Merge branch apache2-ssl to master

2022-04-12 21:39:54 -04:00 · 2022-04-12 21:39:54 -04:00 · 220976aba0
commit 220976aba0
parent 1da26ca7be b244dc2043
6 changed files with 53 additions and 6 deletions
--- a/defaults/main.yaml
+++ b/defaults/main.yaml
@ -11,9 +11,9 @@ nextcloud_subdomain: nextcloud

 nextcloud_www_path: '/var/www/nextcloud/'

-nextcloud_ssl: false
-nextcloud_ssl_certificate_path: "/etc/ssl/nginx/{{ nextcloud_subdomain }}.{{ domain_name }}.crt"
-nextcloud_ssl_key_path: "/etc/ssl/nginx/{{ nextcloud_subdomain }}.{{ domain_name }}.key"
+nextcloud_ssl: true
+nextcloud_ssl_certificate_path: "/etc/ssl/certs/ssl-cert-snakeoil.pem"
+nextcloud_ssl_key_path: "/etc/ssl/private/ssl-cert-snakeoil.key"

 # Apache configuration

--- a/handlers/main.yaml
+++ b/handlers/main.yaml
@ -1,7 +1,4 @@
 ---
- name: Enable Nextcloud site
-  ansible.builtin.command: a2ensite nextcloud.conf
-
 - name: Restart Apache
  ansible.builtin.systemd:
    name: httpd
--- a/tasks/apache2_site.yaml
+++ b/tasks/apache2_site.yaml
@ -0,0 +1,4 @@
+---
+- name: Enable Nextcloud site
+  ansible.builtin.command: a2ensite nextcloud.conf
+  when: not nextcloud_nginx and not nextcloud_ssl
--- a/tasks/apache2_template.yaml
+++ b/tasks/apache2_template.yaml
@ -1,9 +1,19 @@
 ---
+- name: Write Apache2 SSL nextcloud.conf file
+  ansible.builtin.template:
+    src: apache2_ssl_nextcloud.conf.j2
+    dest: "{{ nextcloud_apache2_config_path }}"
+    mode: '0644'
+  become: true
+  when: nextcloud_ssl
+  notify: Enable Nextcloud site
+
 - name: Write Apache2 nextcloud.conf file
  ansible.builtin.template:
    src: apache2_nextcloud.conf.j2
    dest: "{{ nextcloud_apache2_config_path }}"
    mode: '0644'
  become: true
+  when: not nextcloud_ssl
  notify:
    - Enable Nextcloud site
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@ -10,6 +10,10 @@
  include_tasks: apache2_modules.yaml
  when: not nextcloud_nginx

+- name: Enable Apache2 site
+  include_tasks: apache2_site.yaml
+  when: not nextcloud_nginx
+
 - name: Create nginx config
  include_tasks: nginx_template.yaml
  when: nextcloud_nginx
--- a/templates/apache2_ssl_nextcloud.conf.j2
+++ b/templates/apache2_ssl_nextcloud.conf.j2
@ -0,0 +1,32 @@
+# {{ ansible_managed }}
+
+<IfModule mod_ssl.c>
+	<VirtualHost *:443>
+	 	ServerName {{ ansible_hostname }}.{{ domain_name }}
+
+		DocumentRoot {{ nextcloud_www_path }}
+
+		ErrorLog ${APACHE_LOG_DIR}/error.log
+		CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+		SSLEngine on
+		SSLCertificateFile {{ nextcloud_ssl_certificate_path }}
+		SSLCertificateKeyFile {{ nextcloud_ssl_key_path }}
+	
+	 	<Directory {{ nextcloud_www_path }}>
+	 		Require all granted
+	 		AllowOverride All
+	 		Options FollowSymLinks MultiViews
+	
+	 		<IfModule mod_dav.c>
+	 			Dav off
+	 		</IfModule>
+	 	</Directory>
+		
+		<FilesMatch "\.php$">
+			SSLOptions +StdEnvVars
+		</FilesMatch>
+	</VirtualHost>
+</IfModule>
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet