| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 |
- ---
- - name: make sure required software is installed
- hosts: serverd.lab.example.com
- become: yes
- gather_facts: no
- tasks:
- - name: ensure the software is there
- yum:
- name: httpd
- state: latest
- - name: ensure that server admin is correctly set
- lineinfile:
- path: /etc/httpd/conf/httpd.conf
- regexp: '^\s*ServerAdmin\s'
- line: ServerAdmin webmaster@example.com
- notify: them handlerz
- - name: ensure that server is configured for port 80
- lineinfile:
- path: /etc/httpd/conf/httpd.conf
- regexp: '^\s*Listen\s'
- line: Listen 80
- notify: them handlerz
- - name: ensure we have a starting block delimiter
- lineinfile:
- path: /etc/httpd/conf/httpd.conf
- insertbefore: '^<Directory "/var/www/html">'
- line: "# **** THIS BLOCK IS MANAGED BY ANSIBLE. ANY CHANGES WILL BE REVERTED. ****"
- - name: ensure default webroot permissions are sane
- blockinfile:
- path: /etc/httpd/conf/httpd.conf
- marker: "{mark}"
- marker_begin: "# **** THIS BLOCK IS MANAGED BY ANSIBLE. ANY CHANGES WILL BE REVERTED. ****"
- marker_end: "</Directory>"
- block: |
- <Directory "/var/www/html">
- Options FollowSymLinks
- DirectoryIndex index.html
- AllowOverride none
- Require all granted
- notify: them handlerz
- - name: ensure the service is started and enabled to start automatically
- service:
- name: httpd
- state: started
- enabled: yes
- - name: ensure firewall is open for the service
- firewalld:
- service: http
- state: enabled
- immediate: yes
- permanent: yes
- handlers:
- - name: test configuration validity
- listen: them handlerz
- command:
- cmd: apachectl configtest
- creates: /tmp/was-here-already
- chdir: /tmp
- changed_when: false
- - name: restart the service
- listen: them handlerz
- service:
- name: httpd
- state: restarted
|
