diff options
Diffstat (limited to 'roles/apache_server/tasks/main.yml')
-rw-r--r-- | roles/apache_server/tasks/main.yml | 52 |
1 files changed, 48 insertions, 4 deletions
diff --git a/roles/apache_server/tasks/main.yml b/roles/apache_server/tasks/main.yml index 0f59f67..79b5054 100644 --- a/roles/apache_server/tasks/main.yml +++ b/roles/apache_server/tasks/main.yml @@ -1,9 +1,44 @@ -- name: install rsync (so one can publish files via server) +- name: install apache and related packages apt: - name: rsync + name: "{{ item }}" + with_items: + - rsync + - apache2 -- name: install apache2 - apt: name=apache2 +- name: install certbot + apt: + name: certbot + default_release: stretch-backports + when: letsencrypt + +- name: "empty list of domains for Let's Encrypt" + shell: rm -f /etc/letsencrypt/static_sites/* + +- name: "create list of domains for static sites to get Let's Encrypt certs for" + shell: | + listdir="/etc/letsencrypt/static_sites" + wellknown="/srv/letsencrypt" + mkdir -p "$listdir" "$wellknown" + if [ "{{ item.letsencrypt|default(false) }}" = True ] + then + touch "$listdir/{{ item.domain }}" + mkdir -p "$wellknown/{{ item.domain }}" + fi + with_items: "{{ static_sites }}" + when: letsencrypt + +- name: install script to run certbot + template: + src: deploy_static_site_certs + dest: /usr/local/sbin/deploy_static_site_certs + owner: root + group: root + mode: 755 + when: letsencrypt + +- name: "get initial certificate from Let's Encrypt" + shell: /usr/local/sbin/deploy_static_site_certs + when: letsencrypt - name: create dirs for static site contents file: @@ -13,6 +48,7 @@ group: "{{ item.owner }}" mode: 0755 with_items: "{{ static_sites }}" + when: letsencrypt - name: create log dirs for websites file: @@ -42,6 +78,14 @@ with_items: "{{ static_sites }}" when: item.htpasswd is defined +- name: enable apache modules for ssl + apache2_module: + state: present + name: "{{ item }}" + with_items: + - ssl + - rewrite + - name: enable apache sites shell: a2ensite "{{ item.domain }}" with_items: "{{ static_sites }}" |