Initial commit

author: Christian Franke <nobody@nowhere.ws> 2015-08-25 19:23:43 +0200
committer: Christian Franke <nobody@nowhere.ws> 2015-08-25 19:23:43 +0200
commit: af66612e6014bea48458125cda72d73c51bc3c20 (patch)
tree: 49cee76d579149a9fd800225303ee31be79cf3eb /roles/apache
2 files changed, 37 insertions, 0 deletions
diff --git a/roles/apache/handlers/main.yaml b/roles/apache/handlers/main.yaml
new file mode 100644
index 0000000..ca5b41d
--- /dev/null
+++ b/roles/apache/handlers/main.yaml
@@ -0,0 +1,3 @@
+---
+- name: Reload apache
+  service: name=apache2 state=reloaded
diff --git a/roles/apache/tasks/main.yaml b/roles/apache/tasks/main.yaml
new file mode 100644
index 0000000..0125a08
--- /dev/null
+++ b/roles/apache/tasks/main.yaml
@@ -0,0 +1,34 @@
+---
+# Setup apache
+- name: Install apache
+  apt: name={{ item }} state=present
+  with_items:
+    - apache2
+    - apache2-mpm-event
+
+- name: Enable Apache Modules
+  apache2_module: name={{ item }} state=present
+  with_items:
+    - authnz_ldap
+    - authz_groupfile
+    - cgid
+    - headers
+    - info
+    - proxy
+    - proxy_http
+    - reqtimeout
+    - rewrite
+    - ssl
+  notify: Reload apache
+
+- name: Disable standard vhost
+  file:
+    name=/etc/apache2/sites-enabled/000-default.conf
+    state=absent
+  notify: Reload apache
+
+- name: Configure OCSP Stapling cache
+  lineinfile:
+    dest=/etc/apache2/mods-enabled/ssl.conf
+    line="SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ocsp_scache(128000)"
+  notify: Reload apache
author	Christian Franke <nobody@nowhere.ws>	2015-08-25 19:23:43 +0200
committer	Christian Franke <nobody@nowhere.ws>	2015-08-25 19:23:43 +0200
commit	af66612e6014bea48458125cda72d73c51bc3c20 (patch)
tree	49cee76d579149a9fd800225303ee31be79cf3eb /roles/apache