2017-07-13 14:09:24 +02:00
|
|
|
---
|
|
|
|
|
2017-08-18 02:31:41 +02:00
|
|
|
- name: Init ipaddr_whitelist.conf file
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.copy:
|
2017-10-07 13:48:04 +02:00
|
|
|
src: ipaddr_whitelist.conf
|
2017-08-18 02:31:41 +02:00
|
|
|
dest: /etc/apache2/ipaddr_whitelist.conf
|
2017-07-13 14:09:24 +02:00
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: "0640"
|
2023-06-28 13:22:59 +02:00
|
|
|
force: false
|
2017-07-13 14:09:24 +02:00
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2021-05-13 15:23:05 +02:00
|
|
|
|
2018-10-29 21:53:46 +01:00
|
|
|
- name: Load IP whitelist task
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.import_tasks: ip_whitelist.yml
|
2017-07-13 14:09:24 +02:00
|
|
|
|
|
|
|
- name: include private IP whitelist for server-status
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.lineinfile:
|
2017-07-13 14:09:24 +02:00
|
|
|
dest: /etc/apache2/mods-available/status.conf
|
2017-08-18 02:31:41 +02:00
|
|
|
line: " include /etc/apache2/ipaddr_whitelist.conf"
|
2017-07-13 14:09:24 +02:00
|
|
|
insertafter: 'SetHandler server-status'
|
|
|
|
state: present
|
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2017-07-13 14:09:24 +02:00
|
|
|
|
|
|
|
- name: Copy private_htpasswd
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.copy:
|
2017-07-13 14:09:24 +02:00
|
|
|
src: private_htpasswd
|
|
|
|
dest: /etc/apache2/private_htpasswd
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: "0640"
|
2023-06-28 13:22:59 +02:00
|
|
|
force: false
|
2017-07-13 14:09:24 +02:00
|
|
|
notify: reload apache
|
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2017-07-13 14:09:24 +02:00
|
|
|
|
|
|
|
- name: add user:pwd to private htpasswd
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.lineinfile:
|
2017-07-13 14:09:24 +02:00
|
|
|
dest: /etc/apache2/private_htpasswd
|
|
|
|
line: "{{ item }}"
|
|
|
|
state: present
|
2021-05-04 14:18:40 +02:00
|
|
|
loop: "{{ apache_private_htpasswd_present }}"
|
2017-07-13 14:09:24 +02:00
|
|
|
notify: reload apache
|
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2017-07-13 14:09:24 +02:00
|
|
|
|
|
|
|
- name: remove user:pwd from private htpasswd
|
2023-03-20 23:33:19 +01:00
|
|
|
ansible.builtin.lineinfile:
|
2017-07-13 14:09:24 +02:00
|
|
|
dest: /etc/apache2/private_htpasswd
|
|
|
|
line: "{{ item }}"
|
|
|
|
state: absent
|
2021-05-04 14:18:40 +02:00
|
|
|
loop: "{{ apache_private_htpasswd_absent }}"
|
2017-07-13 14:09:24 +02:00
|
|
|
notify: reload apache
|
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|