2017-07-13 14:09:24 +02:00
|
|
|
---
|
|
|
|
|
2017-08-18 03:31:46 +02:00
|
|
|
- name: packages are installed (Debian 9 or later)
|
2016-10-11 03:58:51 +02:00
|
|
|
apt:
|
2019-12-31 15:25:10 +01:00
|
|
|
name:
|
|
|
|
- apache2
|
|
|
|
- libapache2-mod-evasive
|
|
|
|
- apachetop
|
|
|
|
- libwww-perl
|
2016-11-04 22:15:13 +01:00
|
|
|
state: present
|
2017-07-13 14:09:24 +02:00
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
|
|
|
- packages
|
2020-02-25 10:45:35 +01:00
|
|
|
when: ansible_distribution_major_version is version('9', '>=')
|
2017-07-13 14:09:24 +02:00
|
|
|
|
2021-04-19 17:35:49 +02:00
|
|
|
- name: itk package is installed if required (Debian 9 or later)
|
|
|
|
apt:
|
|
|
|
name:
|
|
|
|
- libapache2-mpm-itk
|
|
|
|
state: present
|
|
|
|
tags:
|
|
|
|
- apache
|
|
|
|
- packages
|
|
|
|
when:
|
|
|
|
- ansible_distribution_major_version is version('9', '>=')
|
|
|
|
- apache_mpm == "itk"
|
|
|
|
|
2017-07-22 22:40:31 +02:00
|
|
|
- name: packages are installed (jessie)
|
2017-07-13 14:09:24 +02:00
|
|
|
apt:
|
2019-12-31 15:25:10 +01:00
|
|
|
name:
|
|
|
|
- apache2-mpm-itk
|
|
|
|
- libapache2-mod-evasive
|
|
|
|
- apachetop
|
|
|
|
- libwww-perl
|
2017-07-13 14:09:24 +02:00
|
|
|
state: present
|
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
|
|
|
- packages
|
2017-07-22 22:40:31 +02:00
|
|
|
when: ansible_distribution_release == "jessie"
|
2017-07-13 14:09:24 +02:00
|
|
|
|
2016-11-07 14:00:57 +01:00
|
|
|
- name: basic modules are enabled
|
2016-11-04 22:15:13 +01:00
|
|
|
apache2_module:
|
|
|
|
name: '{{ item }}'
|
|
|
|
state: present
|
|
|
|
with_items:
|
2018-01-02 19:38:12 +01:00
|
|
|
- rewrite
|
|
|
|
- expires
|
|
|
|
- headers
|
|
|
|
- ssl
|
|
|
|
- include
|
|
|
|
- negotiation
|
|
|
|
- alias
|
2017-07-28 21:24:26 +02:00
|
|
|
notify: reload apache
|
2016-11-07 14:00:57 +01:00
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2016-10-11 15:46:35 +02:00
|
|
|
|
2021-04-19 17:35:49 +02:00
|
|
|
- name: basic modules are enabled
|
|
|
|
apache2_module:
|
|
|
|
name: '{{ item }}'
|
|
|
|
state: present
|
|
|
|
with_items:
|
|
|
|
- cgi
|
|
|
|
notify: reload apache
|
|
|
|
when: apache_mpm == "prefork" or apache_mpm == "itk"
|
|
|
|
tags:
|
|
|
|
- apache
|
|
|
|
|
|
|
|
|
2016-11-07 14:00:57 +01:00
|
|
|
- name: Copy Apache defaults config file
|
2016-11-04 22:15:13 +01:00
|
|
|
copy:
|
2016-11-07 14:00:57 +01:00
|
|
|
src: evolinux-defaults.conf
|
2016-12-22 19:02:05 +01:00
|
|
|
dest: "/etc/apache2/conf-available/z-evolinux-defaults.conf"
|
2016-11-04 22:15:13 +01:00
|
|
|
owner: root
|
|
|
|
group: root
|
2017-07-22 22:40:31 +02:00
|
|
|
