source: darkpeak-services/roles/apache2/tasks/configure-apache-site.yml @ 75c62257

ansiblekeycloakmatrixpleroma
Last change on this file since 75c62257 was 75c62257, checked in by Caolan McMahon <caolan.mcmahon@…>, 2 years ago

force apache reload if vhost config changed #7

  • Property mode set to 100644
File size: 2.1 KB
Line 
1- name: Create site directories
2  file:
3    state: directory
4    path:  "{{ item.path }}"
5    group: "{{ item.group }}"
6    owner: "{{ item.owner }}"
7    mode:  "{{ item.mode }}"
8  with_items:
9    - { path: '/var/log/apache2/{{ service_name }}', group: 'adm', owner: 'www-data', mode: '0750' }
10    - { path: '{{ web_root }}', group: 'www-data', owner: 'root', mode: '0751' }
11  notify:
12    - reload apache2
13
14- name: Configure a TLS certificate for this site
15  include: ../../tls/tasks/configure-tls-cert.yml
16
17# The default vhost *must* be the first lexigraphically, so for the default service
18# we add a filename prefix of '0-' to ensure that is the case
19
20- name: Install vhost
21  template:
22    src: ../../apache2/templates/apache.vhost.conf.j2
23    dest: "/etc/apache2/sites-available/{{ '0-default' if service_name == 'default' else service_name }}.conf"
24    owner: root
25    group: root
26    mode: 0644
27  register: vhost_config
28
29- name: Enable vhost
30  file:
31    src: "/etc/apache2/sites-available/{{ '0-default' if service_name == 'default' else service_name }}.conf"
32    dest: "/etc/apache2/sites-enabled/{{ '0-default' if service_name == 'default' else service_name }}.conf"
33    state: link
34
35# we want to reload apache config _now_ instead of waiting for the notify
36# task to run so we can request certificates using certbot and have the
37# appropriate apache config in place for verification
38- name: Reload apache now if vhost config changed
39  service:
40    name: apache2
41    state: reloaded
42  when: vhost_config | changed
43
44- name: Request letsencrypt certificate via certbot
45  command:
46    argv:
47      - "certbot"
48      - "certonly"
49      - "--webroot"
50      - "-w"
51      - "/usr/share/certbot"
52      - "-d"
53      - "{{ domain }}"
54  when:
55    - development_mode != true
56 
57# This file is supplied by the calling role, and included in the apache configuration
58# by the above vhost file
59
60- name: Install custom site config
61  template:
62    src: apache.incl.conf.j2
63    dest: "/etc/apache2/includes/{{ service_name }}.incl.conf"
64    owner: root
65    group: root
66    mode: 0644
67  notify:
68    - reload apache2
69
Note: See TracBrowser for help on using the repository browser.