* use appropriate php version both for php and apache installations

+ pma for apache with auth and hand made change granted permissions
+ wp-cli
+ www-domain alias for apache and revers redirect for that
This commit is contained in:
2024-04-20 09:11:19 +03:00
parent 452d5cca79
commit 6186ab94e0
12 changed files with 109 additions and 52 deletions

View File

@ -10,45 +10,45 @@
| combine(inventory__group_environment | d({}))
| combine(inventory__host_environment | d({})) }}'
vars_files:
- ./../../vars/site.yml
- ./../../vars/php.yml
- ./../../vars/apache.yml
vars:
apache__base_packages:
- libapache2-mod-php8.1
apache__role_modules:
'headers': True
'alias': True
'php7.4': True
'ssl':
enabled: '{{ True if (apache__https_listen and apache__https_enabled) else False }}'
'security2':
enabled: '{{ apache__security_module_enabled|bool }}'
'status':
enabled: '{{ apache__status_enabled|bool }}'
config: |
<Location /server-status>
# Revoke default permissions granted in `/etc/apache2/mods-available/status.conf`.
Require all denied
</Location>
'socache_shmcb':
enabled: '{{ True
if (apache__ocsp_stapling_enabled|bool
and "shmcb" in apache__ocsp_stapling_cache)
else omit }}'
'authz_host':
enabled: '{{ True
if (apache__status_enabled|bool
and apache__status_allow_localhost)
else omit }}'
- 'libapache2-mod-php{{ php_version }}'
apache__default_vhost_name:
- '{{ domain_name }}'
- "{{ (has_www_domain and not www_domain_is_primary) | ternary('www.{{ domain_name }}', omit) }}"
apache__modules:
'php{{ php_version }}': True
'rewrite':
enabled: '{{ True
if (apache__register_mod_rewrite_used is defined and
apache__register_mod_rewrite_used.rc|d(1) == 0)
else omit }}'
enabled: True
apache__allow:
- 0.0.0.0
# apache__default_vhost:
# name: '{{ apache__default_vhost_name }}'
# filename: '000-default'
# root: '/var/www/html'
apache__default_vhost:
name: '{{ apache__default_vhost_name }}'
filename: '000-default'
root: '/var/www/html'
root_directives: |-
RewriteEngine On
RewriteBase /
{% if www_domain_is_primary %}
RewriteCond %{HTTP_HOST} ^([^www].*)$
RewriteRule ^(.*)$ https://www.%1/$1 [L,R=301]
{% else %}
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ https://%1/$1 [R=301,L]
{% endif %}
RewriteRule "(^|/)\.(?!well-known\/)" - [F]
RewriteRule "\.(sh|example)$" - [F]
apache__vhost_allow_override: 'All'
pre_tasks:

View File

@ -10,10 +10,10 @@
| combine(inventory__group_environment | d({}))
| combine(inventory__host_environment | d({})) }}'
vars_files:
- ./../../vars/nginx.yml
- ./../../vars/site.yml
- ./../../vars/php.yml
- ./../../vars/nginx.yml
vars:
nginx_acme: False