- name: install apache2
ansible.builtin.package:
name: apache2
- name: enable mod_md
ansible.builtin.command:
cmd: a2enmod md
creates: /etc/apache2/mods-enabled/md.load
notify: restart web
- name: enable mod_ssl
ansible.builtin.command:
cmd: a2enmod ssl
creates: /etc/apache2/mods-enabled/ssl.load
notify: restart web
- name: enable mod_userdir
ansible.builtin.command:
cmd: a2enmod userdir
creates: /etc/apache2/mods-enabled/userdir.load
notify: restart web
- name: enable mod_proxy_http
ansible.builtin.command:
cmd: a2enmod proxy_http
creates: /etc/apache2/mods-enabled/proxy_http.load
notify: restart web
- name: enable mod_headers
ansible.builtin.command:
cmd: a2enmod headers
creates: /etc/apache2/mods-enabled/headers.load
notify: restart web
- name: enable mod_rewrite
ansible.builtin.command:
cmd: a2enmod rewrite
creates: /etc/apache2/mods-enabled/rewrite.load
notify: restart web
- name: ssl site
ansible.builtin.copy:
dest: /etc/apache2/sites-enabled/ssl.conf
content: |
{% if web_server_reachable %}
MDomain {{ public_hostname_punycode }}
MDCertificateAgreement accepted
{% endif %}
ServerName {{ public_hostname_punycode }}
SSLEngine on
{% if not web_server_reachable %}
SSLCertificateFile "/etc/ssl/certs/ssl-cert-snakeoil.pem"
SSLCertificateKeyFile "/etc/ssl/private/ssl-cert-snakeoil.key"
{% endif %}
ServerAdmin {{ admin_email }}
ProxyPass http://127.0.0.1:8080/vaultwarden/
ProxyPreserveHost On
RequestHeader set X-Real-IP %{REMOTE_ADDR}s
RedirectMatch "^/$" "https://ñix.es/cgit/alex/ñix.es.git/about/"
RewriteEngine on
RewriteCond ${alexblog:$1} >""
RewriteMap alexblog "txt:/home/alex/public_html/redirections.txt"
RewriteRule "^/~alex/(.*)" "/~alex/${alexblog:$1}" [R=308,L]
notify: restart web
- name: alex.corcoles.net
ansible.builtin.copy:
dest: /etc/apache2/sites-enabled/alex-corcoles-net.conf
content: |
{% if web_server_reachable %}
MDomain alex.corcoles.net
MDCertificateAgreement accepted
{% endif %}
ServerName alex.corcoles.net
SSLEngine on
{% if not web_server_reachable %}
SSLCertificateFile "/etc/ssl/certs/ssl-cert-snakeoil.pem"
SSLCertificateKeyFile "/etc/ssl/private/ssl-cert-snakeoil.key"
{% endif %}
ServerAdmin {{ admin_email }}
DocumentRoot /home/alex/public_html/
RewriteEngine on
RewriteCond ${alexblog:$1} >""
RewriteMap alexblog "txt:/home/alex/public_html/redirections.txt"
RewriteRule "^(.*)" "${alexblog:$1}" [R=308,L]
notify: restart web
- name: gemini
ansible.builtin.copy:
dest: /etc/apache2/conf-enabled/gemini.conf
content: |
AddType text/gemini .gmi
AddCharset UTF-8 .gmi
# With the default dir module configuration disabled, DirectoryIndex index enables multiviews for indexes.
# This means that you can have index.html and index.gmi and the client and server will negotiate which content to deliver.
DirectoryIndex index
LoadModule dir_module /usr/lib/apache2/modules/mod_dir.so
notify: restart web
- name: rss
ansible.builtin.copy:
dest: /etc/apache2/conf-enabled/rss.conf
content: |
AddCharset UTF-8 .rss
notify: restart web
- name: disable dir mod
ansible.builtin.command:
cmd: a2dismod -f dir
removes: /etc/apache2/mods-enabled/dir.conf
notify: restart web