- name: install apache
  apt: name=apache2,python-netaddr state=latest
- name: enable apache
  service: name=apache2 enabled=yes
# apache config
- name: enable modules
  apache2_module:
    state: present
    name: "{{ item }}"
  loop:
  - headers
  - ssl
  - macro
  notify: apache
- name: disable modules
  apache2_module:
    state: absent
    name: "{{ item }}"
  loop:
  - access_compat
  notify: apache
- name: install log anonymization script
  copy:
    dest: /etc/apache2/log-anon
    src: files/log-anon
    mode: +x
  notify: apache
- name: install shared config files
  template:
    dest: /etc/apache2/conf-available/{{ item }}
    src: templates/{{ item }}
  loop:
  - ssl.conf
  - acme-challenge.conf
  - php5.conf
  - security.conf
  - defaults.conf
  notify: apache
- name: enable config files
  command: a2enconf {{ item }}
  args:
    creates: /etc/apache2/conf-enabled/{{ item }}.conf
  loop:
  - ssl
  - security
  - defaults
  notify: apache
- name: disable config files
  command: a2disconf {{ item }}
  args:
    removes: /etc/apache2/conf-enabled/{{ item }}.conf
  loop:
  - other-vhosts-access-log
  - serve-cgi-bin
  notify: apache
- name: install default site
  template:
    dest: /etc/apache2/sites-available/000-default.conf
    src: templates/000-default.conf
  notify: apache
# work-arounds and hacks
- name: cronjob to fix apache startup
  cron:
    name: "apache2-start-fix"
    minute: "*/5"
    job: "if systemctl is-failed apache2 >/dev/null; then echo 'restarting apache'; systemctl restart apache2; fi"