A brief description of the role goes here.
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Listen IP and port:
apache_listen_ip
: The IP to listen onapache_listen_port
: Port to listen on for non-SSL vhostsapache_listen_port_ssl
: Listen port vor SSL vhosts
Vhost configuration files:
apache_vhosts_filename
: Name of the vhost configuration file created on the hostapache_vhosts_template
: Name of the vhost configuration template in the ansibletemplates
directory
Vhost default options (applies to all vhosts unless overriden):
apache_allow_override
: Defaultallow_override
setting to allow overrides in.htaccess
filesapache_options
: Default apache options that can be overridden in a particular vhost configuration
apache_vhosts
defines all Apache virtual hosts (non-ssl vhost). Each vhost contains
the required variable servername
to uniquely identify the vhost. All other
variables are optional and defined as follows:
serveralias
: Alias or alternative name for the hostdocumentroot
: Main document treeredirect_ssl
: Redirect to SSL enabled vhostoptions
: Vhost apache options that override the default options of the global variableapache_options
serveradmin
: Email address of server admin
apache_vhosts_ssl
defines all SSL-enabled Apache virtual hosts, supporting
the same variables as apache_vhosts
(except for redirect_ssl
).
Additionally, SSL key and certificate need to be specified.
SSL variables specific to a vhost in apache_vhosts_ssl
:
certificate_file
: SSL certificate and chain filecertificate_key_file
: SSL key filecertificate_chain_file
: Separate chain file, deprecated since apache 2.4.8
Global SSL variables (not vhost specific):
apache_ssl_protocol
: Allowed SSL protocol versionsapache_ssl_cipher_suite
: Allowed SSL cipher suites
The playbook creates module symlinks into the /etc/apache2/mods-enabled/
directory for Debian based hosts. Modules listed in apache_mods_enabled
ar
enabled by default:
rewrite.load
: Rewrite modulessl.load
: SSL module
Any configuration directive not covered by the variables above can be appended
to the apache_vhosts.extra_options
and apache_vhosts_ssl.extra_options
variables using a literal block scalar
as follows:
extra_options: |
<Location "/status">
SetHandler server-status
Require host example.com
</Location>
These extra options are appended right before the closing
<VirtualHost>
section.
- Role: adfinis-sygroup.pki
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: adfinis-sygroup.apache }
apache role was written by: