---
- name: make sure required software is installed
hosts: serverd.lab.example.com
become: yes
gather_facts: no
tasks:
- name: ensure the software is there
yum:
name: httpd
state: latest
- name: ensure that server admin is correctly set
lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: '^\s*ServerAdmin\s'
line: ServerAdmin webmaster@example.com
notify: them handlerz
- name: ensure that server is configured for port 80
lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: '^\s*Listen\s'
line: Listen 80
notify: them handlerz
- name: ensure we have a starting block delimiter
lineinfile:
path: /etc/httpd/conf/httpd.conf
insertbefore: '^'
line: "# **** THIS BLOCK IS MANAGED BY ANSIBLE. ANY CHANGES WILL BE REVERTED. ****"
- name: ensure default webroot permissions are sane
blockinfile:
path: /etc/httpd/conf/httpd.conf
marker: "{mark}"
marker_begin: "# **** THIS BLOCK IS MANAGED BY ANSIBLE. ANY CHANGES WILL BE REVERTED. ****"
marker_end: ""
block: |
Options FollowSymLinks
DirectoryIndex index.html
AllowOverride none
Require all granted
notify: them handlerz
- name: ensure the service is started and enabled to start automatically
service:
name: httpd
state: started
enabled: yes
- name: ensure firewall is open for the service
firewalld:
service: http
state: enabled
immediate: yes
permanent: yes
handlers:
- name: test configuration validity
listen: them handlerz
command:
cmd: apachectl configtest
creates: /tmp/was-here-already
chdir: /tmp
changed_when: false
- name: restart the service
listen: them handlerz
service:
name: httpd
state: restarted