remove 'Debian' from task-names
This commit is contained in:
AnsibleGuy
parent
40a22a75b7
commit
6b6a361489
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Certs | Creating certificates"
|
- name: "Apache | Site '{{ name }}' | Certs | Creating certificates"
|
||||||
ansible.builtin.include_role:
|
ansible.builtin.include_role:
|
||||||
name: ansibleguy.infra_certs
|
name: ansibleguy.infra_certs
|
||||||
vars:
|
vars:
|
||||||
|
|
@ -38,7 +38,7 @@
|
||||||
apply:
|
apply:
|
||||||
tags: [certs, sites]
|
tags: [certs, sites]
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Certs | Trying to copy cert pub"
|
- name: "Apache | Site '{{ name }}' | Certs | Trying to copy cert pub"
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
dest: "{{ APACHE_CONFIG.ssl.path }}/{{ name }}.crt"
|
dest: "{{ APACHE_CONFIG.ssl.path }}/{{ name }}.crt"
|
||||||
src: "files/certs/{{ name }}.crt"
|
src: "files/certs/{{ name }}.crt"
|
||||||
|
|
@ -49,7 +49,7 @@
|
||||||
register: copy_cert_pub
|
register: copy_cert_pub
|
||||||
when: site.ssl.mode == 'existing'
|
when: site.ssl.mode == 'existing'
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Certs | Trying to copy cert pk"
|
- name: "Apache | Site '{{ name }}' | Certs | Trying to copy cert pk"
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
dest: "{{ APACHE_CONFIG.ssl.path }}/{{ name }}.key"
|
dest: "{{ APACHE_CONFIG.ssl.path }}/{{ name }}.key"
|
||||||
src: "files/certs/{{ name }}.key"
|
src: "files/certs/{{ name }}.key"
|
||||||
|
|
|
||||||
|
|
@ -2,29 +2,29 @@
|
||||||
|
|
||||||
# todo: option for security.txt
|
# todo: option for security.txt
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Showing debug info - user provided config"
|
- name: "Apache | Site '{{ name }}' | Showing debug info - user provided config"
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
var: site_item.value
|
var: site_item.value
|
||||||
when: debug | bool
|
when: debug | bool
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Showing debug info - running config"
|
- name: "Apache | Site '{{ name }}' | Showing debug info - running config"
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
var: site
|
var: site
|
||||||
when: debug | bool
|
when: debug | bool
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Checking config"
|
- name: "Apache | Site '{{ name }}' | Checking config"
|
||||||
ansible.builtin.fail:
|
ansible.builtin.fail:
|
||||||
msg: "The required site-configuration was not provided!
|
msg: "The required site-configuration was not provided!
|
||||||
Needed: 'domain'"
|
Needed: 'domain'"
|
||||||
when: site.domain is none or site.domain is undefined
|
when: site.domain is none or site.domain is undefined
|
||||||
tags: [config, sites, certs]
|
tags: [config, sites, certs]
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Configuring certificates"
|
- name: "Apache | Site '{{ name }}' | Configuring certificates"
|
||||||
ansible.builtin.import_tasks: add_certs.yml
|
ansible.builtin.import_tasks: add_certs.yml
|
||||||
when: "site.ssl.mode in ['selfsigned', 'existing', 'ca']"
|
when: "site.ssl.mode in ['selfsigned', 'existing', 'ca']"
|
||||||
tags: [sites, certs]
|
tags: [sites, certs]
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Configuring ipv4 listen-ports"
|
- name: "Apache | Site '{{ name }}' | Configuring ipv4 listen-ports"
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: '/etc/apache2/ports.conf'
|
path: '/etc/apache2/ports.conf'
|
||||||
line: "Listen {{ port }}"
|
line: "Listen {{ port }}"
|
||||||
|
|
@ -41,7 +41,7 @@
|
||||||
- "{{ site.port_ssl }}"
|
- "{{ site.port_ssl }}"
|
||||||
tags: [config, sites]
|
tags: [config, sites]
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Configuring ipv6 listen-ports"
|
- name: "Apache | Site '{{ name }}' | Configuring ipv6 listen-ports"
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: '/etc/apache2/ports.conf'
|
path: '/etc/apache2/ports.conf'
|
||||||
line: "Listen [::]:{{ port }}"
|
line: "Listen [::]:{{ port }}"
|
||||||
|
|
@ -54,7 +54,7 @@
|
||||||
when: APACHE_CONFIG.ipv6
|
when: APACHE_CONFIG.ipv6
|
||||||
tags: [config, sites]
