rajout exercice vault

27_vault/myapache5/tasks/main.yml

@@ -0,0 +1,74 @@
+---
+# tasks file for myapache
+- name: import distribution specific variables
+  tags: http
+  include_vars: "{{ ansible_distribution|lower }}.yml"
+
+- name: import sensitive info
+  tags: [http,secu]
+  include_vars: "private_data"
+
+- name: install apache
+  tags: httpd
+  package: 
+    name: "{{ package_name }}"
+    state: latest
+
+- name: conf httpd
+  tags: httpd
+  notify: reload httpd
+  template:
+    src: vhost.conf.jj
+    dest: "{{ apache_conf_dir }}/vhost.conf"
+    mode: 0640
+    owner: root
+    group: "{{ apache_group }}"
+
+- name: activate apache
+  tags: httpd
+  service:
+    name: "{{ service_name }}"
+    enabled: yes
+
+- name: open firewall port
+  tags: httpd
+  firewalld:
+    service: http
+    permanent: yes
+    immediate: yes
+    state: enabled
+  ignore_errors: yes
+  notify: reload firewalld
+  when: ansible_distribution|lower != "debian"
+
+- name: create documentroot
+  tags: httpd
+  file:
+    name: "{{ item.documentroot }}"
+    state: directory
+  with_items:
+    - "{{ apache_vhosts }}"
+
+- name: install python passlib package
+  tags: req,httpd
+  package:
+    name: python-passlib
+    state: latest
+
+- name: create index file
+  tags: httpd
+  copy:
+    src: index.html
+    dest: "{{ item.documentroot }}/index.html"
+    mode: 0644
+  with_items:
+    - "{{ apache_vhosts }}"
+
+- name: passwd file
+  htpasswd:
+    path: "{{ apache_conf_dir }}/passwd"
+    name: tom
+    password: "{{ htpassword }}"
+    mode: 0640
+    owner: root
+    group: "{{ apache_group }}"