feat(flows): add update_caddy_config flow with validate, reload/force-restart, and smoke test

- Update flows.example/update_caddy_config.yml with caddy_validate → caddy_reload → smoke test steps and hostname comments - Add flows.example/update_caddy_config_force.yml for docker compose hard restart variant - Add /flows/update-caddy-config UI page with reload/force-restart toggle, dry-run mode showing pending Caddyfile preview, hostname detection, and audit log link Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-13 19:54:03 +02:00 · 2026-05-13 19:54:03 +02:00 · 1e31e3b584
commit 1e31e3b584
parent 6bee8e8741
4 changed files with 353 additions and 7 deletions
--- a/ops-agent/flows.example/update_caddy_config_force.yml
+++ b/ops-agent/flows.example/update_caddy_config_force.yml
@ -0,0 +1,27 @@
+# Validate the Caddyfile and recreate the Caddy container (hard restart).
+# Copy to /etc/ops-agent/flows/update_caddy_config_force.yml on the host.
+#
+# Use this flow instead of update_caddy_config.yml when a graceful reload
+# is insufficient — e.g. after adding a new TLS listener, changing ports,
+# or updating the Docker image itself.
+#
+# Steps:
+#   1. Validate the Caddyfile syntax (caddy validate)
+#   2. Recreate the Caddy container via docker compose (hard restart)
+#   3. Smoke-test public hostnames: curl -I, expect 200/301/308/401
+#
+# See update_caddy_config.yml for instructions on registering smoke-test
+# commands in commands.yml.
+
+name: Update Caddy Config (Force Restart)
+description: Validate the Caddyfile and recreate the Caddy container via docker compose
+steps:
+  - command_key: caddy_validate
+    on_failure: abort
+
+  - command_key: caddy_compose_restart
+    on_failure: abort
+
+  # Add one smoke-test step per public hostname served by Caddy.
+  - command_key: curl_smoke_scrum4me_web
+    on_failure: continue