ansible-roles/evolinux-base/tasks/default_www.yml

---
- name: /var/www is present
  ansible.builtin.file:
    path: /var/www
    state: directory
    mode: "0755"
  when: evolinux_default_www_files | bool

- name: images are copied
  ansible.builtin.copy:
    src: default_www/img
    dest: /var/www/
    mode: "0644"
    directory_mode: "0755"
    follow: yes
  when: evolinux_default_www_files | bool

- name: index is copied
  ansible.builtin.template:
    src: default_www/index.html.j2
    dest: /var/www/index.html
    mode: "0644"
    force: false
  when: evolinux_default_www_files | bool

# SSL cert

- name: Default certificate is present
  block:
    - name: Create private key and csr for default site ({{ ansible_fqdn }})
      ansible.builtin.command:
        cmd: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "/CN={{ ansible_fqdn }}"
      args:
        creates: "/etc/ssl/private/{{ ansible_fqdn }}.key"

    - name: Adjust rights on private key
      ansible.builtin.file:
        path: /etc/ssl/private/{{ ansible_fqdn }}.key
        owner: root
        group: ssl-cert
        mode: "0640"

    - name: Create certificate for default site
      ansible.builtin.command:
        cmd: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt
      args:
        creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"
  when: evolinux_default_www_ssl_cert | bool

- ansible.builtin.meta: flush_handlers
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00			`---`
			`- name: /var/www is present`
evolinux-base: syntax 2023-03-18 18:35:54 +01:00			`ansible.builtin.file:`
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00			`path: /var/www`
			`state: directory`
Unix mode MUST be a quoted string when using octal notation 2017-01-05 11:58:01 +01:00			`mode: "0755"`
Improve Ansible syntax replace « x \| changed » by « x is changed » add explicit « bool » filter use « length » filter instead of string comparison 2021-05-09 23:06:42 +02:00			`when: evolinux_default_www_files \| bool`
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00
			`- name: images are copied`
evolinux-base: syntax 2023-03-18 18:35:54 +01:00			`ansible.builtin.copy:`
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00			`src: default_www/img`
			`dest: /var/www/`
evolinux-base: have default_www files chmoded as 644 2017-12-13 15:44:16 +01:00			`mode: "0644"`
Unix mode MUST be a quoted string when using octal notation 2017-01-05 11:58:01 +01:00			`directory_mode: "0755"`
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00			`follow: yes`
Improve Ansible syntax replace « x \| changed » by « x is changed » add explicit « bool » filter use « length » filter instead of string comparison 2021-05-09 23:06:42 +02:00			`when: evolinux_default_www_files \| bool`
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00
			`- name: index is copied`
evolinux-base: syntax 2023-03-18 18:35:54 +01:00			`ansible.builtin.template:`
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00			`src: default_www/index.html.j2`
			`dest: /var/www/index.html`
evolinux-base: have default_www files chmoded as 644 2017-12-13 15:44:16 +01:00			`mode: "0644"`
force: [yes,no] → force [true,false] 2023-06-28 13:22:59 +02:00			`force: false`
Improve Ansible syntax replace « x \| changed » by « x is changed » add explicit « bool » filter use « length » filter instead of string comparison 2021-05-09 23:06:42 +02:00			`when: evolinux_default_www_files \| bool`
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00
			`# SSL cert`

Add names to many blocks 2019-12-31 16:56:03 +01:00			`- name: Default certificate is present`
			`block:`
			`- name: Create private key and csr for default site ({{ ansible_fqdn }})`
evolinux-base: syntax 2023-03-18 18:35:54 +01:00			`ansible.builtin.command:`
			`cmd: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "/CN={{ ansible_fqdn }}"`
Add names to many blocks 2019-12-31 16:56:03 +01:00			`args:`
			`creates: "/etc/ssl/private/{{ ansible_fqdn }}.key"`

			`- name: Adjust rights on private key`
evolinux-base: syntax 2023-03-18 18:35:54 +01:00			`ansible.builtin.file:`
Add names to many blocks 2019-12-31 16:56:03 +01:00			`path: /etc/ssl/private/{{ ansible_fqdn }}.key`
			`owner: root`
			`group: ssl-cert`
			`mode: "0640"`

			`- name: Create certificate for default site`
evolinux-base: syntax 2023-03-18 18:35:54 +01:00			`ansible.builtin.command:`
			`cmd: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt`
Add names to many blocks 2019-12-31 16:56:03 +01:00			`args:`
			`creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"`
Improve Ansible syntax replace « x \| changed » by « x is changed » add explicit « bool » filter use « length » filter instead of string comparison 2021-05-09 23:06:42 +02:00			`when: evolinux_default_www_ssl_cert \| bool`
Squash: conventions, evolinux, etc-git… 2016-11-07 14:00:57 +01:00
evolinux-base: syntax 2023-03-18 18:35:54 +01:00			`- ansible.builtin.meta: flush_handlers`