whitespaces
This commit is contained in:
parent
5c3b375b25
commit
28954e634c
|
@ -9,7 +9,7 @@
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
force: no
|
force: no
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: add IP addresses to private IP whitelist
|
- name: add IP addresses to private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -19,7 +19,7 @@
|
||||||
with_items: "{{ apache_ipaddr_whitelist_present }}"
|
with_items: "{{ apache_ipaddr_whitelist_present }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: remove IP addresses from private IP whitelist
|
- name: remove IP addresses from private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -29,7 +29,7 @@
|
||||||
with_items: "{{ apache_ipaddr_whitelist_absent }}"
|
with_items: "{{ apache_ipaddr_whitelist_absent }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: include private IP whitelist for server-status
|
- name: include private IP whitelist for server-status
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -38,7 +38,7 @@
|
||||||
insertafter: 'SetHandler server-status'
|
insertafter: 'SetHandler server-status'
|
||||||
state: present
|
state: present
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Copy private_htpasswd
|
- name: Copy private_htpasswd
|
||||||
copy:
|
copy:
|
||||||
|
@ -50,7 +50,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: add user:pwd to private htpasswd
|
- name: add user:pwd to private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -60,7 +60,7 @@
|
||||||
with_items: "{{ apache_private_htpasswd_present }}"
|
with_items: "{{ apache_private_htpasswd_present }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: remove user:pwd from private htpasswd
|
- name: remove user:pwd from private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -70,4 +70,4 @@
|
||||||
with_items: "{{ apache_private_htpasswd_absent }}"
|
with_items: "{{ apache_private_htpasswd_absent }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
|
@ -4,6 +4,8 @@
|
||||||
apt:
|
apt:
|
||||||
name: log2mail
|
name: log2mail
|
||||||
state: present
|
state: present
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- name: Add log2mail config for Apache segfaults
|
- name: Add log2mail config for Apache segfaults
|
||||||
template:
|
template:
|
||||||
|
@ -13,3 +15,5 @@
|
||||||
group: adm
|
group: adm
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
force: no
|
force: no
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
|
@ -5,14 +5,14 @@
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
state: present
|
state: present
|
||||||
with_items:
|
with_items:
|
||||||
- apache2
|
- apache2
|
||||||
- libapache2-mpm-itk
|
- libapache2-mpm-itk
|
||||||
- libapache2-mod-evasive
|
- libapache2-mod-evasive
|
||||||
- apachetop
|
- apachetop
|
||||||
- libwww-perl
|
- libwww-perl
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
- packages
|
- packages
|
||||||
when: ansible_distribution_major_version | version_compare('9', '>=')
|
when: ansible_distribution_major_version | version_compare('9', '>=')
|
||||||
|
|
||||||
- name: packages are installed (jessie)
|
- name: packages are installed (jessie)
|
||||||
|
@ -20,13 +20,13 @@
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
state: present
|
state: present
|
||||||
with_items:
|
with_items:
|
||||||
- apache2-mpm-itk
|
- apache2-mpm-itk
|
||||||
- libapache2-mod-evasive
|
- libapache2-mod-evasive
|
||||||
- apachetop
|
- apachetop
|
||||||
- libwww-perl
|
- libwww-perl
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
- packages
|
- packages
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- name: basic modules are enabled
|
- name: basic modules are enabled
|
||||||
|
@ -34,17 +34,17 @@
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
state: present
|
state: present
|
||||||
with_items:
|
with_items:
|
||||||
- rewrite
|
- rewrite
|
||||||
- expires
|
- expires
|
||||||
- headers
|
- headers
|
||||||
- cgi
|
- cgi
|
||||||
- ssl
|
- ssl
|
||||||
- include
|
- include
|
||||||
- negotiation
|
- negotiation
|
||||||
- alias
|
- alias
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Copy Apache defaults config file
|
- name: Copy Apache defaults config file
|
||||||
copy:
|
copy:
|
||||||
|
@ -75,19 +75,23 @@
|
||||||
dest: /etc/apache2/mods-enabled/status.conf
|
dest: /etc/apache2/mods-enabled/status.conf
|
||||||
state: absent
|
state: absent
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- name: Ensure Apache config files are enabled
|
- name: Ensure Apache config files are enabled
|
||||||
command: "a2enconf {{ item }}"
|
command: "a2enconf {{ item }}"
|
||||||
register: command_result
|
register: command_result
|
||||||
changed_when: "'Enabling' in command_result.stderr"
|
changed_when: "'Enabling' in command_result.stderr"
|
||||||
with_items:
|
with_items:
|
||||||
- z-evolinux-defaults.conf
|
- z-evolinux-defaults.conf
|
||||||
- zzz-evolinux-custom.conf
|
- zzz-evolinux-custom.conf
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- include: auth.yml
|
- include: auth.yml
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- name: default vhost is installed
|
- name: default vhost is installed
|
||||||
template:
|
template:
|
||||||
|
@ -97,7 +101,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: default vhost is enabled
|
- name: default vhost is enabled
|
||||||
file:
|
file:
|
||||||
|
@ -108,7 +112,7 @@
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
when: apache_evolinux_default_enabled
|
when: apache_evolinux_default_enabled
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: is umask already present?
|
- name: is umask already present?
|
||||||
command: "grep -E '^umask ' /etc/apache2/envvars"
|
command: "grep -E '^umask ' /etc/apache2/envvars"
|
||||||
|
@ -117,7 +121,7 @@
|
||||||
register: envvar_grep_umask
|
register: envvar_grep_umask
|
||||||
check_mode: no
|
check_mode: no
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Add a mark in envvars for umask
|
- name: Add a mark in envvars for umask
|
||||||
blockinfile:
|
blockinfile:
|
||||||
|
@ -129,12 +133,12 @@
|
||||||
umask 007
|
umask 007
|
||||||
when: envvar_grep_umask.rc != 0
|
when: envvar_grep_umask.rc != 0
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- include_role:
|
- include_role:
|
||||||
name: remount-usr
|
name: remount-usr
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: "Install save_apache_status.sh"
|
- name: "Install save_apache_status.sh"
|
||||||
copy:
|
copy:
|
||||||
|
@ -142,9 +146,15 @@
|
||||||
dest: /usr/share/scripts/save_apache_status.sh
|
dest: /usr/share/scripts/save_apache_status.sh
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
force: no
|
force: no
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- include: log2mail.yml
|
- include: log2mail.yml
|
||||||
when: apache_log2mail_include
|
when: apache_log2mail_include
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- include: munin.yml
|
- include: munin.yml
|
||||||
when: apache_munin_include
|
when: apache_munin_include
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
|
@ -1,6 +1,10 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: logrotate configuration
|
- name: logrotate configuration
|
||||||
copy:
|
copy:
|
||||||
src: logrotate_nginx
|
src: logrotate_nginx
|
||||||
dest: /etc/logrotate.d/nginx
|
dest: /etc/logrotate.d/nginx
|
||||||
force: no
|
force: no
|
||||||
|
tags:
|
||||||
|
- nginx
|
||||||
|
- logrotate
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
line: ' worker_connections 1024;'
|
line: ' worker_connections 1024;'
|
||||||
insertafter: 'events \{'
|
insertafter: 'events \{'
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: use epoll
|
- name: use epoll
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -25,7 +25,7 @@
|
||||||
line: ' use epoll;'
|
line: ' use epoll;'
|
||||||
insertafter: 'events \{'
|
insertafter: 'events \{'
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: Install Nginx http configuration
|
- name: Install Nginx http configuration
|
||||||
copy:
|
copy:
|
||||||
|
@ -35,7 +35,7 @@
|
||||||
# force: yes
|
# force: yes
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
# TODO: verify that those permissions are correct :
|
# TODO: verify that those permissions are correct :
|
