ansible/roles/trove-setup/tasks/lighttpd.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

---
- name: Create /etc/lighttpd/certs directory
  file: path=/etc/lighttpd/certs state=directory
- name: Create certificates for lighttpd in /etc/lighttpd/certs/lighttpd.pem
  shell: |
         yes '' | openssl req -new -x509 \
              -keyout /etc/lighttpd/certs/lighttpd.pem \
              -out /etc/lighttpd/certs/lighttpd.pem -days 36525 -nodes
         creates=/etc/lighttpd/certs/lighttpd.pem
  when: TROVE_SSL_PEMFILE is not defined

- name: Copy pemfile certificate for lighttpd if provided
  copy:
    src: "{{ TROVE_SSL_PEMFILE }}"
    dest: /etc/lighttpd/certs/lighttpd.pem
    mode: 0400
  when: TROVE_SSL_PEMFILE is defined

- name: Copy ca-certs certificate for lighttpd if provided
  copy:
    src: "{{ TROVE_SSL_CA_FILE }}"
    dest: /etc/lighttpd/certs/ca-certs.pem
    mode: 0400
  when: TROVE_SSL_CA_FILE is defined

- name: Create /var/run/lighttpd for cache user
  file: path=/var/run/lighttpd state=directory owner=cache group=cache

- name: Create git-httpd.conf from template
  template:
    src: lighttpd/git-httpd.conf
    dest: /etc/lighttpd/git-httpd.conf

# Now that the lighttpd certificates, configuration files and /var/run/lighttpd
# exist, we can enable the lighttpd-git service
- name: Enable lighttpd-git service
  service: name=lighttpd-git.service enabled=yes
  register: lighttpd_git_service

# Now we can start the service without rebooting the system
- name: Restart the lighttpd-git service
  service: name=lighttpd-git state=restarted
  when: lighttpd_git_service|changed

# Once the service lighttpd-git is running it's possible to do the same
# with the following services:
# - lighttpd-morph-cache
# - lighttpd-lorry-controller-webapp
- name: Enable lighttpd-morph-cache service
  service: name=lighttpd-morph-cache.service enabled=yes
  register: lighttpd_morph_cache_service
- name: Restart the lighttpd-morph-cache service
  service: name=lighttpd-morph-cache state=restarted
  when: lighttpd_morph_cache_service|changed

- name: Enable the lighttpd-lorry-controller-webapp service
  service: name=lighttpd-lorry-controller-webapp.service enabled=yes
  register: lighttpd_lorry_controller_webapp_service
- name: Restart the lighttpd-lorry-controller-webapp service
  service: name=lighttpd-lorry-controller-webapp state=restarted
  when: lighttpd_lorry_controller_webapp_service|changed