Annotated source code

Tree

$ tree .
.
├── defaults
│   └── main.yml
├── handlers
│   └── main.yml
├── LICENSE
├── meta
│   └── main.yml
├── README.md
├── requirements.yml
├── tasks
│   ├── debug.yml
│   ├── fn
│   │   └── httpd-confd-vhost-dirs.yml
│   ├── httpd-alias.yml
│   ├── httpd-confd-includes.yml
│   ├── httpd-confd-vhosts.yml
│   ├── httpd-confd.yml
│   ├── httpd-dirs.yml
│   ├── httpd-modules.yml
│   ├── httpd-ssl.yml
│   ├── httpd-vhosts.yml
│   ├── httpd.yml
│   ├── main.yml
│   ├── packages-freebsd.yml
│   ├── packages.yml
│   ├── rcconf.yml
│   ├── service.yml
│   └── vars.yml
├── templates
│   ├── directory-block.j2
│   ├── section2.j2
│   ├── vhost2.j2
│   └── vhost.j2
├── tests
│   ├── inventory
│   └── test.yml
└── vars
    ├── conf.d
    │   ├── sections
    │   ├── sections-sample
    │   │   └── usr-local-www-example.com.yml
    │   ├── vhosts
    │   └── vhosts-sample
    │       └── example.com.yml
    ├── defaults
    │   ├── default.yml
    │   └── FreeBSD.yml
    ├── default.yml
    └── main.yml

Variables

In this guide we describe role defaults variables in the directory defaults and variables included from the directory vars.

  • role defaults in the directory {{ role_path }}/defaults (precedence 2.)
  • include OS specific vars from the directory {{ role_path }}/vars (precedence 18.)

Include OS specific variables

Synopsis: Include OS specific variables from the role’s directory vars.

OS specific default variables will be loaded from the files in the directory vars/defaults. OS specific custom variables, that will override default values, can be loaded from the files in the directory vars.

[vars.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
---

- name: "vars: Include OS vars"
  block:
    - name: "vars: Set variables for al_include_os_vars_path"
      set_fact:
        al_os_vars_path: "{{ role_path }}"
    - name: "vars: Include OS vars"
      include_role:
        name: "vbotka.ansible_lib"
        tasks_from: "al_include_os_vars_path.yml"

# EOF
...

See also

Packages

Install packages

Synopsis: Install packages for supported OS.

[packages.yml]

1
2
3
4
5
6
7
8
---

- name: "packages: Install FreeBSD packages"
  import_tasks: "packages-freebsd.yml"
  when: ansible_os_family == "FreeBSD"

# EOF
...

Install FreeBSD packages

[packages-freebsd.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
---

- name: "packages: Install packages"
  when: freebsd_install_method == "packages"
  pkgng:
    name: "{{ item }}"
  loop: "{{ apache_packages }}"
  register: result
  until: result is succeeded
  retries: "{{ freebsd_install_retries }}"
  delay: "{{ freebsd_install_delay }}"

- name: "packages: Install ports"
  when: freebsd_install_method == "ports"
  portinstall:
    name: "{{ item }}"
    use_packages: "{{ freebsd_use_packages|default(true) }}"
  loop: "{{ apache_packages }}"
  register: result
  until: result is succeeded
  retries: "{{ freebsd_install_retries }}"
  delay: "{{ freebsd_install_delay }}"

# EOF
...

Configure

Configure httpd.conf

Synopsis

  • Configure lines in httpd.conf

Annotation

Iterate the list {{ apache_httpd_conf }} (9) and add lines to {{ apache_conf_path }}/httpd.conf (5).

Code

[httpd.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
---

- name: "httpd_conf: Configure parameters in {{ apache_conf_path }}/httpd.conf"
  lineinfile:
    dest: "{{ apache_conf_path }}/httpd.conf"
    regexp: "^{{ item.regexp }}\\s"
    line: "{{ item.regexp }} {{ item.line }}"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ apache_httpd_conf }}"
  notify: reload apache

# EOF
...

See Also

See also

Variable apache_httpd_conf

Configure directories in Includes

Synopsis

  • Create files with the directory blocks in the Includes directory.

Annotation

Iterate the list {{ apache_directory_blocks }} (11) and create configuration files in the directory {{ apache_conf_path }}/Includes (6).

Code

[httpd-dirs.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
---

- name: "httpd-dirs: Configure directories in {{ apache_conf_path }}/Includes/"
  template:
    src: "directory-block.j2"
    dest: "{{ apache_conf_path }}/Includes/{{ item.Includefile }}"
    owner: "root"
    group: "www"
    mode: "0644"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ apache_directory_blocks }}"
  notify: reload apache

# EOF
...
Template directory-block.j2

[directory-block.j2]

1
2
3
4
5
<Directory {{ item.Directory }}>
{% for confitem in item.Conf %}
  {{ confitem }}
{% endfor %}
</Directory>

Configure modules

Synopsis

  • Load Apache modules. Optionally configure PHP module.
  • (TODO: General configuration of modules.)

Annotation

  • Iterate apache_httpd_conf_modules (11). When item.preset (4) insert line LoadModule ... (8) to httpd.conf (6)
  • Iterate apache_httpd_conf_modules (22). When not item.preset (15) comment line # LoadModule ... (20) in httpd.conf (17)
  • Configure PHP (30-38) in Includes/php.conf when apache_php (26)

Code

[httpd-modules.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
---

- name: "httpd-modules: Load modules in {{ apache_conf_path }}/httpd.conf"
  when: item.present|default(true)
  lineinfile:
    dest: "{{ apache_conf_path }}/httpd.conf"
    regexp: "^\\s*#*\\s*LoadModule {{ item.module }}"
    line: "    LoadModule {{ item.module }} libexec/{{ apache_dir }}/{{ item.mod }}"
    insertbefore: "LoadModule"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ apache_httpd_conf_modules }}"
  notify: restart apache

- name: "httpd-modules: Unload modules in {{ apache_conf_path }}/httpd.conf"
  when: not item.present|default(true)
  lineinfile:
    dest: "{{ apache_conf_path }}/httpd.conf"
    regexp: "^\\s*#*\\s*LoadModule {{ item.module }}"
    line: "    # LoadModule {{ item.module }}"
    insertbefore: "LoadModule"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ apache_httpd_conf_modules }}"
  notify: restart apache

- name: "httpd-modules: Config PHP in {{ apache_conf_path }}/Includes/php.conf"
  when: apache_php|bool
  blockinfile:
    dest: "{{ apache_conf_path }}/Includes/php.conf"
    block: |
      <IfModule dir_module>
        DirectoryIndex index.html index.php
      </IfModule>
      <FilesMatch "\.php$">
        SetHandler application/x-httpd-php
      </FilesMatch>
      <FilesMatch "\.phps$">
        SetHandler application/x-httpd-php-source
      </FilesMatch>
    owner: "root"
    group: "www"
    mode: "0640"
    create: "yes"
    backup: "{{ apache_backup_conf }}"
  notify: restart apache

# EOF
...

Configure alias

Synopsis

  • Configure aliases in httpd.conf

Annotation

  • When not an empty list (4) iterate apache_alias (9) and include configuration lines in httpd/conf (6)

Code

[httpd-alias.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
---

- name: "httpd-alias: Configure aliases in {{ apache_conf_path }}/httpd.conf"
  when: apache_alias|length > 0
  blockinfile:
    dest: "{{ apache_conf_path }}/httpd.conf"
    insertafter: "<IfModule alias_module>"
    block: |2
        {% for item in apache_alias %}
        {{ item }}
        {% endfor %}
    backup: "{{ apache_backup_conf }}"
  notify: reload apache

# EOF
...

See also

Variable apache_alias

Configure ssl

Synopsis

  • Configure SSL in extra/httpd-ssl.conf

Annotation

  • Iterate apache_httpd_conf_ssl_extra (12) and configure lines in extra/httpd-ssl.conf
  • Iterate apache_httpd_conf_ssl_extra_absent (20) and remove lines from extra/httpd-ssl.conf (17)
  • Iterate apache_httpd_conf_ssl_listen (27) and add lines from extra/httpd-ssl.conf (17)
  • Iterate apache_httpd_conf_ssl (34) and configure lines in httpd

