apache2.yml 4.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215
  1. - name: 'Install Apache2 packages'
  2. apt:
  3. pkg:
  4. - 'apache2'
  5. state: 'present'
  6. tags:
  7. - 'web'
  8. - 'apache2'
  9. - name: 'Enable Apache2 default modules'
  10. apache2_module:
  11. name: '{{ item }}'
  12. state: 'present'
  13. with_items:
  14. - 'ssl'
  15. - 'rewrite'
  16. - 'expires'
  17. - 'headers'
  18. tags:
  19. - 'web'
  20. - 'apache2'
  21. - name: 'Enable Apache2 default modules (Debian >= 9)'
  22. apache2_module:
  23. name: '{{ item }}'
  24. state: 'present'
  25. with_items:
  26. - 'http2'
  27. when: ansible_lsb.major_release|int >= 9
  28. tags:
  29. - 'web'
  30. - 'apache2'
  31. - name: 'Install logrotate configuration for Apache2'
  32. template:
  33. src: 'logrotate/apache2.j2'
  34. dest: '/etc/logrotate.d/apache2'
  35. owner: 'root'
  36. group: 'root'
  37. mode: '0644'
  38. tags:
  39. - 'web'
  40. - 'apache2'
  41. - name: 'Install SSL vhost configuration for Apache2'
  42. template:
  43. src: 'apache2/vhost_ssl.j2'
  44. dest: '/etc/apache2/vhost_ssl-{{ item }}.conf'
  45. owner: 'root'
  46. group: 'root'
  47. mode: '0644'
  48. with_items: '{{ ssl_certs }}'
  49. notify:
  50. - 'Reload apache2'
  51. when: ssl_certs|length > 0
  52. tags:
  53. - 'web'
  54. - 'apache2'
  55. - name: 'Install SSL vhost configuration for Apache2 (Lets Encrypt certificates)'
  56. template:
  57. src: 'apache2/vhost_ssl_auto.j2'
  58. dest: '/etc/apache2/vhost_ssl_auto-{{ item.split(" ")[0] }}.conf'
  59. owner: 'root'
  60. group: 'root'
  61. mode: '0644'
  62. with_items: '{{ ssl_certs_auto }}'
  63. notify:
  64. - 'Reload apache2'
  65. when: ssl_certs_auto|length > 0
  66. tags:
  67. - 'web'
  68. - 'apache2'
  69. - name: 'Install Apache2 basic security configuration (Debian < 8)'
  70. template:
  71. src: 'apache2/conf.d/security.j2'
  72. dest: '/etc/apache2/conf.d/security'
  73. owner: 'root'
  74. group: 'root'
  75. mode: '0644'
  76. notify:
  77. - 'Reload apache2'
  78. when: ansible_lsb.major_release|int < 8
  79. tags:
  80. - 'web'
  81. - 'apache2'
  82. - name: 'Install Apache2 basic security configuration (Debian >= 8)'
  83. template:
  84. src: 'apache2/conf.d/security.j2'
  85. dest: '/etc/apache2/conf-available/security.conf'
  86. owner: 'root'
  87. group: 'root'
  88. mode: '0644'
  89. notify:
  90. - 'Reload apache2'
  91. when: ansible_lsb.major_release|int >= 8
  92. tags:
  93. - 'web'
  94. - 'apache2'
  95. - name: 'Install Lets Encrypt configuration for Apache2 (conf-available)'
  96. template:
  97. src: 'apache2/letsencrypt.j2'
  98. dest: '/etc/apache2/conf-available/letsencrypt.conf'
  99. owner: 'root'
  100. group: 'root'
  101. mode: '0644'
  102. notify:
  103. - 'Reload apache2'
  104. when: ssl_certs_auto|length > 0
  105. tags:
  106. - 'web'
  107. - 'apache2'
  108. - name: 'Create basic authentication file for admin (Apache2)'
  109. template:
  110. src: 'apache2/auth_admin.j2'
  111. dest: '/etc/apache2/auth_admin'
  112. owner: 'root'
  113. group: 'www-data'
  114. mode: '0640'
  115. when: http_auth_admin_password is defined and http_auth_admin_password
  116. tags:
  117. - 'web'
  118. - 'apache2'
  119. - name: 'Install PHPMyAdmin virtual host for Apache2 (sites-available)'
  120. template:
  121. src: 'apache2/pma_vhost.j2'
  122. dest: '/etc/apache2/sites-available/pma.conf'
  123. owner: 'root'
  124. group: 'root'
  125. mode: '0644'
  126. notify:
  127. - 'Reload apache2'
  128. when: with_phpmyadmin|bool
  129. tags:
  130. - 'web'
  131. - 'apache2'
  132. - name: 'Install PHPMyAdmin virtual host for Apache2 (sites-enabled)'
  133. file:
  134. src: '/etc/apache2/sites-available/pma.conf'
  135. path: '/etc/apache2/sites-enabled/pma.conf'
  136. state: 'link'
  137. notify:
  138. - 'Reload apache2'
  139. when: with_phpmyadmin|bool
  140. tags:
  141. - 'web'
  142. - 'apache2'
  143. - name: "Install PHPPgAdmin virtual host for Apache2 (sites-available)"
  144. template:
  145. src: 'apache2/pga_vhost.j2'
  146. dest: '/etc/apache2/sites-available/pga.conf'
  147. owner: 'root'
  148. group: 'root'
  149. mode: '0644'
  150. notify:
  151. - 'Reload apache2'
  152. when: with_phppgadmin|bool
  153. tags:
  154. - 'web'
  155. - 'apache2'
  156. - name: 'Install PHPPgAdmin virtual host for Apache2 (sites-enabled)'
  157. file:
  158. src: '/etc/apache2/sites-available/pga.conf'
  159. path: '/etc/apache2/sites-enabled/pga.conf'
  160. state: 'link'
  161. notify:
  162. - 'Reload apache2'
  163. when: with_phppgadmin|bool
  164. tags:
  165. - 'web'
  166. - 'apache2'
  167. - name: 'Install PHP system checks virtual host for Apache2 (sites-available)'
  168. template:
  169. src: 'apache2/sys_vhost.j2'
  170. dest: '/etc/apache2/sites-available/sys.conf'
  171. owner: 'root'
  172. group: 'root'
  173. mode: '0644'
  174. notify:
  175. - 'Reload apache2'
  176. when: with_php|bool
  177. tags:
  178. - 'web'
  179. - 'apache2'
  180. - name: 'Install PHP system checks virtual host for Apache2 (sites-enabled)'
  181. file:
  182. src: '/etc/apache2/sites-available/sys.conf'
  183. path: '/etc/apache2/sites-enabled/sys.conf'
  184. state: 'link'
  185. notify:
  186. - 'Reload apache2'
  187. when: with_php|bool
  188. tags:
  189. - 'web'
  190. - 'apache2'
  191. - name: 'Ensure apache2 is running'
  192. service:
  193. name: 'apache2'
  194. state: 'started'
  195. tags:
  196. - 'web'
  197. - 'apache2'
  198. # vim: ft=yaml.ansible