mode: "0640"
|
2017-07-18 15:37:31 +02:00
|
|
|
force: yes
|
2017-07-28 21:24:26 +02:00
|
|
|
notify: reload apache
|
2017-07-18 15:37:31 +02:00
|
|
|
tags:
|
|
|
|
- apache
|
|
|
|
|
2016-11-07 14:00:57 +01:00
|
|
|
- name: Copy Apache custom config file
|
2017-03-03 12:21:17 +01:00
|
|
|
copy:
|
|
|
|
src: evolinux-custom.conf
|
2016-12-22 19:02:05 +01:00
|
|
|
dest: "/etc/apache2/conf-available/zzz-evolinux-custom.conf"
|
2016-11-07 14:00:57 +01:00
|
|
|
owner: root
|
|
|
|
group: root
|
2017-07-22 22:40:31 +02:00
|
|
|
mode: "0640"
|
2017-03-21 17:35:42 +01:00
|
|
|
force: no
|
2017-07-28 21:24:26 +02:00
|
|
|
notify: reload apache
|
2017-03-21 17:35:42 +01:00
|
|
|
tags:
|
|
|
|
- apache
|
|
|
|
|
2017-07-28 21:28:19 +02:00
|
|
|
- name: disable status.conf
|
|
|
|
file:
|
|
|
|
dest: /etc/apache2/mods-enabled/status.conf
|
|
|
|
state: absent
|
|
|
|
notify: reload apache
|
2018-01-02 19:38:12 +01:00
|
|
|
tags:
|
|
|
|
- apache
|
2017-07-28 21:28:19 +02:00
|
|
|
|
2016-11-07 14:00:57 +01:00
|
|
|
- name: Ensure Apache config files are enabled
|
|
|
|
command: "a2enconf {{ item }}"
|
2016-11-04 22:15:13 +01:00
|
|
|
register: command_result
|
|
|
|
changed_when: "'Enabling' in command_result.stderr"
|
2016-11-07 14:00:57 +01:00
|
|
|
with_items:
|
2018-01-02 19:38:12 +01:00
|
|
|
- z-evolinux-defaults.conf
|
|
|
|
- zzz-evolinux-custom.conf
|
2017-07-28 21:24:26 +02:00
|
|
|
notify: reload apache
|
2016-11-07 14:00:57 +01:00
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2016-10-11 03:58:51 +02:00
|
|
|
|
2017-07-13 14:09:24 +02:00
|
|
|
- include: auth.yml
|
2018-01-02 19:38:12 +01:00
|
|
|
tags:
|
|
|
|
- apache
|
2016-11-07 14:00:57 +01:00
|
|
|
|
2017-07-05 18:22:00 +02:00
|
|
|
- name: default vhost is installed
|
|
|
|
template:
|
|
|
|
src: evolinux-default.conf.j2
|
|
|
|
dest: /etc/apache2/sites-available/000-evolinux-default.conf
|
|
|
|
mode: "0640"
|
2017-09-07 02:25:16 +02:00
|
|
|
force: no
|
2017-07-05 18:22:00 +02:00
|
|
|
notify: reload apache
|
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2017-07-05 18:22:00 +02:00
|
|
|
|
|
|
|
- name: default vhost is enabled
|
|
|
|
file:
|
|
|
|
src: /etc/apache2/sites-available/000-evolinux-default.conf
|
|
|
|
dest: /etc/apache2/sites-enabled/000-default.conf
|
|
|
|
state: link
|
|
|
|
force: yes
|
|
|
|
notify: reload apache
|
|
|
|
when: apache_evolinux_default_enabled
|
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2017-07-05 18:22:00 +02:00
|
|
|
|
2019-05-02 12:16:36 +02:00
|
|
|
- include: server_status.yml
|
|
|
|
tags:
|
|
|
|
- apache
|
|
|
|
|
2016-11-07 14:00:57 +01:00
|
|
|
- name: is umask already present?
