apache: anonymize error.log; set ServerAdmin and ServerName
authorRalf Jung <post@ralfj.de>
Sat, 2 Jun 2018 07:48:26 +0000 (09:48 +0200)
committerRalf Jung <post@ralfj.de>
Sat, 2 Jun 2018 07:48:26 +0000 (09:48 +0200)
host_vars/template.yml
roles/apache/tasks/main.yml
roles/apache/templates/acme-challenge.conf [moved from roles/apache/files/acme-challenge.conf with 100% similarity]
roles/apache/templates/defaults.conf [new file with mode: 0644]
roles/apache/templates/php5.conf [moved from roles/apache/files/php5.conf with 100% similarity]
roles/apache/templates/security.conf [moved from roles/apache/files/security.conf with 100% similarity]
roles/apache/templates/ssl.conf [moved from roles/apache/files/ssl.conf with 100% similarity]

index f990cba5ad08db4f06f2d293481a501a6e4b3470..ab4b23afd9a231ff26c764ba23cab912d5c27229 100644 (file)
@@ -69,6 +69,8 @@ postfix:
 
 apache:
   default_host: www.example.org
 
 apache:
   default_host: www.example.org
+  webmaster: webmaster@example.org
+  server_name: web.example.org
 
 prosody:
   host: jabber.example.org
 
 prosody:
   host: jabber.example.org
index 62f39e8ca677b5377a89eed58435470713d6f973..c195ea935d346f2b8232048bb4732b54cf02ede8 100644 (file)
     dest: /etc/apache2/log-anon
     src: files/log-anon
     mode: +x
     dest: /etc/apache2/log-anon
     src: files/log-anon
     mode: +x
+  notify: apache
 - name: install shared config files
 - name: install shared config files
-  copy:
+  template:
     dest: /etc/apache2/conf-available/{{ item }}
     dest: /etc/apache2/conf-available/{{ item }}
-    src: files/{{ item }}
+    src: templates/{{ item }}
   loop:
   - ssl.conf
   - acme-challenge.conf
   - php5.conf
   - security.conf
   loop:
   - ssl.conf
   - acme-challenge.conf
   - php5.conf
   - security.conf
+  - defaults.conf
   notify: apache
 - name: enable config files
   command: a2enconf {{ item }}
   notify: apache
 - name: enable config files
   command: a2enconf {{ item }}
@@ -41,6 +43,7 @@
   loop:
   - ssl
   - security
   loop:
   - ssl
   - security
+  - defaults
   notify: apache
 - name: disable config files
   command: a2disconf {{ item }}
   notify: apache
 - name: disable config files
   command: a2disconf {{ item }}
@@ -48,6 +51,7 @@
     removes: /etc/apache2/conf-enabled/{{ item }}.conf
   loop:
   - other-vhosts-access-log
     removes: /etc/apache2/conf-enabled/{{ item }}.conf
   loop:
   - other-vhosts-access-log
+  - serve-cgi-bin
   notify: apache
 - name: install default site
   template:
   notify: apache
 - name: install default site
   template:
diff --git a/roles/apache/templates/defaults.conf b/roles/apache/templates/defaults.conf
new file mode 100644 (file)
index 0000000..d9d4948
--- /dev/null
@@ -0,0 +1,6 @@
+# Set server name and admin
+ServerAdmin {{apache.webmaster}}
+ServerName {{apache.server_name}}
+
+# Anonymize error log
+ErrorLog "||/etc/apache2/log-anon ${APACHE_LOG_DIR}/error.log"