I'd like to add the following multiple lines via the apache_vhosts's extra_parameters property:

<Directory "{{ path_to_docroot}}">
    Options FollowSymLinks Indexes
    AllowOverride All
</Directory>

What's the best way to go about doing this given that it's multiple lines with indentation?

While this package can be used to install the mpm-worker version, it seems not very elegant to me:

• On Debian, you have to provide your own apache_packages list, making it incompatible to future changes to the default package list.
• On RedHat you have to modify /etc/sysconfig/httpd in a separate task.

Maybe you can build in a config variable and configure the mpm type in the tasks.

Hello.

The role doesn't work with RHEL7 because it's using Apache 2.4 There is only one file containing "RedHat" variables (RedHat.yml):
apache_vhosts_version: "2.2"

This can not work in RHEL7 where is Apache 2.4.
The problem appear when using the template "vhosts-2.2.conf.j2" which has not compatible Options:
"Options -Indexes FollowSymLinks" with Apache 2.4

It will be necessary to add RHEL7 compatibility and use the vhosts-2.4.conf.j2 template.

Regards

PetrR

The Task fails on a fresh installed CentOS 6.6. When i try httpd -v (with and without sudo) directly on the machine it works. The playbook runs with sudo=true.

TASK: [geerlingguy.apache | Ensure Apache is installed.] **********************
<192.168.2.15> ESTABLISH CONNECTION FOR USER: vagrant
<192.168.2.15> REMOTE_MODULE yum enablerepo='' name=httpd,httpd-devel,mod_ssl,openssh state=installed
<192.168.2.15> EXEC ssh -C -tt -vvv -o UserKnownHostsFile=/dev/null -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/Users/fpeters/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o Port=22 -o IdentityFile="/Users/fpeters/.vagrant.d/insecure_private_key" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=10 192.168.2.15 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1423218690.8-98706398576141 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1423218690.8-98706398576141 && echo $HOME/.ansible/tmp/ansible-tmp-1423218690.8-98706398576141'
<192.168.2.15> PUT /var/folders/0s/l3049psj5b97b480ghs8l8400000gn/T/tmpq_0C5F TO /home/vagrant/.ansible/tmp/ansible-tmp-1423218690.8-98706398576141/yum
<192.168.2.15> EXEC ssh -C -tt -vvv -o UserKnownHostsFile=/dev/null -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/Users/fpeters/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o Port=22 -o IdentityFile="/Users/fpeters/.vagrant.d/insecure_private_key" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=10 192.168.2.15 /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=qmnlmlylzenlglgcnxgqyivfhhllkamj] password: " -u root /bin/sh -c '"'"'echo SUDO-SUCCESS-qmnlmlylzenlglgcnxgqyivfhhllkamj; LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/bin/python -tt /home/vagrant/.ansible/tmp/ansible-tmp-1423218690.8-98706398576141/yum; rm -rf /home/vagrant/.ansible/tmp/ansible-tmp-1423218690.8-98706398576141/ >/dev/null 2>&1'"'"''
ok: [default] => (item=httpd,httpd-devel,mod_ssl,openssh) => {"changed": false, "item": "httpd,httpd-devel,mod_ssl,openssh", "msg": "", "rc": 0, "results": ["httpd-2.2.15-39.el6.centos.x86_64 providing httpd is already installed", "httpd-devel-2.2.15-39.el6.centos.x86_64 providing httpd-devel is already installed", "mod_ssl-2.2.15-39.el6.centos.x86_64 providing mod_ssl is already installed", "openssh-5.3p1-104.el6.x86_64 providing openssh is already installed"]}