|
tags: [config, sites]
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Create root directory"
|
- name: "Apache | Site '{{ name }}' | Create root directory"
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ site.serve.path }}"
|
path: "{{ site.serve.path }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
@ -64,7 +64,7 @@
|
||||||
when: site.mode == 'serve'
|
when: site.mode == 'serve'
|
||||||
tags: [sites]
|
tags: [sites]
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Configuring site"
|
- name: "Apache | Site '{{ name }}' | Configuring site"
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: 'templates/etc/apache2/sites-available/site.conf.j2'
|
src: 'templates/etc/apache2/sites-available/site.conf.j2'
|
||||||
dest: "/etc/apache2/sites-available/site_{{ name }}.conf"
|
dest: "/etc/apache2/sites-available/site_{{ name }}.conf"
|
||||||
|
|
@ -73,7 +73,7 @@
|
||||||
mode: 0644
|
mode: 0644
|
||||||
tags: [config, sites]
|
tags: [config, sites]
|
||||||
|
|
||||||
- name: "Apache | Debian | Site '{{ name }}' | Enabling site"
|
- name: "Apache | Site '{{ name }}' | Enabling site"
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
state: link
|
state: link
|
||||||
src: "/etc/apache2/sites-available/site_{{ name }}.conf"
|
src: "/etc/apache2/sites-available/site_{{ name }}.conf"
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,13 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Apache | Debian | Status page | Configuring listen-port
|
- name: Apache | Status page | Configuring listen-port
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
path: '/etc/apache2/ports.conf'
|
path: '/etc/apache2/ports.conf'
|
||||||
line: "Listen {{ APACHE_CONFIG.status_page.port }}"
|
line: "Listen {{ APACHE_CONFIG.status_page.port }}"
|
||||||
ignore_errors: true
|
ignore_errors: true
|
||||||
tags: [config, sites, base]
|
tags: [config, sites, base]
|
||||||
|
|
||||||
- name: Apache | Debian | Status page | Configuring site
|
- name: Apache | Status page | Configuring site
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: 'templates/etc/apache2/sites-available/status.conf.j2'
|
src: 'templates/etc/apache2/sites-available/status.conf.j2'
|
||||||
dest: '/etc/apache2/sites-available/status.conf'
|
dest: '/etc/apache2/sites-available/status.conf'
|
||||||
|
|
@ -16,7 +16,7 @@
|
||||||
mode: 0640
|
mode: 0640
|
||||||
tags: [config, sites, base]
|
tags: [config, sites, base]
|
||||||
|
|
||||||
- name: Apache | Debian | Status page | Enabling site
|
- name: Apache | Status page | Enabling site
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
state: link
|
state: link
|
||||||
src: '/etc/apache2/sites-available/status.conf'
|
src: '/etc/apache2/sites-available/status.conf'
|
||||||
|
|
|
||||||
|
|
@ -1,30 +1,30 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Apache | Debian | Showing debug info - user provided config
|
- name: Apache | Showing debug info - user provided config
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
var: apache
|
var: apache
|
||||||
when: debug | bool
|
when: debug | bool
|
||||||
|
|
||||||
- name: Apache | Debian | Showing debug info - running config
|
- name: Apache | Showing debug info - running config
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
var: APACHE_CONFIG
|
var: APACHE_CONFIG
|
||||||
when: debug | bool
|
when: debug | bool
|
||||||
|
|
||||||
- name: Apache | Debian | Install apache
|
- name: Apache | Install apache
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
name: "{{ APACHE_HC.packages }}"
|
name: "{{ APACHE_HC.packages }}"
|
||||||
state: present
|
state: present
|
||||||
update_cache: true
|
update_cache: true
|
||||||
tags: [base]
|
tags: [base]
|
||||||
|
|
||||||
- name: Apache | Debian | Creating service user
|
- name: Apache | Creating service user
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
name: "{{ APACHE_CONFIG.user }}"
|
name: "{{ APACHE_CONFIG.user }}"
|
||||||
shell: '/usr/sbin/nologin'
|
shell: '/usr/sbin/nologin'
|
||||||
comment: 'Apache Service User'
|
comment: 'Apache Service User'
|
||||||
tags: [base]
|
tags: [base]
|
||||||
|
|
||||||
