Browse Source

apache: new variable for mpm mode (+ updated default config accordingly)

Also, itk package will only be installed if required
pull/129/head
Ludovic Poujol 6 months ago
parent
commit
d56c545183
  1. 2
      CHANGELOG.md
  2. 2
      apache/defaults/main.yml
  3. 58
      apache/files/evolinux-defaults.conf
  4. 26
      apache/tasks/main.yml

2
CHANGELOG.md

@ -12,6 +12,8 @@ The **patch** part changes incrementally at each release.
### Added
* apache: new variable for mpm mode (+ updated default config accordingly)
### Changed
### Fixed

2
apache/defaults/main.yml

@ -23,3 +23,5 @@ log2mail_alert_email: Null
apache_logrotate_frequency: daily
apache_logrotate_rotate: 365
apache_mpm: "itk"

58
apache/files/evolinux-defaults.conf

@ -3,12 +3,43 @@ Timeout 10
KeepAliveTimeout 2
MaxKeepAliveRequests 10
#MaxClients 250
MaxRequestWorkers 250
ServerLimit 250
StartServers 50
MinSpareServers 20
MaxSpareServers 30
MaxRequestsPerChild 0
<IfModule mpm_prefork_module>
MaxRequestWorkers 250
ServerLimit 250
StartServers 50
MinSpareServers 20
MaxSpareServers 30
MaxRequestsPerChild 0
</IfModule>
<IfModule mpm_worker_module>
StartServers 3
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxRequestWorkers 150
MaxConnectionsPerChild 0
</IfModule>
<IfModule mpm_itk_module>
LimitUIDRange 0 6000
LimitGIDRange 0 6000
</IfModule>
<IfModule ssl_module>
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
</IfModule>
<IfModule status_module>
ExtendedStatus On
<IfModule proxy_module>
ProxyStatus On
</IfModule>
</IfModule>
<Directory /home/>
AllowOverride None
@ -17,26 +48,11 @@ MaxRequestsPerChild 0
Deny from env=GoAway
</Directory>
<IfModule mod_ssl.c>
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
</IfModule>
<Files ~ "\.(inc|bak)$">
Require all denied
</Files>
<IfModule mod_status.c>
ExtendedStatus On
<IfModule mod_proxy.c>
ProxyStatus On
</IfModule>
</IfModule>
<IfModule mpm_itk.c>
LimitUIDRange 0 6000
LimitGIDRange 0 6000
</IfModule>
<LocationMatch "^/evolinux_fpm_status-.*">
Require all denied

26
apache/tasks/main.yml

@ -4,7 +4,6 @@
apt:
name:
- apache2
- libapache2-mpm-itk
- libapache2-mod-evasive
- apachetop
- libwww-perl
@ -14,6 +13,18 @@
- packages
when: ansible_distribution_major_version is version('9', '>=')
- name: itk package is installed if required (Debian 9 or later)
apt:
name:
- libapache2-mpm-itk
state: present
tags:
- apache
- packages
when:
- ansible_distribution_major_version is version('9', '>=')
- apache_mpm == "itk"
- name: packages are installed (jessie)
apt:
name:
@ -35,7 +46,6 @@
- rewrite
- expires
- headers
- cgi
- ssl
- include
- negotiation
@ -44,6 +54,18 @@
tags:
- apache
- name: basic modules are enabled
apache2_module:
name: '{{ item }}'
state: present
with_items:
- cgi
notify: reload apache
when: apache_mpm == "prefork" or apache_mpm == "itk"
tags:
- apache
- name: Copy Apache defaults config file
copy:
src: evolinux-defaults.conf

Loading…
Cancel
Save