--- # MapCache - name: Configure MapCache template: src: "{{ item }}" dest: /srv/osm/mapcache/mapcache.xml backup: no with_first_found: - "mapcache/mapcache.xml.{{ ansible_fqdn }}.j2" - "mapcache/mapcache.xml.{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.j2" - "mapcache/mapcache.xml.{{ ansible_distribution }}.j2" - "mapcache/mapcache.xml.j2" notify: - handlerRestartApache # Apache customizations - name: Apache - Activate CGI module apache2_module: state: present name: cgid notify: - handlerRestartApache # Kinda paranoiac but I prefer the CGI not being freely accessible - name: Apache - Restrict access to CGI lineinfile: path: /etc/apache2/conf-available/serve-cgi-bin.conf regexp: '^(\s+)Require ' line: '\1Require local' backrefs: yes notify: - handlerRestartApache # We gather some extra data for the vhost template - name: Apache - Set a fact about whether SSL is enabled or not - 1 apache2_module: state: present name: ssl check_mode: yes register: tmp - name: Apache - Set a fact about whether SSL is enabled or not - 2 set_fact: apache_module_ssl_enabled: "{{ not tmp.changed }}" - name: Apache - Set up vhost template: src: "{{ item }}" dest: "{{ mapcache_vhost_filename }}" backup: no with_first_found: - "apache2/vhost.{{ ansible_fqdn }}.j2" - "apache2/vhost.{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.j2" - "apache2/vhost.{{ ansible_distribution }}.j2" - "apache2/vhost.j2" notify: - handlerRestartApache # We try not to generate a 'changed' when using a2ensite, so we check beforehand. - name: Apache - Check if vhost is enabled command: find -L /etc/apache2/sites-enabled/ -samefile {{ mapcache_vhost_filename | quote }} register: tmp changed_when: False check_mode: no - name: Apache - Enable vhost command: a2ensite {{ mapcache_vhost_filename | basename | quote }} when: not tmp.stdout notify: - handlerRestartApache - name: Apache - Check config command: apache2ctl configtest changed_when: False