projects
/
ansible.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
add script to continuously check DNS settings
[ansible.git]
/
roles
/
apache
/
tasks
/
main.yml
diff --git
a/roles/apache/tasks/main.yml
b/roles/apache/tasks/main.yml
index 9b6c82e12fd99deede7ed5c6bbd7145209bea315..c195ea935d346f2b8232048bb4732b54cf02ede8 100644
(file)
--- a/
roles/apache/tasks/main.yml
+++ b/
roles/apache/tasks/main.yml
@@
-1,8
+1,8
@@
- name: install apache
- name: install apache
- apt: name=apache2 state=latest
+ apt: name=apache2
,python-netaddr
state=latest
- name: enable apache
service: name=apache2 enabled=yes
- name: enable apache
service: name=apache2 enabled=yes
-# config
+#
apache
config
- name: enable modules
apache2_module:
state: present
- name: enable modules
apache2_module:
state: present
@@
-12,16
+12,29
@@
- ssl
- macro
notify: apache
- ssl
- macro
notify: apache
-- name: install shared config files
+- name: disable modules
+ apache2_module:
+ state: absent
+ name: "{{ item }}"
+ loop:
+ - access_compat
+ notify: apache
+- name: install log anonymization script
copy:
copy:
+ dest: /etc/apache2/log-anon
+ src: files/log-anon
+ mode: +x
+ notify: apache
+- name: install shared config files
+ template:
dest: /etc/apache2/conf-available/{{ item }}
dest: /etc/apache2/conf-available/{{ item }}
- src:
fil
es/{{ item }}
+ src:
templat
es/{{ item }}
loop:
- ssl.conf
- acme-challenge.conf
- php5.conf
- security.conf
loop:
- ssl.conf
- acme-challenge.conf
- php5.conf
- security.conf
- -
other-vhosts-access-log
.conf
+ -
defaults
.conf
notify: apache
- name: enable config files
command: a2enconf {{ item }}
notify: apache
- name: enable config files
command: a2enconf {{ item }}
@@
-29,6
+42,17
@@
creates: /etc/apache2/conf-enabled/{{ item }}.conf
loop:
- ssl
creates: /etc/apache2/conf-enabled/{{ item }}.conf
loop:
- ssl
+ - security
+ - defaults
+ notify: apache
+- name: disable config files
+ command: a2disconf {{ item }}
+ args:
+ removes: /etc/apache2/conf-enabled/{{ item }}.conf
+ loop:
+ - other-vhosts-access-log
+ - serve-cgi-bin
+ notify: apache
- name: install default site
template:
dest: /etc/apache2/sites-available/000-default.conf
- name: install default site
template:
dest: /etc/apache2/sites-available/000-default.conf