Ansible weareinteractive.apache2 Role

weareinteractive.apache2 is an Ansible role that:

• Installs Apache2
• Configures Apache2
• Enables/disables configurations
• Creates websites
• Enables/disables websites
• Enables/disables modules
• Optionally removes the default host
• Adds rules
• Configures the service

Note:

This role has moved from franklinkim.apache2 to weareinteractive.apache2 because Ansible Galaxy now supports organizations!

Installation

To install using ansible-galaxy:

$ ansible-galaxy install weareinteractive.apache2

To install using requirements.yml:

- src: weareinteractive.apache2

To install using git:

$ git clone https://github.com/weareinteractive/ansible-apache2.git weareinteractive.apache2

Dependencies

• Ansible version 2.4 or higher

Variables

Here are the default variables for this role, found in defaults/main.yml:

---
# List of Apache2 packages to install
apache2_packages:
  - apache2
# Ports Apache2 should listen on
apache2_ports: [80]
# SSL ports
apache2_ssl_ports: [443]
# Addresses Apache2 listens to
apache2_listen_addresses: ['*']
# Modules to enable/disable
apache2_modules: []
# Configurations to enable/disable
apache2_confs: []
# Websites to enable/disable
apache2_sites: []
# Where document roots are located
apache2_sites_basedir: /var/www
# Default site template
apache2_sites_template: etc/apache2/sites-available/site.j2
# Remove default host or not
apache2_remove_default: no
# Start service on boot
apache2_service_enabled: yes
# Current state of the service
apache2_service_state: started
# Security token level
apache2_server_tokens: Prod
# Server signature setting
apache2_server_signiture: 'Off'
# Enable or disable tracing
apache2_trace_enable: 'Off'
# Paths to certificates
apache2_certs_path: /etc/ssl/certs
# Paths to keys
apache2_keys_path: /etc/ssl/private

Handlers

Handlers for managing the Apache2 service are defined in handlers/main.yml:

---

- name: Test and restart Apache2
  command: apache2ctl configtest
  notify: Restart Apache2

- name: Test and reload Apache2
  command: apache2ctl configtest
  notify: Reload Apache2

- name: Restart Apache2
  service: name=apache2 state=restarted
  when: apache2_service_state != 'stopped'

- name: Reload Apache2
  service: name=apache2 state=reloaded
  when: apache2_service_state != 'stopped'

Rules

Some configuration files from HTML 5 Boilerplate will be copied to /etc/apache2/rules, which will be used in your virtual host configurations:

• Compression
• Content transformation
• CORS
• Security configurations
• SSL settings

Usage

Here is an example playbook:

---
# This example requires related roles:
#
# - weareinteractive.apt  (https://github.com/weareinteractive/ansible-apt)
# - weareinteractive.openssl  (https://github.com/weareinteractive/ansible-openssl)
# - weareinteractive.htpasswd (https://github.com/weareinteractive/ansible-htpasswd)

- hosts: all
  become: yes
  roles:
    - weareinteractive.apt
    - weareinteractive.openssl
    - weareinteractive.htpasswd
    - weareinteractive.apache2
  vars:
    htpasswd:
      - name: foobar
        users:
          - { name: foobar, password: foobar }
    apache2_modules:
      - { id: ssl, state: present }
      - { id: mime, state: present }
      - { id: headers, state: present }
      - { id: rewrite, state: present }
    apache2_remove_default: yes
    openssl_generate_csr: yes
    openssl_self_signed:
      - name: 'foobar.local'
        country: 'DE'
        state: 'Bavaria'
        city: 'Munich'
        organization: 'Foo Bar'
        unit: 'Foo Bar Unit'
        email: '[email protected]'
    apache2_sites:
      - id: foobar
        state: present
        name: foobar.local
        rules:
          - mimes
          - expires
          - compression
        add_webroot: yes
        auth:
          name: Foo Bar
          file: foobar
        ssl:
          key_name: foobar.local
          cert_name: foobar.local

Testing

To test the role, run the following commands:

$ git clone https://github.com/weareinteractive/ansible-apache2.git
$ cd ansible-apache2
$ make test

Contributing

If you'd like to contribute, follow these steps:

1. Fork the repository.
2. Create a new branch (git checkout -b my-new-feature).
3. Add your changes (git commit -am 'Add some feature').
4. Push your branch (git push origin my-new-feature).
5. Create a new Pull Request.

Note: To update the README.md file, install and run ansible-role:

$ gem install ansible-role
$ ansible-role docgen

License

This project is licensed under the MIT License by We Are Interactive.