Add option to install additional apache modules via apt
This commit is contained in:
s3lph
parent
8e1af6a2e1
commit
9facd9f7eb
8 changed files with 17 additions and 12 deletions
|
|
@ -8,7 +8,7 @@ namespace: s3lph
|
||||||
name: webserver
|
name: webserver
|
||||||
|
|
||||||
# The version of the collection. Must be compatible with semantic versioning
|
# The version of the collection. Must be compatible with semantic versioning
|
||||||
version: 0.2.0
|
version: 0.2.1
|
||||||
|
|
||||||
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
|
# The path to the Markdown (.md) readme file. This path is relative to the root of the collection
|
||||||
readme: README.md
|
readme: README.md
|
||||||
|
|
|
||||||
|
|
@ -24,6 +24,7 @@ apache2_tls_ciphersuite: "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA
|
||||||
apache2_tls_honor_cipher_order: false
|
apache2_tls_honor_cipher_order: false
|
||||||
apache2_tls_session_tickets: false
|
apache2_tls_session_tickets: false
|
||||||
|
|
||||||
|
apache2_module_packages: []
|
||||||
apache2_modules:
|
apache2_modules:
|
||||||
- ssl
|
- ssl
|
||||||
- proxy_http
|
- proxy_http
|
||||||
|
|
|
||||||
|
|
@ -9,7 +9,7 @@
|
||||||
- meta: flush_handlers
|
- meta: flush_handlers
|
||||||
|
|
||||||
- name: check for tls keypair existence
|
- name: check for tls keypair existence
|
||||||
stat:
|
ansible.builtin.stat:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
follow: yes
|
follow: yes
|
||||||
loop: |
|
loop: |
|
||||||
|
|
@ -33,7 +33,7 @@
|
||||||
loop: "{{ apache2_sites.values() }}"
|
loop: "{{ apache2_sites.values() }}"
|
||||||
|
|
||||||
- name: render apache site configs
|
- name: render apache site configs
|
||||||
template:
|
ansible.builtin.template:
|
||||||
src: etc/apache2/sites-available/site.conf.j2
|
src: etc/apache2/sites-available/site.conf.j2
|
||||||
dest: "/etc/apache2/sites-available/{{ item.key }}.conf"
|
dest: "/etc/apache2/sites-available/{{ item.key }}.conf"
|
||||||
owner: root
|
owner: root
|
||||||
|
|
@ -48,7 +48,7 @@
|
||||||
notify: reload apache2
|
notify: reload apache2
|
||||||
|
|
||||||
- name: enable apache2 sites
|
- name: enable apache2 sites
|
||||||
file:
|
ansible.builtin.file:
|
||||||
path: "/etc/apache2/sites-enabled/{{ item }}.conf"
|
path: "/etc/apache2/sites-enabled/{{ item }}.conf"
|
||||||
state: link
|
state: link
|
||||||
src: "../sites-available/{{ item }}.conf"
|
src: "../sites-available/{{ item }}.conf"
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,17 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: install apache2 and related packages
|
- name: install apache2 and related packages
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- apache2
|
- apache2
|
||||||
- ssl-cert # snakeoil cert used for optional tls bootstrapping
|
- ssl-cert # snakeoil cert used for optional tls bootstrapping
|
||||||
|
|
||||||
|
- name: install apache2 and related packages
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name: "{{ apache2_module_packages }}"
|
||||||
|
|
||||||
- name: start and enable apache2
|
- name: start and enable apache2
|
||||||
service:
|
ansible.builtin.service:
|
||||||
name: apache2
|
name: apache2
|
||||||
state: started
|
state: started
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,11 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- import_tasks: install.yml
|
- ansible.builtin.import_tasks: install.yml
|
||||||
tags:
|
tags:
|
||||||
- "role::apache2"
|
- "role::apache2"
|
||||||
- "role::apache2:install"
|
- "role::apache2:install"
|
||||||
|
|
||||||
- import_tasks: config.yml
|
- ansible.builtin.import_tasks: config.yml
|
||||||
tags:
|
tags:
|
||||||
- "role::apache2"
|
- "role::apache2"
|
||||||
- "role::apache2:config"
|
- "role::apache2:config"
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: install certbot
|
- name: install certbot
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
name:
|
name:
|
||||||
- certbot
|
- certbot
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: issue certificates
|
- name: issue certificates
|
||||||
command: >-
|
ansible.builtin.command: >-
|
||||||
/usr/bin/certbot certonly
|
/usr/bin/certbot certonly
|
||||||
--server {{ cert.server | default(certbot_acme_server) }}
|
--server {{ cert.server | default(certbot_acme_server) }}
|
||||||
--agree-tos
|
--agree-tos
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,11 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- import_tasks: install.yml
|
- ansible.builtin.import_tasks: install.yml
|
||||||
tags:
|
tags:
|
||||||
- "role::certbot"
|
- "role::certbot"
|
||||||
- "role::certbot:install"
|
- "role::certbot:install"
|
||||||
|
|
||||||
- import_tasks: issue.yml
|
- ansible.builtin.import_tasks: issue.yml
|
||||||
tags:
|
tags:
|
||||||
- "role::certbot"
|
- "role::certbot"
|
||||||
- "role::certbot:issue"
|
- "role::certbot:issue"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue