correctly delete local ressources

Readme.md

@@ -1,27 +1,6 @@
-## Installer  apache
+# Playbook d'installation apache
 
-**Prérequis**: index.txt et vhost.conf déployé sur cours.opendoor.fr
+LEs fichiers vhost.conf et index.html sont récupérés par le pilote
 
-**Tâche**: déployer un serveur apache à l'aide d'ansible
+directement depuis le dépôt git
 
-**Condition**: déploiement d'un serveur apache
-
-**Norme**: playbook et ansible-playbook
-
-**Préparation:**
-
-  - Récupèrez sur le pilote les fichiers https://cours.opendoor.fr/Fichiers/SIB/index.html et vhost.conf
-  - Renommez le fichier index.txt sera renommé en index.html
-
-**Pratique**: Écrire le playbook permettant sur la machine **centos** uniquement:
-
-  2. d'installer le serveur apache
-  3. d'ouvrir le parefeu
-  4. de créer le répertoire correspondant au documentRoot
-  5. de déployer le fichier /srv/vhost.conf dans /etc/httpd/conf.d/
-  6. de déployer le fichier /srv/index.html dans le répertoire correspondant au documentRoot
-  7. d'activer le service
-  8. de lancer le service
-  9. de supprimer les fichiers à l'étape #1
-
-**Validation**: on doit pouvoir se connecter en http sur la machine cible

apache.yml

@@ -3,40 +3,72 @@
   hosts: centos
 
   tasks:
+  - name: retrieve ansible.builtin.files
+    ansible.builtin.git:
+      repo: https://infra.opendoor.fr/git/tom/sib_10_premier_playbook
+      dest: /tmp/sib_10
+    delegate_to: localhost
+    become: false
+
   - name: install apache
-    yum:
+    ansible.builtin.package:
       name: httpd
       state: present
 
   - name: conf httpd
-    template:
-      src: vhost.conf
+    ansible.builtin.template:
+      src: /tmp/sib_10/vhost.conf
       dest: /etc/httpd/conf.d/vhost.conf
       mode: 0640
       owner: root
       group: apache
 
   - name: activate apache
-    service:
+    ansible.builtin.service:
       name: httpd
       enabled: yes
       state: started
 
-  - name: open firewall port
-    firewalld:
-      service: http
-      permanent: yes
-      immediate: yes
-      state: enabled
+  - name: setup firewall
+    block:
+    - name: install firewalld packages
+      ansible.builtin.package:
+        name:
+        - python3-firewall
+        - firewalld
+        state: present
+
+    - name: enable firewalld service
+      ansible.builtin.service:
+        name: firewalld
+        enabled: true
+        state: started
+
+    - name: open firewall port
+      ansible.posix.firewalld:
+        service: "{{ item }}"
+        permanent: yes
+        immediate: yes
+        state: enabled
+      loop:
+      - http
+      - https
     ignore_errors: true
 
   - name: create documentroot
-    file:
+    ansible.builtin.file:
       name: /var/www/html/example.org/
       state: directory
 
-  - name: copy index file
-    template:
-      src: index.txt
+  - name: copy index ansible.builtin.file
+    ansible.builtin.template:
+      src: /tmp/sib_10/index.txt
       dest: /var/www/html/example.org/index.html
-      mode: 0644
+      mode: 0644
+
+  - name: delete temp ansible.builtin.files
+    ansible.builtin.file:
+      path: /tmp/sib_10
+      state: absent
+    delegate_to: localhost
+    become: false

apache_trou.yml

@@ -1,62 +0,0 @@
----
-- name: install apache via ansible playbook
-  CHANGEME: centos
-
-  pre_tasks:
-  - name: get ressources
-    CHANGEME:
-      url: "{{ item }}"
-      dest: /tmp
-    loop:
-    - https://cours.opendoor.fr/Fichiers/SIB/index.txt
-    - https://cours.opendoor.fr/Fichiers/SIB/vhost.conf
-    CHANGEME: localhost
-    become: false
-
-  CHANGEME_tasks:
-  - name: cleanup
-    file:
-      path: "{{ item }}"
-      state: absent
-    CHANGEME:
-      - /tmp/index.txt
-      - /tmp/vhost.conf
-    CHANGEME: false
-
-  tasks:
-  - name: install apache
-    CHANGEME:
-      name: httpd
-      state: present
-
-  - name: conf httpd
-    CHANGEME:
-      CHANGEME: /tmp/vhost.conf
-      CHANGEME: /etc/httpd/conf.d/vhost.conf
-      mode: 0640
-      owner: root
-      group: apache
-
-  - name: activate apache
-    CHANGEME:
-      name: httpd
-      enabled: yes
-      state: started
-
-  - name: open firewall port
-    firewalld:
-      CHANGEME: http
-      permanent: yes
-      immediate: yes
-      state: enabled
-
-  - name: create documentroot
-    CHANGEME:
-      name: /var/www/html/orsys.fr
-      state: CHANGEME
-
-  - name: copy index file
-    CHANGEME:
-      src: /tmp/index.txt
-      CHANGEMEdest: /var/www/html/orsys.fr/index.html
-      mode: 0644

index.txt

@@ -1 +0,0 @@
-<h1>hello World</h1>

vhost.conf

@@ -1,24 +0,0 @@
-<VirtualHost *:80>
-   ServerName example.org
-   ServerAlias www.example.org
-   ServerAlias {{ inventory_hostname }}
-   DocumentRoot /var/www/html/example.org
-   CustomLog   /var/log/httpd/example.org_access.log combined
-   ErrorLog    /var/log/httpd/example.org_error.log
-   <Directory />
-      Options none
-      Allowoverride none
-      Require all denied
-   </Directory>
-
-   <Directory /var/www/html/example.org>
-      Require all granted
-   </Directory>
-   <Directory /var/www/html/example.org/Private>
-      Options indexes
-      AuthName "stop"
-      AuthType Basic
-      AuthUserFile /etc/httpd/passwd
-      require valid-user
-   </Directory>
-</VirtualHost>