TASK: [geerlingguy.apache | Get installed version of Apache.] *****************
<192.168.2.15> ESTABLISH CONNECTION FOR USER: vagrant
<192.168.2.15> REMOTE_MODULE command httpd -v
<192.168.2.15> EXEC ssh -C -tt -vvv -o UserKnownHostsFile=/dev/null -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/Users/fpeters/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o Port=22 -o IdentityFile="/Users/fpeters/.vagrant.d/insecure_private_key" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=10 192.168.2.15 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1423218692.12-108936982077914 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1423218692.12-108936982077914 && echo $HOME/.ansible/tmp/ansible-tmp-1423218692.12-108936982077914'
<192.168.2.15> PUT /var/folders/0s/l3049psj5b97b480ghs8l8400000gn/T/tmp3wKcGK TO /home/vagrant/.ansible/tmp/ansible-tmp-1423218692.12-108936982077914/command
<192.168.2.15> EXEC ssh -C -tt -vvv -o UserKnownHostsFile=/dev/null -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/Users/fpeters/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o Port=22 -o IdentityFile="/Users/fpeters/.vagrant.d/insecure_private_key" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=10 192.168.2.15 /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=ygwulecigunctqwauwewyynwifgncfbf] password: " -u root /bin/sh -c '"'"'echo SUDO-SUCCESS-ygwulecigunctqwauwewyynwifgncfbf; LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/bin/python /home/vagrant/.ansible/tmp/ansible-tmp-1423218692.12-108936982077914/command; rm -rf /home/vagrant/.ansible/tmp/ansible-tmp-1423218692.12-108936982077914/ >/dev/null 2>&1'"'"''
failed: [default] => {"changed": false, "cmd": "httpd -v", "failed": true, "rc": 2}
msg: [Errno 2] No such file or directory

FATAL: all hosts have already failed -- aborting

I can't seem to get any changes to happen modifying the apache_mods_enabled var. Originally I was trying to add the ssl.load module, but the only item detected on provision is rewrite.load. Digging into this, I can't seem to effect a change of any sort. Removing apache_mods_enabled completely from my playbook's vars/main.yml and even from the role itself in defaults/Debian.yml, still result in provision showing rewrite.load as the only item.

I'm able to change other values like apache_vhosts without trouble, so I'm not really certain what's going on here.

I'm moving from Apache to nginx (using your package for that).

Can you recommend how I should uninstall apache using this package? (or point me in the right direction)

Thank you

What is the reason for putting vhosts into /etc/apache2/sites-enabled/ instead of /etc/apache2/sites-available/? In a standard Apache system, the vhost is in sites-available and then enabled with a2ensite or disabled with a2dissite. This allows vhosts to be easily enabled & disabled in a standardized way.
Tested with Ubuntu 14.04 Ansible 1.7.2 geerlingguy.apache 1.1.4

When deploying apache 2.4 on Ubuntu Trusty, I get the following warning:
msg: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 10.0.2.15. Set the 'ServerName' directive globally to suppress this message
Perhaps an optional setting such as the one below could be inserted here.

{% if apache_global_server_name is defined %}
  ServerName {{ apache_global_server_name }}
{% endif %}

Configure each vhost (or the pair of non ssl and ssl) in its own file. So you can disable/enable each vhost separately. At least for debian based systems or even cent os if #93 is implemented ;)

I see you mentioned vhosts.conf file but I can't find that file or see how it should like in the repo.
Where do i find the vhosts.conf file or how should it look like?

Thanks

Unless I am missing it somewhere, an option to create the documentroot would be appreciated.

Thanks!

I've been building a configuration for an ubuntu 14.04 server, which installs apache 2.4 by default.
The vhost file in templates/ is specifically for apache 2.2 it seems.

There are two things not working out as expected:
This row results in a configuration error

    Options -Indexes FollowSymLinks

Easy to fix: just add a + sign before the FollowSymLinks directive.

Secondly, apache 2.4's equivalent to the provided:

Order allow,deny
Allow from all

is the following:

Require all granted

I have this working for apache 2.4 in my configuration, but before I issue a PR, I'd like to check if this is the way to go. Or would another approach be better? For instance, to provide different templates for each apache version.

