Configuring Apache

You may have wondered why we created a user called lamp in the previous section; we are going to be hosting our website for this user. The first aspect in getting the user ready to host our website is to add the user to the apache_group. To do this, we need to run the following task:

- name: Add user to apache group
  user:
    name: "{{ item.name }}"
    groups: "{{ apache_group }}"
    append: yes
  with_items: "{{ users }}"

There are two things to point out here. The first is that we are using the users variable from the previous role, which is still available to use within the playbook run, and the second thing is that we have added a variable called apache_group to roles/apache/defaults/main.yml:

apache_group: "apache"

Now that our user is in the apache_group, let's create what will be the document root for our website:

- name: create the document root for our website
  file:
    dest: "{{ document_root }}"
    state: "directory"
    mode: "0755"
    owner: "{{ users.0.name }}"
    group: "{{ apache_group }}"

As you can see, this is using a few new variables, along with a new way of accessing an old one. Let's address users.0.name first, because we have defined the users as a list. It is possible that more than one user could be being added during the playbook run, as we only want to create one document root and assign it to a single virtual host we are using the first user in the list which registered under the user variable, this is where the 0 comes in.

The document_root variable is also constructed using this principle; these are the two variables in the roles/apache/defaults/main.yml file that will help make up the full document root:

web_root: "web"
document_root: "/home/{{ users.0.name }}/{{ web_root }}"

This will give our document root a path of /home/lamp/web/ on the Vagrant box, assuming we do not override any of the variable names in our main playbook.

We also need to change the permissions on the lamp user's home folder to allow us to execute scripts; to do this, the following task is called:

- name: set the permissions on the user folder
  file:
    dest: "/home/{{ users.0.name }}/"
    state: "directory"
    mode: "0755"
    owner: "{{ users.0.name }}"

Next, we need to put our Apache virtual host in place; this will serve our web page whenever we put the name of our host in a browser. To do this, we will be using a template file stored in roles/apache/templates/vhost.conf.j2 that uses the variables we have already defined along with two more:

# {{ ansible_managed }}
<VirtualHost *:80>
  ServerName {{ ansible_nodename }}
  DocumentRoot {{ document_root }}
  DirectoryIndex {{ index_file }}
  <Directory {{ document_root }}>
    AllowOverride All
    Require all granted
  </Directory>
</VirtualHost>

The index_file variable in roles/apache/defaults/main.yml looks like the following:

index_file: index.html

There is also the ansible_nodename variable; this is one of the variables gathered from the host machine when the setup module first runs. The task to deploy the template is as follows:

- name: copy the vhost.conf to /etc/httpd/conf.d/
  template:
    src: "vhost.conf.j2"
    dest: "/etc/httpd/conf.d/vhost.conf"
  notify: "restart httpd"

The task that restarts Apache can be found in roles/apache/handlers/main.yml and looks like the following:

- name: "restart httpd"
  service:
    name: "httpd"
    state: "restarted"

Now that we have Apache installed and configured, we need to allow Apache to use the web root, which is stored in /home/. To do this, we need to tweak the SELinux permissions.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.145.156.250