airshipctl/roles/apache-file-exchanger/tasks/main.yaml

119 lines
4.0 KiB
YAML

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: ensure OS
when: ansible_distribution != 'Debian' and ansible_distribution != 'Ubuntu'
fail:
msg: "Only Debian|Ubuntu are currently supported"
- name: Confguring file-exchanger
become: true
block:
- name: Ensure backend
file:
path: /var/www/file_exchanger_cgi-bin/
state: directory
- name: Created put cgi-bin file
template:
src: put
dest: /var/www/file_exchanger_cgi-bin/put
mode: +x
- name: Ensure path exists
file:
path: "{{ file_exchanger_path }}"
state: directory
owner: www-data
group: root
mode: u+rwx,g-w,o-w
- name: Enable related modules
apache2_module:
name: "{{ item }}"
state: present
with_items:
- authz_groupfile
- actions
- alias
- cgid
- name: Create httpasswd file
when: file_exchanger_user is defined and file_exchanger_user != None
include_role:
name: apache-server
vars:
apache_server_action: htpasswd
apache_server_htpasswd_path: "/etc/apache2/sites-available/{{ file_exchanger_name }}.htpasswd"
apache_server_htpasswd_user: "{{ file_exchanger_user }}"
- name: Create htaccess file
when: file_exchanger_group is defined and file_exchanger_group != None
include_role:
name: apache-server
vars:
apache_server_action: htaccess
apache_server_htaccess_path: "/etc/apache2/sites-available/{{ file_exchanger_name }}.htaccess"
apache_server_htaccess_group: "{{ file_exchanger_group }}"
- name: Create file-exchanger HTTP virtual host config
when: file_exchanger_http_port is defined and file_exchanger_http_port != "0"
block:
- name: Create file-exchanger virtual host config for HTTP
template:
src: conf.j2
dest: "/etc/apache2/sites-available/{{ file_exchanger_name }}.conf"
- name: Enable file-exchanger virtual host
command: "a2ensite {{ file_exchanger_name }}"
- name: Create file-exchanger HTTPS virtual host config
when: file_exchanger_https_port is defined and file_exchanger_https_port != "0"
block:
- name: Generate certs for casewith alt_names
when: file_exchanger_ip is defined and file_exchanger_ip != None
include_role:
name: apache-server
vars:
apache_server_action: ssl
apache_server_ssl_key_path: "/etc/ssl/private/{{ file_exchanger_name }}.key"
apache_server_ssl_cert_path: "/etc/ssl/certs/{{ file_exchanger_name }}.pem"
apache_server_ssl_cn: "{{ file_exchanger_servername }}"
apache_server_ssl_alt_name: "{{ file_exchanger_ip | map('regex_replace', '(.*)', 'IP:\\1') | list }}"
- name: Generate certs for case without alt_names
when: file_exchanger_ip is undefined or file_exchanger_ip == None
include_role:
name: apache-server
vars:
apache_server_action: ssl
apache_server_ssl_key_path: "/etc/ssl/private/{{ file_exchanger_name }}.key"
apache_server_ssl_cert_path: "/etc/ssl/certs/{{ file_exchanger_name }}.pem"
apache_server_ssl_cn: "{{ file_exchanger_servername }}"
- name: Create file-exchanger virtual host config for HTTPS
template:
src: ssl.conf.j2
dest: "/etc/apache2/sites-available/{{ file_exchanger_name }}-ssl.conf"
- name: Enable file-exchanger virtual host
command: "a2ensite {{ file_exchanger_name }}-ssl"
- name: Restart Apache to apply all changes
include_role:
name: apache-server
vars:
apache_server_action: restart