39 lines
1.1 KiB
YAML
39 lines
1.1 KiB
YAML
- name: apache sys265
|
|
hosts: apache
|
|
become: true # Run all tasks with sudo/root privileges
|
|
vars:
|
|
install_utilities: false
|
|
firewalld_enable: true
|
|
ansible_os_family: RedHat
|
|
ansible_distribution: CentOS # required because role searches for Rocky config files
|
|
roles:
|
|
- geerlingguy.apache # apply the apache installation role
|
|
|
|
handlers: # will run when a task has notify:name parameter
|
|
- name: reload firewall # runs after adding firewall rule
|
|
command: firewall-cmd --reload
|
|
|
|
tasks:
|
|
# open port 443 in firewall for apache web interface
|
|
- name: add firewall rule
|
|
firewalld:
|
|
port: "{{ item }}"
|
|
permanent: true
|
|
immediate: true
|
|
state: enabled
|
|
loop:
|
|
- 80/tcp
|
|
- 443/tcp
|
|
notify: reload firewall
|
|
|
|
- name: install apache
|
|
yum:
|
|
name: httpd
|
|
state: present # will only install if not already
|
|
|
|
- name: enable and start apache service
|
|
systemd:
|
|
name: httpd
|
|
enabled: true
|
|
state: started
|
|
daemon_reload: yes # reload systemd to recognize new service
|