Initial commit
This commit is contained in:
commit
e3639cc94c
18 changed files with 680 additions and 0 deletions
75
roles/mapserver/tasks/50_mapcache-and-apache.yml
Normal file
75
roles/mapserver/tasks/50_mapcache-and-apache.yml
Normal file
|
|
@ -0,0 +1,75 @@
|
|||
---
|
||||
|
||||
|
||||
# MapCache
|
||||
- name: Configure MapCache
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: /srv/osm/mapcache/mapcache.xml
|
||||
backup: no
|
||||
with_first_found:
|
||||
- "mapcache/mapcache.xml.{{ ansible_fqdn }}.j2"
|
||||
- "mapcache/mapcache.xml.{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.j2"
|
||||
- "mapcache/mapcache.xml.{{ ansible_distribution }}.j2"
|
||||
- "mapcache/mapcache.xml.j2"
|
||||
notify:
|
||||
- handlerRestartApache
|
||||
|
||||
|
||||
# Apache customizations
|
||||
- name: Apache - Activate CGI module
|
||||
apache2_module:
|
||||
state: present
|
||||
name: cgid
|
||||
notify:
|
||||
- handlerRestartApache
|
||||
|
||||
# Kinda paranoiac but I prefer the CGI not being freely accessible
|
||||
- name: Apache - Restrict access to CGI
|
||||
lineinfile:
|
||||
path: /etc/apache2/conf-available/serve-cgi-bin.conf
|
||||
regexp: '^(\s+)Require '
|
||||
line: '\1Require local'
|
||||
backrefs: yes
|
||||
notify:
|
||||
- handlerRestartApache
|
||||
|
||||
# We gather some extra data for the vhost template
|
||||
- name: Apache - Set a fact about whether SSL is enabled or not - 1
|
||||
apache2_module:
|
||||
state: present
|
||||
name: ssl
|
||||
check_mode: yes
|
||||
register: tmp
|
||||
- name: Apache - Set a fact about whether SSL is enabled or not - 2
|
||||
set_fact:
|
||||
apache_module_ssl_enabled: "{{ not tmp.changed }}"
|
||||
|
||||
- name: Apache - Set up vhost
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ mapcache_vhost_filename }}"
|
||||
backup: no
|
||||
with_first_found:
|
||||
- "apache2/vhost.{{ ansible_fqdn }}.j2"
|
||||
- "apache2/vhost.{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.j2"
|
||||
- "apache2/vhost.{{ ansible_distribution }}.j2"
|
||||
- "apache2/vhost.j2"
|
||||
notify:
|
||||
- handlerRestartApache
|
||||
|
||||
# We try not to generate a 'changed' when using a2ensite, so we check beforehand.
|
||||
- name: Apache - Check if vhost is enabled
|
||||
command: find -L /etc/apache2/sites-enabled/ -samefile {{ mapcache_vhost_filename | quote }}
|
||||
register: tmp
|
||||
changed_when: False
|
||||
check_mode: no
|
||||
- name: Apache - Enable vhost
|
||||
command: a2ensite {{ mapcache_vhost_filename | basename | quote }}
|
||||
when: not tmp.stdout
|
||||
notify:
|
||||
- handlerRestartApache
|
||||
|
||||
- name: Apache - Check config
|
||||
command: apache2ctl configtest
|
||||
changed_when: False
|
||||
Loading…
Add table
Add a link
Reference in a new issue