- name: Deploy memos and configure Caddy reverse proxy hosts: memos-box become: yes vars_files: - ../../infra_vars.yml - ../../services_config.yml - ./memos_vars.yml vars: memos_subdomain: "{{ subdomains.memos }}" caddy_sites_dir: "{{ caddy_sites_dir }}" memos_domain: "{{ memos_subdomain }}.{{ root_domain }}" tasks: - name: Install required packages apt: name: - wget - curl - unzip state: present update_cache: yes - name: Get latest memos release version uri: url: https://api.github.com/repos/usememos/memos/releases/latest return_content: yes register: memos_latest_release - name: Set memos version and find download URL set_fact: memos_version: "{{ memos_latest_release.json.tag_name | regex_replace('^v', '') }}" - name: Find linux-amd64 download URL set_fact: memos_download_url: "{{ memos_latest_release.json.assets | json_query('[?contains(name, `linux-amd64`) && (contains(name, `.tar.gz`) || contains(name, `.zip`))].browser_download_url') | first }}" - name: Display memos version to install debug: msg: "Installing memos version {{ memos_version }} from {{ memos_download_url }}" - name: Download memos binary get_url: url: "{{ memos_download_url }}" dest: /tmp/memos_archive mode: '0644' register: memos_download - name: Extract memos binary unarchive: src: /tmp/memos_archive dest: /tmp/memos_extract remote_src: yes creates: /tmp/memos_extract/memos - name: Install memos binary copy: src: /tmp/memos_extract/memos dest: /usr/local/bin/memos mode: '0755' remote_src: yes notify: Restart memos - name: Remove temporary files file: path: "{{ item }}" state: absent loop: - /tmp/memos_archive - /tmp/memos_extract - name: Ensure memos user exists user: name: memos system: yes shell: /usr/sbin/nologin home: /var/lib/memos create_home: yes state: present - name: Create memos data directory file: path: "{{ memos_data_dir }}" state: directory owner: memos group: memos mode: '0750' - name: Create memos systemd service file copy: dest: /etc/systemd/system/memos.service content: | [Unit] Description=memos service After=network.target [Service] Type=simple User=memos Group=memos ExecStart=/usr/local/bin/memos --port {{ memos_port }} --data {{ memos_data_dir }} Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target owner: root group: root mode: '0644' notify: Restart memos - name: Enable and start memos service systemd: name: memos enabled: yes state: started daemon_reload: yes - name: Wait for memos to be ready uri: url: "http://localhost:{{ memos_port }}/api/v1/status" status_code: 200 register: memos_ready until: memos_ready.status == 200 retries: 30 delay: 2 ignore_errors: yes - name: Allow HTTPS through UFW ufw: rule: allow port: '443' proto: tcp - name: Allow HTTP through UFW (for Let's Encrypt) ufw: rule: allow port: '80' proto: tcp - name: Ensure Caddy sites-enabled directory exists file: path: "{{ caddy_sites_dir }}" state: directory owner: root group: root mode: '0755' - name: Ensure Caddyfile includes import directive for sites-enabled lineinfile: path: /etc/caddy/Caddyfile line: 'import sites-enabled/*' insertafter: EOF state: present backup: yes - name: Create Caddy reverse proxy configuration for memos copy: dest: "{{ caddy_sites_dir }}/memos.conf" content: | {{ memos_domain }} { reverse_proxy localhost:{{ memos_port }} } owner: root group: root mode: '0644' - name: Reload Caddy to apply new config command: systemctl reload caddy handlers: - name: Restart memos systemd: name: memos state: restarted