Handlers; service => systemd; shell => command
This commit is contained in:
parent
7aca208909
commit
73cd25538a
|
@ -1,2 +1,12 @@
|
||||||
---
|
---
|
||||||
# handlers file
|
# handlers file
|
||||||
|
|
||||||
|
- name: reload apache
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: apache2
|
||||||
|
state: reloaded
|
||||||
|
|
||||||
|
- name: restart apache
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: apache2
|
||||||
|
state: restarted
|
||||||
|
|
|
@ -21,19 +21,15 @@
|
||||||
umask: '0022'
|
umask: '0022'
|
||||||
become_user: "{{ service }}"
|
become_user: "{{ service }}"
|
||||||
|
|
||||||
#- name: Create the conf-available dir if needed
|
|
||||||
# file:
|
|
||||||
# path: /etc/apache2/conf-available
|
|
||||||
# state: directory
|
|
||||||
# mode: '0750'
|
|
||||||
|
|
||||||
- name: Template apache conf for Let's Encrypt/Certbot
|
- name: Template apache conf for Let's Encrypt/Certbot
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "letsencrypt.conf.j2"
|
src: "letsencrypt.conf.j2"
|
||||||
dest: "/etc/apache2/conf-available/letsencrypt.conf"
|
dest: "/etc/apache2/conf-available/letsencrypt.conf"
|
||||||
|
|
||||||
- name: Enable apache conf for Let's Encrypt/Certbot
|
- name: Enable apache conf for Let's Encrypt/Certbot
|
||||||
ansible.builtin.command: "/usr/sbin/a2enconf letsencrypt.conf"
|
ansible.builtin.command:
|
||||||
|
cmd: "/usr/sbin/a2enconf letsencrypt.conf"
|
||||||
|
notify: reload apache
|
||||||
|
|
||||||
- name: Check if SSL certificate is present and register result
|
- name: Check if SSL certificate is present and register result
|
||||||
ansible.builtin.stat:
|
ansible.builtin.stat:
|
||||||
|
@ -46,19 +42,21 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "vhost.conf.j2"
|
src: "vhost.conf.j2"
|
||||||
dest: "/etc/apache2/sites-available/{{ service }}.conf"
|
dest: "/etc/apache2/sites-available/{{ service }}.conf"
|
||||||
|
notify: reload apache
|
||||||
- name: Enable apache vhost for privatebin
|
- name: Enable apache vhost for privatebin
|
||||||
command: "/usr/sbin/a2ensite {{ service }}"
|
ansible.builtin.command:
|
||||||
- name: Reload apache conf
|
cmd: "/usr/sbin/a2ensite {{ service }}"
|
||||||
ansible.builtin.service:
|
notify: reload apache
|
||||||
name: apache2
|
- name: Flush handlers
|
||||||
state: reloaded
|
ansible.builtin.meta: flush_handlers
|
||||||
- name: Make sure /var/lib/letsencrypt exists and has correct permissions
|
- name: Make sure /var/lib/letsencrypt exists and has correct permissions
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /var/lib/letsencrypt
|
path: /var/lib/letsencrypt
|
||||||
state: directory
|
state: directory
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
- name: Generate certificate with certbot
|
- name: Generate certificate with certbot
|
||||||
ansible.builtin.shell: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ privatebin_certbot_admin_email }} -d {{ privatebin_domains | first }}
|
ansible.builtin.command:
|
||||||
|
cmd: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ privatebin_certbot_admin_email }} -d {{ privatebin_domains | first }}
|
||||||
- name: Create the ssl dir if needed
|
- name: Create the ssl dir if needed
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: /etc/apache2/ssl
|
path: /etc/apache2/ssl
|
||||||
|
@ -68,6 +66,7 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "ssl.conf.j2"
|
src: "ssl.conf.j2"
|
||||||
dest: "/etc/apache2/ssl/{{ service }}.conf"
|
dest: "/etc/apache2/ssl/{{ service }}.conf"
|
||||||
|
notify: reload apache
|
||||||
when: ssl.stat.exists != true
|
when: ssl.stat.exists != true
|
||||||
|
|
||||||
- name: (Re)check if SSL certificate is present and register result
|
- name: (Re)check if SSL certificate is present and register result
|
||||||
|
@ -79,9 +78,12 @@
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "vhost.conf.j2"
|
src: "vhost.conf.j2"
|
||||||
dest: "/etc/apache2/sites-available/{{ service }}.conf"
|
dest: "/etc/apache2/sites-available/{{ service }}.conf"
|
||||||
|
notify: reload apache
|
||||||
|
|
||||||
- name: Enable apache mode_rewrite
|
- name: Enable apache mode_rewrite
|
||||||
ansible.builtin.command: "/usr/sbin/a2enmod ssl rewrite"
|
ansible.builtin.command:
|
||||||
|
cmd: "/usr/sbin/a2enmod ssl rewrite"
|
||||||
|
notify: restart apache
|
||||||
|
|
||||||
- name: Enable .htaccess configuration
|
- name: Enable .htaccess configuration
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
|
@ -113,9 +115,6 @@
|
||||||
become_user: "{{ service }}"
|
become_user: "{{ service }}"
|
||||||
|
|
||||||
- name: Enable apache vhost for privatebin
|
- name: Enable apache vhost for privatebin
|
||||||
ansible.builtin.command: "/usr/sbin/a2ensite {{ service }}"
|
ansible.builtin.command:
|
||||||
|
cmd: "/usr/sbin/a2ensite {{ service }}"
|
||||||
- name: Reload apache conf
|
notify: reload apache
|
||||||
ansible.builtin.service:
|
|
||||||
name: apache2
|
|
||||||
state: reloaded
|
|
||||||
|
|
|
@ -32,6 +32,6 @@
|
||||||
become_user: "{{ service }}"
|
become_user: "{{ service }}"
|
||||||
|
|
||||||
- name: Reload apache conf
|
- name: Reload apache conf
|
||||||
ansible.builtin.service:
|
ansible.builtin.systemd:
|
||||||
name: apache2
|
name: apache2
|
||||||
state: reloaded
|
state: reloaded
|
||||||
|
|
Loading…
Reference in a new issue