X-Git-Url: https://git.ralfj.de/ansible.git/blobdiff_plain/a24a43d8bb66245c758777522a4083d8c8ea7e7b..9892b8db62a259be7669e04257d25e54a687a8b1:/roles/apache/tasks/main.yml diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml index 1280595..fee26ef 100644 --- a/roles/apache/tasks/main.yml +++ b/roles/apache/tasks/main.yml @@ -58,9 +58,23 @@ dest: /etc/apache2/sites-available/000-default.conf src: templates/000-default.conf notify: apache -# work-arounds and hacks -- name: cronjob to fix apache startup - cron: - name: "apache2-start-fix" - minute: "*/5" - job: "if systemctl is-failed apache2 >/dev/null; then echo 'restarting apache'; systemctl restart apache2; fi" +# IPv6 autconf issues: DAD makes addresses appear but unusable, which breaks services startup +- name: tweak apache systemd unit (create dir) + file: path=/etc/systemd/system/apache2.service.d state=directory +- name: tweak apache systemd unit + copy: + dest: /etc/systemd/system/apache2.service.d/override.conf + content: | + [Unit] + After=network-online.target + Wants=network-online.target + [Service] + Restart=on-failure +- name: cleanup old sysconfig + file: path=/etc/sysctl.d/50-no-dad.conf state=absent +- name: sysconfig to fix IPv6 listening + copy: + dest: /etc/sysctl.d/50-ipv6-listen.conf + content: | + # Allow binding to IPv6 address before we got that address + net.ipv6.ip_nonlocal_bind=1