ansible-collection-webserver/roles/apache2/tasks/config.yml

---

- name: Enable Apache2 modules
  community.general.apache2_module:
    name: "{{ item }}"
  loop: "{{ apache2_modules }}"
  notify: Restart Apache2

- name: Flush handlers
  ansible.builtin.meta: flush_handlers

- name: Check for TLS keypair existence
  ansible.builtin.stat:
    path: "{{ item }}"
    follow: true
  loop: |
    {%- set files = [] -%}
    {%- for name, site in apache2_sites.items() -%}
    {%- if site.https_enabled | default(apache2_vhost_https_enabled) -%}
    {%- set _x = files.append(site.tls_certfile | default(apache2_tls_certfile)) -%}
    {%- set _x = files.append(site.tls_keyfile | default(apache2_tls_keyfile)) -%}
    {%- endif -%}
    {%- endfor -%}
    {{- files | unique | list -}}
  register: apache2_register_stat_tls_keypairs

- name: Create Apache2 document roots
  ansible.builtin.file:
    path: "{{ item.documentroot | default(apache2_vhost_documentroot) }}"
    state: directory
    owner: "{{ item.documentroot_owner | default(apache2_vhost_documentroot_owner) }}"
    group: "{{ item.documentroot_group | default(apache2_vhost_documentroot_group) }}"
    mode: "0755"
  loop: "{{ apache2_sites.values() }}"

- name: Render Apache2 site configs
  ansible.builtin.template:
    src: etc/apache2/sites-available/site.conf.j2
    dest: "/etc/apache2/sites-available/{{ item.key }}.conf"
    owner: root
    group: root
    mode: "0644"
  vars:
    site_name: "{{ item.key }}"
    site: "{{ item.value }}"
    certfile_name: "{{ item.value.tls_certfile | default(apache2_tls_certfile) }}"
    keyfile_name: "{{ item.value.tls_certfile | default(apache2_tls_keyfile) }}"
    certfile_exists: "{{ (apache2_register_stat_tls_keypairs.results | selectattr('item', 'equalto', certfile_name))[0].stat.exists }}"
    keyfile_exists: "{{ (apache2_register_stat_tls_keypairs.results | selectattr('item', 'equalto', keyfile_name))[0].stat.exists }}"
  loop: "{{ apache2_sites | dict2items }}"
  notify: Reload Apache2

- name: Enable Apache2 sites
  ansible.builtin.file:
    path: "/etc/apache2/sites-enabled/{{ item }}.conf"
    state: link
    src: "../sites-available/{{ item }}.conf"
    owner: root
    group: root
  loop: "{{ apache2_sites.keys() }}"
  ignore_errors: "{{ ansible_check_mode }}"
  notify: Reload Apache2

- name: Render Apache2 global config
  ansible.builtin.template:
    src: etc/apache2/conf-available/99-sslconfig.conf.j2
    dest: /etc/apache2/conf-available/99-sslconfig.conf
    owner: root
    group: root
    mode: "0644"
  notify: Reload Apache2

- name: Enable Apache2 global config
  ansible.builtin.file:
    path: "/etc/apache2/conf-enabled/99-sslconfig.conf"
    state: link
    src: "../conf-available/99-sslconfig.conf"
    owner: root
    group: root
  ignore_errors: "{{ ansible_check_mode }}"
  notify: Reload Apache2
Initial commit 2021-04-26 00:07:37 +02:00			`---`

