evoadmin/packweb: end of first pass
This commit is contained in:
parent
fe32d691b8
commit
2084e2e53e
|
@ -4,11 +4,34 @@
|
|||
state: present
|
||||
with_items:
|
||||
- apache2
|
||||
- apache2-mpm-prefork
|
||||
- apachetop
|
||||
- libwww-perl
|
||||
tags:
|
||||
- apache
|
||||
|
||||
- name: manually disable mpm_event
|
||||
command: a2dismod mpm_event
|
||||
register: cmd_disable_event
|
||||
changed_when: "'Module mpm_event already disabled' not in cmd_disable_event.stdout"
|
||||
|
||||
- name: manually enable mpm_prefork
|
||||
command: a2enmod mpm_prefork
|
||||
register: cmd_disable_prefork
|
||||
changed_when: "'Module mpm_prefork already enabled' not in cmd_disable_prefork.stdout"
|
||||
|
||||
# With Ansible 2.2 the module check the config for conflicts
|
||||
# With 2.3 it can be disabled.
|
||||
# https://docs.ansible.com/ansible/apache2_module_module.html
|
||||
# - name: mpm_event modules is disabled
|
||||
# apache2_module:
|
||||
# name: '{{ item }}'
|
||||
# state: absent
|
||||
# with_items:
|
||||
# - mpm_event
|
||||
# tags:
|
||||
# - apache
|
||||
|
||||
- name: basic modules are enabled
|
||||
apache2_module:
|
||||
name: '{{ item }}'
|
||||
|
@ -17,7 +40,6 @@
|
|||
- rewrite
|
||||
- expires
|
||||
- headers
|
||||
- rewrite
|
||||
- cgi
|
||||
- ssl
|
||||
tags:
|
||||
|
|
11
evoadmin/defaults/main.yml
Normal file
11
evoadmin/defaults/main.yml
Normal file
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
general_alert_email: "root@localhost"
|
||||
evoadmin_contact_email: Null
|
||||
evoadmin_bounce_email: "{{ evoadmin_contact_email }}"
|
||||
|
||||
evoadmin_home_dir: "/home/{{ evoadmin_username }}"
|
||||
evoadmin_document_root: "{{ evoadmin_home_dir }}/www"
|
||||
evoadmin_scripts_dir: /usr/share/scripts/evoadmin/
|
||||
evoadmin_host: "evoadmin.{{ ansible_fqdn }}"
|
||||
evoadmin_username: evoadmin
|
||||
evoadmin_ssl_subject: "/CN={{ ansible_fqdn }}"
|
12
evoadmin/files/evolinux.conf.diff
Normal file
12
evoadmin/files/evolinux.conf.diff
Normal file
|
@ -0,0 +1,12 @@
|
|||
--- evolinux.conf 2015-04-09 16:39:41.862242460 +0200
|
||||
+++ evolinux.conf 2015-04-09 16:51:11.902241748 +0200
|
||||
@@ -23,7 +23,5 @@
|
||||
# Allow RESUME (REST command)
|
||||
AllowStoreRestart on
|
||||
|
||||
-<Limit LOGIN>
|
||||
- AllowGroup ftpusers
|
||||
- DenyAll
|
||||
-</Limit>
|
||||
+AuthOrder mod_auth_file.c
|
||||
+AuthUserFile /etc/proftpd/vpasswd
|
6
evoadmin/handlers/main.yml
Normal file
6
evoadmin/handlers/main.yml
Normal file
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
|
||||
- name: reload apache2
|
||||
service:
|
||||
name: apache2
|
||||
state: reloaded
|
17
evoadmin/tasks/config.yml
Normal file
17
evoadmin/tasks/config.yml
Normal file
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
|
||||
- name: "Create /etc/evolinux"
|
||||
file:
|
||||
dest: "/etc/evolinux"
|
||||
recurse: yes
|
||||
state: directory
|
||||
|
||||
- name: Configure web-add config file
|
||||
template:
|
||||
src: web-add.conf.j2
|
||||
dest: /etc/evolinux/web-add.conf
|
||||
|
||||
- name: Configure web-add template file for mail
|
||||
template:
|
||||
src: web-mail.tpl.j2
|
||||
dest: "{{ evoadmin_scripts_dir }}/web-mail.tpl"
|
24
evoadmin/tasks/ftp.yml
Normal file
24
evoadmin/tasks/ftp.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
|
||||
- name: Verify if proftpd has evolinux config file
|
||||
stat:
|
||||
path: /etc/proftpd/conf.d/z-evolinux.conf
|
||||
register: proftpd_config
|
||||
|
||||
- block:
|
||||
- name: Patch ProFTPd config file
|
||||
patch:
