aboutsummaryrefslogtreecommitdiffstats
path: root/roles/apache/README.md
blob: ce203d3e1140655fe3e53298e47a196f6b0f059c (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49

Apache
======

Description
-----------

The `apache` role installs the Apache webserver, generates common configuration
files, and configures the server for GSSAPI authentication (if requested).

Variables
---------

This role **accepts** the following variables:

Variable                         | Default   | Description
---------------------------------|-----------|------------
`apache_listen_ports`            | `[80]`    | HTTP ports to listen on
`apache_ssl_listen_ports`        | `[443]`   | HTTPS ports to listen on
`apache_use_nfs`                 | no        | Value of the `httpd_use_nfs` SELinux boolean
`apache_can_network_relay`       | yes       | Value of the `httpd_can_network_relay` SELinux boolean
`apache_can_network_connect`     | no        | Value of the `httpd_can_network_connect` SELinux boolean
`apache_can_network_connect_db`  | no        | Value of the `httpd_can_network_connect_db` SELinux boolean
`apache_can_connect_ldap`        | no        | Value of the `httpd_can_connect_ldap` SELinux boolean
`apache_can_sendmail`            | no        | Value of the `httpd_can_sendmail` SELinux boolean
`apache_gssapi`                  | no        | Enable FreeIPA authentication in virtualhosts via [https://github.com/gssapi/mod\_auth\_gssapi](https://github.com/gssapi/mod_auth_gssapi) or [mod\_ldap](https://httpd.apache.org/docs/2.4/mod/mod_ldap.html)
`apache_sysaccount_username`     | `apache`  | FreeIPA [sysaccount](https://www.freeipa.org/page/HowTo/LDAP#System_Accounts) uid to create for LDAP queries
`apache_sysaccount_password`     |      | FreeIPA [sysaccount](https://www.freeipa.org/page/HowTo/LDAP#System_Accounts) password for LDAP queries

This role **exports** the following variables:

Variable            | Description
--------------------|------------
`apache_public_dir` | Path of the webroot directory (`/var/www`)

Usage
-----

Example playbook:

````yaml
- name: configure apache
  hosts: webservers
  roles:
    - role: apache
      vars:
        apache_can_network_connect: yes
        apache_gssapi: yes
        apache_sysaccount_password: s3cret
````
generated by cgit (git 2.34.1) at 2024-09-19 12:47:49 -0400