    Options -Indexes +FollowSymLinks
    Order allow,deny
    Allow from all
    Require all granted

I'd like to be able to modify the items in the vhost Directory section.

My motivation is that I'm having problems where small changes to files hosted on a virtualbox shared folder are not being reflected through Apache.

This appears to be due to broken sendfile support in VirtualBob shared folders.
https://frankooh.wordpress.com/2011/01/21/vboxsf-and-small-files/
https://www.virtualbox.org/ticket/9069

As a workaround - I'd like to Disable SendFile and MMAP in my dev environments. Currently, I've simply edited a local copy of my role template, however it would be better to be able to define directives on a group_var by group_var basis.

<Directory "{{ vhost.documentroot }}">
EnableSendfile Off
EnableMMAP Off
AllowOverride All
Options -Indexes FollowSymLinks
Order allow,deny
Allow from all

I'm happy to build the patch and submit it if you prefer, but also happy if you prefer to write the code yourself.

thanks!

Using last commit form ansible 2.0 I get this error:

TASK [geerlingguy.apache : Get installed version of Apache.] *******************
fatal: [ansiblito]: FAILED! => {"changed": false, "failed": true, "msg": "Traceback (most recent call last):\r\n File "/root/.ansible/tmp/ansible-tmp-1446343835.9-147459737534108/command", line 2386, in \r\n main()\r\n File "/root/.ansible/tmp/ansible-tmp-1446343835.9-147459737534108/command", line 158, in main\r\n module = CommandModule(argument_spec=dict())\r\n File "/root/.ansible/tmp/ansible-tmp-1446343835.9-147459737534108/command", line 761, in init\r\n self._check_arguments(check_invalid_arguments)\r\n File "/root/.ansible/tmp/ansible-tmp-1446343835.9-147459737534108/command", line 1304, in _check_arguments\r\n for (k,v) in self.params.items():\r\nAttributeError: 'tuple' object has no attribute 'items'\r\n", "parsed": false}

As it says on the tin.
It is very common to have more than one ServerAlias, which is not possible to express using the serveralias variable at the moment as that is a string.
I'm working around it by configuring my own var which is a list, then loop over it in extra_parameters:

# host vars
- serveraliases:
  - alias1.example.org
  - alias2.example.org
  - alias3.example.org

# apache config
apache_vhosts:
  - servername: main.example.org
extra_parameters: |
  {% for serveralias in serveraliases %}
    ServerAlias {{ serveralias }}
  {% endfor %}

This playbook:

---
- hosts: web
  name: Install Apache 2
  become: yes
  roles:
        - geerlingguy.apache 

  post_tasks:
    - name: restart apache2
      service: name=apache2 state=restarted

Results in this issue - any clue? Thanks:

PLAY [Install Apache 2] ******************************************************* 

GATHERING FACTS *************************************************************** 
<localhost> ESTABLISH CONNECTION FOR USER: root
<localhost> REMOTE_MODULE setup
<localhost> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/hristo/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=2200 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 localhost /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1446799399.15-9795786424465 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1446799399.15-9795786424465 && echo $HOME/.ansible/tmp/ansible-tmp-1446799399.15-9795786424465'
<localhost> PUT /tmp/tmpP5GU_J TO /root/.ansible/tmp/ansible-tmp-1446799399.15-9795786424465/setup
<localhost> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/hristo/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=2200 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 localhost /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=fxevdoirpnuukhxrbprdfbmgdbtlmzft] password: " -u root /bin/sh -c '"'"'echo BECOME-SUCCESS-fxevdoirpnuukhxrbprdfbmgdbtlmzft; LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1446799399.15-9795786424465/setup; rm -rf /root/.ansible/tmp/ansible-tmp-1446799399.15-9795786424465/ >/dev/null 2>&1'"'"''
ok: [localhost]