- name: Apache | Debian | Setting service user
|
- name: Apache | Setting service user
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
state: present
|
state: present
|
||||||
path: '/etc/apache2/envvars'
|
path: '/etc/apache2/envvars'
|
||||||
|
|
@ -37,14 +37,14 @@
|
||||||
tags: [base, config]
|
tags: [base, config]
|
||||||
|
|
||||||
# NOTE: a2enmod/a2dismod command saves time in comparison to the community 'apache2_module' module
|
# NOTE: a2enmod/a2dismod command saves time in comparison to the community 'apache2_module' module
|
||||||
- name: Apache | Debian | Enabling apache modules
|
- name: Apache | Enabling apache modules
|
||||||
ansible.builtin.command: "a2enmod {{ APACHE_CONFIG.modules.present | enmod_list(APACHE_CONFIG.modules.absent) }}"
|
ansible.builtin.command: "a2enmod {{ APACHE_CONFIG.modules.present | enmod_list(APACHE_CONFIG.modules.absent) }}"
|
||||||
register: apache_mods_enable_raw
|
register: apache_mods_enable_raw
|
||||||
changed_when: "'restart apache2' in apache_mods_enable_raw.stdout"
|
changed_when: "'restart apache2' in apache_mods_enable_raw.stdout"
|
||||||
when: APACHE_CONFIG.modules.present | ensure_list | length > 0
|
when: APACHE_CONFIG.modules.present | ensure_list | length > 0
|
||||||
tags: [base]
|
tags: [base]
|
||||||
|
|
||||||
- name: Apache | Debian | Disabling apache modules
|
- name: Apache | Disabling apache modules
|
||||||
ansible.builtin.command: "a2dismod -f {{ APACHE_CONFIG.modules.absent | mod_list }}"
|
ansible.builtin.command: "a2dismod -f {{ APACHE_CONFIG.modules.absent | mod_list }}"
|
||||||
register: apache_mods_disable_raw
|
register: apache_mods_disable_raw
|
||||||
changed_when: "'restart apache2' in apache_mods_disable_raw.stdout"
|
changed_when: "'restart apache2' in apache_mods_disable_raw.stdout"
|
||||||
|
|
@ -53,7 +53,7 @@
|
||||||
|
|
||||||
# todo: configure module settings
|
# todo: configure module settings
|
||||||
|
|
||||||
- name: Apache | Debian | Adding main settings
|
- name: Apache | Adding main settings
|
||||||
ansible.builtin.lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
state: present
|
state: present
|
||||||
path: '/etc/apache2/apache2.conf'
|
path: '/etc/apache2/apache2.conf'
|
||||||
|
|
@ -64,7 +64,7 @@
|
||||||
with_dict: "{{ APACHE_CONFIG.settings }}"
|
with_dict: "{{ APACHE_CONFIG.settings }}"
|
||||||
tags: [config, base]
|
tags: [config, base]
|
||||||
|
|
||||||
- name: Apache | Debian | Restarting apache
|
- name: Apache | Restarting apache
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: 'apache2.service'
|
name: 'apache2.service'
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
@ -76,7 +76,7 @@
|
||||||
tags: [base, config]
|
tags: [base, config]
|
||||||
|
|
||||||
# is an additional site-loop since certificates can be pre-/absent
|
# is an additional site-loop since certificates can be pre-/absent
|
||||||
- name: Apache | Debian | Getting certificates using LetsEncrypt
|
- name: Apache | Getting certificates using LetsEncrypt
|
||||||
ansible.builtin.include_role:
|
ansible.builtin.include_role:
|
||||||
name: ansibleguy.infra_certs
|
name: ansibleguy.infra_certs
|
||||||
when: site.ssl.mode == 'letsencrypt'
|
when: site.ssl.mode == 'letsencrypt'
|
||||||
|
|
@ -107,7 +107,7 @@
|
||||||
apply:
|
apply:
|
||||||
tags: [certs, sites]
|
tags: [certs, sites]
|
||||||
|
|
||||||
- name: Apache | Debian | Disabling default apache sites
|
- name: Apache | Disabling default apache sites
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
state: absent
|
state: absent
|
||||||
dest: "/etc/apache2/sites-enabled/{{ item }}"
|
dest: "/etc/apache2/sites-enabled/{{ item }}"
|
||||||
|
|
@ -116,7 +116,7 @@
|
||||||
- 'default-ssl.conf'
|
- 'default-ssl.conf'
|
||||||
tags: [config, base]
|
tags: [config, base]
|
||||||
|
|
||||||
- name: Apache | Debian | Removing status page
|
- name: Apache | Removing status page
|
||||||
ansible.builtin.include_tasks: rm_status.yml
|
ansible.builtin.include_tasks: rm_status.yml
|
||||||
when: APACHE_CONFIG.status_page.state != 'present'
|
when: APACHE_CONFIG.status_page.state != 'present'
|
||||||
args:
|
args:
|
||||||
