--- - block: - name: Update apt cache apt: cache_valid_time: 3600 update_cache: true register: _pre_update_apt_cache until: _pre_update_apt_cache is succeeded when: - ansible_pkg_mgr == "apt" - name: Install dependencies package: name: "{{ caddy_dependencies }}" state: present register: _install_dep_packages until: _install_dep_packages is succeeded retries: 5 delay: 2 - block: - name: Download caddy archive get_url: url: "{{ caddy_dl_url }}.tar.gz" dest: "/tmp/caddy-{{ caddy_version }}-linux-{{ caddy_arch }}.tar.gz" register: _download_archive until: _download_archive is succeeded retries: 5 delay: 2 - name: Download caddy checksum.txt get_url: url: "{{ caddy_dl_url_checksum }}" dest: "/tmp/caddy_{{ caddy_version }}_checksums.txt" register: _download_checksums_txt until: _download_checksums_txt is succeeded retries: 5 delay: 2 - name: Download caddy checksum.txt.pem get_url: url: "{{ caddy_dl_url_checksum }}.pem" dest: "/tmp/caddy_{{ caddy_version }}_checksums.txt.pem" register: _download_checksums_txt_pem until: _download_checksums_txt_pem is succeeded retries: 5 delay: 2 - name: Download caddy checksum.txt.sig get_url: url: "{{ caddy_dl_url_checksum }}.sig" dest: "/tmp/caddy_{{ caddy_version }}_checksums.txt.sig" register: _download_checksums_txt_sig until: _download_checksums_txt_pem is succeeded retries: 5 delay: 2 # TODO verify checksum with cosign (need to be installed (dependency)) - name: Unpack caddy binary unarchive: remote_src: yes src: "/tmp/caddy-{{ caddy_version }}-linux-{{ caddy_arch }}.tar.gz" dest: "/usr/local/bin" mode: 0755 owner: root group: root notify: "Restart caddy" when: (not caddy_version_check|bool) or (caddy_active_version.stdout != caddy_version)