Merge remote-tracking branch 'upstream/master' into basic-auth

Conflicts:
	templates/vhosts-2.2.conf.j2
	templates/vhosts.conf.j2

README.md

@@ -18,10 +18,11 @@ Available variables are listed below, along with default values (see `defaults/m
 
 The repository to use when installing Apache (only used on RHEL/CentOS systems). If you'd like later versions of Apache than are available in the OS's core repositories, use a repository like EPEL (which can be installed with the `geerlingguy.repo-epel` role).
 
+    apache_listen_ip: "*"
     apache_listen_port: 80
     apache_listen_port_ssl: 443
 
-The ports on which apache should be listening. Useful if you have another service (like a reverse proxy) listening on port 80 or 443 and need to change the defaults.
+The IP address and ports on which apache should be listening. Useful if you have another service (like a reverse proxy) listening on port 80 or 443 and need to change the defaults.
 
     apache_create_vhosts: true
     apache_vhosts_filename: "vhosts.conf"

defaults/main.yml

@@ -1,6 +1,7 @@
 ---
 apache_enablerepo: ""
 
+apache_listen_ip: "*"
 apache_listen_port: 80
 apache_listen_port_ssl: 443
 

meta/main.yml

@@ -20,6 +20,7 @@ galaxy_info:
       - raring
       - saucy
       - trusty
+      - xenial
     - name: Suse
       versions:
       - all

tasks/configure-Debian.yml

@@ -35,7 +35,7 @@
 
 - name: Add apache vhosts configuration.
   template:
-    src: "vhosts-{{ apache_vhosts_version }}.conf.j2"
+    src: "vhosts.conf.j2"
     dest: "{{ apache_conf_path }}/sites-available/{{ apache_vhosts_filename }}"
     owner: root
     group: root

tasks/configure-RedHat.yml

@@ -20,7 +20,7 @@
 
 - name: Add apache vhosts configuration.
   template:
-    src: "vhosts-{{ apache_vhosts_version }}.conf.j2"
+    src: "vhosts.conf.j2"
     dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
     owner: root
     group: root

tasks/configure-Solaris.yml

@@ -10,7 +10,7 @@
 
 - name: Add apache vhosts configuration.
   template:
-    src: "vhosts-{{ apache_vhosts_version }}.conf.j2"
+    src: "vhosts.conf.j2"
     dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
     owner: root
     group: root

tasks/configure-Suse.yml

@@ -15,7 +15,7 @@
 
 - name: Add apache vhosts configuration.
   template:
-    src: "vhosts-{{ apache_vhosts_version }}.conf.j2"
+    src: "vhosts.conf.j2"
     dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
     owner: root
     group: root

templates/vhosts-2.2.conf.j2

@@ -1,76 +0,0 @@
-{{ apache_global_vhost_settings }}
-
-{# Set up VirtualHosts #}
-{% for vhost in apache_vhosts %}
-<VirtualHost *:{{ apache_listen_port }}>
-  ServerName {{ vhost.servername }}
-{% if vhost.serveralias is defined %}
-  ServerAlias {{ vhost.serveralias }}
-{% endif %}
-{% if vhost.documentroot is defined %}
-  DocumentRoot {{ vhost.documentroot }}
-{% endif %}
-
-{% if vhost.serveradmin is defined %}
-  ServerAdmin {{ vhost.serveradmin }}
-{% endif %}
-{% if vhost.documentroot is defined %}
-  <Directory "{{ vhost.documentroot }}">
-    AllowOverride All
-    Options -Indexes FollowSymLinks
-{% if vhost.authuserfile is defined %}
-    AuthType Basic
-    AuthName "Restricted Area"
-    AuthUserFile "{{ vhost.authuserfile }}"
-    Require valid-user
-{% else %}
-    Order allow,deny
-    Allow from all
-{% endif %}
-  </Directory>
-{% endif %}
-{% if vhost.extra_parameters is defined %}
-  {{ vhost.extra_parameters }}
-{% endif %}
-</VirtualHost>
-
-{% endfor %}
-
-{# Set up SSL VirtualHosts. #}
-{% for vhost in apache_vhosts_ssl %}
-<VirtualHost *:{{ apache_listen_port_ssl }}>
-  ServerName {{ vhost.servername }}
-{% if vhost.serveralias is defined %}
-  ServerAlias {{ vhost.serveralias }}
-{% endif %}
-{% if vhost.documentroot is defined %}
-  DocumentRoot {{ vhost.documentroot }}
-{% endif %}
-
-  SSLEngine on
-  SSLCipherSuite {{ apache_ssl_cipher_suite }}
-  SSLProtocol {{ apache_ssl_protocol }}
-  SSLHonorCipherOrder On
-  SSLCertificateFile {{ vhost.certificate_file }}
-  SSLCertificateKeyFile {{ vhost.certificate_key_file }}
-{% if vhost.certificate_chain_file is defined %}
-  SSLCertificateChainFile {{ vhost.certificate_chain_file }}
-{% endif %}
-
-{% if vhost.serveradmin is defined %}
-  ServerAdmin {{ vhost.serveradmin }}
-{% endif %}
-{% if vhost.documentroot is defined %}
-  <Directory "{{ vhost.documentroot }}">
-    AllowOverride All
-    Options -Indexes FollowSymLinks
-    Order allow,deny
-    Allow from all
-  </Directory>
-{% endif %}
-{% if vhost.extra_parameters is defined %}
-  {{ vhost.extra_parameters }}
-{% endif %}
-</VirtualHost>
-
-{% endfor %}

templates/vhosts.conf.j2

@@ -2,7 +2,7 @@
 
 {# Set up VirtualHosts #}
 {% for vhost in apache_vhosts %}
-<VirtualHost *:{{ apache_listen_port }}>
+<VirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}>
   ServerName {{ vhost.servername }}
 {% if vhost.serveralias is defined %}
   ServerAlias {{ vhost.serveralias }}
@@ -18,11 +18,9 @@
   <Directory "{{ vhost.documentroot }}">
     AllowOverride All
     Options -Indexes +FollowSymLinks
-{% if vhost.authuserfile is defined %}
-    AuthType Basic
-    AuthName "Restricted Area"
-    AuthUserFile "{{ vhost.authuserfile }}"
-    Require valid-user
+{% if apache_vhosts_version == "2.2" %}
+    Order allow,deny
+    Allow from all
 {% else %}
     Require all granted
 {% endif %}
@@ -38,7 +36,7 @@
 {# Set up SSL VirtualHosts #}
 {% for vhost in apache_vhosts_ssl %}
 {% if apache_ignore_missing_ssl_certificate or apache_ssl_certificates.results[loop.index0].stat.exists %}
-<VirtualHost *:{{ apache_listen_port_ssl }}>
+<VirtualHost {{ apache_listen_ip }}:{{ apache_listen_port_ssl }}>
   ServerName {{ vhost.servername }}
 {% if vhost.serveralias is defined %}
   ServerAlias {{ vhost.serveralias }}
@@ -51,7 +49,9 @@
   SSLCipherSuite {{ apache_ssl_cipher_suite }}
   SSLProtocol {{ apache_ssl_protocol }}
   SSLHonorCipherOrder On
+{% if apache_vhosts_version == "2.4" %}
   SSLCompression off
+{% endif %}
   SSLCertificateFile {{ vhost.certificate_file }}
   SSLCertificateKeyFile {{ vhost.certificate_key_file }}
 {% if vhost.certificate_chain_file is defined %}
@@ -65,7 +65,12 @@
   <Directory "{{ vhost.documentroot }}">
     AllowOverride All
     Options -Indexes +FollowSymLinks
+{% if apache_vhosts_version == "2.2" %}
+    Order allow,deny
+    Allow from all
+{% else %}
     Require all granted
+{% endif %}
   </Directory>
 {% endif %}
 {% if vhost.extra_parameters is defined %}

vars/RedHat.yml

@@ -18,4 +18,4 @@ apache_ports_configuration_items:
   - regexp: "^Listen "
     line: "Listen {{ apache_listen_port }}"
   - regexp: "^#?NameVirtualHost "
-    line: "NameVirtualHost *:{{ apache_listen_port }}"
+    line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

vars/Solaris.yml

@@ -16,4 +16,4 @@ apache_ports_configuration_items:
   - regexp: "^Listen "
     line: "Listen {{ apache_listen_port }}"
   - regexp: "^#?NameVirtualHost "
-    line: "NameVirtualHost *:{{ apache_listen_port }}"
+    line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

vars/Suse.yml

@@ -15,4 +15,4 @@ apache_ports_configuration_items:
   - regexp: "^Listen "
     line: "Listen {{ apache_listen_port }}"
   - regexp: "^#?NameVirtualHost "
-    line: "NameVirtualHost *:{{ apache_listen_port }}"
+    line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"

vars/apache-22.yml

@@ -8,5 +8,5 @@ apache_ports_configuration_items:
   }
   - {
     regexp: "^#?NameVirtualHost ",
-    line: "NameVirtualHost *:{{ apache_listen_port }}"
+    line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"
   }