Skip to content

Commit

Permalink
Add buildtools (alpine), remove scl, use better variable names.
Browse files Browse the repository at this point in the history
  • Loading branch information
@robertdebock
robertdebock committed Nov 1, 2018
1 parent e044346 commit 9a7763a
Show file tree
Hide file tree
Showing 7 changed files with 31 additions and 35 deletions.
1 change: 1 addition & 0 deletions molecule/alpine-edge/playbook.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,5 +14,6 @@

roles:
- robertdebock.bootstrap
- robertdebock.buildtools
- robertdebock.python_pip
- ansible-role-httpd
1 change: 1 addition & 0 deletions molecule/alpine-latest/playbook.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,5 +14,6 @@

roles:
- robertdebock.bootstrap
- robertdebock.buildtools
- robertdebock.python_pip
- ansible-role-httpd
1 change: 0 additions & 1 deletion requirements.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,4 @@
- robertdebock.bootstrap
- robertdebock.buildtools
- robertdebock.epel
- robertdebock.scl
- robertdebock.python_pip
30 changes: 10 additions & 20 deletions tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@
# tasks file for httpd
- name: install apache httpd
package:
name: "{{ httpd_packages[ansible_distribution]
| default(httpd_packages['default']) }}"
name: "{{ httpd_packages }}"
state: "{{ httpd_package_state }}"

- name: install requirements
Expand All @@ -24,45 +23,39 @@

- name: create ssl directory
file:
path: "{{ httpd_config_directory[ansible_distribution]
| default(httpd_config_directory['default']) }}/ssl"
path: "{{ httpd_config_directory }}/ssl"
state: directory

- name: create ssl key
openssl_privatekey:
path: "{{ httpd_config_directory[ansible_distribution]
| default(httpd_config_directory['default']) }}/ssl/{{ httpd_ssl_servername }}.key"
path: "{{ httpd_config_directory }}/ssl/{{ httpd_ssl_servername }}.key"
register: key

- name: create ssl csr
openssl_csr:
path: "{{ httpd_config_directory[ansible_distribution]
| default(httpd_config_directory['default']) }}/ssl/{{ httpd_ssl_servername }}.csr"
path: "{{ httpd_config_directory }}/ssl/{{ httpd_ssl_servername }}.csr"
privatekey_path: "{{ key.filename }}"
common_name: "{{ httpd_ssl_servername }}"
register: csr

- name: create ssl certificates
openssl_certificate:
path: "{{ httpd_config_directory[ansible_distribution]
| default(httpd_config_directory['default']) }}/ssl/{{ httpd_ssl_servername }}.crt"
path: "{{ httpd_config_directory }}/ssl/{{ httpd_ssl_servername }}.crt"
privatekey_path: "{{ csr.privatekey }}"
csr_path: "{{ csr.filename }}"
provider: selfsigned

- name: configure ssl
template:
src: ssl.conf.j2
dest: "{{ httpd_config_directory[ansible_distribution]
| default(httpd_config_directory['default']) }}/ssl.conf"
dest: "{{ httpd_config_directory }}/ssl.conf"
notify:
- restart httpd

- name: configure locations
template:
src: location.conf.j2
dest: "{{ httpd_config_directory[ansible_distribution]
| default(httpd_config_directory['default']) }}/{{ item.name }}.conf"
dest: "{{ httpd_config_directory }}/{{ item.name }}.conf"
with_items:
- "{{ httpd_locations }}"
notify:
Expand All @@ -75,8 +68,7 @@
- name: configure vhosts
template:
src: vhost.conf.j2
dest: "{{ httpd_config_directory[ansible_distribution]
| default(httpd_config_directory['default']) }}/{{ item.name }}.conf"
dest: "{{ httpd_config_directory }}/{{ item.name }}.conf"
with_items:
- "{{ httpd_vhosts }}"
notify:
Expand All @@ -89,15 +81,13 @@
- name: configure redirect from http to https
template:
src: default_vhost.conf.j2
dest: "{{ httpd_config_directory[ansible_distribution]
| default(httpd_config_directory['default']) }}/default_vhost.conf"
dest: "{{ httpd_config_directory }}/default_vhost.conf"
notify:
- restart httpd

