75 lines
2.1 KiB
YAML
75 lines
2.1 KiB
YAML
---
|
|
|
|
|
|
# MapCache
|
|
- name: Configure MapCache
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: /srv/osm/mapcache/mapcache.xml
|
|
backup: no
|
|
with_first_found:
|
|
- "mapcache/mapcache.xml.{{ ansible_fqdn }}.j2"
|
|
- "mapcache/mapcache.xml.{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.j2"
|
|
- "mapcache/mapcache.xml.{{ ansible_distribution }}.j2"
|
|
- "mapcache/mapcache.xml.j2"
|
|
notify:
|
|
- handlerRestartApache
|
|
|
|
|
|
# Apache customizations
|
|
- name: Apache - Activate CGI module
|
|
apache2_module:
|
|
state: present
|
|
name: cgid
|
|
notify:
|
|
- handlerRestartApache
|
|
|
|
# Kinda paranoiac but I prefer the CGI not being freely accessible
|
|
- name: Apache - Restrict access to CGI
|
|
lineinfile:
|
|
path: /etc/apache2/conf-available/serve-cgi-bin.conf
|
|
regexp: '^(\s+)Require '
|
|
line: '\1Require local'
|
|
backrefs: yes
|
|
notify:
|
|
- handlerRestartApache
|
|
|
|
# We gather some extra data for the vhost template
|
|
- name: Apache - Set a fact about whether SSL is enabled or not - 1
|
|
apache2_module:
|
|
state: present
|
|
name: ssl
|
|
check_mode: yes
|
|
register: tmp
|
|
- name: Apache - Set a fact about whether SSL is enabled or not - 2
|
|
set_fact:
|
|
apache_module_ssl_enabled: "{{ not tmp.changed }}"
|
|
|
|
- name: Apache - Set up vhost
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: "{{ mapcache_vhost_filename }}"
|
|
backup: no
|
|
with_first_found:
|
|
- "apache2/vhost.{{ ansible_fqdn }}.j2"
|
|
- "apache2/vhost.{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.j2"
|
|
- "apache2/vhost.{{ ansible_distribution }}.j2"
|
|
- "apache2/vhost.j2"
|
|
notify:
|
|
- handlerRestartApache
|
|
|
|
# We try not to generate a 'changed' when using a2ensite, so we check beforehand.
|
|
- name: Apache - Check if vhost is enabled
|
|
command: find -L /etc/apache2/sites-enabled/ -samefile {{ mapcache_vhost_filename | quote }}
|
|
register: tmp
|
|
changed_when: False
|
|
check_mode: no
|
|
- name: Apache - Enable vhost
|
|
command: a2ensite {{ mapcache_vhost_filename | basename | quote }}
|
|
when: not tmp.stdout
|
|
notify:
|
|
- handlerRestartApache
|
|
|
|
- name: Apache - Check config
|
|
command: apache2ctl configtest
|
|
changed_when: False
|