Code

[httpd-ssl.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
---

- name: "httpd-ssl: Configure {{ apache_conf_path }}/extra/httpd-ssl.conf"
  when: apache_ssl|bool
  block:
    - name: "httpd-ssl: Present extra lines in {{ apache_conf_path }}/extra/httpd-ssl.conf"
      lineinfile:
        dest: "{{ apache_conf_path }}/extra/httpd-ssl.conf"
        regexp: "^{{ item.regexp }}"
        line: "{{ item.regexp }}{{ item.line }}"
        backup: "{{ apache_backup_conf }}"
      loop: "{{ apache_httpd_conf_ssl_extra }}"
      notify: reload apache
    - name: "httpd-ssl: Absent extra lines in {{ apache_conf_path }}/extra/httpd-ssl.conf"
      lineinfile:
        state: "absent"
        dest: "{{ apache_conf_path }}/extra/httpd-ssl.conf"
        regexp: "{{ item }}"
        backup: "{{ apache_backup_conf }}"
      loop: "{{ apache_httpd_conf_ssl_extra_absent }}"
      notify: reload apache
    - name: "httpd-ssl: SSL Listen in {{ apache_conf_path }}/extra/httpd-ssl.conf"
      lineinfile:
        dest: "{{ apache_conf_path }}/extra/httpd-ssl.conf"
        line: "{{ item }}"
        backup: "{{ apache_backup_conf }}"
      loop: "{{ apache_httpd_conf_ssl_listen }}"
      notify: reload apache
    - name: "httpd-ssl: SSL in {{ apache_conf_path }}/httpd.conf"
      lineinfile:
        dest: "{{ apache_conf_path }}/httpd.conf"
        line: "{{ item }}"
        backup: "{{ apache_backup_conf }}"
      loop: "{{ apache_httpd_conf_ssl }}"
      notify: reload apache

# EOF
...

Configure vhosts

Synopsis

  • Configure virtual hosts in extra directory.

Annotation

  • Loop the dictionary {{ apache_vhost }} (10,21,31) and
  • optionally (11) create directories DocumentRoot (5,6).
  • create files with the Apache virtual hosts in {{ apache_conf_path }}/extra/ (16). See Template vhost.j2 (15).
  • Include created files (28) in {{ apache_conf_path }}/httpd.conf (26).

Code

[httpd-vhosts.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
---

- name: "httpd-vhosts: Create directories for virtual hosts"
  file:
    state: "directory"
    path: "{{ item.DocumentRoot }}"
    owner: "{{ apache_data_owner }}"
    group: "{{ apache_data_group }}"
    mode: "{{ apache_dir_mode }}"
  loop: "{{ apache_vhost }}"
  when: item.create_document_root|default(False)

- name: "httpd-vhosts: Configure virtual hosts in {{ apache_conf_path }}/extra/"
  template:
    src: "vhost.j2"
    dest: "{{ apache_conf_path }}/extra/{{ item.ServerName }}.conf"
    owner: "{{ apache_data_owner }}"
    group: "{{ apache_data_group }}"
    mode: "{{ apache_data_mode }}"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ apache_vhost }}"
  notify: reload apache

- name: "httpd-vhosts: Incl virtual hosts in {{ apache_conf_path }}/httpd.conf"
  lineinfile:
    dest: "{{ apache_conf_path }}/httpd.conf"
    regexp: "^Include etc/apache{{ apache_version }}/extra/{{ item.ServerName }}.conf"
    line: "Include etc/apache{{ apache_version }}/extra/{{ item.ServerName }}.conf"
    insertbefore: "BOF"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ apache_vhost }}"
  notify: reload apache

# EOF
...
Template vhost.j2

Create both http and https servers (1,8). Optionally default(True) redirect permanent http to https (4).

[vhost.j2]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
     <VirtualHost *:80>
     ServerName {{ item.ServerName }}
     DocumentRoot {{ item.DocumentRoot }}
{% if item.redirect|default(True) %}     Redirect permanent / https://{{ item.ServerName }}/
{% endif %}
     </VirtualHost>

     <VirtualHost *:443>
     ServerName {{ item.ServerName }}
     DocumentRoot {{ item.DocumentRoot }}
     SSLCertificateFile {{ item.SSLCertificateFile }}
     SSLCertificateKeyFile {{ item.SSLCertificateKeyFile }}
     </VirtualHost>

See Also

See also

Configure confd

Synopsis

  • Configure virtual hosts

Annotation

Configure virtual hosts in extra directory (4). Use encode_apache filter. Configure sections in Includes directory (8). Take the configuration data from the directories {{ apache_confd_dir_vhosts }} and {{ apache_confd_dir_sections }}. Include the files in httpd.conf.

