diff --git a/defaults/main.yaml b/defaults/main.yaml index 7fcec07..fe01324 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -11,9 +11,9 @@ nextcloud_subdomain: nextcloud nextcloud_www_path: '/var/www/nextcloud/' -nextcloud_ssl: false -nextcloud_ssl_certificate_path: "/etc/ssl/nginx/{{ nextcloud_subdomain }}.{{ domain_name }}.crt" -nextcloud_ssl_key_path: "/etc/ssl/nginx/{{ nextcloud_subdomain }}.{{ domain_name }}.key" +nextcloud_ssl: true +nextcloud_ssl_certificate_path: "/etc/ssl/certs/ssl-cert-snakeoil.pem" +nextcloud_ssl_key_path: "/etc/ssl/private/ssl-cert-snakeoil.key" # Apache configuration diff --git a/handlers/main.yaml b/handlers/main.yaml index 0a28323..7ad8579 100644 --- a/handlers/main.yaml +++ b/handlers/main.yaml @@ -1,7 +1,4 @@ --- -- name: Enable Nextcloud site - ansible.builtin.command: a2ensite nextcloud.conf - - name: Restart Apache ansible.builtin.systemd: name: httpd diff --git a/tasks/apache2_site.yaml b/tasks/apache2_site.yaml new file mode 100644 index 0000000..e6687a4 --- /dev/null +++ b/tasks/apache2_site.yaml @@ -0,0 +1,4 @@ +--- +- name: Enable Nextcloud site + ansible.builtin.command: a2ensite nextcloud.conf + when: not nextcloud_nginx and not nextcloud_ssl diff --git a/tasks/apache2_template.yaml b/tasks/apache2_template.yaml index 2887ad8..f7619be 100644 --- a/tasks/apache2_template.yaml +++ b/tasks/apache2_template.yaml @@ -1,9 +1,19 @@ --- +- name: Write Apache2 SSL nextcloud.conf file + ansible.builtin.template: + src: apache2_ssl_nextcloud.conf.j2 + dest: "{{ nextcloud_apache2_config_path }}" + mode: '0644' + become: true + when: nextcloud_ssl + notify: Enable Nextcloud site + - name: Write Apache2 nextcloud.conf file ansible.builtin.template: src: apache2_nextcloud.conf.j2 dest: "{{ nextcloud_apache2_config_path }}" mode: '0644' become: true + when: not nextcloud_ssl notify: - Enable Nextcloud site diff --git a/tasks/main.yaml b/tasks/main.yaml index 1567aa3..9fedc23 100644 --- a/tasks/main.yaml +++ b/tasks/main.yaml @@ -10,6 +10,10 @@ include_tasks: apache2_modules.yaml when: not nextcloud_nginx +- name: Enable Apache2 site + include_tasks: apache2_site.yaml + when: not nextcloud_nginx + - name: Create nginx config include_tasks: nginx_template.yaml when: nextcloud_nginx diff --git a/templates/apache2_ssl_nextcloud.conf.j2 b/templates/apache2_ssl_nextcloud.conf.j2 new file mode 100644 index 0000000..299d88e --- /dev/null +++ b/templates/apache2_ssl_nextcloud.conf.j2 @@ -0,0 +1,32 @@ +# {{ ansible_managed }} + + + + ServerName {{ ansible_hostname }}.{{ domain_name }} + + DocumentRoot {{ nextcloud_www_path }} + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLCertificateFile {{ nextcloud_ssl_certificate_path }} + SSLCertificateKeyFile {{ nextcloud_ssl_key_path }} + + + Require all granted + AllowOverride All + Options FollowSymLinks MultiViews + + + Dav off + + + + + SSLOptions +StdEnvVars + + + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet