Make it possible to add an htpasswd file to evoadmin #82
|
@ -16,6 +16,7 @@ The **patch** part changes incrementally at each release.
|
|||
* php: variable to install the mysqlnd module instead of the default mysql module
|
||||
* packweb-apache: Deploy opcache.php to give some insights on PHP's opcache status
|
||||
* webapps/evoadmin-web Overload templates if needed
|
||||
* webapps/evoadmin-web Add an htpasswd to evoadmin if you cant use an apache IP whitelist
|
||||
* redis: max clients is configurable
|
||||
|
||||
### Changed
|
||||
|
|
|
@ -32,4 +32,15 @@ And force it to update:
|
|||
- "templates/evoadmin-web/sudoers.j2"
|
||||
- "sudoers.j2"
|
||||
And force it to update:
|
||||
evoadmin_sudoers_conf_force: True
|
||||
evoadmin_sudoers_conf_force: True
|
||||
|
||||
# Set evoadmin-web sudoers file
|
||||
evoadmin_htpasswd: true
|
||||
|
||||
Overwrite its template:
|
||||
- "templates/evoadmin-web/htpasswd.{{ inventory_hostname }}.j2"
|
||||
- "templates/evoadmin-web/htpasswd.{{ host_group }}.j2"
|
||||
- "templates/evoadmin-web/htpasswd.j2"
|
||||
- "htpasswd.j2"
|
||||
And force it to update:
|
||||
evoadmin_htpasswd_force: true
|
||||
|
|
|
@ -18,6 +18,8 @@ evoadmin_config_local_php_force: false
|
|||
evoadmin_sudoers_conf_force: false
|
||||
evoadmin_add_conf_force: false
|
||||
evoadmin_mail_tpl_force: false
|
||||
evoadmin_htpasswd_force: false
|
||||
evoadmin_htpasswd: false
|
||||
|
||||
evoadmin_tpl_servername: "{{ ansible_fqdn }}"
|
||||
evoadmin_tpl_address: "{{ ansible_default_ipv4.address }}"
|
||||
|
|
|
@ -45,6 +45,22 @@
|
|||
notify: reload apache2
|
||||
when: not evoadmin_enable_vhost
|
||||
|
||||
- name: Copy htpasswd for evoadmin
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: "/var/www/.ansible_evoadmin_htpasswd"
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: www-data
|
||||
force: "{{ evoadmin_htpasswd_force }}"
|
||||
with_first_found:
|
||||
- "templates/evoadmin-web/htpasswd.{{ inventory_hostname }}.j2"
|
||||
- "templates/evoadmin-web/htpasswd.{{ host_group }}.j2"
|
||||
- "templates/evoadmin-web/htpasswd.j2"
|
||||
- "htpasswd.j2"
|
||||
when: evoadmin_htpasswd
|
||||
register: evoadmin_htpasswd_template
|
||||
|
||||
- name: Copy config file for evoadmin
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
|
|
|
@ -23,7 +23,20 @@
|
|||
#Options Indexes SymLinksIfOwnerMatch
|
||||
Options SymLinksIfOwnerMatch
|
||||
AllowOverride AuthConfig Limit FileInfo
|
||||
{% if evoadmin_htpasswd %}
|
||||
Require all denied
|
||||
Include /etc/apache2/ipaddr_whitelist.conf
|
||||
AuthType Basic
|
||||
AuthName "Restricted"
|
||||
AuthUserFile "/var/www/.ansible_evoadmin_htpasswd"
|
||||
Require valid-user
|
||||
<IfModule security2_module>
|
||||
SecRuleEngine Off
|
||||
</IfModule>
|
||||
{% else %}
|
||||
Require all granted
|
||||
{% endif %}
|
||||
|
||||
</Directory>
|
||||
|
||||
# user - group (thanks to sesse@debian.org)
|
||||
|
|
Loading…
Reference in a new issue