summaryrefslogtreecommitdiffstats
path: root/roles/httpd/tasks
diff options
context:
space:
mode:
authorMichael Scherer <misc@ephaone.org>2014-10-15 16:55:11 -0400
committerMichael Scherer <misc@ephaone.org>2014-10-15 16:55:11 -0400
commitdd06fb0a56feba126cce5ef75e84e23eb72fe7aa (patch)
treef20f7774e7d7ce6ec22eeb8d62e510842c613733 /roles/httpd/tasks
parent56599284ed73be3661796003d89c3ed73aa24cbd (diff)
Add playbook and httpd and the rest
Diffstat (limited to 'roles/httpd/tasks')
-rw-r--r--roles/httpd/tasks/main.yml51
1 files changed, 51 insertions, 0 deletions
diff --git a/roles/httpd/tasks/main.yml b/roles/httpd/tasks/main.yml
new file mode 100644
index 0000000..b1e7342
--- /dev/null
+++ b/roles/httpd/tasks/main.yml
@@ -0,0 +1,51 @@
+---
+- yum: name={{ item }} state=installed
+ with_items:
+ - python-passlib
+ - httpd
+ - mod_ssl
+
+- service: name=httpd state=started enabled=yes
+
+- copy: src={{ item }} dest=/etc/httpd/conf.d/{{ item }} owner=root group=apache mode=0644
+ with_items:
+ - name_vhost.conf
+ - mod_filter.conf
+ - remove_sslv3.conf
+ notify: restart httpd
+
+- template: src=vhost.conf dest=/etc/httpd/conf.d/{{ website_url }}.conf owner=root group=apache mode=0644
+ notify: restart httpd
+ when: document_root is defined
+
+- template: src=vhost_redirect.conf dest=/etc/httpd/conf.d/{{ website_url }}.conf owner=root group=apache mode=0644
+ notify: restart httpd
+ when: redirect is defined
+
+- file: state=directory path={{ document_root }} setype=httpd_sys_content_t owner=root mode=755 group=root
+ when: document_root is defined
+
+- file: path=/etc/httpd/conf.d/{{ website_url }}.conf.d/ state=directory
+ when: website_url is defined
+
+# needed for newer apache, who requires at least 1 file for include
+- file: path=/etc/httpd/conf.d/{{ website_url }}.conf.d/placeholder.conf state=touch
+ when: website_url is defined
+
+- file: path=/etc/httpd/conf.d/password_protection.conf state=absent
+ notify: restart httpd
+
+- htpasswd: path=/etc/httpd/{{ website_url }}.htpasswd name={{ website_user }} password={{ website_password }} owner=root group=apache mode=0640
+ when: website_user is defined
+
+- shell: lokkit -s {{ item }}
+ with_items:
+ - http
+ - https
+ when: ansible_distribution_major_version == '6' and (ansible_distribution == 'CentOS' or ansible_distribution == 'RedHat')
+
+- firewalld: service={{ item }} permanent=true state=enabled
+ with_items:
+ - http
+ - https
+ when: ansible_distribution == 'Fedora' or ansible_distribution_major_version == '7'