1 | ---
|
---|
2 |
|
---|
3 | - name: Check that Apache is installed
|
---|
4 | urpmi: name=apache state=installed no_recommends=yes
|
---|
5 |
|
---|
6 | - name: Check that Apache mod_proxy is installed
|
---|
7 | urpmi: name=apache-mod_proxy state=installed no_recommends=yes
|
---|
8 |
|
---|
9 | - name: Configure Apache log directories
|
---|
10 | file: path=/var/log/httpd/{{ item }} state=directory owner=apache group=apache mode=0755
|
---|
11 | with_items:
|
---|
12 | - www.mondorescue.org
|
---|
13 | - www.mondorescue.com
|
---|
14 | - www1.mondorescue.org
|
---|
15 | - oldwww.mondorescue.org
|
---|
16 | - mondorescue.hpintelco.org
|
---|
17 | - www.project-builder.org
|
---|
18 | - www1.project-builder.org
|
---|
19 | - pusk.project-builder.org
|
---|
20 | - uuwl.project-builder.org
|
---|
21 | - www.dploy.org
|
---|
22 | - www1.dploy.org
|
---|
23 |
|
---|
24 | - name: Configure Apache
|
---|
25 | template: src={{ item }} dest=/etc/httpd/conf/vhosts.d/{{ item | basename }} owner=root group=root mode=0644 backup=yes
|
---|
26 | with_fileglob: [ 'templates/*.conf' ]
|
---|
27 | notify:
|
---|
28 | - restart httpd
|
---|
29 |
|
---|
30 | - name: Configure Apache upload max
|
---|
31 | lineinfile: path=/etc/httpd/conf/conf.d/fcgid.conf regexp='^[ ]*FcgidMaxRequestLen ' insertafter='[ ]*^#FcgidMaxRequestLen ' line=' FcgidMaxRequestLen 3000000'
|
---|
32 | notify:
|
---|
33 | - restart httpd
|
---|
34 |
|
---|
35 | - name: Setup httpd restart by cron
|
---|
36 | cron: name=httpd-restart minute=43 hour=23 user=root job="/usr/bin/systemctl restart httpd" cron_file=httpd-restart state=present backup=yes
|
---|
37 |
|
---|
38 | - name: Configure Apache logrotate
|
---|
39 | copy: src=files/mondorescue.logrot dest=/etc/logrotate.d/mondorescue owner=root group=root mode=0644 backup=yes
|
---|
40 |
|
---|
41 | - name: Configure Apache .ssh directory
|
---|
42 | file: path=/var/www/.ssh state=directory owner=apache group=apache mode=0700
|
---|
43 |
|
---|
44 | - name: Configure Apache authorized_keys file
|
---|
45 | file: path=/var/www/.ssh/authorized_keys owner=apache group=apache mode=0700 state=touch modification_time=preserve access_time=preserve
|
---|
46 |
|
---|
47 | - name: Copy public keys for pb access
|
---|
48 | lineinfile: destfile=/var/www/.ssh/authorized_keys state=present line='{{ pbkey }}' mode=0600 backup=yes owner=apache group=apache
|
---|
49 |
|
---|
50 | - name: Check that Apache is running and enabled
|
---|
51 | service: name=httpd state=started enabled=yes
|
---|