diff --git a/Policyfile.rb b/Policyfile.rb index f380997..47bad7f 100644 --- a/Policyfile.rb +++ b/Policyfile.rb @@ -15,4 +15,4 @@ # Specify a custom source for a single cookbook: cookbook 'acep-caddy', path: '.' -default['golang']['version'] = '1.22.1' \ No newline at end of file +default['golang']['version'] = '1.22.1' diff --git a/metadata.rb b/metadata.rb index 7d0850c..4e151b5 100644 --- a/metadata.rb +++ b/metadata.rb @@ -17,4 +17,4 @@ # a Supermarket. # # source_url 'https://github.com//acep-caddy' -depends 'golang' \ No newline at end of file +depends 'golang' diff --git a/recipes/default.rb b/recipes/default.rb index f835808..3253825 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -5,44 +5,44 @@ # Copyright:: 2024, The Authors, All Rights Reserved. if ubuntu_platform? - include_recipe 'acep-caddy::ubuntu' + include_recipe 'acep-caddy::ubuntu' end -service 'caddy' do - action :enable +service 'caddy' do + action :enable end caddy_config = data_bag_item('caddy', node['caddy']['sites_data_bag']) gcp_json = chef_vault_item('credentials', node['gcp']['service_account_vault']) file node['gcp']['service_account_json'] do - content gcp_json["file-content"] - owner node['caddy']['user'] - group node['caddy']['group'] - mode '0700' - action :create - notifies :restart, 'service[caddy]', :delayed + content gcp_json['file-content'] + owner node['caddy']['user'] + group node['caddy']['group'] + mode '0700' + action :create + notifies :restart, 'service[caddy]', :delayed end template '/etc/caddy/Caddyfile' do - source 'Caddyfile.erb' - owner node['caddy']['user'] - group node['caddy']['group'] - mode '0700' - variables acme_email: node['caddy']['acme_email'], - domains: caddy_config[:domains], - gcp_project: node['gcp'][:project], - gcp_service_account_file: node['gcp']['service_account_json'] - - action :create - # notifies :run, 'execute[caddy_fmt]', :immediately - notifies :restart, 'service[caddy]', :delayed + source 'Caddyfile.erb' + owner node['caddy']['user'] + group node['caddy']['group'] + mode '0700' + variables acme_email: node['caddy']['acme_email'], + domains: caddy_config[:domains], + gcp_project: node['gcp']['project'], + gcp_service_account_file: node['gcp']['service_account_json'] + + action :create + # notifies :run, 'execute[caddy_fmt]', :immediately + notifies :restart, 'service[caddy]', :delayed end # Take out fmt cause it will change the template config and cause chef # To always update the config and restart caddy service -# execute 'caddy_fmt' do +# execute 'caddy_fmt' do # command 'caddy fmt /etc/caddy/Caddyfile --overwrite' # action :nothing -# end \ No newline at end of file +# end diff --git a/recipes/ubuntu.rb b/recipes/ubuntu.rb index 6f191ec..96fdc77 100644 --- a/recipes/ubuntu.rb +++ b/recipes/ubuntu.rb @@ -12,25 +12,25 @@ # action :add # end -apt_repository 'xcaddy' do - uri 'https://dl.cloudsmith.io/public/caddy/xcaddy/deb/ubuntu' - components ['main'] - key 'https://dl.cloudsmith.io/public/caddy/xcaddy/gpg.key' - action :add +apt_repository 'xcaddy' do + uri 'https://dl.cloudsmith.io/public/caddy/xcaddy/deb/ubuntu' + components ['main'] + key 'https://dl.cloudsmith.io/public/caddy/xcaddy/gpg.key' + action :add end # Need to install golang in order to build the custom caddy binary include_recipe 'golang::default' -package %w{xcaddy} do - action :install - notifies :run, 'execute[xcaddy_build]', :immediately +package %w(xcaddy) do + action :install + notifies :run, 'execute[xcaddy_build]', :immediately end # We're building a custom binary for caddy that includes the googleclouddns # TODO: Create a resource for this execute 'xcaddy_build' do - command '/usr/bin/bash -l -c "xcaddy build --with github.com/caddy-dns/googleclouddns --output /usr/bin/caddy"' - action :nothing + command '/usr/bin/bash -l -c "xcaddy build --with github.com/caddy-dns/googleclouddns --output /usr/bin/caddy"' + action :nothing end ###################### @@ -38,57 +38,57 @@ ###################### group node['caddy']['group'] do - action :create - system true + action :create + system true end user node['caddy']['user'] do - group node['caddy']['group'] - manage_home true - home '/var/lib/caddy' - system true - shell '/bin/false' - action [:create, :manage] + group node['caddy']['group'] + manage_home true + home '/var/lib/caddy' + system true + shell '/bin/false' + action [:create, :manage] end directory '/etc/caddy' do - owner node['caddy']['user'] - group node['caddy']['group'] - mode '0755' - action :create + owner node['caddy']['user'] + group node['caddy']['group'] + mode '0755' + action :create end -directory '/var/lib/caddy' do - owner 'caddy' - group 'caddy' - mode '0750' - action :create +directory '/var/lib/caddy' do + owner 'caddy' + group 'caddy' + mode '0750' + action :create end systemd_unit 'caddy.service' do - content({ - Unit: { - Description: 'Caddy HTTP/2 web server', - Documentation: 'https://caddyserver.com/docs/', - After: 'network.target network-online.target', - Wants: 'network-online.target', - }, - Service: { - ExecStart: '/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile', - ExecReload: '/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force', - Restart: 'on-abnormal', - LimitNOFILE: 1048576, - Type: 'notify', - User: 'caddy', - Group: 'caddy', - TimeoutStopSec: '5s', - PrivateTmp: true, - ProtectSystem: 'full', - AmbientCapabilities: 'CAP_NET_ADMIN CAP_NET_BIND_SERVICE', - }, - Install: { - WantedBy: 'multi-user.target', - } - }) - action [:create, :enable] + content({ + Unit: { + Description: 'Caddy HTTP/2 web server', + Documentation: 'https://caddyserver.com/docs/', + After: 'network.target network-online.target', + Wants: 'network-online.target', + }, + Service: { + ExecStart: '/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile', + ExecReload: '/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force', + Restart: 'on-abnormal', + LimitNOFILE: 1048576, + Type: 'notify', + User: 'caddy', + Group: 'caddy', + TimeoutStopSec: '5s', + PrivateTmp: true, + ProtectSystem: 'full', + AmbientCapabilities: 'CAP_NET_ADMIN CAP_NET_BIND_SERVICE', + }, + Install: { + WantedBy: 'multi-user.target', + }, + }) + action [:create, :enable] end diff --git a/templates/site.erb b/templates/site.erb index 24edb75..00478c9 100644 --- a/templates/site.erb +++ b/templates/site.erb @@ -2,6 +2,9 @@ handle @<%= @name %> { encode gzip reverse_proxy <%= @upstream %> { + <% if @host_header %> + header_up Host <%= @host_header %> + <% end %> <% if @self_signed %> transport http { tls diff --git a/test/integration/data_bags/caddy/test_sites.json b/test/integration/data_bags/caddy/test_sites.json index 35233e6..1b090d8 100644 --- a/test/integration/data_bags/caddy/test_sites.json +++ b/test/integration/data_bags/caddy/test_sites.json @@ -6,7 +6,8 @@ "name": "test_site", "upstream": "http://localhost:8080", "fqdn": "test.camio.lab.alaska.edu", - "self_signed": false + "self_signed": false, + "host_header": "localhost:8080" } ] } diff --git a/test/integration/default/deafult_test.rb b/test/integration/default/deafult_test.rb index e724d67..96ac4d9 100644 --- a/test/integration/default/deafult_test.rb +++ b/test/integration/default/deafult_test.rb @@ -15,10 +15,10 @@ describe port(443) do it { should be_listening } - its('processes') {should include 'caddy'} + its('processes') { should include 'caddy' } end describe file('/etc/caddy/Caddyfile') do it { should exist } its('content') { should match /test-gcp-project/ } -end \ No newline at end of file +end