From 9a2be3a8496bdf04794c14d84aa3a5017c8fb8db Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Sat, 2 Jun 2018 09:48:26 +0200 Subject: [PATCH] apache: anonymize error.log; set ServerAdmin and ServerName --- host_vars/template.yml | 2 ++ roles/apache/tasks/main.yml | 8 ++++++-- roles/apache/{files => templates}/acme-challenge.conf | 0 roles/apache/templates/defaults.conf | 6 ++++++ roles/apache/{files => templates}/php5.conf | 0 roles/apache/{files => templates}/security.conf | 0 roles/apache/{files => templates}/ssl.conf | 0 7 files changed, 14 insertions(+), 2 deletions(-) rename roles/apache/{files => templates}/acme-challenge.conf (100%) create mode 100644 roles/apache/templates/defaults.conf rename roles/apache/{files => templates}/php5.conf (100%) rename roles/apache/{files => templates}/security.conf (100%) rename roles/apache/{files => templates}/ssl.conf (100%) diff --git a/host_vars/template.yml b/host_vars/template.yml index f990cba..ab4b23a 100644 --- a/host_vars/template.yml +++ b/host_vars/template.yml @@ -69,6 +69,8 @@ postfix: apache: default_host: www.example.org + webmaster: webmaster@example.org + server_name: web.example.org prosody: host: jabber.example.org diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml index 62f39e8..c195ea9 100644 --- a/roles/apache/tasks/main.yml +++ b/roles/apache/tasks/main.yml @@ -24,15 +24,17 @@ dest: /etc/apache2/log-anon src: files/log-anon mode: +x + notify: apache - name: install shared config files - copy: + template: dest: /etc/apache2/conf-available/{{ item }} - src: files/{{ item }} + src: templates/{{ item }} loop: - ssl.conf - acme-challenge.conf - php5.conf - security.conf + - defaults.conf notify: apache - name: enable config files command: a2enconf {{ item }} @@ -41,6 +43,7 @@ loop: - ssl - security + - defaults notify: apache - name: disable config files command: a2disconf {{ item }} @@ -48,6 +51,7 @@ removes: /etc/apache2/conf-enabled/{{ item }}.conf loop: - other-vhosts-access-log + - serve-cgi-bin notify: apache - name: install default site template: diff --git a/roles/apache/files/acme-challenge.conf b/roles/apache/templates/acme-challenge.conf similarity index 100% rename from roles/apache/files/acme-challenge.conf rename to roles/apache/templates/acme-challenge.conf diff --git a/roles/apache/templates/defaults.conf b/roles/apache/templates/defaults.conf new file mode 100644 index 0000000..d9d4948 --- /dev/null +++ b/roles/apache/templates/defaults.conf @@ -0,0 +1,6 @@ +# Set server name and admin +ServerAdmin {{apache.webmaster}} +ServerName {{apache.server_name}} + +# Anonymize error log +ErrorLog "||/etc/apache2/log-anon ${APACHE_LOG_DIR}/error.log" diff --git a/roles/apache/files/php5.conf b/roles/apache/templates/php5.conf similarity index 100% rename from roles/apache/files/php5.conf rename to roles/apache/templates/php5.conf diff --git a/roles/apache/files/security.conf b/roles/apache/templates/security.conf similarity index 100% rename from roles/apache/files/security.conf rename to roles/apache/templates/security.conf diff --git a/roles/apache/files/ssl.conf b/roles/apache/templates/ssl.conf similarity index 100% rename from roles/apache/files/ssl.conf rename to roles/apache/templates/ssl.conf -- 2.30.2