1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00

Merge pull request #1258 from holta/fix-apache-conf-perms

Clean up roles/httpd/tasks/main.yml & html.yml
This commit is contained in:
A Holt 2018-10-28 03:24:45 -04:00 committed by GitHub
commit b06b16d515
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 52 additions and 48 deletions

View file

@ -59,7 +59,7 @@
with_fileglob: with_fileglob:
- html/services/* - html/services/*
- name: Create symlink from assets to {{ iiab_ini_file }} - name: Create symlink from /library/www/html/common/assets/iiab.ini to {{ iiab_ini_file }}
file: file:
src: "{{ iiab_ini_file }}" src: "{{ iiab_ini_file }}"
dest: "{{ doc_root }}/common/assets/iiab.ini" dest: "{{ doc_root }}/common/assets/iiab.ini"

View file

@ -1,15 +1,15 @@
- name: Install Apache's required packages (debian) - name: Install Apache's required packages (debian)
package: package:
name: "{{ item }}" #name: [u'apache2', u'php{{ php_version }}', u'php{{ php_version }}-curl'] # FAILS ('u' for Unicode strings)
#name: ['apache2', 'php{{ php_version }}', 'php{{ php_version }}-curl'] # WORKS?
name:
- apache2
- "php{{ php_version }}"
- "php{{ php_version }}-curl"
state: present state: present
with_items: when: is_debian
- apache2
- php{{ php_version }}
- php{{ php_version }}-curl
# - php{{ php_version }}-sqlite
tags: tags:
- download - download
when: is_debian
- name: Debian changed SQLite name (debian-8) - name: Debian changed SQLite name (debian-8)
package: package:
@ -23,14 +23,15 @@
- name: Install Apache's required packages (ubuntu) - name: Install Apache's required packages (ubuntu)
package: package:
name: "{{ item }}" #name: [u'apache2', u'php'] # FAILS ('u' for Unicode strings)
#name: ['apache2', 'php'] # WORKS
name:
- apache2
- php
state: present state: present
with_items: when: is_ubuntu
- apache2
- php
tags: tags:
- download - download
when: is_ubuntu
- name: SQLite3 no longer included in another package (ubuntu-18) - name: SQLite3 no longer included in another package (ubuntu-18)
package: package:
@ -39,17 +40,17 @@
- name: Install Apache's required packages (redhat) - name: Install Apache's required packages (redhat)
package: package:
name: "{{ item }}" #name: [u'httpd', u'php', u'php-curl', u'mod_authnz_external'] # FAILS ('u' for Unicode strings)
#name: ['httpd', 'php', 'php-curl', 'mod_authnz_external'] # WORKS
name:
- httpd
- php
- php-curl
- mod_authnz_external
state: present state: present
with_items: when: is_redhat
- httpd
- php
- php-curl
- mod_authnz_external
# - php-sqlite
tags: tags:
- download - download
when: is_redhat
# MOVED DOWN ~58 LINES # MOVED DOWN ~58 LINES
#- name: Remove the default apache2 config file (debuntu) #- name: Remove the default apache2 config file (debuntu)
@ -65,10 +66,10 @@
dest: "{{ item.dest }}" dest: "{{ item.dest }}"
owner: root owner: root
group: root group: root
mode: "{{ item.mode }}" mode: 0644
with_items: with_items:
- { src: '010-iiab.conf.j2', dest: '/etc/{{ apache_config_dir }}/010-iiab.conf', mode: '0644' } - { src: '010-iiab.conf.j2', dest: '/etc/{{ apache_config_dir }}/010-iiab.conf' }
- { src: 'proxy_ajp.conf.j2', dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf', mode: '0644' } - { src: 'proxy_ajp.conf.j2', dest: '/etc/{{ apache_config_dir }}/proxy_ajp.conf' }
#- { src: 'php.ini.j2', dest: '/etc/php.ini', mode: '0644' } # @jvonau suggests removing this in https://github.com/iiab/iiab/issues/1147 #- { src: 'php.ini.j2', dest: '/etc/php.ini', mode: '0644' } # @jvonau suggests removing this in https://github.com/iiab/iiab/issues/1147
# For schools that use WordPress and/or Moodle intensively. See iiab/iiab #1147 # For schools that use WordPress and/or Moodle intensively. See iiab/iiab #1147
@ -87,7 +88,7 @@
- { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' }
# remove symlinks for mpm-event, replace with mpm-prefork # remove symlinks for mpm-event, replace with mpm-prefork
- name: Remove mpm event links (debuntu) - name: Remove mpm event symlinks (debuntu)
file: file:
path: "/etc/apache2/mods-enabled/{{ item }}" path: "/etc/apache2/mods-enabled/{{ item }}"
state: absent state: absent
@ -98,8 +99,8 @@
- name: Create symlinks for mpm-prefork (debuntu) - name: Create symlinks for mpm-prefork (debuntu)
file: file:
path: "/etc/apache2/mods-enabled/{{ item }}"
src: "/etc/apache2/mods-available/{{ item }}" src: "/etc/apache2/mods-available/{{ item }}"
path: "/etc/apache2/mods-enabled/{{ item }}"
state: link state: link
with_items: with_items:
- mpm_prefork.conf - mpm_prefork.conf
@ -115,13 +116,11 @@
- rewrite - rewrite
when: is_debuntu when: is_debuntu
- name: Create symlinks for enabling our site (debuntu) - name: Create 010-iiab.conf symlink enabling our site (debuntu)
file: file:
path: "/etc/apache2/sites-enabled/{{ item }}" src: "/etc/{{ apache_config_dir }}/010-iiab.conf"
src: "/etc/apache2/sites-available/{{ item }}" path: /etc/apache2/sites-enabled/010-iiab.conf
state: link state: link
with_items:
- 010-iiab.conf
when: is_debuntu when: is_debuntu
- name: Remove apache2 default config files (debuntu) - name: Remove apache2 default config files (debuntu)
@ -146,7 +145,7 @@
name: admin name: admin
state: present state: present
- name: Add {{ apache_user }} (from variable apache_user) to admin group - name: Add user {{ apache_user }} (from variable apache_user) to admin group
user: user:
name: "{{ apache_user }}" name: "{{ apache_user }}"
groups: admin groups: admin
@ -166,7 +165,7 @@
name: "{{ apache_service }}" name: "{{ apache_service }}"
enabled: yes enabled: yes
- name: Create iiab-info directory - name: Create /library/www/html/info directory for http://box/info offline docs
file: file:
path: "{{ doc_root }}/info" path: "{{ doc_root }}/info"
mode: 0755 mode: 0755
@ -174,16 +173,20 @@
group: "{{ apache_user }}" group: "{{ apache_user }}"
state: directory state: directory
- name: Remove iiab-info.conf # roles/httpd/templates/iiab-info.conf.j2.deprecated is no longer needed, as
file: # Apache serves http://box/info directly from above /library/www/html/info
dest: "/etc/{{ apache_config_dir }}/iiab-info.conf" # directly (as generated by /usr/bin/iiab-refresh-wiki-docs)
state: absent #
#- name: Remove iiab-info.conf
- name: Remove iiab-info.conf symlink (debuntu) # file:
file: # path: "/etc/{{ apache_config_dir }}/iiab-info.conf"
dest: /etc/apache2/sites-enabled/iiab-info.conf # state: absent
state: absent #
when: is_debuntu #- name: Remove iiab-info.conf symlink (debuntu)
# file:
# path: /etc/apache2/sites-enabled/iiab-info.conf
# state: absent
# when: is_debuntu
# SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm playbook is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook, or in other ways) # SEE https://github.com/iiab/iiab/issues/1143 as the old roles/osm playbook is rarely used as of late 2018 (if anybody still uses roles/osm, they can overwrite osm.conf using the original osm playbook, or in other ways)
- name: Copy osm.conf for http://box/maps (all OS's) - name: Copy osm.conf for http://box/maps (all OS's)
@ -195,10 +198,11 @@
mode: 0644 mode: 0644
backup: yes backup: yes
- name: Create link from sites-enabled to sites-available (debuntu) - name: Create osm.conf symlink from sites-enabled to sites-available (debuntu)
file: file:
src: "/etc/{{ apache_config_dir }}/osm.conf" src: "/etc/{{ apache_config_dir }}/osm.conf"
dest: /etc/apache2/sites-enabled/osm.conf path: /etc/apache2/sites-enabled/osm.conf
#path: "/etc/{{ apache_service }}/sites-enabled/osm.conf"
state: link state: link
when: is_debuntu when: is_debuntu
@ -217,15 +221,15 @@
dest: /usr/bin/iiab-refresh-wiki-docs dest: /usr/bin/iiab-refresh-wiki-docs
mode: 0755 mode: 0755
- name: Give apache_user permission to poweroff - name: Give {{ apache_user }} (per variable apache_user) permission to poweroff
template: template:
src: 020_apache_poweroff.j2 src: 020_apache_poweroff.j2
dest: /etc/sudoers.d/020_apache_poweroff dest: /etc/sudoers.d/020_apache_poweroff
mode: 0755 mode: 0755
when: apache_allow_sudo when: apache_allow_sudo
- name: Remove apache_user permission to poweroff - name: Remove {{ apache_user }} (per variable apache_user) permission to poweroff
file: file:
dest: /etc/sudoers.d/020_apache_poweroff path: /etc/sudoers.d/020_apache_poweroff
state: absent state: absent
when: not apache_allow_sudo when: not apache_allow_sudo