- name: Ensure Caddy is installed
  ansible.builtin.package:
    name: caddy
    state: present

- name: Create Caddy configuration directory
  ansible.builtin.file:
    path: /etc/caddy
    state: directory
    owner: root
    group: root
    mode: '0755'

- name: Deploy Caddyfile
  ansible.builtin.template:
    src: Caddyfile.j2
    dest: "{{ caddy_config_path }}"
    owner: root
    group: root
    mode: '0644'
  notify: Restart Caddy

- name: Ensure Caddy root directory exists
  ansible.builtin.file:
    path: "{{ caddy_root }}"
    state: directory
    owner: www-data
    group: www-data
    mode: '0755'

- name: Start and enable Caddy service
  ansible.builtin.service:
    name: "{{ caddy_service_name }}"
    state: started
    enabled: true

- name: Trust Caddy local CA
  copy:
    src: /var/lib/caddy/.local/share/caddy/pki/authorities/local/root.crt
    dest: /usr/local/share/ca-certificates/caddy-local.crt
    remote_src: yes
  notify: Update CA trust