- name: start and enable httpd
service:
name: "{{ httpd_service[ansible_distribution]
| default(httpd_service['default']) }}"
name: "{{ httpd_service }}"
state: started
enabled: yes
when:
Expand Down
2 changes: 1 addition & 1 deletion templates/default_vhost.conf.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@
NameVirtualHost *:{{ httpd_port }}
<VirtualHost *:{{ httpd_port }}>
ServerName {{ httpd_servername }}
DocumentRoot "{{ httpd_data_directory[ansible_distribution] | default(httpd_data_directory['default']) }}"
DocumentRoot "{{ httpd_data_directory }}"
Redirect permanent / https://{{ httpd_servername }}
</VirtualHost>
6 changes: 3 additions & 3 deletions templates/ssl.conf.j2
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{{ ansible_managed | comment }}
LoadModule ssl_module {{ httpd_mod_ssl[ansible_distribution] | default(httpd_mod_ssl['default']) }}
LoadModule ssl_module {{ httpd_mod_ssl }}

Listen {{ httpd_ssl_port }}
<VirtualHost *:{{ httpd_ssl_port }}>
ServerName {{ httpd_ssl_servername }}
SSLEngine on
SSLCertificateFile "{{ httpd_config_directory[ansible_distribution] | default(httpd_config_directory['default']) }}/ssl/{{ httpd_ssl_servername }}.crt"
SSLCertificateKeyFile "{{ httpd_config_directory[ansible_distribution] | default(httpd_config_directory['default']) }}/ssl/{{ httpd_ssl_servername }}.key"
SSLCertificateFile "{{ httpd_config_directory }}/ssl/{{ httpd_ssl_servername }}.crt"
SSLCertificateKeyFile "{{ httpd_config_directory }}/ssl/{{ httpd_ssl_servername }}.key"
</VirtualHost>
25 changes: 15 additions & 10 deletions vars/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,7 @@ httpd_requirements:
httpd_sebooleans:
- httpd_can_network_connect

httpd_binary:
default: /usr/sbin/httpd
Debian: /usr/sbin/apache2
Ubuntu: /usr/sbin/apache2

httpd_packages:
_httpd_packages:
default:
- httpd
- mod_ssl
Expand All @@ -30,13 +25,17 @@ httpd_packages:
Ubuntu:
- apache2

httpd_service:
httpd_packages: "{{ _httpd_packages[ansible_distribution] | default(_httpd_packages['default']) }}"

_httpd_service:
default: httpd
Alpine: apache2
openSUSE Leap: apache2
openSUSE Tumbleweed: apache2

httpd_config_directory:
httpd_service: "{{ _httpd_service[ansible_distribution] | default(_httpd_service['default']) }}"

_httpd_config_directory:
default: /etc/httpd/conf.d
Alpine: /etc/apache2/conf.d
Archlinux: /etc/httpd/conf/extra
Expand All @@ -45,14 +44,20 @@ httpd_config_directory:
openSUSE Tumbleweed: /etc/apache2/conf.d
Ubuntu: /etc/apache2/conf-enabled

httpd_data_directory:
httpd_config_directory: "{{ _httpd_config_directory[ansible_distribution] | default(_httpd_config_directory['default']) }}"

_httpd_data_directory:
default: /var/www/html
Alpine: /var/www/{{ httpd_servername | default(ansible_fqdn) }}
Archlinux: /src/http
openSUSE Leap: /src/www/htdocs
openSUSE Tumbleweed: /src/www/htdocs

httpd_mod_ssl:
httpd_data_directory: "{{ _httpd_data_directory[ansible_distribution] | default(_httpd_data_directory['default']) }}"

_httpd_mod_ssl:
default: modules/mod_ssl.so
Debian: /usr/lib/apache2/modules/mod_ssl.so
Ubuntu: /usr/lib/apache2/modules/mod_ssl.so

httpd_mod_ssl: "{{ _httpd_mod_ssl[ansible_distribution] | default(_httpd_mod_ssl['default']) }}"

0 comments on commit 9a7763a

Please sign in to comment.