diff --git a/galaxy.yml b/galaxy.yml index 454a483..bdec7b7 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -8,7 +8,7 @@ namespace: s3lph name: webserver # The version of the collection. Must be compatible with semantic versioning -version: 0.2.0 +version: 0.2.1 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection readme: README.md diff --git a/roles/apache2/defaults/main.yml b/roles/apache2/defaults/main.yml index 479c03b..7114024 100644 --- a/roles/apache2/defaults/main.yml +++ b/roles/apache2/defaults/main.yml @@ -24,6 +24,7 @@ apache2_tls_ciphersuite: "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA apache2_tls_honor_cipher_order: false apache2_tls_session_tickets: false +apache2_module_packages: [] apache2_modules: - ssl - proxy_http diff --git a/roles/apache2/tasks/config.yml b/roles/apache2/tasks/config.yml index 831f22f..26d03ac 100644 --- a/roles/apache2/tasks/config.yml +++ b/roles/apache2/tasks/config.yml @@ -9,7 +9,7 @@ - meta: flush_handlers - name: check for tls keypair existence - stat: + ansible.builtin.stat: path: "{{ item }}" follow: yes loop: | @@ -33,7 +33,7 @@ loop: "{{ apache2_sites.values() }}" - name: render apache site configs - template: + ansible.builtin.template: src: etc/apache2/sites-available/site.conf.j2 dest: "/etc/apache2/sites-available/{{ item.key }}.conf" owner: root @@ -48,7 +48,7 @@ notify: reload apache2 - name: enable apache2 sites - file: + ansible.builtin.file: path: "/etc/apache2/sites-enabled/{{ item }}.conf" state: link src: "../sites-available/{{ item }}.conf" diff --git a/roles/apache2/tasks/install.yml b/roles/apache2/tasks/install.yml index bb0fbd1..00fc385 100644 --- a/roles/apache2/tasks/install.yml +++ b/roles/apache2/tasks/install.yml @@ -1,13 +1,17 @@ --- - name: install apache2 and related packages - apt: + ansible.builtin.apt: name: - apache2 - ssl-cert # snakeoil cert used for optional tls bootstrapping +- name: install apache2 and related packages + ansible.builtin.apt: + name: "{{ apache2_module_packages }}" + - name: start and enable apache2 - service: + ansible.builtin.service: name: apache2 state: started enabled: yes diff --git a/roles/apache2/tasks/main.yml b/roles/apache2/tasks/main.yml index 55278e7..207f236 100644 --- a/roles/apache2/tasks/main.yml +++ b/roles/apache2/tasks/main.yml @@ -1,11 +1,11 @@ --- -- import_tasks: install.yml +- ansible.builtin.import_tasks: install.yml tags: - "role::apache2" - "role::apache2:install" -- import_tasks: config.yml +- ansible.builtin.import_tasks: config.yml tags: - "role::apache2" - "role::apache2:config" diff --git a/roles/certbot/tasks/install.yml b/roles/certbot/tasks/install.yml index b9eaee4..3ba82dc 100644 --- a/roles/certbot/tasks/install.yml +++ b/roles/certbot/tasks/install.yml @@ -1,7 +1,7 @@ --- - name: install certbot - apt: + ansible.builtin.apt: name: - certbot diff --git a/roles/certbot/tasks/issue.yml b/roles/certbot/tasks/issue.yml index cf7ad30..17414cc 100644 --- a/roles/certbot/tasks/issue.yml +++ b/roles/certbot/tasks/issue.yml @@ -1,7 +1,7 @@ --- - name: issue certificates - command: >- + ansible.builtin.command: >- /usr/bin/certbot certonly --server {{ cert.server | default(certbot_acme_server) }} --agree-tos diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml index 1bfc3c2..3d1fb06 100644 --- a/roles/certbot/tasks/main.yml +++ b/roles/certbot/tasks/main.yml @@ -1,11 +1,11 @@ --- -- import_tasks: install.yml +- ansible.builtin.import_tasks: install.yml tags: - "role::certbot" - "role::certbot:install" -- import_tasks: issue.yml +- ansible.builtin.import_tasks: issue.yml tags: - "role::certbot" - "role::certbot:issue"