diff options
author | Michael Scherer <misc@ephaone.org> | 2014-10-15 16:55:11 -0400 |
---|---|---|
committer | Michael Scherer <misc@ephaone.org> | 2014-10-15 16:55:11 -0400 |
commit | dd06fb0a56feba126cce5ef75e84e23eb72fe7aa (patch) | |
tree | f20f7774e7d7ce6ec22eeb8d62e510842c613733 /roles/httpd/tasks | |
parent | 56599284ed73be3661796003d89c3ed73aa24cbd (diff) |
Add playbook and httpd and the rest
Diffstat (limited to 'roles/httpd/tasks')
-rw-r--r-- | roles/httpd/tasks/main.yml | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml new file mode 100644 index 0000000..b1e7342 --- /dev/null +++ b/roles/httpd/tasks/main.yml @@ -0,0 +1,51 @@ +--- +- yum: name={{ item }} state=installed + with_items: + - python-passlib + - httpd + - mod_ssl + +- service: name=httpd state=started enabled=yes + +- copy: src={{ item }} dest=/etc/httpd/conf.d/{{ item }} owner=root group=apache mode=0644 + with_items: + - name_vhost.conf + - mod_filter.conf + - remove_sslv3.conf + notify: restart httpd + +- template: src=vhost.conf dest=/etc/httpd/conf.d/{{ website_url }}.conf owner=root group=apache mode=0644 + notify: restart httpd + when: document_root is defined + +- template: src=vhost_redirect.conf dest=/etc/httpd/conf.d/{{ website_url }}.conf owner=root group=apache mode=0644 + notify: restart httpd + when: redirect is defined + +- file: state=directory path={{ document_root }} setype=httpd_sys_content_t owner=root mode=755 group=root + when: document_root is defined + +- file: path=/etc/httpd/conf.d/{{ website_url }}.conf.d/ state=directory + when: website_url is defined + +# needed for newer apache, who requires at least 1 file for include +- file: path=/etc/httpd/conf.d/{{ website_url }}.conf.d/placeholder.conf state=touch + when: website_url is defined + +- file: path=/etc/httpd/conf.d/password_protection.conf state=absent + notify: restart httpd + +- htpasswd: path=/etc/httpd/{{ website_url }}.htpasswd name={{ website_user }} password={{ website_password }} owner=root group=apache mode=0640 + when: website_user is defined + +- shell: lokkit -s {{ item }} + with_items: + - http + - https + when: ansible_distribution_major_version == '6' and (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat') + +- firewalld: service={{ item }} permanent=true state=enabled + with_items: + - http + - https + when: ansible_distribution == 'Fedora' or ansible_distribution_major_version == '7' |