|
|
@ -124,7 +124,7 @@
|
||||||
tags: [config, sites, base]
|
tags: [config, sites, base]
|
||||||
tags: [config, sites, base]
|
tags: [config, sites, base]
|
||||||
|
|
||||||
- name: Apache | Debian | Removing site
|
- name: Apache | Removing site
|
||||||
ansible.builtin.include_tasks: rm_site.yml
|
ansible.builtin.include_tasks: rm_site.yml
|
||||||
when: site.state != 'present'
|
when: site.state != 'present'
|
||||||
vars:
|
vars:
|
||||||
|
|
@ -140,19 +140,19 @@
|
||||||
apply:
|
apply:
|
||||||
tags: [config, sites, certs]
|
tags: [config, sites, certs]
|
||||||
|
|
||||||
- name: Apache | Debian | Reloading apache
|
- name: Apache | Reloading apache
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: 'apache2.service'
|
name: 'apache2.service'
|
||||||
state: reloaded
|
state: reloaded
|
||||||
changed_when: false
|
changed_when: false
|
||||||
tags: [base, config, sites, certs]
|
tags: [base, config, sites, certs]
|
||||||
|
|
||||||
- name: Apache | Debian | Adding status page
|
- name: Apache | Adding status page
|
||||||
ansible.builtin.include_tasks: add_status.yml
|
ansible.builtin.include_tasks: add_status.yml
|
||||||
when: APACHE_CONFIG.status_page.state == 'present'
|
when: APACHE_CONFIG.status_page.state == 'present'
|
||||||
tags: [config, sites, base]
|
tags: [config, sites, base]
|
||||||
|
|
||||||
- name: Apache | Debian | Adding site
|
- name: Apache | Adding site
|
||||||
ansible.builtin.include_tasks: add_site.yml
|
ansible.builtin.include_tasks: add_site.yml
|
||||||
when: site.state == 'present'
|
when: site.state == 'present'
|
||||||
vars:
|
vars:
|
||||||
|
|
@ -168,14 +168,14 @@
|
||||||
apply:
|
apply:
|
||||||
tags: [config, sites, certs]
|
tags: [config, sites, certs]
|
||||||
|
|
||||||
- name: Apache | Debian | Starting/Enabling apache
|
- name: Apache | Starting/Enabling apache
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: 'apache2.service'
|
name: 'apache2.service'
|
||||||
enabled: yes
|
enabled: yes
|
||||||
state: started
|
state: started
|
||||||
tags: [base]
|
tags: [base]
|
||||||
|
|
||||||
- name: Apache | Debian | Reloading apache
|
- name: Apache | Reloading apache
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: 'apache2.service'
|
name: 'apache2.service'
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
|
|
||||||
|
|
@ -2,13 +2,13 @@
|
||||||
|
|
||||||
# ports will be left configured since I found no clean way to manage them statefully
|
# ports will be left configured since I found no clean way to manage them statefully
|
||||||
|
|
||||||
- name: "Apache | Debian | Remove Site '{{ name }}' | Ask user"
|
- name: "Apache | Remove Site '{{ name }}' | Ask user"
|
||||||
ansible.builtin.pause:
|
ansible.builtin.pause:
|
||||||
prompt: "Do you really want to remove the apache site '{{ name }}' and all of its data?"
|
prompt: "Do you really want to remove the apache site '{{ name }}' and all of its data?"
|
||||||
register: removal_prompt
|
register: removal_prompt
|
||||||
when: not force_removal
|
when: not force_removal
|
||||||
|
|
||||||
- name: "Apache | Debian | Remove Site '{{ name }}' | Removing site"
|
- name: "Apache | Remove Site '{{ name }}' | Removing site"
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
state: absent
|
state: absent
|
||||||
|
|
@ -23,7 +23,7 @@
|
||||||
- "{{ APACHE_CONFIG.ssl.path }}/{{ name }}.chain.crt"
|
- "{{ APACHE_CONFIG.ssl.path }}/{{ name }}.chain.crt"
|
||||||
- "{{ APACHE_CONFIG.ssl.path }}/{{ name }}.fullchain.crt"
|
- "{{ APACHE_CONFIG.ssl.path }}/{{ name }}.fullchain.crt"
|
||||||
|
|
||||||
- name: "Apache | Debian | Remove Site '{{ name }}' | Removing document root"
|
- name: "Apache | Remove Site '{{ name }}' | Removing document root"
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ site.serve.path }}"
|
path: "{{ site.serve.path }}"
|
||||||
state: absent
|
state: absent
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Apache | Debian | Removing status page
|
- name: Apache | Removing status page
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
state: absent
|
state: absent
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue