r/frigate-caddy: Deploy Caddy in front of Frigate

Deploying Caddy as a reverse proxy for Frigate enables HTTPS with a
certificate issued by the internal CA (via ACME) and authentication via
Authelia.

Separating the installation and base configuratieon of Caddy into its
own role will allow us to reuse that part for other sapplications that
use Caddy for similar reasons.

group_vars/frigate.yml

@@ -0,0 +1,9 @@
+# vim: set ft=yaml.jinja :
+
+frigate_caddy_forward_auth:
+  url: https://auth.pyrocufflink.blue
+  path: /api/verify
+  location: '?rd=https://{{ frigate_caddy_server_name }}'
+frigate_caddy_acme:
+  email: frigate@pyrocufflink.blue
+  url: https://ca.pyrocufflink.blue/acme/acme/directory