||||||
# not too strict for ipaddr_whitelist
|
# not too strict for ipaddr_whitelist
|
||||||
|
@ -52,7 +52,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: add IP addresses to private IP whitelist
|
- name: add IP addresses to private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -62,7 +62,7 @@
|
||||||
with_items: "{{ nginx_ipaddr_whitelist_present }}"
|
with_items: "{{ nginx_ipaddr_whitelist_present }}"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: remove IP addresses from private IP whitelist
|
- name: remove IP addresses from private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -72,7 +72,7 @@
|
||||||
with_items: "{{ nginx_ipaddr_whitelist_absent }}"
|
with_items: "{{ nginx_ipaddr_whitelist_absent }}"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: Copy private_htpasswd
|
- name: Copy private_htpasswd
|
||||||
copy:
|
copy:
|
||||||
|
@ -85,7 +85,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: add user:pwd to private htpasswd
|
- name: add user:pwd to private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -95,7 +95,7 @@
|
||||||
with_items: "{{ nginx_private_htpasswd_present }}"
|
with_items: "{{ nginx_private_htpasswd_present }}"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: remove user:pwd from private htpasswd
|
- name: remove user:pwd from private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -105,7 +105,7 @@
|
||||||
with_items: "{{ nginx_private_htpasswd_absent }}"
|
with_items: "{{ nginx_private_htpasswd_absent }}"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: nginx vhost is installed
|
- name: nginx vhost is installed
|
||||||
template:
|
template:
|
||||||
|
@ -115,7 +115,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: default vhost is enabled
|
- name: default vhost is enabled
|
||||||
file:
|
file:
|
||||||
|
@ -126,7 +126,7 @@
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
when: nginx_evolinux_default_enabled
|
when: nginx_evolinux_default_enabled
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
# - block:
|
# - block:
|
||||||
# - name: generate random string for phpmyadmin suffix
|
# - name: generate random string for phpmyadmin suffix
|
||||||
|
@ -168,7 +168,7 @@
|
||||||
enabled: yes
|
enabled: yes
|
||||||
state: started
|
state: started
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: Check if Munin is installed
|
- name: Check if Munin is installed
|
||||||
stat:
|
stat:
|
||||||
|
@ -176,19 +176,19 @@
|
||||||
check_mode: no
|
check_mode: no
|
||||||
register: stat_munin_node
|
register: stat_munin_node
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: munin_vhost.yml
|
- include: munin_vhost.yml
|
||||||
when: stat_munin_node.stat.exists
|
when: stat_munin_node.stat.exists
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: munin_graphs.yml
|
- include: munin_graphs.yml
|
||||||
when: stat_munin_node.stat.exists
|
when: stat_munin_node.stat.exists
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: logrotate.yml
|
- include: logrotate.yml
|
||||||
|
|
|
@ -7,5 +7,5 @@
|
||||||
state: present
|
state: present
|
||||||
notify: restart nginx
|
notify: restart nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- packages
|
- packages
|
||||||
|
|
|
@ -4,8 +4,8 @@
|
||||||
name: apt
|
name: apt
|
||||||
tasks_from: backports.yml
|
tasks_from: backports.yml
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- packages
|
- packages
|
||||||
|
|
||||||
- name: Prefer Nginx packages from jessie-backports
|
- name: Prefer Nginx packages from jessie-backports
|
||||||
copy:
|
copy:
|
||||||
|
@ -15,13 +15,13 @@
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
register: nginx_apt_preferences
|
register: nginx_apt_preferences
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- packages
|
- packages
|
||||||
|
|
||||||
- name: update apt
|
- name: update apt
|
||||||
apt:
|
apt:
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
when: nginx_apt_preferences | changed
|
when: nginx_apt_preferences | changed
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- packages
|
- packages
|
||||||
|
|
Loading…
Reference in a new issue