|
||||
remote_src: no
|
||||
src: evolinux.conf.diff
|
||||
dest: /etc/proftpd/conf.d/z-evolinux.conf
|
||||
# Why 440? Because should be edited with ftpasswd.
|
||||
# So, readonly when opened with vim.
|
||||
# Then readable by group.
|
||||
- name: Create /etc/proftpd/vpasswd file in 0440 mode
|
||||
file:
|
||||
state: touch
|
||||
path: /etc/proftpd/vpasswd
|
||||
mode: "0440"
|
||||
owner: root
|
||||
group: root
|
||||
when: proftpd_config.stat.exists
|
13
evoadmin/tasks/main.yml
Normal file
13
evoadmin/tasks/main.yml
Normal file
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
|
||||
- include: packages.yml
|
||||
|
||||
- include: user.yml
|
||||
|
||||
- include: config.yml
|
||||
|
||||
- include: ssl.yml
|
||||
|
||||
- include: web.yml
|
||||
|
||||
- include: ftp.yml
|
17
evoadmin/tasks/packages.yml
Normal file
17
evoadmin/tasks/packages.yml
Normal file
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
|
||||
- include_role:
|
||||
name: apt-repositories
|
||||
tasks_from: evolix_public.yml
|
||||
|
||||
- meta: flush_handlers
|
||||
|
||||
- name: Install PHP packages
|
||||
apt:
|
||||
name: '{{ item }}'
|
||||
state: present
|
||||
allow_unauthenticated: yes
|
||||
with_items:
|
||||
- php-pear
|
||||
- php-log
|
||||
- php5-pam
|
24
evoadmin/tasks/ssl.yml
Normal file
24
evoadmin/tasks/ssl.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
|
||||
|
||||
- name: ssl-cert package is installed
|
||||
apt:
|
||||
name: ssl-cert
|
||||
state: present
|
||||
|
||||
- name: Create private key and csr for default site ({{ ansible_fqdn }})
|
||||
command: openssl req -newkey rsa:2048 -sha256 -nodes -keyout /etc/ssl/private/{{ evoadmin_host }}.key -out /etc/ssl/{{ evoadmin_host }}.csr -batch -subj "{{ evoadmin_ssl_subject }}"
|
||||
args:
|
||||
creates: "/etc/ssl/private/{{ evoadmin_host }}.key"
|
||||
|
||||
- name: Adjust rights on private key
|
||||
file:
|
||||
path: /etc/ssl/private/{{ evoadmin_host }}.key
|
||||
owner: root
|
||||
group: ssl-cert
|
||||
mode: "0640"
|
||||
|
||||
- name: Create certificate for default site
|
||||
command: openssl x509 -req -days 3650 -sha256 -in /etc/ssl/{{ evoadmin_host }}.csr -signkey /etc/ssl/private/{{ evoadmin_host }}.key -out /etc/ssl/certs/{{ evoadmin_host }}.crt
|
||||
args:
|
||||
creates: "/etc/ssl/certs/{{ evoadmin_host }}.crt"
|
60
evoadmin/tasks/user.yml
Normal file
60
evoadmin/tasks/user.yml
Normal file
|
@ -0,0 +1,60 @@
|
|||
---
|
||||
|
||||
- name: Create evoadmin account
|
||||
user:
|
||||
name: evoadmin
|
||||
comment: "Evoadmin Web Account"
|
||||
home: "{{ evoadmin_home_dir}}"
|
||||
password: "!"
|
||||
|
||||
- name: Create www-evoadmin group
|
||||
group:
|
||||
name: www-evoadmin
|
||||
state: present
|
||||
|
||||
- name: Install Git
|
||||
apt:
|
||||
name: git
|
||||
state: present
|
||||
|
||||
- name: Clone evoadmin repository
|
||||
git:
|
||||
repo: https://forge.evolix.org/evoadmin-web.git
|
||||
dest: "{{ evoadmin_document_root}}"
