From af66612e6014bea48458125cda72d73c51bc3c20 Mon Sep 17 00:00:00 2001
From: Christian Franke <nobody@nowhere.ws>
Date: Tue, 25 Aug 2015 19:23:43 +0200
Subject: Initial commit

---
 roles/apache/handlers/main.yaml |  3 +++
 roles/apache/tasks/main.yaml    | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100644 roles/apache/handlers/main.yaml
 create mode 100644 roles/apache/tasks/main.yaml

(limited to 'roles/apache')

diff --git a/roles/apache/handlers/main.yaml b/roles/apache/handlers/main.yaml
new file mode 100644
index 0000000..ca5b41d
--- /dev/null
+++ b/roles/apache/handlers/main.yaml
@@ -0,0 +1,3 @@
+---
+- name: Reload apache
+  service: name=apache2 state=reloaded
diff --git a/roles/apache/tasks/main.yaml b/roles/apache/tasks/main.yaml
new file mode 100644
index 0000000..0125a08
--- /dev/null
+++ b/roles/apache/tasks/main.yaml
@@ -0,0 +1,34 @@
+---
+# Setup apache
+- name: Install apache
+  apt: name={{ item }} state=present
+  with_items:
+    - apache2
+    - apache2-mpm-event
+
+- name: Enable Apache Modules
+  apache2_module: name={{ item }} state=present
+  with_items:
+    - authnz_ldap
+    - authz_groupfile
+    - cgid
+    - headers
+    - info
+    - proxy
+    - proxy_http
+    - reqtimeout
+    - rewrite
+    - ssl
+  notify: Reload apache
+
+- name: Disable standard vhost
+  file:
+    name=/etc/apache2/sites-enabled/000-default.conf
+    state=absent
+  notify: Reload apache
+
+- name: Configure OCSP Stapling cache
+  lineinfile:
+    dest=/etc/apache2/mods-enabled/ssl.conf
+    line="SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ocsp_scache(128000)"
+  notify: Reload apache
-- 
cgit v1.2.1