TASK: [geerlingguy.apache | Include OS-specific variables.] ******************* 
<localhost> ESTABLISH CONNECTION FOR USER: root
ok: [localhost] => {"ansible_facts": {"__apache_packages": ["apache2", "apache2-utils"], "apache_conf_path": "/etc/apache2", "apache_daemon": "apache2", "apache_daemon_path": "/usr/sbin/", "apache_ports_configuration_items": [{"line": "Listen {{ apache_listen_port }}", "regexp": "^Listen "}], "apache_server_root": "/etc/apache2"}}

TASK: [geerlingguy.apache | Define apache_packages.] ************************** 
<localhost> ESTABLISH CONNECTION FOR USER: root
ok: [localhost] => {"ansible_facts": {"apache_packages": ["apache2", "apache2-utils"]}}

TASK: [geerlingguy.apache | Ensure Apache is installed.] ********************** 
skipping: [localhost]

TASK: [geerlingguy.apache | Update apt cache.] ******************************** 
<localhost> ESTABLISH CONNECTION FOR USER: root
<localhost> REMOTE_MODULE apt update_cache=yes cache_valid_time=86400
<localhost> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/hristo/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=2200 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 localhost /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1446799399.74-121740323603262 && chmod a+rx $HOME/.ansible/tmp/ansible-tmp-1446799399.74-121740323603262 && echo $HOME/.ansible/tmp/ansible-tmp-1446799399.74-121740323603262'
<localhost> PUT /tmp/tmpO4X4hb TO /root/.ansible/tmp/ansible-tmp-1446799399.74-121740323603262/apt
<localhost> EXEC ssh -C -tt -vvv -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/home/hristo/.ansible/cp/ansible-ssh-%h-%p-%r" -o Port=2200 -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 localhost /bin/sh -c 'sudo -k && sudo -H -S -p "[sudo via ansible, key=hrucjkraciiuhkcvvyvkonpusgxktdnw] password: " -u root /bin/sh -c '"'"'echo BECOME-SUCCESS-hrucjkraciiuhkcvvyvkonpusgxktdnw; LANG=C LC_CTYPE=C /usr/bin/python /root/.ansible/tmp/ansible-tmp-1446799399.74-121740323603262/apt; rm -rf /root/.ansible/tmp/ansible-tmp-1446799399.74-121740323603262/ >/dev/null 2>&1'"'"''
failed: [localhost] => {"failed": true}
msg: Failed to lock apt for exclusive operation

FATAL: all hosts have already failed -- aborting

PLAY RECAP ******************************************************************** 
           to retry, use: --limit @/home/hristo/apache2.retry

localhost                  : ok=3    changed=0    unreachable=0    failed=1   

Is it possible to improve handling of multiple vhosts? Right now, all the vhosts are in vhosts.conf which means that commands like a2ensite vhosts.conf will enable/disable all of the vhosts at once.

The a2 commands seem to work only with separate conf files. For example, vhosts foo.com and bar.com could use:

/etc/apache2/sites-available/foo.com.conf
/etc/apache2/sites-available/bar.com.conf

This allows a2ensite foo.com.conf or a2ensite foo.com.conf to enable to disable one vhost without affecting the other.

Here is the ./vars/main.yml used for testing on hashicorp/precise64 & ubuntu/trusty64:

---
apache_vhosts:
  - {servername: "foo.com", documentroot: "/var/www/vhosts/foo_com"}
  - {servername: "bar.com", documentroot: "/var/www/vhosts/bar_com"}

It would be great if I could override the template files from the playbook. Something like this, but optional:

-    src: "vhosts-{{ apache_vhosts_version }}.conf.j2"
+    src: "{{playbook_dir}}/templates/vhosts-{{ apache_vhosts_version }}.conf.j2"

Symptom:

TASK: [geerlingguy.apache | Include OS-specific variables.] *******************
fatal: [20150831123758.loc.gbuild.net] => Failed to template {% if drupalvm_webserver == 'apache’ %} True {% else %} False {% endif %}: template error while templating string: unexpected char u"'" at 28

