2016-04-18 18:00:02 +02:00
|
|
|
# This file is part of Ansible
|
|
|
|
#
|
|
|
|
# Ansible is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# Ansible is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
- name: install apache via apt
|
2016-12-12 23:19:47 +01:00
|
|
|
apt:
|
2017-04-04 20:12:06 +02:00
|
|
|
name: "{{item}}"
|
2016-12-12 23:19:47 +01:00
|
|
|
state: present
|
2016-04-18 18:00:02 +02:00
|
|
|
when: "ansible_os_family == 'Debian'"
|
2017-04-04 20:12:06 +02:00
|
|
|
with_items:
|
|
|
|
- apache2
|
|
|
|
- libapache2-mod-evasive
|
2016-04-18 18:00:02 +02:00
|
|
|
|
|
|
|
- name: install apache via zypper
|
2016-12-12 23:19:47 +01:00
|
|
|
zypper:
|
|
|
|
name: apache2
|
|
|
|
state: present
|
2016-04-18 18:00:02 +02:00
|
|
|
when: "ansible_os_family == 'Suse'"
|
|
|
|
|
2016-05-04 00:09:26 +02:00
|
|
|
- name: disable userdir module
|
2016-12-12 23:19:47 +01:00
|
|
|
apache2_module:
|
|
|
|
name: userdir
|
|
|
|
state: absent
|
2016-04-18 18:00:02 +02:00
|
|
|
|
2016-05-04 00:09:26 +02:00
|
|
|
- name: disable userdir module, second run
|
2016-12-12 23:19:47 +01:00
|
|
|
apache2_module:
|
|
|
|
name: userdir
|
|
|
|
state: absent
|
2016-04-18 18:00:02 +02:00
|
|
|
register: disable
|
|
|
|
|
|
|
|
- name: ensure apache2_module is idempotent
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'not disable.changed'
|
|
|
|
|
2016-05-04 00:09:26 +02:00
|
|
|
- name: enable userdir module
|
2016-12-12 23:19:47 +01:00
|
|
|
apache2_module:
|
|
|
|
name: userdir
|
|
|
|
state: present
|
2016-04-18 18:00:02 +02:00
|
|
|
register: enable
|
|
|
|
|
|
|
|
- name: ensure changed on successful enable
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'enable.changed'
|
|
|
|
|
2016-05-04 00:09:26 +02:00
|
|
|
- name: enable userdir module, second run
|
2016-12-12 23:19:47 +01:00
|
|
|
apache2_module:
|
|
|
|
name: userdir
|
|
|
|
state: present
|
2016-04-18 18:00:02 +02:00
|
|
|
register: enabletwo
|
|
|
|
|
|
|
|
- name: ensure apache2_module is idempotent
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'not enabletwo.changed'
|
|
|
|
|
2016-05-04 00:09:26 +02:00
|
|
|
- name: disable userdir module, final run
|
2016-12-12 23:19:47 +01:00
|
|
|
apache2_module:
|
|
|
|
name: userdir
|
|
|
|
state: absent
|
2016-04-18 18:00:02 +02:00
|
|
|
register: disablefinal
|
|
|
|
|
|
|
|
- name: ensure changed on successful disable
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'disablefinal.changed'
|
2016-12-12 23:19:47 +01:00
|
|
|
|
|
|
|
- name: ensure autoindex enabled
|
|
|
|
apache2_module:
|
|
|
|
name: autoindex
|
|
|
|
state: present
|
|
|
|
|
|
|
|
- name: force disable of autoindex # bug #2499
|
|
|
|
apache2_module:
|
|
|
|
name: autoindex
|
|
|
|
state: absent
|
|
|
|
force: True
|
2017-04-04 20:12:06 +02:00
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: enable evasive module, test https://github.com/ansible/ansible/issues/22635
|
|
|
|
apache2_module:
|
|
|
|
name: evasive
|
|
|
|
state: present
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
2016-11-04 21:09:19 +01:00
|
|
|
|
|
|
|
- name: disable mpm modules
|
|
|
|
apache2_module:
|
|
|
|
name: "{{ item }}"
|
|
|
|
state: absent
|
|
|
|
ignore_configcheck: True
|
|
|
|
with_items:
|
|
|
|
- mpm_worker
|
|
|
|
- mpm_event
|
|
|
|
- mpm_prefork
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: enabled mpm_event
|
|
|
|
apache2_module:
|
|
|
|
name: mpm_event
|
|
|
|
state: present
|
|
|
|
ignore_configcheck: True
|
|
|
|
register: enabledmpmevent
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: ensure changed mpm_event
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'enabledmpmevent.changed'
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: switch between mpm_event and mpm_worker
|
|
|
|
apache2_module:
|
|
|
|
name: "{{ item.name }}"
|
|
|
|
state: "{{ item.state }}"
|
|
|
|
ignore_configcheck: True
|
|
|
|
with_items:
|
|
|
|
- name: mpm_event
|
|
|
|
state: absent
|
|
|
|
- name: mpm_worker
|
|
|
|
state: present
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: ensure mpm_worker is already enabled
|
|
|
|
apache2_module:
|
|
|
|
name: mpm_worker
|
|
|
|
state: present
|
|
|
|
register: enabledmpmworker
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: ensure mpm_worker unchanged
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- 'not enabledmpmworker.changed'
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: try to disable all mpm modules with configcheck
|
|
|
|
apache2_module:
|
|
|
|
name: "{{item}}"
|
|
|
|
state: absent
|
|
|
|
with_items:
|
|
|
|
- mpm_worker
|
|
|
|
- mpm_event
|
|
|
|
- mpm_prefork
|
|
|
|
ignore_errors: yes
|
|
|
|
register: remove_with_configcheck
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: ensure configcheck fails task with when run without mpm modules
|
|
|
|
assert:
|
|
|
|
that:
|
|
|
|
- "{{ item.failed }}"
|
|
|
|
with_items: "{{ remove_with_configcheck.results }}"
|
|
|
|
when: "ansible_os_family == 'Debian'"
|
|
|
|
|
|
|
|
- name: try to disable all mpm modules without configcheck
|
|
|
|
apache2_module:
|
|
|
|
name: "{{item}}"
|
|
|
|
state: absent
|
|
|
|
ignore_configcheck: True
|
|
|
|
with_items:
|
|
|
|
- mpm_worker
|
|
|
|
- mpm_event
|
|
|
|
- mpm_prefork
|
|
|
|
when: "ansible_os_family == 'Debian'"
|