ansible-role-apache/tasks/configuration.yml

57 lines
1.5 KiB
YAML

---
- name: "configuration | Deaktiviere Server-Tokens"
ansible.builtin.lineinfile:
path: /etc/apache2/conf-enabled/security.conf
regexp: '^ServerTokens OS'
line: ServerTokens Prod
notify: reload apache2
- name: "configuration | Deaktiviere access-Logs"
ansible.builtin.command:
cmd: a2disconf other-vhosts-access-log
removes: /etc/apache2/conf-enabled/other-vhosts-access-log.conf
notify: reload apache2
- name: "apache | Generiere Diffie-Hellman-Parameter"
openssl_dhparam:
path: "{{ dhparams_path }}"
when: "'extern_hosts' in group_names"
- name: "configuration | Kopiere Dateien"
ansible.builtin.copy:
src: "{{ item }}"
dest: "/etc/apache2/conf-available/{{ item }}"
mode: 0644
loop:
- add-headers.conf
- letsencrypt.conf
- sao-cache.conf
- name: "configuration | Kopiere SSL-Konfiguration"
ansible.builtin.template:
src: ssl.conf
dest: /etc/apache2/conf-available/ssl.conf
mode: 0644
- name: "configuration | Aktiviere Module"
ansible.builtin.apache2_module:
name: "{{ item }}"
state: present
notify: reload apache2
when: "'extern_hosts' in group_names"
loop:
- headers
- mpm_event
- ssl
- name: "configuration | Aktiviere Konfiguration"
ansible.builtin.command:
cmd: "a2enconf {{ item }}"
creates: "/etc/apache2/conf-enabled/{{ item }}"
notify: reload apache2
when: "'extern_hosts' in group_names"
loop:
- add-headers.conf
- letsencrypt.conf
- sao-cache.conf
- ssl.conf