Split default vhost into nginx ad apache roles
This commit is contained in:
parent
de37aac243
commit
0e0bc1cbbd
|
@ -4,3 +4,9 @@ apache_private_ipaddr_whitelist_absent: []
|
|||
|
||||
apache_private_htpasswd_present: []
|
||||
apache_private_htpasswd_absent: []
|
||||
|
||||
apache_default_redirect_url: "http://evolix.fr"
|
||||
apache_evolinux_default_enabled: True
|
||||
|
||||
apache_phpmyadmin_suffix: "{{ lookup('env', 'RANDOM') }}"
|
||||
apache_serverstatus_suffix: "{{ lookup('env', 'RANDOM') }}"
|
||||
|
|
|
@ -152,6 +152,39 @@
|
|||
tags:
|
||||
- apache
|
||||
|
||||
- name: default vhost is installed
|
||||
template:
|
||||
src: evolinux-default.conf.j2
|
||||
dest: /etc/apache2/sites-available/000-evolinux-default.conf
|
||||
mode: "0640"
|
||||
# force: yes
|
||||
notify: reload apache
|
||||
tags:
|
||||
- apache
|
||||
|
||||
- name: default vhost is enabled
|
||||
file:
|
||||
src: /etc/apache2/sites-available/000-evolinux-default.conf
|
||||
dest: /etc/apache2/sites-enabled/000-default.conf
|
||||
state: link
|
||||
force: yes
|
||||
notify: reload apache
|
||||
when: apache_evolinux_default_enabled
|
||||
tags:
|
||||
- apache
|
||||
|
||||
- name: replace phpmyadmin suffix in default site index
|
||||
replace:
|
||||
dest: /var/www/index.html
|
||||
regexp: '__PHPMYADMIN_SUFFIX__'
|
||||
replace: "{{ apache_phpmyadmin_suffix }}"
|
||||
|
||||
- name: replace server-status suffix in default site index
|
||||
replace:
|
||||
dest: /var/www/index.html
|
||||
regexp: '__SERVERSTATUS_SUFFIX__'
|
||||
replace: "{{ apache_serverstatus_suffix }}"
|
||||
|
||||
- name: is umask already present?
|
||||
command: "grep -E '^umask ' /etc/apache2/envvars"
|
||||
failed_when: False
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
# Redirect to HTTPS, execpt for server-status, because Munin plugin
|
||||
# can't handle HTTPS! :(
|
||||
RewriteEngine on
|
||||
RewriteCond %{HTTPS} !=on
|
||||
RewriteCond %{REQUEST_URI} !^/server-status.*$ [NC]
|
||||
RewriteCond %{REQUEST_URI} !^/munin_opcache.php$ [NC]
|
||||
RewriteRule ^/(.*) https://{{ ansible_fqdn }}/$1 [L,R=permanent]
|
||||
|
@ -39,13 +40,13 @@
|
|||
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
|
||||
</Directory>
|
||||
|
||||
ErrorDocument 403 {{ evolinux_default_www_redirect_url }}
|
||||
ErrorDocument 403 {{ apache_default_redirect_url }}
|
||||
CustomLog /var/log/apache2/access.log vhost_combined
|
||||
ErrorLog /var/log/apache2/error.log
|
||||
LogLevel warn
|
||||
|
||||
Alias /munin /var/cache/munin/www
|
||||
Alias /phpmyadmin-SED_RANDOM /usr/share/phpmyadmin/
|
||||
Alias /phpmyadmin-{{ apache_phpmyadmin_suffix }} /usr/share/phpmyadmin/
|
||||
IncludeOptional /etc/apache2/conf-available/phpmyadmin*
|
||||
|
||||
<Files ~ "\.(inc|bak)$">
|
|
@ -135,14 +135,6 @@ evolinux_default_www_files: True
|
|||
evolinux_default_www_ssl_cert: True
|
||||
evolinux_default_www_ssl_subject: "/CN={{ ansible_fqdn }}"
|
||||
|
||||
evolinux_default_www_nginx_vhost: True
|
||||
evolinux_default_www_nginx_enabled: False
|
||||
|
||||
evolinux_default_www_apache_vhost: True
|
||||
evolinux_default_www_apache_enabled: False
|
||||
|
||||
evolinux_default_www_redirect_url: "http://evolix.fr"
|
||||
|
||||
# hardware
|
||||
|
||||
evolinux_hardware_include: True
|
||||
|
|
|
@ -48,67 +48,4 @@
|
|||
creates: "/etc/ssl/certs/{{ ansible_fqdn }}.crt"
|
||||
when: evolinux_default_www_ssl_cert
|
||||
|
||||
# Nginx vhost
|
||||
|
||||
- name: is Nginx installed?
|
||||
stat:
|
||||
path: /etc/nginx/sites-available
|
||||
check_mode: no
|
||||
register: nginx_sites_available
|
||||
|
||||
- block:
|
||||
- name: nginx vhost is installed
|
||||
template:
|
||||
src: default_www/nginx_default_site.j2
|
||||
dest: /etc/nginx/sites-available/000-default
|
||||
mode: "0640"
|
||||
# force: yes
|
||||
notify: reload nginx
|
||||
tags:
|
||||
- nginx
|
||||
|
||||
- name: nginx vhost is enabled
|
||||
file:
|
||||
src: /etc/nginx/sites-available/000-default
|
||||
dest: /etc/nginx/sites-enabled/000-default
|
||||
state: link
|
||||
notify: reload nginx
|
||||
when: evolinux_default_www_nginx_enabled
|
||||
tags:
|
||||
- nginx
|
||||
|
||||
when: evolinux_default_www_nginx_vhost and nginx_sites_available.stat.exists
|
||||
|
||||
|
||||
# Apache vhost
|
||||
|
||||
- name: is Apache installed?