Task causing symptom:

# Include variables and define needed variables.
- name: Include OS-specific variables.
  include_vars: "{{ ansible_os_family }}.yml"

Files referred from symptom:

---
apache_daemon: apache2
apache_daemon_path: /usr/sbin/
apache_server_root: /etc/apache2
apache_conf_path: /etc/apache2

__apache_packages:
  - apache2
  - apache2-utils

apache_ports_configuration_items:
  - {
    regexp: "^Listen ",
    line: "Listen {{ apache_listen_port }}"
  }

It's a Debian 12.04 system using Ansible 1.9.3, and I'm not able to update any of the systems I'm working on until this can be resolved, or I try and change it all over to NGINX.

Ansible Version: ansible 1.6.10
Remote Host: Ubuntu 14.04 (Rackspace Cloud Server)

Running playbook I get this:

 ____________________________________________________________
 TASK: ansible-role-apache | Include OS-specific variables.

ok: [_ip_removed_]
 ________________________________________________________
TASK: ansible-role-apache | Ensure Apache is installed (RedHat).

skipping: [_ip_removed_]
 ________________________________________________________
TASK: ansible-role-apache | Configure Apache (RedHat). 

skipping: [_ip_removed_] => (item={'regexp': '^Listen ', 'line': u'Listen 80'})
skipping: [_ip_removed_] => (item={'regexp': '^NameVirtualHost ', 'line': u'NameVirtualHost *:80'})
 ________________________________________________________
 TASK: ansible-role-apache | Ensure Apache is installed (Debian). 

failed: [_ip_removed_] => (item=apache2,apache2-mpm-prefork,apache2-utils,apache2.2-bin,apache2.2-common) => {"failed": true, "item": "apache2,apache2-mpm-prefork,apache2-utils,apache2.2-bin,apache2.2-common"}
msg: No package matching 'apache2.2-common' is available

Server:

Welcome to Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-30-generic x86_64)

Hi,

I have cloned the repo and did ran the playbook with out making any changes to the role and the play fails with the below error.

TASK: [geerlingguy-apache | Add apache vhosts configuration.] *****************
fatal: [default] => One or more undefined variables: 'str object' has no attribute 'servername'

FATAL: all hosts have already failed -- aborting

PLAY RECAP ********************************************************************
to retry, use: --limit @/Users/donepusw/pg-play.retry

default : ok=17 changed=11 unreachable=1 failed=0

Ansible failed to complete successfully. Any error output should be
visible above. Please fix these errors and try again.

I would like to make a virtualhost only to redirect to completely different domain. Would it be possible to make documentroot property optional, so I will be able to create vhost like this?

<VirtualHost *>
  ServerName www.example.com
  Redirect 301 / http://example.com/
</VirtualHost>

Thanks for consideration.

For example. I had installed mod_dumpio and I want to turn it on. I have to add following lines to config, but It is not obvious how i can do it.

DumpIOInput On
DumpIOOutput On
DumpIOLogLevel debug

There are default vhosts and configuration files in CentOS 7:

• autoindex.conf
• userdir.conf
• welcome.conf

(source: http://mirror.centos.org/centos/7/os/x86_64/Packages/httpd-2.4.6-40.el7.centos.x86_64.rpm )

At least welcome.conf will provide a file if a configured vhost has no /index.html. Maybe something should be done to cleanup these config files ?

The role is broken on all Debian systems except Ubuntu Precise and Ubuntu Trusty:

fatal: [localhost] => input file not found at /etc/ansible/roles/geerlingguy.apache/vars/Debian-wheezy.yml or /etc/ansible/Debian-wheezy.yml

This was introduced in 83ab160. There the vars are included dependent on ansible_lsb.codename but only files for Precise and Trusty exist.

You can enable them... but not disable currently.

This is my Ansiblefile:

site "https://galaxy.ansible.com/api/v1"

role "geerlingguy.apache", "1.1.3"

When I run 'librarian-ansible install' I get:
Could not resolve the dependencies.