Code

[httpd-confd.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
---

- name: "httpd-confd: Configure virtual hosts from {{ apache_confd_dir_vhosts }}"
  import_tasks: "httpd-confd-vhosts.yml"
  tags: apache-httpd-confd-vhosts

- name: "httpd-confd: Configure includes from {{ apache_confd_dir_sections }}"
  import_tasks: "httpd-confd-includes.yml"
  tags: apache-httpd-confd-includes

# EOF
...

Configure confd-vhosts

Synopsis

  • Configure virtual hosts with the filter encode_apache.
  • Take the YAML configuration files from the directory {{ apache_confd_dir_vhosts }} at master and create files with the Apache virtual hosts in {{ apache_conf_path }}/extra/ at the remote host.
  • The created files will be included in {{ apache_conf_path }}/httpd.conf.
  • The example of the YAML format of the configuration file is available at vars/conf.d/vhosts-sample/example.com.yml

Annotation

Include data from conf.d (3-17)

Include tasks from the file al_include_confd_vars_list (12) in the role vbotka.ansible_lib (11). This task takes as parameters the directory with the YAML configuration files (7), and the type of the list (8) and returns the list with the YAML configurations of the virtual hosts stored in the variable al_include_confd_vars_list. The variable can be printed (17) if debug is turned on apache_debug: true. The parameters (7,8) are tested inside the included tasks.

See also

See details of the included tasks at al_include_confd_vars_list.yml.

Create directories for virtual hosts (25-27)

Include tasks from fn/httpd-confd-vhost-dirs.yml .

Configure virtual hosts in extra directory (29-38)

Create the Apache configuration files for the virtual hosts with the help of encode_apache filter. Store the files in the directory {{ apache_conf_path }}/extra/.

See also

For details see the template vhost2.j2.

Include virtual hosts in httpd.conf (40-48)

Include virtual hosts in httpd.conf.

[httpd-confd-vhosts.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
---

- name: "httpd-confd-vhosts: Include variables from {{ apache_confd_dir_vhosts }}"
  block:
    - name: "httpd-confd-vhosts: Set variables for al_include_confd_vars_list"
      set_fact:
        al_include_confd_dir: "{{ apache_confd_dir_vhosts }}"
        al_include_confd_vars_list_type: "fname"
    - name: "httpd-confd-vhosts: Include al_include_confd_vars_list"
      include_role:
        name: "vbotka.ansible_lib"
        tasks_from: "al_include_confd_vars_list"
    - name: "httpd-confd-vhosts: Debug al_include_confd_vars_list"
      when: apache_debug|bool
      debug:
        var: item
      loop: "{{ al_include_confd_vars_list }}"

- name: "httpd-confd-vhosts: Debug list directories for virtual hosts"
  when: apache_debug|bool
  debug:
    msg: "{{ item|json_query('[].content[].sections[].content[].options[].DocumentRoot') }}"
  loop: "{{ al_include_confd_vars_list|json_query('[].vars') }}"

- name: "httpd-confd-vhosts: Create directories for virtual hosts"
  include_tasks: "fn/httpd-confd-vhost-dirs.yml"
  loop: "{{ al_include_confd_vars_list|json_query('[].vars') }}"

- name: "httpd-confd-vhosts: Configure virtual hosts in {{ apache_conf_path }}/extra/"
  template:
    src: "vhost2.j2"
    dest: "{{ apache_conf_path }}/extra/{{ item.fname }}.conf"
    owner: "{{ apache_data_owner }}"
    group: "{{ apache_data_group }}"
    mode: "{{ apache_data_mode }}"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ al_include_confd_vars_list }}"
  notify: reload apache

- name: "httpd-confd-vhosts: Incl virtual hosts in {{ apache_conf_path }}/httpd.conf"
  lineinfile:
    dest: "{{ apache_conf_path }}/httpd.conf"
    regexp: "^Include etc/apache{{ apache_version }}/extra/{{ item.fname }}.conf"
    line: "Include etc/apache{{ apache_version }}/extra/{{ item.fname }}.conf"
    insertbefore: "BOF"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ al_include_confd_vars_list }}"
  notify: reload apache

# EOF
...
Configure confd-vhost-dirs
  • Create DocumentRoot directories for vhosts.

[fn/httpd-confd-vhost-dirs.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
---
- name: "httpd-confd-vhost-dirs: Create directories for virtual hosts"
  file:
    state: "directory"
    path: "{{ vhost_dir }}"
    owner: "{{ apache_data_owner }}"
    group: "{{ apache_data_group }}"
    mode: "{{ apache_dir_mode }}"
  loop: "{{ item|json_query('[].content[].sections[].content[].options[].DocumentRoot') }}"
  loop_control:
    loop_var: vhost_dir
...

