ansible-playbooks/roles/webserver/tasks/apache2.yml

- name: 'Install Apache2 packages'
  apt:
    pkg: 'apache2'
    state: 'installed'

- name: 'Install logrotate configuration for Apache'
  template:
    src: 'logrotate/apache2.j2'
    dest: '/etc/logrotate.d/apache2'
    owner: 'root'
    group: 'root'
    mode: '0644'

- name: 'Install SSL vhost configuration for Apache'
  template:
    src: 'apache2/vhost_ssl.j2'
    dest: '/etc/apache2/vhost_ssl-{{ item }}.conf'
    owner: 'root'
    group: 'root'
    mode: '0644'
  with_items: '{{ ssl_certs }}'
  notify:
    - 'Reload apache2'
  when: ssl_certs

- name: 'Install SSL vhost configuration for Apache (Lets Encrypt certificates)'
  template:
    src: 'apache2/vhost_ssl_auto.j2'
    dest: '/etc/apache2/vhost_ssl_auto-{{ item.split(" ")[0] }}.conf'
    owner: 'root'
    group: 'root'
    mode: '0644'
  with_items: '{{ ssl_certs_auto }}'
  notify:
    - 'Reload apache2'
  when: ssl_certs_auto

- name: 'Install Apache2 basic security configuration (Debian < 8)'
  template:
    src: 'apache2/conf.d/security.j2'
    dest: '/etc/apache2/conf.d/security'
    owner: 'root'
    group: 'root'
    mode: '0644'
  notify:
    - 'Reload apache2'
  when: ansible_lsb.major_release|int < 8

- name: 'Install Apache2 basic security configuration (Debian >= 8)'
  template:
    src: 'apache2/conf.d/security.j2'
    dest: '/etc/apache2/conf-available/security.conf'
    owner: 'root'
    group: 'root'
    mode: '0644'
  notify:
    - 'Reload apache2'
  when: ansible_lsb.major_release|int >= 8

- name: 'Install Lets Encrypt configuration for Apache2 (conf-available)'
  template:
    src: 'apache2/letsencrypt.j2'
    dest: '/etc/apache2/conf-available/letsencrypt.conf'
    owner: 'root'
    group: 'root'
    mode: '0644'
  notify:
    - 'Reload apache2'
  when: ssl_certs_auto

- name: 'Install Lets Encrypt configuration for Apache2 (conf-enabled)'
  file:
    src: '/etc/apache2/conf-available/letsencrypt.conf'
    path: '/etc/apache2/conf-enabled/letsencrypt.conf'
    state: 'link'
  notify:
    - 'Reload apache2'
  when: ssl_certs_auto

- name: 'Create basic authentication file for admin (Apache2)'
  template:
    src: 'apache2/auth_admin.j2'
    dest: '/etc/apache2/auth_admin'
    owner: 'root'
    group: 'www-data'
    mode: '0640'

- name: 'Install PHPMyAdmin virtual host for Apache2 (sites-available)'
  template:
    src: 'apache2/pma_vhost.j2'
    dest: '/etc/apache2/sites-available/pma.conf'
    owner: 'root'
    group: 'root'
    mode: '0644'
  notify:
    - 'Reload apache2'
  when: with_phpmyadmin

- name: 'Install PHPMyAdmin virtual host for Apache2 (sites-enabled)'
  file:
    src: '/etc/apache2/sites-available/pma.conf'
    path: '/etc/apache2/sites-enabled/pma.conf'
    state: 'link'
  notify:
    - 'Reload apache2'
  when: with_phpmyadmin

- name: "Install PHPPgAdmin virtual host for Apache2 (sites-available)"
  template:
    src: 'apache2/pga_vhost.j2'
    dest: '/etc/apache2/sites-available/pga.conf'
    owner: 'root'
    group: 'root'
    mode: '0644'
  notify:
    - 'Reload apache2'
  when: with_phppgadmin

- name: 'Install PHPPgAdmin virtual host for Apache2 (sites-enabled)'
  file:
    src: '/etc/apache2/sites-available/pga.conf'
    path: '/etc/apache2/sites-enabled/pga.conf'
    state: 'link'
  notify:
    - 'Reload apache2'
  when: with_phppgadmin

- name: 'Install PHP system checks virtual host for Apache2 (sites-available)'
  template:
    src: 'apache2/sys_vhost.j2'
    dest: '/etc/apache2/sites-available/sys.conf'
    owner: 'root'
    group: 'root'
    mode: '0644'
  notify:
    - 'Reload apache2'
  when: with_php

- name: 'Install PHP system checks virtual host for Apache2 (sites-enabled)'
  file:
    src: '/etc/apache2/sites-available/sys.conf'
    path: '/etc/apache2/sites-enabled/sys.conf'
    state: 'link'
  notify:
    - 'Reload apache2'
  when: with_php

- name: 'Ensure apache2 is running'
  service:
    name: 'apache2'
    state: 'started'