--- - name: packages are installed (Debian 9 or later) apt: name: - apache2 - libapache2-mod-evasive - apachetop - libwww-perl state: present tags: - apache - packages when: ansible_distribution_major_version is version('9', '>=') - name: itk package is installed if required (Debian 9 or later) apt: name: - libapache2-mpm-itk state: present tags: - apache - packages when: - ansible_distribution_major_version is version('9', '>=') - apache_mpm == "itk" - name: packages are installed (jessie) apt: name: - apache2-mpm-itk - libapache2-mod-evasive - apachetop - libwww-perl state: present tags: - apache - packages when: ansible_distribution_release == "jessie" - name: basic modules are enabled apache2_module: name: '{{ item }}' state: present loop: - rewrite - expires - headers - ssl - include - negotiation - alias notify: reload apache tags: - apache - name: basic modules are enabled apache2_module: name: '{{ item }}' state: present loop: - cgi notify: reload apache when: apache_mpm == "prefork" or apache_mpm == "itk" tags: - apache - name: Copy Apache defaults config file copy: src: evolinux-defaults.conf dest: "/etc/apache2/conf-available/z-evolinux-defaults.conf" owner: root group: root mode: "0640" force: yes notify: reload apache tags: - apache - name: Copy Apache custom config file copy: src: evolinux-custom.conf dest: "/etc/apache2/conf-available/zzz-evolinux-custom.conf" owner: root group: root mode: "0640" force: no notify: reload apache tags: - apache - name: disable status.conf file: dest: /etc/apache2/mods-enabled/status.conf state: absent notify: reload apache tags: - apache - name: Ensure Apache config files are enabled command: "a2enconf {{ item }}" register: command_result changed_when: "'Enabling' in command_result.stderr" loop: - z-evolinux-defaults.conf - zzz-evolinux-custom.conf notify: reload apache tags: - apache - include: auth.yml tags: - apache - name: default vhost is installed template: src: evolinux-default.conf.j2 dest: /etc/apache2/sites-available/000-evolinux-default.conf mode: "0640" force: no notify: reload apache tags: - apache - name: default vhost is enabled file: src: /etc/apache2/sites-available/000-evolinux-default.conf dest: /etc/apache2/sites-enabled/000-default.conf state: link force: yes notify: reload apache when: apache_evolinux_default_enabled tags: - apache - include: server_status.yml tags: - apache - name: is umask already present? command: "grep -E '^umask ' /etc/apache2/envvars" failed_when: False changed_when: False register: envvar_grep_umask check_mode: no tags: - apache - name: Add a mark in envvars for umask blockinfile: dest: /etc/apache2/envvars marker: "## {mark} ANSIBLE MANAGED BLOCK" block: | ## Set umask for writing by Apache user. ## Set rights on files and directories written by Apache umask 007 when: envvar_grep_umask.rc != 0 tags: - apache - include_role: name: evolix/remount-usr tags: - apache - name: /usr/share/scripts exists file: dest: /usr/share/scripts mode: "0700" owner: root group: root state: directory tags: - apache - name: "Install save_apache_status.sh" copy: src: save_apache_status.sh dest: /usr/share/scripts/save_apache_status.sh mode: "0755" force: no tags: - apache - name: "logrotate: {{ apache_logrotate_frequency }}" replace: dest: /etc/logrotate.d/apache2 regexp: "(daily|weekly|monthly)" replace: "{{ apache_logrotate_frequency }}" tags: - apache - name: "logrotate: rotate {{ apache_logrotate_rotate }}" replace: dest: /etc/logrotate.d/apache2 regexp: '^(\s+rotate) \d+$' replace: '\1 {{ apache_logrotate_rotate }}' tags: - apache - include: log2mail.yml when: apache_log2mail_include tags: - apache - include: munin.yml when: apache_munin_include tags: - apache