+
6231636537393031310a336136666332366662393061333230316262326132373731613664643039
6+
32316133346533313233386630393763383134616632656665636439616532653364636562333330
7+
37313836343732343232343530363465656231373330323765303438346331646230353039333962
8+
30386165393936353936336261376566633131313335336636343033633233633365663964313966
9+
65313533313464336665663964626439656235613730663234363664326632316132353065353336
10+
61343835356363333365343864346562366164643936626162366462306362613636613133626436
11+
62636231303565363837666634306162393065643462336464306331616264653533646235623538
12+
35663763303961366164646166363132386436316538623535633261343465323833323238356366
13+
34356365393532633131343638323235363533313936333062393935393161303731313766336430
14+
39633462623637623964623138623236653332343966353433356565313932363362636261393766
15+
63653430383063643436623037323439323564633662343035303532396335643566333937336233
16+
36333036366262393638616237333233303038616438383931396237663133366135653037343564
17+
31616533393636306632383562316462386537653830306165616135656464663237316433306465
18+
33323137396631653338666333373766386330393564343239313936353065333632316139656163
19+
63633562653339333730356635383239323730323563303461663737333938376439663435316330
20+
38626362366132306137643930393931333262393661303362623235333062666461303238346531
21+
66306366633234363230393533343962623736323339616337326438306561616335373438623361
22+
66376633383539393334396436633030653438386538313133376131656165303532383763653561
23+
33333039323761646630323134643266613236323966323565643835313163653066633261373231
24+
61613063666536373132323163623666313661626362623333333463363436306361646362366631
25+
39383130373166306231663766623531346261393436313737653765643161373939653832343336
26+
36353565323138393234653830653133323863393739353062613933333463353430396639303034
27+
34616432633133356266386132323565663363386365646437336631393862643533393064666333
28+
66336536353232666634353835663636386363393663326630346463646265336532323864656238
29+
62616231336266626238626434393434626133663733303162646461313835623961616539633832
30+
33346430666165396436653235313232323633623434623464653932616362306563336465313932
31+
65383330643037393139333564306164346539663636346438373733623939356265346261653961
32+
32613136373837356430396434373666393663313531623664366462643161323365373834323630
33+
39626335303832346631326163616632636563643930306463346561623662346465353832643730
34+
37316539326564616233363031666532356530303965666636393439613534393839626139666464
35+
64613864323464333465366566613838396566363037393438363265323136616564383964366334
36+
31663364323332376561363434303565346536656564643966366138636138373936393933303837
37+
63613933316565653962666263373835326630333833313464333636316664326262313964376238
38+
33366232366465653539383535383937343337333530346338366635373039306163373635356634
39+
31313138366665366533303137353237306338646437393864323839353834306265313262313666
40+
65303739333164633661363566656364366532343432376566626262643833376237383364623935
41+
32303131376132393735336464643638376266623733626436643230633239623330393835616261
42+
61363466303435346238363963653931636338613034626262373331626135643130656361353534
43+
39613163656464326637323136373434643763373362383462333235643130353265646265376336
44+
30323863366563663833306439616237613136333165323962346636643563323532666635613138
45+
66373663333430346265376138306262316438393161656663366465363565623364363633643933
46+
61643961393164363039343838646265396333323630316636636330346337656332646437316262
47+
36643537323532356535646161653435306166343663623734353136623038646130346265656138
48+
65336333363663643361616261343164623166613162316132306531313363323762653165616563
49+
34356535623639366432396430666131316466306230653265336334393036306664383434613030
50+
32306662363362303061373235393636633566393861623864336363313464633332363363306333
51+
62393232386664333261623738613965633633393963316264333064663230383366363030623465
52+
36626430633233646462336266663033313365323665633566623731663566383063383030616261
53+
65336435626635393632613234373237626363653764373933643464646538356165353737373837
54+
36656266366531373032346364336130343833613838313264643631393265626531363030656137
55+
33386635663231386339666332323432363431303565666265303035383666633534613530646430
56+
66633763366366303562323238653964303161393638303463396539323236396637373665363637
57+
31616163303261316362323064336265396332613832316163346362306431306532613130376430
58+
30376237636261383737643061393832346265626530653162613135383039346664623338363738
59+
34336665353264666633323664326530323137383936616537616262373264336639386230353139
60+
30336364623366616366613137626339396332643162383235666339616436636136373433663431
61+
62653735376334643131306537653063383537333063313435343736356539373336343035336463
62+
31656333393035646534356366623966313461393462386338363139313463306465636635623139
63+
6562336532663631643134393933666262343333353265656363

files/tls-privkey.pem

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
$ANSIBLE_VAULT;1.1;AES256
2+
63333331343239616534613261333630363931366162663936663362353737613330366366343264
3+
6364646165303265613966653366343365633832656364330a316162333666636632333066663739
4+
62326136623262336461613738316632643736306433616531656161363066353366373838326663
5+
3264633533373134360a373137323161383436666139656339343561343730343838393739616163
6+
37616661653465386132356230663133666464653736383533396232356263366536393232633765
7+
36626133663738646434396332303062393534346630383964353561646631616139323665306239
8+
62636362326633393064343630646131613637326430653863373233316139636130666538663037
9+
39326562626137376161323936663838633136653735373661336365343432323762353033306366
10+
61666361363538653065313139383133366461666562656666336536396432316263373862363837
11+
32363734316563376166633063623863396161313636333539633464303765356165623865613964
12+
39326238396339616436663035313737623731646536316338653334323334666437653037396231
13+
64303534353637643937643961353862316133353831613261396238373332396436386466633835
14+
30633163333163343738383561666462323639316361303833343634616663393062363236336634
15+
64366434633631366438663638306266323039393962623837636338643565366237356235363831
16+
38343033353636626338393039353761303030343536653338363063623636333439383136356130
17+
63343834633537383766373430636363326331353262386233633434623861643338303864613033
18+
3361

matplotlib.org.yml

Lines changed: 30 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -126,6 +126,32 @@
126126
- Reload systemd
127127
- Restart Caddy
128128

129+
- name: Configure Caddy TLS certificate directory
130+
ansible.builtin.file:
131+
path: /etc/caddy/tls
132+
state: directory
133+
mode: 0755
134+
owner: caddy
135+
group: caddy
136+
- name: Configure Caddy TLS certificates
137+
ansible.builtin.copy:
138+
src: tls-cert.pem
139+
dest: /etc/caddy/tls/cert.pem
140+
mode: 0640
141+
owner: caddy
142+
group: caddy
143+
notify:
144+
- Reload Caddy
145+
- name: Configure Caddy TLS certificates
146+
ansible.builtin.copy:
147+
src: tls-privkey.pem
148+
dest: /etc/caddy/tls/privkey.pem
149+
mode: 0640
150+
owner: caddy
151+
group: caddy
152+
notify:
153+
- Reload Caddy
154+
129155
- name: Enable Caddy service
130156
ansible.builtin.systemd:
131157
name: caddy.service
@@ -193,15 +219,15 @@
193219
ansible.builtin.systemd:
194220
daemon_reload: true
195221

196-
- name: Reload Caddy
222+
- name: Restart Caddy
197223
ansible.builtin.systemd:
198224
name: caddy
199-
state: reloaded
225+
state: restarted
200226

201-
- name: Restart Caddy
227+
- name: Reload Caddy
202228
ansible.builtin.systemd:
203229
name: caddy
204-
state: restarted
230+
state: reloaded
205231

206232
- name: Restart Prometheus
207233
ansible.builtin.systemd:

0 commit comments

Comments
 (0)