Am I doing something wrong here?

Also, if I do not specify the version argument for the role then it is fetched, but on the latest commit on default branch, not the latest tag (librarian-chef default behaviour afaik), with the message:
Installing geerlingguy.apache (0.0.0)

It would be nice to be able to use the same vhost configuration for both apache and nginx incase there is a need to switch. Or in the case of Drupal-vm where two global vhost lists need to be maintained, one for apache and one for nginx.

I changed the value in my own variable but on server it is still default one

Centos 7

My value in group_vars/web.yml

apache_mods_enabled:
  - rewrite.load
apache_global_settings: |
  DirectoryIndex index.html index.phtml

Thanks for the good Ansible roles (both MySQL and Apache)!
Question: How can one specify loaded modules for Apache. I need PHP module and AJP (for Java) configured in my Apache proxy.

Hello,

It seems like that changing the apache_listen_port_ssl doesn't change the ports.conf file.

This line:

I think a ports.conf file template would be the best for this.

I am using this role to manage my dev env, which is a mix of Debian and FreeBSD hosts. Unfortunately, it lacks FreeBSD support, which seems to be used more often than eg. Solaris.

For my own needs I added FreeBSD-specific tasks to this role. Would you be interested in including FreeBSD support? I can take care of keeping it up-to-date.

Hi,
I get this error as stated also here -> geerlingguy/drupal-vm#85.

These are my synced_folder settings:

config.vm.synced_folder ".",  "/vagrant", id: "vagrant-root", :nfs => true
config.vm.synced_folder "../../../../project", "/var/www", id: "application",  :nfs => true

I'm working on an Ubuntu 12.04 (64 bit) and I'm trying to setup a Virtualbox precise 64 box.

Thank you

Error: One or more undefined variables: 'dict' object has no attribute 'stdout'

# Figure out what version of Apache is installed.
- name: Get installed version of Apache.
  command: "{{ apache_daemon }} -v"
  changed_when: false
  register: _apache_version
- name: Create apache_version variable.
  set_fact:
    apache_version: "{{ _apache_version.stdout.split()[2].split('/')[1] }}"

Probably because the command module is skipped in check mode which fills the _apache_version variable with {'skipped': True}.

Would this approach make sense?

- name: Create apache_version variable.
  set_fact:
    apache_version: "{{ _apache_version.stdout.split()[2].split('/')[1] }}"
    when: not _apache_version|skipped

After updating my Drupal VM from release 2.1.2 to 2.2.1 and following the release notes for new variables in config.yml, specifically for the ProxyPassMatch parameter below:

apache_vhosts:
  - servername: "{{ drupal_domain }}"
    documentroot: "{{ drupal_core_path }}"
    extra_parameters: |
          ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000{{ drupal_core_path }}"

I found that my sites served over SSL stopped working. To fix this issue, I added extra_parameters: 'ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000{{ drupal_core_path }}"', to my
apache_vhosts_ssl as such:

apache_vhosts_ssl:
  - {
    servername: "local.dev",
    documentroot: "/var/www/html",
    certificate_file: "/home/vagrant/example.crt",
    certificate_key_file: "/home/vagrant/example.key",
    certificate_chain_file: "/path/to/certificate_chain.crt",
    extra_parameters: 'ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000{{ drupal_core_path }}"',
  }

I'm not sure if this is the correct way to do this, but if so, perhaps adding a note in the documentation would be helpful?

Currently, it's impossible to disable the listening of port 443 for ssl. You can change it (not fully, see #29), but it's impossible to disable it completely. My use-case is doing SSL termination at the load balancer level, so I dont need apache listening on a port for SSL.

After setting up an ssl vhost through the apache_vhosts_ssl variable, starting apache fails with error "default VirtualHost overlap on port 443, the first has precedence", which is referring to the "" directive in ssl.conf (CentOS).

