apache
apache
Ansible role. Install and configure Apache.
Documentation at readthedocs.io
Feel free to share your feedback and report issues.
Supported platforms
This role has been developed and tested with
Requirements
Collections
- community.general
Roles
Variables
Review defaults and examples in vars. By default SSL is off.
apache_ssl: False
Certificates are needed to enable SSL.
apache_ssl: True
apache_version: "24"
apache_SSLCertificateFile: "/usr/local/etc/apache{{ apache_version }}/server.crt"
apache_SSLCertificateKeyFile: "/usr/local/etc/apache{{ apache_version }}/server.key"
Virtual hosts are configured with optional redirection to SSL. By default virtual hosts for ports 80 and 443 will be created and port 80 permanently redirected to 443. Example is available in vars.
Workflow
- Change shell to /bin/sh if necessary
shell> ansible webserver -e 'ansible_shell_type=csh ansible_shell_executable=/bin/csh' -a 'sudo pw usermod freebsd -s /bin/sh'
- Install role
shell> ansible-galaxy install vbotka.apache
Fit variables
Create playbook and inventory
shell> cat apache.yml
---
- hosts: webserver
roles:
- vbotka.apache
shell> cat hosts
[webserver]
<webserver-ip-or-fqdn>
[webserver:vars]
ansible_connection=ssh
ansible_user=freebsd
ansible_become=true
ansible_become_method=sudo
ansible_python_interpreter=/usr/local/bin/python3.9
ansible_perl_interpreter=/usr/local/bin/perl
- Test syntax
shell> ansible-playbook apache.yml --syntax-check
- Show variables
shell> ansible-playbook apache.yml -t apache_debug -e apache_debug=true
- Install packages
shell> ansible-playbook apache.yml -t apache_packages -e apache_install=true
- Dry run and show differences
shell> ansible-playbook apache.yml --check --diff
- Install and configure apache
shell> ansible-playbook apache.yml
- Optionally test the webserver
Ansible lint
Use the configuration file .ansible-lint.local when running ansible-lint. Some rules might be disabled and some warnings might be ignored. See the notes in the configuration file.
shell> ansible-lint -c .ansible-lint.local
References
- Apache HTTP Server Documentation
- SSL/TLS Strong Encryption: Trunk: How-To
- SSL/TLS Strong Encryption: 2.4: How-To
- SSL with Virtual Hosts Using SNI
- Multi-Processing Modules (MPMs)
- FreeBSD handbook: 29.8. Apache HTTP Server
- Recommended Steps To Harden Apache HTTP on FreeBSD 12.0
License
Author Information
Install
ansible-galaxy install vbotka/ansible-apache
License
bsd-2-clause
Downloads
287
Owner