Add "tasks/apache.yml"

2020-01-20 23:00:02 +05:00 · 2020-01-20 23:00:02 +05:00 · 7992fcc291
parent c526ee4fc1
commit 7992fcc291
7 changed files with 51 additions and 1 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -9,3 +9,5 @@ common__certbot__pre_hook: 'systemctl is-active nginx.service && systemctl stop
 common__nginx__remove_default: true
 common__nginx__upstreams: []
 common__nginx__sites: []
+
+common__apache__remove_default: true
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -16,3 +16,9 @@
    daemon_reload: true
    name: nginx
    state: restarted
+
+- name: common | Restart Apache
+  systemd:
+    daemon_reload: true
+    name: apache2
+    state: restarted
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@ -10,6 +10,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
@pytest.mark.parametrize(
    'package_name',
    [
+        'apache2',
        'apt-transport-https',
        'bash-completion',
        'certbot',
@ -19,6 +20,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
        'gnupg2',
        'iptables-persistent',
        'less',
+        'nginx',
        'procps',
        'software-properties-common',
        'vim',
@ -63,6 +65,11 @@ def test_nginx_default_removed(host):
    assert not host.file('/etc/nginx/sites-enabled/default').exists


+def test_apache_default_removed(host):
+    assert host.file('/etc/apache2/sites-available/000-default.conf').exists
+    assert not host.file('/etc/apache2/sites-enabled/000-default.conf').exists
+
+
 def test_certbot_cli_config(host):
    f = host.file('/etc/letsencrypt/cli.ini')

--- a/tasks/apache.yml
+++ b/tasks/apache.yml
@ -0,0 +1,30 @@
+---
+- name: Install Apache
+  apt:
+    name: apache2
+
+- name: Create directories for Apache configuration
+  file:
+    state: directory
+    path: '{{ item }}'
+    mode: 'u=rwx,g=rx,o=rx'
+    owner: root
+    group: root
+  with_items:
+    - '{{ common__apache__conf_dir }}'
+    - '{{ common__apache__available_dir }}'
+    - '{{ common__apache__enabled_dir }}'
+
+- name: Disable directory listing
+  lineinfile:
+    path: /etc/apache2/apache2.conf
+    regexp: '^Options Indexes FollowSymLinks$'
+    line: 'Options FollowSymLinks'
+  notify: common | Restart Apache
+
+- name: Remove Apache default site
+  file:
+    state: absent
+    path: '{{ common__apache__enabled_dir }}/000-default.conf'
+  when: common__apache__remove_default|bool
+  notify: common | Restart Apache
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -5,3 +5,4 @@
 - include_tasks: iptables.yml
 - include_tasks: certbot.yml
 - include_tasks: nginx.yml
+- include_tasks: apache.yml
--- a/tasks/nginx.yml
+++ b/tasks/nginx.yml
@ -20,7 +20,7 @@
  file:
    state: absent
    path: '{{ common__nginx__enabled_dir }}/default'
-  when: common__nginx__remove_default | bool
+  when: common__nginx__remove_default|bool
  notify: common | Restart Nginx

 - name: Add Nginx upstreams
--- a/vars/main.yml
+++ b/vars/main.yml
@ -11,3 +11,7 @@ common__nginx__conf_dir: '/etc/nginx'
 common__nginx__confd_dir: '{{ common__nginx__conf_dir }}/conf.d'
 common__nginx__available_dir: '{{ common__nginx__conf_dir }}/sites-available'
 common__nginx__enabled_dir: '{{ common__nginx__conf_dir }}/sites-enabled'
+
+common__apache__conf_dir: '/etc/apache2'
+common__apache__available_dir: '{{ common__apache__conf_dir }}/sites-available'
+common__apache__enabled_dir: '{{ common__apache__conf_dir }}/sites-enabled'