Jérémy Lecour
ee21973371
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2777|524|2253|2462|:+1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/223//ansiblelint">Evolix » ansible-roles » unstable #223</a>
gitea/ansible-roles/pipeline/head This commit looks good
Fully Qualified Collection Name
65 lines
1.6 KiB
YAML
65 lines
1.6 KiB
YAML
---
|
|
|
|
- name: Check if Apache envvars have a PATH
|
|
ansible.builtin.command:
|
|
cmd: "grep -E '^export PATH ' /etc/apache2/envvars"
|
|
failed_when: False
|
|
changed_when: False
|
|
register: envvar_grep_path
|
|
check_mode: no
|
|
|
|
- name: Add a PATH envvar for Apache
|
|
ansible.builtin.blockinfile:
|
|
dest: /etc/apache2/envvars
|
|
marker: "## {mark} ANSIBLE MANAGED BLOCK FOR PATH"
|
|
block: |
|
|
# Used for Evoadmin-web
|
|
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
|
when: envvar_grep_path.rc != 0
|
|
|
|
- name: Additional packages are installed
|
|
ansible.builtin.apt:
|
|
name:
|
|
- libapache2-mod-security2
|
|
- modsecurity-crs
|
|
- apg
|
|
state: present
|
|
|
|
- name: Additional modules are enabled
|
|
community.general.apache2_module:
|
|
name: '{{ item }}'
|
|
state: present
|
|
loop:
|
|
- ssl
|
|
- include
|
|
- negotiation
|
|
- alias
|
|
- log_forensic
|
|
|
|
- name: Copy Apache settings for modules
|
|
ansible.builtin.copy:
|
|
src: "evolinux-modsec.conf"
|
|
dest: "/etc/apache2/conf-available/evolinux-modsec.conf"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
force: no
|
|
|
|
- name: Copy Apache settings for modules
|
|
ansible.builtin.template:
|
|
src: "evolinux-evasive.conf.j2"
|
|
dest: "/etc/apache2/conf-available/evolinux-evasive.conf"
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
force: no
|
|
|
|
- name: Ensure Apache modules configs are enabled
|
|
ansible.builtin.command:
|
|
cmd: "a2enconf {{ item }}"
|
|
register: command_result
|
|
changed_when: "'Enabling' in command_result.stderr"
|
|
loop:
|
|
- evolinux-evasive
|
|
- evolinux-modsec
|