major cleanup 2024-08-11 03:39:26 +02:00			`- name: Enable Apache2 modules`
Initial commit 2021-04-26 00:07:37 +02:00			`community.general.apache2_module:`
			`name: "{{ item }}"`
			`loop: "{{ apache2_modules }}"`
major cleanup 2024-08-11 03:39:26 +02:00			`notify: Restart Apache2`
Initial commit 2021-04-26 00:07:37 +02:00
major cleanup 2024-08-11 03:39:26 +02:00			`- name: Flush handlers`
			`ansible.builtin.meta: flush_handlers`
Initial commit 2021-04-26 00:07:37 +02:00
major cleanup 2024-08-11 03:39:26 +02:00			`- name: Check for TLS keypair existence`
Add option to install additional apache modules via apt 2023-01-23 22:31:15 +01:00			`ansible.builtin.stat:`
major cleanup 2024-08-11 03:39:26 +02:00			`path: "{{ item }}"`
			`follow: true`
Initial commit 2021-04-26 00:07:37 +02:00			`loop: \|`
			`{%- set files = [] -%}`
apache2: Fix certificate existence check, fix a2ensite 2021-04-26 01:38:50 +02:00			`{%- for name, site in apache2_sites.items() -%}`
Initial commit 2021-04-26 00:07:37 +02:00			`{%- if site.https_enabled \| default(apache2_vhost_https_enabled) -%}`
			`{%- set _x = files.append(site.tls_certfile \| default(apache2_tls_certfile)) -%}`
apache2: Fix certificate existence check 2021-04-26 01:16:11 +02:00			`{%- set _x = files.append(site.tls_keyfile \| default(apache2_tls_keyfile)) -%}`
Fix check for certificate existence 2021-06-03 02:48:12 +02:00			`{%- endif -%}`
Initial commit 2021-04-26 00:07:37 +02:00			`{%- endfor -%}`
			`{{- files \| unique \| list -}}`
			`register: apache2_register_stat_tls_keypairs`
apache2: create document root directories 2021-11-05 00:06:15 +01:00
major cleanup 2024-08-11 03:39:26 +02:00			`- name: Create Apache2 document roots`
apache2: create document root directories 2021-11-05 00:06:15 +01:00			`ansible.builtin.file:`
			`path: "{{ item.documentroot \| default(apache2_vhost_documentroot) }}"`
			`state: directory`
Add options for setting the webroot owner/group 2022-03-01 00:32:14 +01:00			`owner: "{{ item.documentroot_owner \| default(apache2_vhost_documentroot_owner) }}"`
			`group: "{{ item.documentroot_group \| default(apache2_vhost_documentroot_group) }}"`
major cleanup 2024-08-11 03:39:26 +02:00			`mode: "0755"`
apache2: create document root directories 2021-11-05 00:06:15 +01:00			`loop: "{{ apache2_sites.values() }}"`
major cleanup 2024-08-11 03:39:26 +02:00
			`- name: Render Apache2 site configs`
Add option to install additional apache modules via apt 2023-01-23 22:31:15 +01:00			`ansible.builtin.template:`
Initial commit 2021-04-26 00:07:37 +02:00			`src: etc/apache2/sites-available/site.conf.j2`
			`dest: "/etc/apache2/sites-available/{{ item.key }}.conf"`
			`owner: root`
			`group: root`
major cleanup 2024-08-11 03:39:26 +02:00			`mode: "0644"`
Initial commit 2021-04-26 00:07:37 +02:00			`vars:`
major cleanup 2024-08-11 03:39:26 +02:00			`site_name: "{{ item.key }}"`
Initial commit 2021-04-26 00:07:37 +02:00			`site: "{{ item.value }}"`
major cleanup 2024-08-11 03:39:26 +02:00			`certfile_name: "{{ item.value.tls_certfile \| default(apache2_tls_certfile) }}"`
			`keyfile_name: "{{ item.value.tls_certfile \| default(apache2_tls_keyfile) }}"`
			`certfile_exists: "{{ (apache2_register_stat_tls_keypairs.results \| selectattr('item', 'equalto', certfile_name))[0].stat.exists }}"`
			`keyfile_exists: "{{ (apache2_register_stat_tls_keypairs.results \| selectattr('item', 'equalto', keyfile_name))[0].stat.exists }}"`
Initial commit 2021-04-26 00:07:37 +02:00			`loop: "{{ apache2_sites \| dict2items }}"`
major cleanup 2024-08-11 03:39:26 +02:00			`notify: Reload Apache2`
Initial commit 2021-04-26 00:07:37 +02:00
major cleanup 2024-08-11 03:39:26 +02:00			`- name: Enable Apache2 sites`
Add option to install additional apache modules via apt 2023-01-23 22:31:15 +01:00			`ansible.builtin.file:`
Initial commit 2021-04-26 00:07:37 +02:00			`path: "/etc/apache2/sites-enabled/{{ item }}.conf"`
			`state: link`
			`src: "../sites-available/{{ item }}.conf"`
			`owner: root`
			`group: root`
apache2: Fix certificate existence check, fix a2ensite 2021-04-26 01:38:50 +02:00			`loop: "{{ apache2_sites.keys() }}"`
fix: handler capitalization 2024-08-11 04:15:55 +02:00			`ignore_errors: "{{ ansible_check_mode }}"`
			`notify: Reload Apache2`
feat: add global ssl config 2024-08-11 04:01:35 +02:00
			`- name: Render Apache2 global config`
			`ansible.builtin.template:`
			`src: etc/apache2/conf-available/99-sslconfig.conf.j2`
			`dest: /etc/apache2/conf-available/99-sslconfig.conf`
			`owner: root`
			`group: root`
			`mode: "0644"`
fix: handler capitalization 2024-08-11 04:15:55 +02:00			`notify: Reload Apache2`
feat: add global ssl config 2024-08-11 04:01:35 +02:00
			`- name: Enable Apache2 global config`
			`ansible.builtin.file:`
			`path: "/etc/apache2/conf-enabled/99-sslconfig.conf"`
			`state: link`
			`src: "../conf-available/99-sslconfig.conf"`
			`owner: root`
			`group: root`
fix: handler capitalization 2024-08-11 04:15:55 +02:00			`ignore_errors: "{{ ansible_check_mode }}"`
			`notify: Reload Apache2`