--- - name: "configuration | Deaktiviere Server-Tokens" ansible.builtin.lineinfile: path: /etc/apache2/conf-enabled/security.conf regexp: '^ServerTokens OS' line: ServerTokens Prod notify: reload apache2 - name: "configuration | Deaktiviere access-Logs" ansible.builtin.command: cmd: a2disconf other-vhosts-access-log removes: /etc/apache2/conf-enabled/other-vhosts-access-log.conf notify: reload apache2 - name: "apache | Generiere Diffie-Hellman-Parameter" openssl_dhparam: path: "{{ dhparams_path }}" # All of our apache2 instances are currently running behind public reverse proxies. # Thus, they do not offer HTTPS and do not need DH parameters. when: "'extern_hosts' in group_names" - name: "configuration | Kopiere Dateien" ansible.builtin.copy: src: "{{ item }}" dest: "/etc/apache2/conf-available/{{ item }}" mode: 0644 loop: - add-headers.conf - letsencrypt.conf - sao-cache.conf - name: "configuration | Kopiere SSL-Konfiguration" ansible.builtin.template: src: ssl.conf dest: /etc/apache2/conf-available/ssl.conf mode: 0644 - name: "configuration | Aktiviere Module" ansible.builtin.apache2_module: name: "{{ item }}" state: present notify: reload apache2 when: "'extern_hosts' in group_names" loop: - headers - mpm_event - ssl - name: "configuration | Aktiviere Konfiguration" ansible.builtin.command: cmd: "a2enconf {{ item }}" creates: "/etc/apache2/conf-enabled/{{ item }}" notify: reload apache2 when: "'extern_hosts' in group_names" loop: - add-headers.conf - letsencrypt.conf - sao-cache.conf - ssl.conf