Change: optionally install a per-site htpasswd file

Also, configure the Apache vhost to use the file if installed.

2 files changed, 20 insertions, 2 deletions

diff --git a/roles/apache_server/tasks/main.yml b/roles/apache_server/tasks/main.yml
index 8a14b35..0f59f67 100644
--- a/roles/apache_server/tasks/main.yml
+++ b/roles/apache_server/tasks/main.yml
@@ -1,5 +1,6 @@
 - name: install rsync (so one can publish files via server)
-  apt: name=rsync
+  apt:
+    name: rsync
 
 - name: install apache2
   apt: name=apache2
@@ -31,6 +32,16 @@
     mode: 0644
   with_items: "{{ static_sites }}"
 
+- name: "install htpasswd files"
+  copy:
+    content: "{{ item.htpasswd }}"
+    dest: "/srv/http/{{ item.domain }}.htpasswd"
+    owner: root
+    group: root
+    mode: 0644
+  with_items: "{{ static_sites }}"
+  when: item.htpasswd is defined
+
 - name: enable apache sites
   shell: a2ensite "{{ item.domain }}"
   with_items: "{{ static_sites }}"
diff --git a/roles/apache_server/templates/virtualhost.conf.tmpl b/roles/apache_server/templates/virtualhost.conf.tmpl
index e2dc19f..1fa060a 100644
--- a/roles/apache_server/templates/virtualhost.conf.tmpl
+++ b/roles/apache_server/templates/virtualhost.conf.tmpl
@@ -8,8 +8,15 @@
     ErrorLog /var/log/apache2/{{ item.domain }}/error.log
     CustomLog /var/log/apache2/{{ item.domain }}/access.log combined
     <Directory /srv/http/{{ item.domain }}>
-        Options +SymlinksIfOwnerMatch +Indexes
+        Options +SymlinksIfOwnerMatch +Indexes +MultiViews
+{% if item.htpasswd is defined %}
+        AuthType Basic
+        AuthName "{{ item.htpasswd_name }}"
+        AuthUserFile "/srv/http/{{ item.domain }}.htpasswd"
+        Require valid-user
+{% else %}
         AllowOverride AuthConfig
         Require all granted
+{% endif %}
     </Directory>
 </VirtualHost>