Configure confd-includes

Synopsis

  • Configure sections with the filter encode_apache.

Annotation

  • Take the YAML configuration files from the directory {{ apache_confd_dir_sections }} at master and create files with the sections in {{ apache_conf_path }}/Includes/ at the remote host. These created files are included in {{ apache_conf_path }}/httpd.conf by default.
$ grep Includes /usr/local/etc/apache24/httpd.conf
Include etc/apache24/Includes/*.conf
Include data from conf.d (3-17)

Include tasks from the file al_include_confd_vars_list (12) in the role vbotka.ansible_lib (11). This task takes as parameters the directory with the YAML configuration files (7), and the type of the list (8) and returns the list with the YAML configurations of the sections stored in the variable al_include_confd_vars_list. The variable can be printed (17) if debug is turned on apache_debug: true. The parameters (7,8) are tested inside the included tasks.

See also

See details of the included tasks at al_include_confd_vars_list.yml.

Configure sections in Includes directory (19-28)

Create the Apache configuration files for the sections with the help of encode_apache filter. Store the files in the directory {{ apache_conf_path }}/Includes/ (22).

[httpd-confd-includes.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
---

- name: "httpd-confd-includes: Include sections from {{ apache_confd_dir_sections }}"
  block:
    - name: "httpd-confd-includes: Set variables for al_include_confd_vars_list"
      set_fact:
        al_include_confd_dir: "{{ apache_confd_dir_sections }}"
        al_include_confd_vars_list_type: "fname"
    - name: "httpd-confd-includes: Include al_include_confd_vars_list"
      include_role:
        name: vbotka.ansible_lib
        tasks_from: al_include_confd_vars_list
    - name: "httpd-confd-includes: Debug al_include_confd_vars_list"
      when: apache_debug|bool
      debug:
        var: item
      loop: "{{ al_include_confd_vars_list }}"

- name: "httpd-confd-includes: Configure sections in {{ apache_conf_path }}/Includes/"
  template:
    src: "section2.j2"
    dest: "{{ apache_conf_path }}/Includes/{{ item.fname }}.conf"
    owner: "{{ apache_data_owner }}"
    group: "{{ apache_data_group }}"
    mode: "{{ apache_data_mode }}"
    backup: "{{ apache_backup_conf }}"
  loop: "{{ al_include_confd_vars_list }}"
  notify: reload apache

# EOF
...
Template section2.j2

[section2.j2]

1
2
3
{% for section in item.vars %}
{{ section | encode_apache }}
{% endfor %}

Service

[service.yml]

1
2
3
4
5
6
7
8
---

- name: "service: Config FreeBSD"
  import_tasks: "rcconf.yml"
  when: ansible_os_family == "FreeBSD"

# EOF
...

[rcconf.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
---

- name: "rc_conf: Enable and Start Apache"
  when: apache_enable|bool
  lineinfile:
    dest: "/etc/rc.conf"
    regexp: "^\\s*{{ apache_service }}_enable\\s*="
    line: "{{ apache_service }}_enable=\"YES\""
    backup: "{{ apache_backup_conf }}"
  notify: enable and start apache

- name: "rc_conf: Disable and Stop Apache"
  when: not apache_enable|bool
  lineinfile:
    dest: "/etc/rc.conf"
    regexp: "^\\s*{{ apache_service }}_enable\\s*="
    line: "{{ apache_service }}_enable=\"NO\""
    backup: "{{ apache_backup_conf }}"
  notify: disable and stop apache

# EOF
...

Handlers

[main.yml]

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
---
# handlers for vbotka.apache

- name: enable and start apache
  service:
    name: "{{ apache_service }}"
    state: started
    enabled: true

- name: disable and stop apache
  service:
    name: "{{ apache_service }}"
    state: stopped
    enabled: false

- name: restart apache
  when: apache_enable|bool
  service:
    name: "{{ apache_service }}"
    state: restarted

- name: reload apache
  when: apache_enable|bool
  service:
    name: "{{ apache_service }}"
    state: reloaded

- name: graceful apache
  when: apache_enable|bool
  command: "/usr/local/etc/rc.d/{{ apache_service }} graceful"

- name: gracefulstop apache
  when: apache_enable|bool
  command: "/usr/local/etc/rc.d/{{ apache_service }} gracefulstop"

# EOF
...