diff --git a/README.md b/README.md index d45e16b..fa5fa6a 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ Role Variables apache_server_name apache_ssl_root_email: email to use for certificate apache_server_alias (list) +apache_user_password: default undefined apache_base_dir: /srv/{{ apache_server_name }} apache_document_root: {{ apache_base_dir }}/www apache_access_log: {{ apache_base_dir}}/logs/access_log @@ -26,7 +27,7 @@ apache_stats: true apache_ssl_certificate: /etc/letsencrypt/live/{{ apache_server_name }}/cert.pem apache_ssl_chain: /etc/letsencrypt/live/{{ apache_server_name }}/fullchain.pem apache_ssl_key: /etc/letsencrypt/live/{{ apache_server_name }}/privkey.pem -apache_user: {{ apache_server_name }} +apache_user: {{ apache_server_name | regex_search( '([^.]+)' ) }} }} apache_allowoverride: all Example Playbook diff --git a/defaults/main.yml b/defaults/main.yml index 46fbdab..a8d77d2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -11,7 +11,7 @@ apache_use_certbot: true apache_ssl_certificate: "/etc/letsencrypt/live/{{ apache_server_name }}/cert.pem" apache_ssl_chain: "/etc/letsencrypt/live/{{ apache_server_name }}/fullchain.pem" apache_ssl_key: "/etc/letsencrypt/live/{{ apache_server_name }}/privkey.pem " -apache_user: "{{ apache_server_name }}" +apache_user: "{{ apache_server_name | regex_search( '([^.]+)' ) }} }}" apache_allowoverride: all apache_restart: false apache_stats: true diff --git a/tasks/main.yml b/tasks/main.yml index 4a6d73a..44510ae 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,7 +1,19 @@ --- # tasks file for apache_vhost + - name: create dedicated user + tags: wip + user: + name: "{{ apache_user }}" + groups: + - apache + home: "{{ apache_base_dir }}" + shell: /bin/bash + when: apache_user_password is not defined + +- name: create dedicated user - ssh + tags: wip user: name: "{{ apache_user }}" groups: @@ -9,6 +21,7 @@ - ssh_users home: "{{ apache_base_dir }}" shell: /bin/bash + when: apache_user_password is defined - name: php-fpm config file template: