forked from inofix/common-playbooks
-
Notifications
You must be signed in to change notification settings - Fork 0
/
install-webserver.yml
48 lines (42 loc) · 2.04 KB
/
install-webserver.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
---
#* This playbook wrapps the debops.apache Ansible role to install and
#* manage the Apache httpd Web server, debops.nginx is to be added soon,
#* and others might follow.
#* Use '-a' to pass parameters to ansible (as '-e'). See ansible fetch for
#* details.
#* Check the following link for a list of possible configuration variables:
#* https://docs.debops.org/en/latest/ansible/roles/ansible-apache/docs/defaults.html
#* No arguments are mandatory.
- name: Set the Apache web server up
hosts: app.apache
become: True
vars:
app__apache__mod_pkgs: '{{ os__pkg_name.apache_mod[os__short] | d(os__pkg_name.apache_mod[os__distro]) }}'
## app__apache__mods: '{{ app__apache__modules | list() | unique() }}'
app__apache__mod_helper: '{% for key, value in app__apache__modules.items() %}{% if value.enable == True %}{{ app__apache__mod_pkgs[key] | d() }};{% endif %}{% endfor %}'
app__apache__yapkg__names: '{{ os__pkg_name.apache[os__short] | d(os__pkg_name.apache[os__distro]) }} + {{ app__apache__mod_helper.split(";") }}'
# use fqdn if ansible_fqdn is not set
#TODO why is it not forwarded from reclass?
# ansible_fqdn: '{{ fqdn }}'
# apache__default_vhost:
# name: '{{ ansible_fqdn }}'
# root: '/var/www/html'
# # don't enforce https by default
# redirect_to_https: False
## TODO: does not work yet, mainly because of the 'raw' format which is
## not supported in reclass
## TODO: should this be a simple mapping here or a mandatory argument
## apache__vhosts: '{{ app__apache__vhosts }}'
# apache__modules: '{{ app__apache__modules }}'
# apache__tls_cipher_suite_sets: '{{ app__openssl__cipher_suites }}'
# apache__tls_cipher_suite_set_name: '{{ app__apache__cipher_prefered_suite }}'
# apache__tls_honor_cipher_order: '{{ app__apache__honor_cipher_order }}'
roles:
- install-apache
- name: Set the NGINX web server up
hosts: app.nginx
become: True
vars:
app__nginx__yapkg__names: '{{ os__pkg_name.nginx[os__short] | d(os__pkg_name.nginx[os__distro]) }}'
roles:
- inofix.ansible_nginx