source: darkpeak-services/roles/apache2/tasks/configure-apache-site.yml @ b05356ed

ansiblekeycloakmatrixpleroma
Last change on this file since b05356ed was b05356ed, checked in by Caolan McMahon <caolan.mcmahon@…>, 19 months ago

untested certbot command

  • Property mode set to 100644
File size: 1.8 KB
Line 
1- name: Create site directories
2  file:
3    state: directory
4    path:  "{{ item.path }}"
5    group: "{{ item.group }}"
6    owner: "{{ item.owner }}"
7    mode:  "{{ item.mode }}"
8  with_items:
9    - { path: '/var/log/apache2/{{ service_name }}', group: 'adm', owner: 'www-data', mode: '0750' }
10    - { path: '{{ web_root }}', group: 'www-data', owner: 'root', mode: '0751' }
11  notify:
12    - reload apache2
13
14- name: Configure a TLS certificate for this site
15  include: ../../tls/tasks/configure-tls-cert.yml
16
17# The default vhost *must* be the first lexigraphically, so for the default service
18# we add a filename prefix of '0-' to ensure that is the case
19
20- name: Install vhost
21  template:
22    src: ../../apache2/templates/apache.vhost.conf.j2
23    dest: "/etc/apache2/sites-available/{{ '0-default' if service_name == 'default' else service_name }}.conf"
24    owner: root
25    group: root
26    mode: 0644
27  notify:
28    - reload apache2
29
30- name: Enable vhost
31  file:
32    src: "/etc/apache2/sites-available/{{ '0-default' if service_name == 'default' else service_name }}.conf"
33    dest: "/etc/apache2/sites-enabled/{{ '0-default' if service_name == 'default' else service_name }}.conf"
34    state: link
35  notify:
36    - reload apache2
37
38# This file is supplied by the calling role, and included in the apache configuration
39# by the above vhost file
40
41- name: Install custom site config
42  template:
43    src: apache.incl.conf.j2
44    dest: "/etc/apache2/includes/{{ service_name }}.incl.conf"
45    owner: root
46    group: root
47    mode: 0644
48  notify:
49    - reload apache2
50
51- name: Request letsencrypt certificate via certbot
52  command:
53    argv:
54      - "certbot"
55      - "certonly"
56      - "--webroot"
57      - "-w"
58      - "/usr/share/certbot"
59      - "-d"
60      - "{{ domain }}"
61  when:
62    - development_mode != true
63
64
Note: See TracBrowser for help on using the repository browser.