ansible/roles/httpd/website/tasks/main.yml

# Expected vars
# - site_name...
# - cert_name...
# - server_aliases: []
# - server_admin: webmaster@fedoraproject.org
# - ssl: true
# - sslonly: false
# - SSLCertificateChainFile: ""
# - gzip: false

- name: Create site directory in httpd/conf.d/{{site_name}}
  file: >
    dest=/etc/httpd/conf.d/{{site_name}}
    state=directory
    owner=root
    group=root
    mode=0755
  notify:
  - reload proxyhttpd
  tags:
  - httpd
  - httpd/website
  - robots

- name: Letsencrypt certificate stuff
  include_role: name=letsencrypt
  when: certbot == True

- name: Copy over primary template for {{site_name}}
  template: >
    src=website.conf
    dest=/etc/httpd/conf.d/{{site_name}}.conf
    owner=root
    group=root
    mode=0644
  notify:
  - reload proxyhttpd
  tags:
  - httpd
  - httpd/website
  - h2
  - sslciphers

- name: Copy over some subordinate templates for {{site_name}}
  template: >
    src={{item}}.conf
    dest=/etc/httpd/conf.d/{{site_name}}/{{item}}.conf
    owner=root
    group=root
    mode=0644
  with_items:
  - logs
  - robots
  - securityheaders
  notify:
  - reload proxyhttpd
  tags:
  - httpd
  - httpd/website
  - robots

- name: And lastly, the robots.txt file
  template: >
    src={{item}}
    dest=/srv/web/{{site_name}}-robots.txt
    mode=0644
    owner=root
    group=root
    setype=httpd_sys_content_t
  with_first_found:
  - robots/{{site_name}}-robots.txt
  - robots/robots.txt
  notify:
  - reload proxyhttpd
  tags:
  - httpd
  - httpd/website
  - robots