forked from Netz39_Admin/netz39-infra-ansible
Add httpd setup and role for docker proxy in Apache2
This commit is contained in:
parent
290fc43f54
commit
07c53212a0
4 changed files with 80 additions and 0 deletions
33
httpd.yml
Normal file
33
httpd.yml
Normal file
|
@ -0,0 +1,33 @@
|
|||
---
|
||||
- hosts: tau
|
||||
become: true
|
||||
|
||||
vars:
|
||||
- server_admin: "admin@netz39.de"
|
||||
|
||||
|
||||
tasks:
|
||||
- name: Update and clean package cache
|
||||
apt:
|
||||
update_cache: true
|
||||
cache_valid_time: 3600
|
||||
autoclean: true
|
||||
|
||||
- name: Ensure Apache2 and modules are installed and up to date
|
||||
apt:
|
||||
name:
|
||||
- apache2
|
||||
state: latest
|
||||
|
||||
- name: Ensure mod_rewrite is enabled
|
||||
apache2_module:
|
||||
name: rewrite
|
||||
state: present
|
||||
|
||||
|
||||
- name: Setup proxy site testredmine.netz39.de
|
||||
include_role:
|
||||
name: setup-http-site-proxy
|
||||
vars:
|
||||
site_name: testredmine.netz39.de
|
||||
proxy_port: 9004
|
5
roles/setup-http-site-proxy/handlers/main.yml
Normal file
5
roles/setup-http-site-proxy/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: restart apache2
|
||||
service:
|
||||
name: apache2
|
||||
state: restarted
|
12
roles/setup-http-site-proxy/tasks/main.yml
Normal file
12
roles/setup-http-site-proxy/tasks/main.yml
Normal file
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
- name: Add or update Apache2 site
|
||||
template:
|
||||
src: templates/apache-docker-proxy-site.j2
|
||||
dest: /etc/apache2/sites-available/{{site_name}}.conf
|
||||
notify: restart apache2
|
||||
|
||||
- name: Activate Apache2 site
|
||||
command: a2ensite {{ site_name}}
|
||||
args:
|
||||
creates: /etc/apache2/sites-enabled/{{ site_name }}.conf
|
||||
notify: restart apache2
|
|
@ -0,0 +1,30 @@
|
|||
<VirtualHost {{ ansible_default_ipv4.address }}:80>
|
||||
ServerAdmin {{ server_admin }}
|
||||
ServerName {{ site_name }}
|
||||
ServerAlias {{ site_name }}
|
||||
ErrorLog /var/log/apache2/{{ site_name }}-error.log
|
||||
CustomLog /var/log/apache2/{{ site_name }}-access.log common
|
||||
|
||||
<ifmodule mod_rewrite.c>
|
||||
RewriteEngine On
|
||||
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
|
||||
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
||||
</ifmodule>
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost {{ ansible_default_ipv4.address }}:443>
|
||||
ServerAdmin {{ server_admin }}
|
||||
ServerName {{ site_name }}
|
||||
ServerAlias {{ site_name }}
|
||||
|
||||
ErrorLog /var/log/apache2/{{ site_name }}-error.log
|
||||
CustomLog /var/log/apache2/{{ site_name }}-access.log common
|
||||
|
||||
SSLEngine on
|
||||
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
|
||||
SSLCertificateFile /usr/local/etc/dehydrated/certs/{{ site_name }}/cert.pem
|
||||
SSLCertificateKeyFile /usr/local/etc/dehydrated/certs/{{ site_name }}/privkey.pem
|
||||
SSLCertificateChainFile /usr/local/etc/dehydrated/certs/{{ site_name }}/chain.pem
|
||||
|
||||
ProxyPass / http://localhost:{{proxy_port}}/
|
||||
</VirtualHost>
|
Loading…
Reference in a new issue