|
||||
update: no
|
||||
# Warning: Need sudo!
|
||||
become_user: "{{ evoadmin_username }}"
|
||||
|
||||
- name: "Create {{ evoadmin_scripts_dir }}"
|
||||
file:
|
||||
dest: "{{ evoadmin_scripts_dir }}"
|
||||
# recurse: yes
|
||||
mode: "0700"
|
||||
state: directory
|
||||
|
||||
- name: Install scripts like web-add.sh
|
||||
shell: "cp {{ evoadmin_document_root}}/scripts/* {{ evoadmin_scripts_dir }}/"
|
||||
args:
|
||||
creates: "{{ evoadmin_scripts_dir }}/web-add.sh"
|
||||
|
||||
# we use a shell command to have a "changed" thet really reflects the result.
|
||||
- name: Fix permissions
|
||||
shell: "test -f {{ item }} && chmod -R --verbose u=rwX,g=rX,o= {{ item }}"
|
||||
register: command_result
|
||||
changed_when: "'changed' in command_result.stdout"
|
||||
failed_when: False
|
||||
with_items:
|
||||
- "{{ evoadmin_home_dir}}/www"
|
||||
|
||||
- name: Add www-evoadmin to group shadow
|
||||
user:
|
||||
name: www-evoadmin
|
||||
groups: shadow
|
||||
append: yes
|
||||
|
||||
- name: Add evoadmin sudoers file
|
||||
template:
|
||||
src: sudoers.j2
|
||||
dest: /etc/sudoers.d/evoadmin
|
||||
mode: "0600"
|
||||
validate: "visudo -cf %s"
|
33
evoadmin/tasks/web.yml
Normal file
33
evoadmin/tasks/web.yml
Normal file
|
@ -0,0 +1,33 @@
|
|||
---
|
||||
|
||||
- name: Set default values in /etc/php5/apache2/conf.d/z-evolinux_defaults.ini
|
||||
ini_file:
|
||||
dest: /etc/php5/apache2/conf.d/z-evolinux_defaults.ini
|
||||
section: PHP
|
||||
option: "disable_functions"
|
||||
value: "shell-exec,system,passthru,putenv,popen"
|
||||
notify: reload apache
|
||||
|
||||
|
||||
- name: Install evoadmin VHost
|
||||
template:
|
||||
src: evoadmin.conf.j2
|
||||
dest: /etc/apache2/sites-available/evoadmin.conf
|
||||
notify: reload apache2
|
||||
|
||||
- name: Enable evoadmin vhost
|
||||
command: "a2ensite evoadmin.conf"
|
||||
register: cmd_a2ensite
|
||||
changed_when: "'Enabling site' in cmd_a2ensite.stdout"
|
||||
notify: reload apache2
|
||||
|
||||
- name: Copy config file for evoadmin
|
||||
copy:
|
||||
src: config.local.php
|
||||
dest: "{{ evoadmin_home_dir}}/www/conf/"
|
||||
mode: "0644"
|
||||
|
||||
- name: add www-evoadmin to shadow group
|
||||
user:
|
||||
name: www-evoadmin
|
||||
groups: shadow
|
60
evoadmin/templates/evoadmin.conf.j2
Normal file
60
evoadmin/templates/evoadmin.conf.j2
Normal file
|
@ -0,0 +1,60 @@
|
|||
<VirtualHost *:80>
|
||||
ServerName {{ evoadmin_host }}
|
||||
Redirect permanent / https://{{ evoadmin_host }}/
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:443>
|
||||
|
||||
# FQDN principal
|
||||
ServerName {{ evoadmin_host }}
|
||||
#ServerAlias {{ evoadmin_host }}
|
||||
|
||||
# Repertoire principal
|
||||
DocumentRoot /home/evoadmin/www/htdocs/
|
||||
|
||||
# SSL
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/ssl/certs/{{ evoadmin_host }}.crt
|
||||
SSLCertificateKeyFile /etc/ssl/private/{{ evoadmin_host }}.key
|
||||
SSLProtocol all -SSLv2 -SSLv3
|
||||
|
||||
# Propriete du repertoire
|
||||
<Directory /home/evoadmin/www/htdocs/>
|
||||
#Options Indexes SymLinksIfOwnerMatch
|
||||
Options SymLinksIfOwnerMatch
|
||||
AllowOverride AuthConfig Limit FileInfo
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
# user - group (thanks to sesse@debian.org)
|
||||
AssignUserID www-evoadmin evoadmin
|
||||
|
||||
# LOG
|
||||
CustomLog /var/log/apache2/access.log combined
|
||||
CustomLog /home/evoadmin/log/access.log combined
|
||||
ErrorLog /home/evoadmin/log/error.log
|
||||
|
||||
# AWSTATS
|
||||
SetEnv AWSTATS_FORCE_CONFIG evoadmin
|
||||
|
||||
# REWRITE
|
||||
UseCanonicalName On
|
||||
RewriteEngine On
|
||||
RewriteCond %{HTTP_HOST} !^{{ evoadmin_host }}$
|
||||
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [L,R]
|
||||
|
||||
# PHP
|
||||
#php_admin_flag engine off
|
||||
#AddType text/html .html
|
||||
#php_admin_flag display_errors On
|
||||
#php_flag short_open_tag On
|
||||
#php_flag register_globals On
|
||||
#php_admin_value memory_limit 256M
|
||||
#php_admin_value max_execution_time 60
|
||||
#php_admin_value upload_max_filesize 8M
|
||||
#php_admin_flag allow_url_fopen Off
|
||||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f www-evoadmin"
|
||||
php_admin_value error_log "/home/evoadmin/log/php.log"
|
||||
php_admin_value open_basedir "none"
|
||||
|
||||
</VirtualHost>
|
3
evoadmin/templates/sudoers.j2
Normal file
3
evoadmin/templates/sudoers.j2
Normal file
|
@ -0,0 +1,3 @@
|
|||
User_Alias EVOADMIN = www-evoadmin
|
||||
Cmnd_Alias EVOADMIN_WEB = {{ evoadmin_scripts_dir | mandatory }}/web-*.sh, {{ evoadmin_scripts_dir | mandatory }}/ftpadmin.sh
|
||||
EVOADMIN ALL=NOPASSWD: EVOADMIN_WEB
|
2
evoadmin/templates/web-add.conf.j2
Normal file
2
evoadmin/templates/web-add.conf.j2
Normal file
|
@ -0,0 +1,2 @@
|
|||
CONTACT_MAIL="{{ evoadmin_contact_email or general_alert_email | mandatory }}"
|
||||
WWWBOUNCE_MAIL="{{ evoadmin_bounce_email or general_alert_email | mandatory }}"
|
86
evoadmin/templates/web-mail.tpl.j2
Normal file
86
evoadmin/templates/web-mail.tpl.j2
Normal file
|
@ -0,0 +1,86 @@
|
|||
From: %MAIL_FROM%
|
||||
To: RCPTTO
|
||||
Bcc: %MAIL_BCC%
|
||||
Subject: Parametres hebergement web : LOGIN
|
||||
|
||||
Bonjour,
|
||||
|
||||
Votre compte d'hebergement web a ete cree.
|
||||
|
||||
**********************************
|
||||
* CONNEXION SFTP/SSH
|
||||
**********************************
|
||||
|
||||
NOM DU SERVEUR : %SERVER_NAME%
|
||||
USER : LOGIN
|
||||
PASSWORD : PASSE1
|
||||
|
||||
*****************************************
|
||||
* Details sur l'environnement Apache/PHP
|
||||
*****************************************
|
||||
|
||||
URL du site :
|
||||
http://SERVERNAME
|
||||
|
||||
URL des stats :
|
||||
http://SERVERNAME/cgi-RANDOM/awstats.pl
|
||||
(acces par IP ou login a demander !)
|
||||
|
||||
Repertoire de connexion : HOME_DIR/LOGIN/
|
||||
Repertoire pour site web : HOME_DIR/LOGIN/www/
|
||||
|
||||
Apache/PHP tourne en www-LOGIN:LOGIN c'est-a-dire qu'il a acces
|
||||
uniquement *en lecture* aux differents fichiers/repertoires
|
||||
(a condition d'avoir 'g=rx' sur les repertoires et 'g=r' sur les
|
||||
fichiers ce qui est le comportement par defaut).
|
||||
|
||||
Lorsqu'on a besoin d'autoriser *l'ecriture* pour certains
|
||||
fichiers/repertoires, il suffit d'ajouter le droit 'g+w'.
|
||||
|
||||
***********************************
|
||||
* MySQL
|
||||
***********************************
|
||||
|
||||
SERVEUR : 127.0.0.1
|
||||
PORT DU SERVEUR : 3306
|
||||
USER : LOGIN
|
||||
PASSWORD : PASSE2
|
||||
NOM BASE : DBNAME
|
||||
URL interface d'admin :
|
||||
%PMA_URL%
|
||||
|
||||
***********************************
|
||||
* Rappels divers
|
||||
***********************************
|
||||
|
||||
Votre nom de domaine doit etre configure pour pointer
|
||||
sur l'adresse IP %SERVER_ADDR% (enregistrement DNS A)
|
||||
ou etre un alias de %SERVER_NAME% (enregistrement DNS CNAME).
