2016-11-07 14:00:57 +01:00
|
|
|
---
|
|
|
|
- name: /var/www is present
|
|
|
|
file:
|
|
|
|
path: /var/www
|
|
|
|
state: directory
|
|
|
|
mode: 0755
|
2017-01-03 16:37:23 +01:00
|
|
|
when: evolinux_default_www_files
|
2016-11-07 14:00:57 +01:00
|
|
|
|
|
|
|
- name: images are copied
|
|
|
|
copy:
|
|
|
|
src: default_www/img
|
|
|
|
dest: /var/www/
|
|
|
|
mode: 0755
|
|
|
|
directory_mode: 0755
|
|
|
|
follow: yes
|
2017-01-03 16:37:23 +01:00
|
|
|
when: evolinux_default_www_files
|
2016-11-07 14:00:57 +01:00
|
|
|
|
|
|
|
- name: index is copied
|
|
|
|
template:
|
|
|
|
src: default_www/index.html.j2
|
|
|
|
dest: /var/www/index.html
|
|
|
|
mode: 0755
|
2017-01-03 16:37:23 +01:00
|
|
|
when: evolinux_default_www_files
|
2016-11-07 14:00:57 +01:00
|
|
|
|
|
|
|
# SSL cert
|
|
|
|
|
2017-01-03 16:37:23 +01:00
|
|
|
- block:
|
|
|
|
- name: ssl-cert package is installed
|
|
|
|
apt:
|
|
|
|
name: ssl-cert
|
|
|
|
state: installed
|
2016-11-07 14:00:57 +01:00
|
|
|
|
2017-01-03 16:37:23 +01:00
|
|
|
- name: Create private key and csr for default site ({{ ansible_fqdn }})
|
|
|
|
command: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/{{ ansible_fqdn }}.csr -batch -subj "{{ evolinux_default_www_ssl_subject }}"
|
|
|
|
args:
|
|
|
|
creates: "/etc/ssl/private/{{ ansible_fqdn }}.key"
|
2016-11-07 14:00:57 +01:00
|
|
|
|
2017-01-03 16:37:23 +01:00
|
|
|
- name: Adjust rights on private key
|
|
|
|
file:
|
|
|
|
path: /etc/ssl/private/{{ ansible_fqdn }}.key
|
|
|
|
owner: root
|
|
|
|
group: ssl-cert
|
|
|
|
mode: 0640
|
2016-11-07 14:00:57 +01:00
|
|
|
|
2017-01-03 16:37:23 +01:00
|
|
|
- name: Create certificate for default site
|
|
|
|
command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ ansible_fqdn }}.csr -signkey /etc/ssl/private/{{ ansible_fqdn }}.key -out /etc/ssl/certs/{{ ansible_fqdn }}.crt
|
|
|
|
args:
|
|
|
|
creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"
|
|
|
|
when: evolinux_default_www_ssl_cert
|
2016-11-07 14:00:57 +01:00
|
|
|
|
|
|
|
# Nginx vhost
|
|
|
|
|
|
|
|
- name: is Nginx installed?
|
|
|
|
stat:
|
|
|
|
path: /etc/nginx/sites-available
|
|
|
|
register: nginx_sites_available
|
|
|
|
|
|
|
|
- block:
|
|
|
|
- name: nginx vhost is installed
|
|
|
|
template:
|
|
|
|
src: default_www/nginx_default_site.j2
|
|
|
|
dest: /etc/nginx/sites-available/000-default
|
|
|
|
mode: 0640
|
|
|
|
# force: yes
|
|
|
|
notify: reload nginx
|
|
|
|
tags:
|
2017-01-03 16:37:23 +01:00
|
|
|
- nginx
|
2016-11-07 14:00:57 +01:00
|
|
|
|
|
|
|
- name: nginx vhost is enabled
|
|
|
|
file:
|
|
|
|
src: /etc/nginx/sites-available/000-default
|
|
|
|
dest: /etc/nginx/sites-enabled/000-default
|
|
|
|
state: link
|
|
|
|
notify: reload nginx
|
|
|
|
when: evolinux_default_www_nginx_enabled
|
|
|
|
tags:
|
2017-01-03 16:37:23 +01:00
|
|
|
- nginx
|
2016-11-07 14:00:57 +01:00
|
|
|
|
2017-01-03 16:37:23 +01:00
|
|
|
when: evolinux_default_www_nginx_vhost and nginx_sites_available.stat.exists
|
2016-11-07 14:00:57 +01:00
|
|
|
|
|
|
|
|
|
|
|
# Apache vhost
|
|
|
|
|
|
|
|
- name: is Apache installed?
|
|
|
|
stat:
|
|
|
|
path: /etc/apache2/sites-available
|
|
|
|
register: apache_sites_available
|
|
|
|
|
|
|
|
- block:
|
|
|
|
- name: Apache vhost is installed
|
|
|
|
template:
|
|
|
|
src: default_www/apache_default_site.j2
|
|
|
|
dest: /etc/apache2/sites-available/000-default
|
|
|
|
mode: 0640
|
|
|
|
# force: yes
|
|
|
|
notify: reload apache
|
|
|
|
tags:
|
2017-01-03 16:37:23 +01:00
|
|
|
- apache
|
2016-11-07 14:00:57 +01:00
|
|
|
|
|
|
|
- name: Apache vhost is enabled
|
|
|
|
file:
|
|
|
|
src: /etc/apache2/sites-available/000-default
|
|
|
|
dest: /etc/apache2/sites-enabled/000-default
|
|
|
|
state: link
|
|
|
|
notify: reload apache
|
|
|
|
when: evolinux_default_www_apache_enabled
|
|
|
|
tags:
|
2017-01-03 16:37:23 +01:00
|
|
|
- apache
|
2016-11-07 14:00:57 +01:00
|
|
|
|
2017-01-03 16:37:23 +01:00
|
|
|
when: evolinux_default_www_apache_vhost and apache_sites_available.stat.exists
|
2017-01-03 17:02:23 +01:00
|
|
|
|
|
|
|
- meta: flush_handlers
|