--- - name: Main packages are installed apt: name: '{{ item }}' state: present with_items: - apache2 tags: - apache - packages - name: Install packages for Jessie apt: name: '{{ item }}' state: present with_items: - apache2-mpm-prefork tags: - apache - packages when: ansible_distribution_release == "jessie" - name: manually disable mpm_event command: a2dismod mpm_event register: cmd_disable_event changed_when: "'Module mpm_event already disabled' not in cmd_disable_event.stdout" notify: restart apache tags: - apache - name: manually enable mpm_prefork command: a2enmod mpm_prefork register: cmd_disable_prefork changed_when: "'Module mpm_prefork already enabled' not in cmd_disable_prefork.stdout" notify: restart apache tags: - apache # With Ansible 2.2 the module check the config for conflicts # With 2.3 it can be disabled. # https://docs.ansible.com/ansible/apache2_module_module.html # - name: mpm_event modules is disabled # apache2_module: # name: '{{ item }}' # state: absent # with_items: # - mpm_event # tags: # - apache - name: Additional packages are installed apt: name: '{{ item }}' state: present with_items: - apg - apachetop - libwww-perl tags: - apache - packages - name: basic modules are enabled apache2_module: name: '{{ item }}' state: present with_items: - rewrite - expires - headers - cgi - ssl - include - negotiation - alias tags: - apache - name: Copy Apache defaults config file copy: src: evolinux-defaults.conf dest: "/etc/apache2/conf-available/z-evolinux-defaults.conf" owner: root group: root mode: "0644" force: yes tags: - apache - name: Copy Apache localized error pages config file copy: src: evolinux-localized-error-pages.conf dest: "/etc/apache2/conf-available/z-evolinux-localized-error-pages.conf" owner: root group: root mode: "0644" force: yes tags: - apache - name: Create directory which will contain apache error pages file: path: /usr/local/share/apache2/error mode: u=rwX,g=rX,o=rX owner: root group: root state: directory tags: - apache - name: Copy apache error pages copy: src: error-pages/ dest: "/usr/local/share/apache2/error/" directory_mode: u=rwX,g=rX,o=rX mode: u=rw,g=r,o=r owner: root group: root tags: - apache - name: Copy Apache custom config file copy: src: evolinux-custom.conf dest: "/etc/apache2/conf-available/zzz-evolinux-custom.conf" owner: root group: root mode: "0644" force: no tags: - apache - name: Copy Apache SSL (strong security) config file copy: src: evolinux-ssl.conf dest: "/etc/apache2/conf-available/evolinux-ssl.conf" owner: root group: root mode: "0644" force: no tags: - apache - name: Ensure Apache config files are enabled command: "a2enconf {{ item }}" register: command_result changed_when: "'Enabling' in command_result.stderr" with_items: - z-evolinux-defaults.conf - z-evolinux-localized-error-pages.conf - zzz-evolinux-custom.conf - evolinux-ssl.conf tags: - apache - include: auth.yml - name: default vhost is installed template: src: evolinux-default.conf.j2 dest: /etc/apache2/sites-available/000-evolinux-default.conf mode: "0640" # force: yes notify: reload apache tags: - apache - name: default vhost is enabled file: src: /etc/apache2/sites-available/000-evolinux-default.conf dest: /etc/apache2/sites-enabled/000-default.conf state: link force: yes notify: reload apache when: apache_evolinux_default_enabled tags: - apache - name: is umask already present? command: "grep -E '^umask ' /etc/apache2/envvars" failed_when: False changed_when: False register: envvar_grep_umask check_mode: no tags: - apache - name: Add a mark in envvars for umask blockinfile: dest: /etc/apache2/envvars marker: "## {mark} ANSIBLE MANAGED BLOCK" block: | ## Set umask for writing by Apache user. ## Set rights on files and directories written by Apache umask 007 when: envvar_grep_umask.rc != 0 tags: - apache - name: Stat /default index stat: path: /var/www/index.html register: _default_index check_mode: no tags: - apache - include: phpmyadmin.yml when: _default_index.stat.exists # - block: # - name: generate random string for serverstatus suffix # command: "apg -a 1 -M N -n 1" # changed_when: False # register: _random_serverstatus_suffix # # - name: overwrite apache_serverstatus_suffix # set_fact: # apache_serverstatus_suffix: "{{ _random_serverstatus_suffix.stdout }}" # when: apache_serverstatus_suffix == "" # # - name: replace server-status suffix in default site index # replace: # dest: /var/www/index.html # regexp: '__SERVERSTATUS_SUFFIX__' # replace: "{{ apache_serverstatus_suffix }}"