|
||||
|
||||
Si vous avez besoin de faire des tests, vous devez
|
||||
ajouter la ligne suivante au fichier "/etc/hosts" sous Linux/Unix
|
||||
ou au fichier "system32\drivers\etc\hosts" sous Windows NT/XP :
|
||||
%SERVER_ADDR% SERVERNAME
|
||||
|
||||
Attention, par defaut, toutes les connexions vers l'exterieur
|
||||
sont bloquees. Si vous avez besoin de recuperer des donnees
|
||||
a l'exterieur (flux RSS, BDD externe, etc.), contactez nous
|
||||
afin de mettre en oeuvre les autorisations necessaires.
|
||||
|
||||
Afin de securiser au maximum le serveur, certaines URL
|
||||
particulieres sont non autorisees pour eviter diverses
|
||||
attaques (XSS, robots, trojans, injections, etc.).
|
||||
Exemple d'URL refusee :
|
||||
http://SERVERNAME/cmd32.exe
|
||||
En cas de soucis avec votre application, prevenez-nous.
|
||||
|
||||
Si vous desirez mettre en place des parametres particuliers
|
||||
pour votre site (PHP, etc.) ou pour tout autre demande (scripts en crontab,
|
||||
etc.), n'hesitez pas a nous contacter a l'adresse
|
||||
%MAIL_STANDARD% (ou %MAIL_URGENT% si votre demande est
|
||||
urgente).
|
||||
|
||||
|
||||
Cordialement,
|
||||
--
|
||||
%FOOTER%
|
|
@ -2,3 +2,4 @@
|
|||
# defaults file for packweb-apache
|
||||
general_alert_email: "root@localhost"
|
||||
log2mail_alert_email: Null
|
||||
packweb_install_evoadmin: True
|
||||
|
|
0
packweb-apache/files/log/access.log
Normal file
0
packweb-apache/files/log/access.log
Normal file
0
packweb-apache/files/log/error.log
Normal file
0
packweb-apache/files/log/error.log
Normal file
38
packweb-apache/files/userlogrotate
Normal file
38
packweb-apache/files/userlogrotate
Normal file
|
@ -0,0 +1,38 @@
|
|||
#!/bin/bash
|
||||
|
||||
DATE=`/bin/date +"%d-%m-%Y"`
|
||||
HOMEPREFIX="/home"
|
||||
|
||||
rotate () {
|
||||
mv $1 $1.$DATE
|
||||
gzip $1.$DATE
|
||||
touch $1
|
||||
chown $2 $1
|
||||
chmod g+r $1
|
||||
}
|
||||
|
||||
user_for() {
|
||||
homedir=`echo $1 | sed "s#\($HOMEPREFIX/\([^/]\+\)\).*#\1#"`
|
||||
stat -L -c '%G' $homedir
|
||||
}
|
||||
|
||||
for log in access.log access-*.log error.log; do
|
||||
for i in `ls -1 -d $HOMEPREFIX/*/log/$log 2>/dev/null | grep -v \.bak\.`; do
|
||||
USER=`user_for $i`
|
||||
rotate $i root:$USER
|
||||
done
|
||||
done
|
||||
|
||||
for i in `ls -1 -d $HOMEPREFIX/*/log/php.log 2>/dev/null | grep -v \.bak\.`; do
|
||||
USER=`user_for $i`
|
||||
rotate $i www-$USER:$USER
|
||||
done
|
||||
|
||||
for log in production.log delayed_job.log development.log test.log; do
|
||||
for i in `ls -1 -d $HOMEPREFIX/*/www/{,current/}log/$log 2>/dev/null | grep -v \.bak\.`; do
|
||||
USER=`user_for $i`
|
||||
rotate $i $USER:$USER
|
||||
done
|
||||
done
|
||||
|
||||
apache2ctl restart > /dev/null
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
- name: Include apache role
|
||||
include_role:
|
||||
name: "{{ roles }}/apache"
|
||||
name: "apache"
|
||||
|
||||
- name: Add elements to user account template
|
||||
file:
|
||||
|
@ -13,8 +13,22 @@
|
|||
- { path: log, mode: "0750", state: directory }
|
||||
- { path: awstats, mode: "0750", state: directory }
|
||||
- { path: www, mode: "0750", state: directory }
|
||||
- { path: log/access.log, mode: "0644", state: touch }
