Improve Caddy Salt state: pillarize hostnames, graceful reload, Jinja parameterization #440

New issue

Closed

opened 2026-06-15 23:51:19 +00:00 by ldraney · 0 comments

ldraney commented 2026-06-15 23:51:19 +00:00

Owner

Copy link

Type

Feature

Lineage

Related to ldraney/pal-e-platform #425 (Caddy Salt state for palinks.app reverse proxy, PR #439). Prepares for multi-domain support in #434.

Repo

ldraney/pal-e-platform

User Story

As a platform operator
I want the Caddy Salt state to be data-driven and use graceful reloads
So that adding new domains requires only pillar changes and config updates cause zero downtime

Context

PR #439 introduced salt/states/caddy/init.sls and salt/states/caddy/Caddyfile.j2 for the palinks.app reverse proxy. The implementation works but has three quality improvements needed before adding more domains (#434):

1. The Tailscale domain suffix (tail5b443a.ts.net) is hardcoded in the Caddyfile template
2. The Salt state uses service.running with watch, which does a full Caddy restart instead of graceful reload
3. The Caddyfile template is not parameterized -- adding a domain means editing the template rather than just adding pillar data

File Targets

Files the agent should modify:

• salt/states/caddy/init.sls -- replace service restart with caddy reload, adjust state structure
• salt/states/caddy/Caddyfile.j2 -- add Jinja loops over pillar-defined sites, remove hardcoded hostnames

Files the agent should NOT touch:

• Salt pillar files -- pillar structure will be documented in the PR but not created here

Feature Flag

none

Acceptance Criteria

• Tailscale domain suffix is no longer hardcoded in the Caddyfile template
• Salt state uses caddy reload --config /etc/caddy/Caddyfile with onchanges instead of service.running with watch
• Caddyfile.j2 uses Jinja loops over pillar['caddy']['sites'] to generate site blocks
• Adding a new domain (e.g. landscaping-assistant.app) requires only pillar data changes, no template edits

Test Expectations

• Manual review: rendered Caddyfile output matches expected format for palinks.app
• Manual review: Salt state structure is valid SLS syntax
• Run command: visual inspection of Jinja template rendering

Constraints

• Must stack on top of PR #439 (branch 425-caddy-palinks-app)
• Follow existing Salt state patterns in the repo
• Pillar structure should be documented in PR body but pillar files are not created in this PR

Checklist

• PR opened
• No unrelated changes

Related

• pal-e-platform -- infrastructure project

### Type Feature ### Lineage Related to `ldraney/pal-e-platform #425` (Caddy Salt state for palinks.app reverse proxy, PR #439). Prepares for multi-domain support in #434. ### Repo `ldraney/pal-e-platform` ### User Story As a platform operator I want the Caddy Salt state to be data-driven and use graceful reloads So that adding new domains requires only pillar changes and config updates cause zero downtime ### Context PR #439 introduced `salt/states/caddy/init.sls` and `salt/states/caddy/Caddyfile.j2` for the palinks.app reverse proxy. The implementation works but has three quality improvements needed before adding more domains (#434): 1. The Tailscale domain suffix (`tail5b443a.ts.net`) is hardcoded in the Caddyfile template 2. The Salt state uses `service.running` with watch, which does a full Caddy restart instead of graceful reload 3. The Caddyfile template is not parameterized -- adding a domain means editing the template rather than just adding pillar data ### File Targets Files the agent should modify: - `salt/states/caddy/init.sls` -- replace service restart with `caddy reload`, adjust state structure - `salt/states/caddy/Caddyfile.j2` -- add Jinja loops over pillar-defined sites, remove hardcoded hostnames Files the agent should NOT touch: - Salt pillar files -- pillar structure will be documented in the PR but not created here ### Feature Flag none ### Acceptance Criteria - [ ] Tailscale domain suffix is no longer hardcoded in the Caddyfile template - [ ] Salt state uses `caddy reload --config /etc/caddy/Caddyfile` with `onchanges` instead of `service.running` with watch - [ ] Caddyfile.j2 uses Jinja loops over `pillar['caddy']['sites']` to generate site blocks - [ ] Adding a new domain (e.g. landscaping-assistant.app) requires only pillar data changes, no template edits ### Test Expectations - [ ] Manual review: rendered Caddyfile output matches expected format for palinks.app - [ ] Manual review: Salt state structure is valid SLS syntax - Run command: visual inspection of Jinja template rendering ### Constraints - Must stack on top of PR #439 (branch `425-caddy-palinks-app`) - Follow existing Salt state patterns in the repo - Pillar structure should be documented in PR body but pillar files are not created in this PR ### Checklist - [ ] PR opened - [ ] No unrelated changes ### Related - `pal-e-platform` -- infrastructure project

ldraney referenced this issue from a commit 2026-06-15 23:53:01 +00:00

chore: pillarize Caddy template, use graceful reload, add Jinja loops (#440)

ldraney referenced this issue from a pull request that will close it, 2026-06-15 23:53:18 +00:00

chore: improve Caddy Salt state with pillarization and graceful reload (#440) #441

ldraney referenced this issue 2026-06-15 23:55:13 +00:00

chore: improve Caddy Salt state with pillarization and graceful reload (#440) #441

ldraney added the

status:approved

label 2026-06-15 23:55:13 +00:00

ldraney referenced this issue from a commit 2026-06-16 00:41:37 +00:00

chore: pillarize Caddy template, use graceful reload, add Jinja loops (#440)

ldraney closed this issue 2026-06-16 00:45:24 +00:00

ldraney referenced this issue from a commit 2026-06-16 00:45:25 +00:00

chore: improve Caddy Salt state with pillarization and graceful reload (#440) (#441)

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

fix-dashboard-metric-names

netpol-westside-ror

spec-board-centric-renderer

457-add-dns-and-caddy-config-for-myvibes-wor

411-remove-deprecated-pal-e-app-references-f

412-remove-deprecated-westside-admin-referen

fix-gem-bin-path

fix-woodpecker-multi-pipeline

345-harbor-mobile-css

290-payment-pipeline-observability

284-fix-add-pal-e-docs-namespace-to-postgres

284-add-pal-e-docs-postgres-netpol

188-cross-repo-worktree-isolation-for-parall

111-fix-keycloak-probe

86-fix-rotate-woodpecker-api-token-in-salt

71-feat-deploy-pyrra-slo-manager-with-servi

64-hotfix-woodpecker-oauth-login-broken-for

18-fix-grafana-duplicate-default-datasource-v2

18-fix-grafana-duplicate-default-datasource

13-fix-cnpg-all-parameters

No results found.

Labels

Clear labels   

domain:backend

  

domain:devops

  

domain:frontend

  

status:approved

QA passed, awaiting merge approval

  

status:in-progress

Dev agent is actively working

  

status:needs-fix

QA found issues, back to dev

  

status:qa

PR submitted, awaiting QA review

  

type:bug

Bug fix

  

type:devops

Infrastructure/CI/config work

  

type:feature

New functionality

No labels

domain:backend

domain:devops

domain:frontend

status:approved

status:in-progress

status:needs-fix

status:qa

type:bug

type:devops

type:feature

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

ldraney/pal-e-platform#440

No description provided.