So perhaps the task could include commenting out or removing the vhost section in ssl.conf?

I set the following in group_vars/all.yml

apache_packages:
  - httpd24-httpd
  - httpd24-httpd-devel
  - openssh

apache_enablerepo: rhui-REGION-rhel-server-rhscl

It installs version 2.4, but then can't find the daemon because of the fact that the RPM installs itself to /opt/rh/httpd24/root. It is close, but not completely solved. We would need a vars/RedHat65.yml to solve it - since I can't override settings like apache_daemon_path from the group_vars.

Any suggestions?

Hi - I am new to git (and Linux) and Ansible (and devops)!

I have cloned this git and copied the files to my home on Centos7

If I run ansible-playbook main.yml --ask-sudo-pass in the tasks directory I get the error 'include_vars is not a legal parameter of an Ansible Play'

I assume I am doing something fundamentally wrong here. I also cannot see where it is picking up any hosts from. Any help appreciated. Thanks

This rule always fails the playbook when the Apache configuration following a previous failed run is in an error state, since if a task that came after geerlingguy.apache messes up the Apache configuration, this rule will always error out when it tries to start it. I'm not sure of the best way to solve this; perhaps a configuration parameter that will ignore errors if set? Then one could set that, fix the errors, and then unset it — a sort of development configuration, if you will.

Otherwise, I have to do a destroy/up cycle whenever I screw up the Apache configuration :) Of course, I guess I could just comment out the role, let it fix itself, and then comment it back in, but yeah...thought I'd open an issue to discuss.

Besides from having a serveralias can we also support alias?

Something like

{# Set up VirtualHosts #}
{% for vhost in apache_vhosts %}
<VirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}>
  ServerName {{ vhost.servername }}
{% if vhost.serveralias is defined %}
  ServerAlias {{ vhost.serveralias }}
{% endif %}
{% if vhost.alias is defined %}
  Alias {{ vhost.alias }}
{% endif %}
{% if vhost.documentroot is defined %}
  DocumentRoot {{ vhost.documentroot }}
{% endif %}

Seems like this is a must have support for sub directory based multisite.

Using https://github.com/geerlingguy/drupal-vm with mutisite setup with different servername works fine, much better if this can also support sub directory based multisite.

Thanks!

This also relates to #36

If I have missing directories (as DocumentRoot) and also if I hadn't copied my ssl certificates, starting apache will fail.

I want to run my setup-task after apache was installed (to have the correct default configs and dirs) and not have to setup directories and ssl before.

Can we make this optional? I can add a PR if needed

Running this play book when i am getting to Ensure PHP packages installed i get :
msg: No Package matching 'php-opcache' found availabe, installed or updated. and the script aborts.

any suggestions?

nick

but the vars/RedHat.yml references 2.2

Hi,

i really like this role, good job!

There is only one thing missing. It would be nice to configure SSL out of the box. I try to do it by my self, but it's not this nice. What do you think is the best way to handle this?

Currently if you use the apache_listen_port variable you can specify only one port on which Apache listens.

Could you extend the variable to allow the usage multiple ports, which would result in multiple Listen directives in the ports.conf file?

On linux mint, I get following result:

$ ansible localhost -m setup | grep ansible_os_family
        "ansible_os_family": "Linuxmint",

That's a problem, because file includes don't work.

It works fine, if I add following at the top of main.yml file:

# Ensure correct fact
- set_fact: ansible_os_family="Debian"
  when: ansible_os_family == "Debian" or ansible_os_family == "Linuxmint"

#60 Added the ability to test against the latest Ubuntu and latest CentOS releases, but I no longer have the roles tested on the n-1 release. I want that feature back so I can at least test on Ubuntu 12 and CentOS 6 too.

It would be a nice idea to implement the sites-available / sites-enabled vhost structure on CentOS too.

Would it be possible to add vars so I could pass ProxyPass info for a host? Sorry if this is not a issue or filed in a wrong place