|
||||
- { path: log/error.log, mode: "0644", state: touch }
|
||||
|
||||
- name: Copy apache empty log files if missing
|
||||
copy:
|
||||
src: "log/{{ item }}"
|
||||
dest: "/etc/skel/log/{{ item }}"
|
||||
mode: "0644"
|
||||
force: no
|
||||
with_items:
|
||||
- access.log
|
||||
- error.log
|
||||
|
||||
- name: Install userlogrotate
|
||||
copy:
|
||||
src: userlogrotate
|
||||
dest: /etc/cron.weekly/userlogrotate
|
||||
mode: "0755"
|
||||
|
||||
- name: Force DIR_MODE to 0750 in /etc/adduser.conf
|
||||
lineinfile:
|
||||
|
@ -107,9 +121,14 @@
|
|||
tags:
|
||||
- apache
|
||||
|
||||
- name: Set default values in /etc/php5/apache2/conf.d/z-evolinux_defaults.ini
|
||||
- name: Set variables for php config files
|
||||
set_fact:
|
||||
php5_apache5_defaults_file: /etc/php5/apache2/conf.d/z-evolinux_defaults.ini
|
||||
php5_apache5_custom_file: /etc/php5/apache2/conf.d/zzz-evolinux_custom.ini
|
||||
|
||||
- name: Set default values for PHP
|
||||
ini_file:
|
||||
dest: /etc/php5/apache2/conf.d/z-evolinux_defaults.ini
|
||||
dest: "{{ php5_apache5_defaults_file }}"
|
||||
section: PHP
|
||||
option: "{{ item.option }}"
|
||||
value: "{{ item.value }}"
|
||||
|
@ -117,16 +136,31 @@
|
|||
create: yes
|
||||
with_items:
|
||||
- { option: "short_open_tag", value: "Off" }
|
||||
- { option: "disable_functions", value: "exec, shell-exec, system, passthru, putenv, popen" }
|
||||
- { option: "expose_php", value: "Off" }
|
||||
- { option: "display_errors", value: "Off" }
|
||||
- { option: "log_errors", value: "On" }
|
||||
- { option: "allow_url_fopen", value: "Off" }
|
||||
notify: reload apache
|
||||
|
||||
- name: Disable PHP exec function without evoadmin
|
||||
ini_file:
|
||||
dest: "{{ php5_apache5_defaults_file }}"
|
||||
section: PHP
|
||||
option: disable_functions
|
||||
value: "exec,shell-exec,system,passthru,putenv,popen"
|
||||
when: not packweb_install_evoadmin
|
||||
|
||||
- name: Don't disable PHP exec function with evoadmin
|
||||
ini_file:
|
||||
dest: "{{ php5_apache5_defaults_file }}"
|
||||
section: PHP
|
||||
option: disable_functions
|
||||
value: "shell-exec,system,passthru,putenv,popen"
|
||||
when: packweb_install_evoadmin
|
||||
|
||||
- name: Custom php.ini
|
||||
copy:
|
||||
dest: /etc/php5/apache2/conf.d/zzz-evolinux_custom.ini
|
||||
dest: "{{ php5_apache5_custom_file }}"
|
||||
content: |
|
||||
# Put customized values here.
|
||||
force: no
|
||||
|
@ -186,7 +220,7 @@
|
|||
content: |
|
||||
Alias /awstats-icon/ /usr/share/awstats/icon/
|
||||
<Directory /usr/share/awstats/icon/>
|
||||
Require All Granted
|
||||
Require all granted
|
||||
</Directory>
|
||||
force: no
|
||||
mode: "0644"
|
||||
|
@ -275,3 +309,12 @@
|
|||
- /var/log/debug
|
||||
- /var/log/mail.err
|
||||
- /var/log/mail.warn
|
||||
|
||||
- name: Install Evoadmin
|
||||
include_role:
|
||||
name: evoadmin
|
||||
when: packweb_install_evoadmin
|
||||
|
||||
- name: Install web-add script
|
||||
include: web-add.yml
|
||||
when: not packweb_install_evoadmin
|
||||
|
|
3
packweb-apache/tasks/web-add.yml
Normal file
3
packweb-apache/tasks/web-add.yml
Normal file
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
|
||||
# TODO: ...
|
Loading…
Reference in a new issue