- name: 'Install Apache2 packages' apt: pkg: - 'apache2' state: 'present' tags: - 'web' - 'apache2' - name: 'Enable Apache2 default modules' apache2_module: name: '{{ item }}' state: 'present' with_items: - 'ssl' - 'rewrite' - 'expires' - 'headers' tags: - 'web' - 'apache2' - name: 'Enable Apache2 default modules (Debian >= 9)' apache2_module: name: '{{ item }}' state: 'present' with_items: - 'http2' when: ansible_lsb.major_release|int >= 9 tags: - 'web' - 'apache2' - name: 'Install logrotate configuration for Apache2' template: src: 'logrotate/apache2.j2' dest: '/etc/logrotate.d/apache2' owner: 'root' group: 'root' mode: '0644' tags: - 'web' - 'apache2' - name: 'Install SSL vhost configuration for Apache2' template: src: 'apache2/vhost_ssl.j2' dest: '/etc/apache2/vhost_ssl-{{ item }}.conf' owner: 'root' group: 'root' mode: '0644' with_items: '{{ ssl_certs }}' notify: - 'Reload apache2' when: ssl_certs|length > 0 tags: - 'web' - 'apache2' - name: 'Install SSL vhost configuration for Apache2 (Lets Encrypt certificates)' template: src: 'apache2/vhost_ssl_auto.j2' dest: '/etc/apache2/vhost_ssl_auto-{{ item.split(" ")[0] }}.conf' owner: 'root' group: 'root' mode: '0644' with_items: '{{ ssl_certs_auto }}' notify: - 'Reload apache2' when: ssl_certs_auto|length > 0 tags: - 'web' - 'apache2' - name: 'Install Apache2 basic security configuration (Debian < 8)' template: src: 'apache2/conf.d/security.j2' dest: '/etc/apache2/conf.d/security' owner: 'root' group: 'root' mode: '0644' notify: - 'Reload apache2' when: ansible_lsb.major_release|int < 8 tags: - 'web' - 'apache2' - name: 'Install Apache2 basic security configuration (Debian >= 8)' template: src: 'apache2/conf.d/security.j2' dest: '/etc/apache2/conf-available/security.conf' owner: 'root' group: 'root' mode: '0644' notify: - 'Reload apache2' when: ansible_lsb.major_release|int >= 8 tags: - 'web' - 'apache2' - name: 'Install Lets Encrypt configuration for Apache2 (conf-available)' template: src: 'apache2/letsencrypt.j2' dest: '/etc/apache2/conf-available/letsencrypt.conf' owner: 'root' group: 'root' mode: '0644' notify: - 'Reload apache2' when: ssl_certs_auto|length > 0 tags: - 'web' - 'apache2' - name: 'Create basic authentication file for admin (Apache2)' template: src: 'apache2/auth_admin.j2' dest: '/etc/apache2/auth_admin' owner: 'root' group: 'www-data' mode: '0640' when: http_auth_admin_password is defined and http_auth_admin_password tags: - 'web' - 'apache2' - name: 'Install PHPMyAdmin virtual host for Apache2 (sites-available)' template: src: 'apache2/pma_vhost.j2' dest: '/etc/apache2/sites-available/pma.conf' owner: 'root' group: 'root' mode: '0644' notify: - 'Reload apache2' when: with_phpmyadmin|bool tags: - 'web' - 'apache2' - name: 'Install PHPMyAdmin virtual host for Apache2 (sites-enabled)' file: src: '/etc/apache2/sites-available/pma.conf' path: '/etc/apache2/sites-enabled/pma.conf' state: 'link' notify: - 'Reload apache2' when: with_phpmyadmin|bool tags: - 'web' - 'apache2' - name: "Install PHPPgAdmin virtual host for Apache2 (sites-available)" template: src: 'apache2/pga_vhost.j2' dest: '/etc/apache2/sites-available/pga.conf' owner: 'root' group: 'root' mode: '0644' notify: - 'Reload apache2' when: with_phppgadmin|bool tags: - 'web' - 'apache2' - name: 'Install PHPPgAdmin virtual host for Apache2 (sites-enabled)' file: src: '/etc/apache2/sites-available/pga.conf' path: '/etc/apache2/sites-enabled/pga.conf' state: 'link' notify: - 'Reload apache2' when: with_phppgadmin|bool tags: - 'web' - 'apache2' - name: 'Install PHP system checks virtual host for Apache2 (sites-available)' template: src: 'apache2/sys_vhost.j2' dest: '/etc/apache2/sites-available/sys.conf' owner: 'root' group: 'root' mode: '0644' notify: - 'Reload apache2' when: with_php|bool tags: - 'web' - 'apache2' - name: 'Install PHP system checks virtual host for Apache2 (sites-enabled)' file: src: '/etc/apache2/sites-available/sys.conf' path: '/etc/apache2/sites-enabled/sys.conf' state: 'link' notify: - 'Reload apache2' when: with_php|bool tags: - 'web' - 'apache2' - name: 'Ensure apache2 is running' service: name: 'apache2' state: 'started' tags: - 'web' - 'apache2' # vim: ft=yaml.ansible