ansible-lxc-templates/playbooks/debops/apache.yml

---

- name: Manage and configure the Apache HTTP Server
  collections: [ 'debops.debops', 'debops.roles01',
                 'debops.roles02', 'debops.roles03' ]
  hosts: [ 'debian10' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'

  vars_files:
    - ./../../vars/site.yml
    - ./../../vars/php.yml
    - ./../../vars/apache.yml

  vars:
    apache__base_packages:
      - 'libapache2-mod-php{{ php_version }}'

    apache__default_vhost_name:
      - '{{ domain_name }}'
      - "{{ (has_www_domain and not www_domain_is_primary) | ternary('www.{{ domain_name }}', omit) }}"

    apache__modules:
      'php{{ php_version }}': True

      'rewrite':
        enabled: True

    apache__allow:
      - 0.0.0.0

    apache__default_vhost:
      name: '{{ apache__default_vhost_name }}'
      filename: '000-default'
      root: '/var/www/html'
      root_directives: |-
        RewriteEngine On
        RewriteOptions Inherit
        RewriteBase /
        {% if www_domain_is_primary %}
        RewriteCond %{HTTP_HOST} ^([^www].*)$
        RewriteRule ^(.*)$ https://www.%1/$1 [L,R=301]
        {% else %}
        RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
        RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
        {% endif %}
        RewriteRule "(^|/)\.(?!well-known\/)" - [F]

    apache__vhost_allow_override: 'All'

  pre_tasks:

    - name: Prepare apache environment
      import_role:
        name: 'apache'
        tasks_from: 'main_env'
      tags: [ 'role::apache', 'role::apache:env' ]

  post_tasks:

    - name: Remove include subdomains for HSTS policy
      shell: |-
        sed -i '/; includeSubDomains/d' etc/apache2/sites-available/000-default.conf

  roles:

    - role: apache
      tags: [ 'role::apache', 'skip::apache' ]