Merge remote-tracking branch 'upstream/master'

2024-12-22 11:00:18 +01:00 · 2016-01-29 23:53:35 +01:00 · 2016-01-29 23:53:35 +01:00 · 80d2a89369
commit 80d2a89369
parent 6e5b5bdadb 4e1dc8434a
5 changed files with 20 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -8,6 +8,8 @@ An Ansible Role that installs Apache 2.x on RHEL/CentOS and Debian/Ubuntu.
 If you are using SSL/TLS, you will need to provide your own certificate and key files. You can generate a self-signed certificate with a command like `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout example.key -out example.crt`.
 If you are using Apache with PHP, I recommend using the `geerlingguy.php` role to install PHP, and you can either use mod_php (by adding the proper package, e.g. `libapache2-mod-php5` for Ubuntu, to `php_packages`), or by also using `geerlingguy.apache-php-fpm` to connect Apache to PHP via FPM. See that role's README for more info.
 ## Role Variables
 Available variables are listed below, along with default values (see `defaults/main.yml`):
@ -90,6 +92,10 @@ The list of packages to be installed. This defaults to a set of platform-specifi
 Set initial Apache daemon state to be enforced when this role is run. This should generally remain `started`, but you can set it to `stopped` if you need to fix the Apache config during a playbook run or otherwise would not like Apache started at the time this role is run.
    apache_ignore_missing_ssl_certificate: true
 If you would like to only create SSL vhosts when the vhost certificate is present (e.g. when using Let’s Encrypt), set `apache_ignore_missing_ssl_certificate` to `false`. When doing this, you might need to run your playbook more than once so all the vhosts are configured (if another part of the playbook generates the SSL certificates).
 ## Dependencies
 None.
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -28,6 +28,8 @@ apache_vhosts_ssl: []
  #   # Optional.
  #   certificate_chain_file: "/path/to/certificate_chain.crt"
 apache_ignore_missing_ssl_certificate: true
 apache_ssl_protocol: "All -SSLv2 -SSLv3"
 apache_ssl_cipher_suite: "AES256+EECDH:AES256+EDH"
--- a/tasks/configure-Debian.yml
+++ b/tasks/configure-Debian.yml
@ -23,6 +23,11 @@
  with_items: apache_mods_disabled
  notify: restart apache
 - name: Check whether certificates defined in vhosts exist.
  stat: path={{ item.certificate_file }}
  register: apache_ssl_certificates
  with_items: apache_vhosts_ssl
 - name: Add apache vhosts configuration.
  template:
    src: "vhosts-{{ apache_vhosts_version }}.conf.j2"
--- a/tasks/configure-RedHat.yml
+++ b/tasks/configure-RedHat.yml
@ -8,6 +8,11 @@
  with_items: apache_ports_configuration_items
  notify: restart apache
 - name: Check whether certificates defined in vhosts exist.
  stat: path={{ item.certificate_file }}
  register: apache_ssl_certificates
  with_items: apache_vhosts_ssl
 - name: Add apache vhosts configuration.
  template:
    src: "vhosts-{{ apache_vhosts_version }}.conf.j2"
--- a/templates/vhosts-2.4.conf.j2
+++ b/templates/vhosts-2.4.conf.j2
@ -30,6 +30,7 @@
 {# Set up SSL VirtualHosts #}
 {% for vhost in apache_vhosts_ssl %}
 {% if apache_ignore_missing_ssl_certificate or apache_ssl_certificates.results[loop.index0].stat.exists %}
 <VirtualHost *:{{ apache_listen_port_ssl }}>
  ServerName {{ vhost.servername }}
 {% if vhost.serveralias is defined %}
@ -65,4 +66,5 @@
 {% endif %}
 </VirtualHost>
 {% endif %}
 {% endfor %}