recid · recid · Jan 13, 2016 · Jan 14, 2016
diff --git a/inventory b/inventory
@@ -1,4 +1,5 @@
 # Inventory
 
 [all]
-test
+vm_ansible_debian
+vm_ansible_centos
diff --git a/roles/apache/tasks/apache.yml b/roles/apache/tasks/apache.yml
@@ -1,7 +1,7 @@
 ---
 - name: Disabling The Apache Signature
   replace: >
-    dest=/etc/apache2/conf.d/security
+    dest={{ security_file }}
     replace="ServerTokens Prod"
     regexp="^ServerTokens OS$"
   when: ansible_pkg_mgr == "apt"
@@ -19,7 +19,7 @@
 
 - name: Disabling The OS Information
   replace: >
-    dest=/etc/apache2/conf.d/security
+    dest={{ security_file }}
     replace="ServerSignature Off"
     regexp="^ServerSignature On$"
   when: ansible_pkg_mgr == "apt"

diff --git a/roles/apache/tasks/include_vars.yml b/roles/apache/tasks/include_vars.yml
@@ -0,0 +1,6 @@
+---
+- name: Loading OS specific vars
+  include_vars: roles/common/vars/{{ ansible_os_family|lower }}.yml
+  ignore_errors: true
+  tags:
+    - apache
diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml
@@ -1,3 +1,4 @@
 ---
+- include: include_vars.yml
 - include: packages.yml
 - include: apache.yml
diff --git a/roles/apache/vars/debian.yml b/roles/apache/vars/debian.yml
@@ -0,0 +1,2 @@
+---
+security_file: "{% if ansible_distribution_major_version == '8' %}/etc/apache2/conf-available/security.conf{% else %}/etc/apache2/conf.d/security{% endif %}"
diff --git a/roles/common/tasks/init.yml b/roles/common/tasks/init.yml
@@ -2,6 +2,7 @@
 - name: Installing EPEL repository
   yum: name="{{ epel_repo_url}}" state=present
   when: ansible_pkg_mgr == "yum"
+  failed_when: false
   tags:
    - common
 
@@ -29,5 +30,6 @@
   with_items:
     - "{{ iptables_services }}"
   when: ansible_pkg_mgr == "yum"
+  failed_when: false
   tags:
     - common
diff --git a/roles/common/tasks/packages.yml b/roles/common/tasks/packages.yml
@@ -7,7 +7,7 @@
     - common
 
 - name: Installing some packages
-  yum: name="{{ item }}" state=present
+  yum: name="{{ item }}" state=present update_cache=yes
   with_items: common_packages_list
   when: ansible_pkg_mgr == "yum"
   tags:

diff --git a/roles/common/tasks/selinux.yml b/roles/common/tasks/selinux.yml
@@ -8,5 +8,6 @@
 - name: Disabling SELinux now
   shell: setenforce 0
   when: ansible_pkg_mgr == 'yum'
+  failed_when: false
   tags:
       - common
diff --git a/roles/common/vars/redhat.yml b/roles/common/vars/redhat.yml
@@ -20,3 +20,4 @@ common_packages_list:
 iptables_services:
   - iptables
   - ip6tables
+  - firewalld
diff --git a/roles/lemonldap/tasks/apache.yml b/roles/lemonldap/tasks/apache.yml
@@ -10,23 +10,82 @@
     replace="{{ lemonldap_domain }}"
     regexp="example.com"
   with_items:
-    - /etc/lemonldap-ng/handler-apache2.conf
-    - /etc/lemonldap-ng/portal-apache2.conf
-    - /etc/lemonldap-ng/manager-apache2.conf
+    - "{{ handler_conf }}"
+    - "{{ portal_conf }}"
+    - "{{ manager_conf }}"
+    - "{{ test_conf }}"
     - /etc/lemonldap-ng/for_etc_hosts
     - /etc/lemonldap-ng/lemonldap-ng.ini
-    - /etc/lemonldap-ng/test-apache2.conf
     - /var/lib/lemonldap-ng/conf/lmConf-1
     - /var/lib/lemonldap-ng/test/index.pl
   tags:
     - lemonldap
 
