---
- yum: name={{ item }} state=installed
  with_items:
  - python-passlib
  - httpd
  - mod_ssl

- service: name=httpd state=started enabled=yes

- copy: src={{ item }} dest=/etc/httpd/conf.d/{{ item }} owner=root group=apache mode=0644
  with_items:
  - name_vhost.conf
  - mod_filter.conf
  - remove_sslv3.conf
  notify: restart httpd

- template: src=vhost.conf dest=/etc/httpd/conf.d/{{ website_url }}.conf owner=root group=apache mode=0644
  notify: restart httpd
  when: document_root is defined

- template: src=vhost_redirect.conf dest=/etc/httpd/conf.d/{{ website_url }}.conf owner=root group=apache mode=0644
  notify: restart httpd
  when: redirect is defined

- file: state=directory path={{ document_root }} setype=httpd_sys_content_t owner=root mode=755 group=root
  when: document_root is defined

- file:  path=/etc/httpd/conf.d/{{ website_url }}.conf.d/ state=directory
  when: website_url is defined

# needed for newer apache, who requires at least 1 file for include
- file:  path=/etc/httpd/conf.d/{{ website_url }}.conf.d/placeholder.conf state=touch
  when: website_url is defined

- file: path=/etc/httpd/conf.d/password_protection.conf state=absent
  notify: restart httpd

- htpasswd: path=/etc/httpd/{{ website_url }}.htpasswd name={{ website_user }} password={{ website_password }} owner=root group=apache mode=0640
  when: website_user is defined

- shell: lokkit -s {{ item }}
  with_items:
  - http
  - https
  when: ansible_distribution_major_version == '6' and (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat')

- firewalld: service={{ item }} permanent=true state=enabled
  with_items:
  - http
  - https
  when: ansible_distribution == 'Fedora' or ansible_distribution_major_version == '7'