|
|
|
|
command: "grep -E '^umask ' /etc/apache2/envvars"
|
|
|
|
failed_when: False
|
|
|
|
changed_when: False
|
|
|
|
register: envvar_grep_umask
|
2017-03-24 14:15:09 +01:00
|
|
|
check_mode: no
|
2016-11-07 14:00:57 +01:00
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2016-10-11 15:46:35 +02:00
|
|
|
|
2016-11-04 22:15:13 +01:00
|
|
|
- name: Add a mark in envvars for umask
|
2016-10-11 15:46:35 +02:00
|
|
|
blockinfile:
|
|
|
|
dest: /etc/apache2/envvars
|
2016-11-07 14:00:57 +01:00
|
|
|
marker: "## {mark} ANSIBLE MANAGED BLOCK"
|
2016-10-11 15:46:35 +02:00
|
|
|
block: |
|
|
|
|
## Set umask for writing by Apache user.
|
|
|
|
## Set rights on files and directories written by Apache
|
2016-11-07 14:00:57 +01:00
|
|
|
umask 007
|
|
|
|
when: envvar_grep_umask.rc != 0
|
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2017-07-13 14:09:24 +02:00
|
|
|
|
2017-11-07 12:18:02 +01:00
|
|
|
- include_role:
|
2019-11-29 14:00:25 +01:00
|
|
|
name: evolix/remount-usr
|
2017-11-07 12:18:02 +01:00
|
|
|
tags:
|
2018-01-02 19:38:12 +01:00
|
|
|
- apache
|
2017-10-07 11:55:02 +02:00
|
|
|
|
2018-01-18 17:08:29 +01:00
|
|
|
- name: /usr/share/scripts exists
|
|
|
|
file:
|
|
|
|
dest: /usr/share/scripts
|
|
|
|
mode: "0700"
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
state: directory
|
|
|
|
tags:
|
|
|
|
- apache
|
|
|
|
|
2017-10-07 11:55:02 +02:00
|
|
|
- name: "Install save_apache_status.sh"
|
|
|
|
copy:
|
|
|
|
src: save_apache_status.sh
|
|
|
|
dest: /usr/share/scripts/save_apache_status.sh
|
|
|
|
mode: "0755"
|
|
|
|
force: no
|
2018-01-02 19:38:12 +01:00
|
|
|
tags:
|
|
|
|
- apache
|
2017-10-07 11:55:02 +02:00
|
|
|
|
2021-01-05 17:47:56 +01:00
|
|
|
- name: "logrotate: {{ apache_logrotate_frequency }}"
|
2018-04-22 17:44:37 +02:00
|
|
|
replace:
|
|
|
|
dest: /etc/logrotate.d/apache2
|
|
|
|
regexp: "(daily|weekly|monthly)"
|
2021-01-05 17:47:56 +01:00
|
|
|
replace: "{{ apache_logrotate_frequency }}"
|
2018-04-22 17:44:37 +02:00
|
|
|
tags:
|
|
|
|
- apache
|
|
|
|
|
2021-01-05 17:47:56 +01:00
|
|
|
- name: "logrotate: rotate {{ apache_logrotate_rotate }}"
|
2018-04-22 17:44:37 +02:00
|
|
|
replace:
|
|
|
|
dest: /etc/logrotate.d/apache2
|
2018-08-23 13:02:25 +02:00
|
|
|
regexp: '^(\s+rotate) \d+$'
|
2021-01-05 17:47:56 +01:00
|
|
|
replace: '\1 {{ apache_logrotate_rotate }}'
|
2018-04-22 17:44:37 +02:00
|
|
|
tags:
|
|
|
|
- apache
|
|
|
|
|
2017-08-12 18:51:28 +02:00
|
|
|
- include: log2mail.yml
|
|
|
|
when: apache_log2mail_include
|
2018-01-02 19:38:12 +01:00
|
|
|
tags:
|
|
|
|
- apache
|
2017-08-12 18:51:28 +02:00
|
|
|
|
2017-08-12 18:51:15 +02:00
|
|
|
- include: munin.yml
|
|
|
|
when: apache_munin_include
|
2018-01-02 19:38:12 +01:00
|
|
|
tags:
|
|
|
|
- apache
|