+- name: Configure the Portal URL/Vhost/DNS
+  replace: >
+    dest="{{ item }}"
+    replace={{ lemonldap_url_portal }}
+    regexp="auth.{{ lemonldap_domain }}"
+  with_items:
+    - "{{ handler_conf }}"
+    - "{{ portal_conf }}"
+    - "{{ manager_conf }}"
+    - "{{ test_conf }}"
+    - /etc/lemonldap-ng/for_etc_hosts
+    - /etc/lemonldap-ng/lemonldap-ng.ini
+    - /var/lib/lemonldap-ng/conf/lmConf-1
+    - /var/lib/lemonldap-ng/test/index.pl
+  register: portal
+  tags:
+    - lemonldap
+
+
+- name: Configure the Manager URL/Vhost/DNS
+  replace: >
+    dest="{{ item }}"
+    replace={{ lemonldap_url_manager }}
+    regexp="manager.{{ lemonldap_domain }}"
+  with_items:
+    - "{{ handler_conf }}"
+    - "{{ portal_conf }}"
+    - "{{ manager_conf }}"
+    - "{{ test_conf }}"
+    - /etc/lemonldap-ng/for_etc_hosts
+    - /etc/lemonldap-ng/lemonldap-ng.ini
+    - /var/lib/lemonldap-ng/conf/lmConf-1
+    - /var/lib/lemonldap-ng/test/index.pl
+  register: manager
+  tags:
+    - lemonldap
+
+
+- name: Configure the Reload URL/Vhost/DNS
+  replace: >
+    dest="{{ item }}"
+    replace={{ lemonldap_url_reload }}
+    regexp="reload.{{ lemonldap_domain }}"
+  with_items:
+    - "{{ handler_conf }}"
+    - "{{ portal_conf }}"
+    - "{{ manager_conf }}"
+    - "{{ test_conf }}"
+    - /etc/lemonldap-ng/for_etc_hosts
+    - /etc/lemonldap-ng/lemonldap-ng.ini
+    - /var/lib/lemonldap-ng/conf/lmConf-1
+    - /var/lib/lemonldap-ng/test/index.pl
+  register: reload
+  tags:
+    - lemonldap
+
 
 - name: Enabling Apache modules
   apache2_module: name={{ item }}
   with_items:
     - headers
+    - cgid
   when: ansible_pkg_mgr == "apt"
+  notify:
+    - Restarting Apache
   tags:
     - lemonldap
 
@@ -45,6 +104,7 @@
   tags: 
     - lemonldap
 
+
 - name: Disabling Apache Sites
   file: >
     path=/etc/httpd/conf.d/{{ item }}
@@ -60,27 +120,35 @@
   tags:
     - lemonldap
 
- 
+
 - name: Enabling Apache Sites
   file: >
-    src=/etc/lemonldap-ng/{{ item.name_src }}
+    src=/etc/lemonldap-ng/{{ item.name_src | basename }}
     dest=/etc/httpd/conf.d/{{ item.name_dst }}
     state=link
   with_items:
-    - { name_src: 'handler-apache2.conf', name_dst: '0000-handler-apache2.conf' }
-    - { name_src: 'portal-apache2.conf', name_dst: '0001-portal-apache2.conf' }
-    - { name_src: 'manager-apache2.conf', name_dst: '0002-manager-apache2.conf' }
+    - { name_src: "{{ handler_conf }}", name_dst: '0000-handler-apache2.conf' }
+    - { name_src: "{{ portal_conf }}", name_dst: '0001-portal-apache2.conf' }
+    - { name_src: "{{ manager_conf }}", name_dst: '0002-manager-apache2.conf' }
   when: ansible_pkg_mgr == "yum"
-  notify:
-    - Restarting Apache
+  register: results
+  tags:
+    - lemonldap
+
+
+- name: Restarting Apache
+  service: name=httpd state=restarted
+  when: ansible_pkg_mgr == "yum" and (results.changed or portal.changed or manager.changed or reload.changed)
   tags: 
     - lemonldap
 
+
 - name: Flushing handlers
   meta: flush_handlers
   tags:
     - lemonldap
 
+
 - name: Adding the internal resolution
   shell: "cat /etc/lemonldap-ng/for_etc_hosts >> /etc/hosts && touch /root/hosts.done"
   args:

diff --git a/roles/lemonldap/vars/debian.yml b/roles/lemonldap/vars/debian.yml
@@ -38,3 +38,8 @@ common_packages_list:
     - libunicode-string-perl
     - libconvert-pem-perl
     - libmouse-perl
+
+handler_conf: /etc/lemonldap-ng/handler-apache2.conf
+portal_conf: /etc/lemonldap-ng/portal-apache2.conf
+manager_conf: /etc/lemonldap-ng/manager-apache2.conf
+test_conf: /etc/lemonldap-ng/test-apache2.conf
diff --git a/roles/lemonldap/vars/redhat.yml b/roles/lemonldap/vars/redhat.yml
@@ -39,3 +39,8 @@ common_packages_list:
     - perl-Cache-Memcached
     - perl-Convert-PEM
     - perl-Mouse
+
+handler_conf: "{% if ansible_distribution_major_version == '7' %}/etc/lemonldap-ng/handler-apache2.4.conf{% else %}/etc/lemonldap-ng/handler-apache2.conf{% endif %}"
+portal_conf: "{% if ansible_distribution_major_version == '7' %}/etc/lemonldap-ng/portal-apache2.4.conf{% else %}/etc/lemonldap-ng/portal-apache2.conf{% endif %}"
+manager_conf: "{% if ansible_distribution_major_version == '7' %}/etc/lemonldap-ng/manager-apache2.4.conf{% else %}/etc/lemonldap-ng/manager-apache2.conf{% endif %}"
+test_conf: "{% if ansible_distribution_major_version == '7' %}/etc/lemonldap-ng/test-apache2.4.conf{% else %}/etc/lemonldap-ng/test-apache2.conf{% endif %}"
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		---
		security_file: "{% if ansible_distribution_major_version == '8' %}/etc/apache2/conf-available/security.conf{% else %}/etc/apache2/conf.d/security{% endif %}"