bbe5bb7c3c
Restarting the apache service under ubuntu read the envvars file. This envvars contains the folder for logrotate. If the folder doesn't exist or hasn't the apache permissions, the restart of the service will fail. We ensure here the folder properly exists, with the right permissions. Change-Id: I041a044ef88aff917eeb3a618c2c08ac9ceb80fe
100 lines
3.2 KiB
YAML
100 lines
3.2 KiB
YAML
---
|
|
# Copyright 2014, Rackspace US, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
- name: Ensure apache log folder exists
|
|
file:
|
|
dest: "{{ horizon_apache_default_log_folder }}"
|
|
state: directory
|
|
owner: "{{ horizon_apache_default_log_owner }}"
|
|
group: "{{ horizon_apache_default_log_grp }}"
|
|
|
|
# Workaround for https://github.com/ansible/ansible-modules-core/issues/5328
|
|
# TODO: Replace using apache2_module when fixed in Ansible release
|
|
- name: Enable apache2 modules
|
|
command: "{{ (item.state == 'present') | ternary('a2enmod','a2dismod') }} {{ item.name }}"
|
|
register: horizon_apache2_module
|
|
changed_when: horizon_apache2_module.stdout.find('{{ item.name }} already') == -1
|
|
with_items:
|
|
- { state: present, name: wsgi }
|
|
- { state: present, name: ssl }
|
|
- { state: absent, name: mpm_event }
|
|
- { state: present, name: mpm_worker }
|
|
- { state: present, name: rewrite }
|
|
- { state: present, name: headers }
|
|
when:
|
|
- ansible_pkg_mgr == 'apt'
|
|
notify: Restart apache2
|
|
|
|
- name: Drop apache2 configs
|
|
template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
owner: "{{ item.owner|default(horizon_system_user_name) }}"
|
|
group: "{{ item.group|default(horizon_system_group_name) }}"
|
|
with_items: "{{ horizon_apache_configs }}"
|
|
notify: Restart apache2
|
|
|
|
- name: Disable default apache site
|
|
file:
|
|
path: "{{ item }}"
|
|
state: "absent"
|
|
with_items: "{{ horizon_apache_default_sites }}"
|
|
notify: Restart apache2
|
|
|
|
- name: Enable Horizon Site
|
|
file:
|
|
src: "{{ horizon_apache_site_available }}"
|
|
dest: "{{ horizon_apache_site_enabled }}"
|
|
state: "link"
|
|
when:
|
|
- horizon_apache_site_available is defined
|
|
- horizon_apache_site_enabled is defined
|
|
notify: Restart apache2
|
|
|
|
- name: Ensure Apache ServerName
|
|
lineinfile:
|
|
dest: "{{ horizon_apache_conf }}"
|
|
line: "ServerName {{ horizon_server_name }}"
|
|
notify: Restart apache2
|
|
|
|
- name: Ensure Apache ServerTokens
|
|
lineinfile:
|
|
dest: "{{ horizon_apache_security_conf }}"
|
|
regexp: '^ServerTokens'
|
|
line: "ServerTokens {{ horizon_apache_servertokens }}"
|
|
notify: Restart apache2
|
|
|
|
- name: Ensure Apache ServerSignature
|
|
lineinfile:
|
|
dest: "{{ horizon_apache_security_conf }}"
|
|
regexp: '^ServerSignature'
|
|
line: "ServerSignature {{ horizon_apache_serversignature }}"
|
|
notify: Restart apache2
|
|
|
|
# Removing the Listen from apache config to prevent conflick with ports.conf on CentOS
|
|
- name: remove Listen from Apache config
|
|
lineinfile:
|
|
dest: "{{ horizon_apache_security_conf }}"
|
|
regexp: '^(Listen.*)'
|
|
backrefs: yes
|
|
line: '#\1'
|
|
notify: Restart apache2
|
|
|
|
- name: Load service
|
|
service:
|
|
name: "{{ horizon_system_service_name }}"
|
|
enabled: "yes"
|
|
state: "started"
|