|
||||
stat:
|
||||
path: /etc/apache2/sites-available
|
||||
check_mode: no
|
||||
register: apache_sites_available
|
||||
|
||||
- block:
|
||||
- name: Apache vhost is installed
|
||||
template:
|
||||
src: default_www/apache_default_site.j2
|
||||
dest: /etc/apache2/sites-available/000-evolinux-default.conf
|
||||
mode: "0640"
|
||||
# force: yes
|
||||
notify: reload apache
|
||||
tags:
|
||||
- apache
|
||||
|
||||
- name: Apache vhost is enabled
|
||||
file:
|
||||
src: /etc/apache2/sites-available/000-evolinux-default.conf
|
||||
dest: /etc/apache2/sites-enabled/000-evolinux-default.conf
|
||||
state: link
|
||||
notify: reload apache
|
||||
when: evolinux_default_www_apache_enabled
|
||||
tags:
|
||||
- apache
|
||||
|
||||
when: evolinux_default_www_apache_vhost and apache_sites_available.stat.exists
|
||||
|
||||
- meta: flush_handlers
|
||||
|
|
|
@ -57,15 +57,15 @@
|
|||
<div id="container">
|
||||
<h1 class="hostname">{{ ansible_hostname }}</h1>
|
||||
|
||||
<ul>
|
||||
<ul id="evolinks">
|
||||
<li><a href="/munin/{{ ansible_domain }}/{{ ansible_fqdn }}/">Stats système</a></li>
|
||||
<!--
|
||||
<li><a href="/phpmyadmin-PHPMASECRET/">Accès PhpMyAdmin</a></li>
|
||||
<li><a href="/phpmyadmin-__PHPMYADMIN_SUFFIX__/">Accès PhpMyAdmin</a></li>
|
||||
<li><a href="/mysqlreport.html">Dernier rapport MySQL Tuner</a></li>
|
||||
<li><a href="/cgi-bin/awstats.pl">Stats web</a></li>
|
||||
<li><a href="/info.php">Infos PHP</a></li>
|
||||
<li><a href="/opcache.php">Infos OpCache PHP</a></li>
|
||||
<li><a href="/server-status-RANDOM_SERVERSTATUS/">Server Status</a></li>
|
||||
<li><a href="/server-status-__SERVERSTATUS_SUFFIX__/">Server Status</a></li>
|
||||
-->
|
||||
</ul>
|
||||
|
||||
|
|
|
@ -4,3 +4,9 @@ nginx_private_ipaddr_whitelist_absent: []
|
|||
|
||||
nginx_private_htpasswd_present: []
|
||||
nginx_private_htpasswd_absent: []
|
||||
|
||||
nginx_default_redirect_url: "http://evolix.fr"
|
||||
nginx_evolinux_default_enabled: True
|
||||
|
||||
# nginx_phpmyadmin_suffix: "{{ lookup('env', 'RANDOM') }}"
|
||||
# nginx_serverstatus_suffix: "{{ lookup('env', 'RANDOM') }}"
|
||||
|
|
|
@ -109,6 +109,38 @@
|
|||
tags:
|
||||
- nginx
|
||||
|
||||
- name: nginx vhost is installed
|
||||
template:
|
||||
src: evolinux-default.conf.j2
|
||||
dest: /etc/nginx/sites-available/evolinux-default.conf
|
||||
mode: "0640"
|
||||
notify: reload nginx
|
||||
tags:
|
||||
- nginx
|
||||
|
||||
- name: default vhost is enabled
|
||||
file:
|
||||
src: /etc/nginx/sites-available/evolinux-default.conf
|
||||
dest: /etc/nginx/sites-enabled/default.conf
|
||||
state: link
|
||||
force: yes
|
||||
notify: reload nginx
|
||||
when: nginx_evolinux_default_enabled
|
||||
tags:
|
||||
- nginx
|
||||
|
||||
# - name: replace phpmyadmin suffix in default site index
|
||||
# replace:
|
||||
# dest: /var/www/index.html
|
||||
# regexp: '__PHPMYADMIN_SUFFIX__'
|
||||
# replace: "{{ nginx_phpmyadmin_suffix }}"
|
||||
#
|
||||
# - name: replace server-status suffix in default site index
|
||||
# replace:
|
||||
# dest: /var/www/index.html
|
||||
# regexp: '__SERVERSTATUS_SUFFIX__'
|
||||
# replace: "{{ nginx_serverstatus_suffix }}"
|
||||
|
||||
- name: Verify that the service is enabled and started
|
||||
service:
|
||||
name: nginx
|
||||
|
|
|
@ -18,7 +18,7 @@ server {
|
|||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
error_page 403 {{ evolinux_default_www_redirect_url }};
|
||||
error_page 403 {{ nginx_default_redirect_url }};
|
||||
|
||||
root /var/www;
|
||||
|
Loading…
Reference in New Issue