Make it possible to add an htpasswd file to evoadmin #82
|
@ -16,6 +16,7 @@ The **patch** part changes incrementally at each release.
|
||||||
* php: variable to install the mysqlnd module instead of the default mysql module
|
* php: variable to install the mysqlnd module instead of the default mysql module
|
||||||
* packweb-apache: Deploy opcache.php to give some insights on PHP's opcache status
|
* packweb-apache: Deploy opcache.php to give some insights on PHP's opcache status
|
||||||
* webapps/evoadmin-web Overload templates if needed
|
* webapps/evoadmin-web Overload templates if needed
|
||||||
|
* webapps/evoadmin-web Add an htpasswd to evoadmin if you cant use an apache IP whitelist
|
||||||
* redis: max clients is configurable
|
* redis: max clients is configurable
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
|
@ -32,4 +32,15 @@ And force it to update:
|
||||||
- "templates/evoadmin-web/sudoers.j2"
|
- "templates/evoadmin-web/sudoers.j2"
|
||||||
- "sudoers.j2"
|
- "sudoers.j2"
|
||||||
And force it to update:
|
And force it to update:
|
||||||
evoadmin_sudoers_conf_force: True
|
evoadmin_sudoers_conf_force: True
|
||||||
|
|
||||||
|
# Set evoadmin-web sudoers file
|
||||||
|
evoadmin_htpasswd: true
|
||||||
|
|
||||||
|
Overwrite its template:
|
||||||
|
- "templates/evoadmin-web/htpasswd.{{ inventory_hostname }}.j2"
|
||||||
|
- "templates/evoadmin-web/htpasswd.{{ host_group }}.j2"
|
||||||
|
- "templates/evoadmin-web/htpasswd.j2"
|
||||||
|
- "htpasswd.j2"
|
||||||
|
And force it to update:
|
||||||
|
evoadmin_htpasswd_force: true
|
||||||
|
|
|
@ -18,6 +18,8 @@ evoadmin_config_local_php_force: false
|
||||||
evoadmin_sudoers_conf_force: false
|
evoadmin_sudoers_conf_force: false
|
||||||
evoadmin_add_conf_force: false
|
evoadmin_add_conf_force: false
|
||||||
evoadmin_mail_tpl_force: false
|
evoadmin_mail_tpl_force: false
|
||||||
|
evoadmin_htpasswd_force: false
|
||||||
|
evoadmin_htpasswd: false
|
||||||
|
|
||||||
evoadmin_tpl_servername: "{{ ansible_fqdn }}"
|
evoadmin_tpl_servername: "{{ ansible_fqdn }}"
|
||||||
evoadmin_tpl_address: "{{ ansible_default_ipv4.address }}"
|
evoadmin_tpl_address: "{{ ansible_default_ipv4.address }}"
|
||||||
|
|
|
@ -45,6 +45,22 @@
|
||||||
notify: reload apache2
|
notify: reload apache2
|
||||||
when: not evoadmin_enable_vhost
|
when: not evoadmin_enable_vhost
|
||||||
|
|
||||||
|
- name: Copy htpasswd for evoadmin
|
||||||
|
template:
|
||||||
|
src: "{{ item }}"
|
||||||
|
dest: "/var/www/.ansible_evoadmin_htpasswd"
|
||||||
|
mode: "0644"
|
||||||
|
owner: root
|
||||||
|
group: www-data
|
||||||
|
force: "{{ evoadmin_htpasswd_force }}"
|
||||||
|
with_first_found:
|
||||||
|
- "templates/evoadmin-web/htpasswd.{{ inventory_hostname }}.j2"
|
||||||
|
- "templates/evoadmin-web/htpasswd.{{ host_group }}.j2"
|
||||||
|
- "templates/evoadmin-web/htpasswd.j2"
|
||||||
|
- "htpasswd.j2"
|
||||||
|
when: evoadmin_htpasswd
|
||||||
|
register: evoadmin_htpasswd_template
|
||||||
|
|
||||||
- name: Copy config file for evoadmin
|
- name: Copy config file for evoadmin
|
||||||
template:
|
template:
|
||||||
src: "{{ item }}"
|
src: "{{ item }}"
|
||||||
|
|
|
@ -23,7 +23,20 @@
|
||||||
#Options Indexes SymLinksIfOwnerMatch
|
#Options Indexes SymLinksIfOwnerMatch
|
||||||
Options SymLinksIfOwnerMatch
|
Options SymLinksIfOwnerMatch
|
||||||
AllowOverride AuthConfig Limit FileInfo
|
AllowOverride AuthConfig Limit FileInfo
|
||||||
|
{% if evoadmin_htpasswd %}
|
||||||
|
Require all denied
|
||||||
|
Include /etc/apache2/ipaddr_whitelist.conf
|
||||||
|
AuthType Basic
|
||||||
|
AuthName "Restricted"
|
||||||
|
AuthUserFile "/var/www/.ansible_evoadmin_htpasswd"
|
||||||
|
Require valid-user
|
||||||
|
<IfModule security2_module>
|
||||||
|
SecRuleEngine Off
|
||||||
|
</IfModule>
|
||||||
|
{% else %}
|
||||||
Require all granted
|
Require all granted
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
# user - group (thanks to sesse@debian.org)
|
# user - group (thanks to sesse@debian.org)
|
||||||
|
|
Loading…
Reference in a new issue