ansible/roles/trove-setup/tasks/lighttpd.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

---
- name: Create /etc/lighttpd/certs directory
  file:
    path: /etc/lighttpd/certs
    state: directory
- name: Create certificates for lighttpd in /etc/lighttpd/certs/lighttpd.pem
  shell: |
         yes '' | openssl req -new -x509 \
              -keyout /etc/lighttpd/certs/lighttpd.pem \
              -out /etc/lighttpd/certs/lighttpd.pem -days 36525 -nodes
  args:
    creates: /etc/lighttpd/certs/lighttpd.pem
  when: TROVE_SSL_PEMFILE is not defined

- name: Copy certifiacte for lighttpd if provided
  copy:
    src: "{{ TROVE_SSL_PEMFILE }}"
    dest: /etc/lighttpd/certs/lighttpd.pem
    mode: 0400
  when: TROVE_SSL_PEMFILE is defined

- name: Copy certifiacte for lighttpd if provided
  copy:
    src: "{{ TROVE_SSL_CA_FILE }}"
    dest: /etc/lighttpd/certs/ca-certs.pem
    mode: 0400
  when: TROVE_SSL_CA_FILE is defined

- name: Create /var/run/lighttpd for cache user
  file:
    path: /var/run/lighttpd
    state: directory
    owner: cache
    group: cache

- name: Create git-httpd.conf from template
  template:
    src: lighttpd/git-httpd.conf
    dest: /etc/lighttpd/git-httpd.conf

# Now that the lighttpd certificates, configuration files and /var/run/lighttpd
# exist, we can enable the lighttpd-git service
- name: Enable lighttpd-git service
  service:
    name: lighttpd-git.service
    enabled: yes
  register: lighttpd_git_service

# Now we can start the service without rebooting the system
- name: Restart the lighttpd-git service
  service:
    name: lighttpd-git
    state: restarted
  when: lighttpd_git_service|changed

# Once the service lighttpd-git is running it's possible to do the same
# with the following services:
# - lighttpd-morph-cache
# - lighttpd-lorry-controller-webapp
- name: Enable lighttpd-morph-cache service
  service:
    name: lighttpd-morph-cache.service
    enabled: yes
  register: lighttpd_morph_cache_service
- name: Restart the lighttpd-morph-cache service
  service:
    name: lighttpd-morph-cache
    state: restarted
  when: lighttpd_morph_cache_service|changed

- name: Enable the lighttpd-lorry-controller-webapp service
  service:
    name: lighttpd-lorry-controller-webapp.service
    enabled: yes
  register: lighttpd_lorry_controller_webapp_service
- name: Restart the lighttpd-lorry-controller-webapp service
  service:
    name: lighttpd-lorry-controller-webapp
    state: restarted
  when: lighttpd_lorry_controller_webapp_service|changed