#!/usr/bin/ansible-playbook # vim:ft=ansible: --- - name: Install, configure, and start Dokuwiki block: - name: Set up Apache block: - name: Create webroot file: path: "{{ dokuwiki_webroot }}" mode: "0755" recurse: yes state: directory - name: Check for existing installation stat: path: "{{ dokuwiki_webroot }}/index.html" register: stat_webroot_index - name: Install Dokuwiki block: - name: Download Dokuwiki get_url: dest: /var/www/dokuwiki.tgz url: "{{ dokuwiki_tgz }}" - name: Extract Dokuwiki unarchive: src: /var/www/dokuwiki.tgz remote_src: yes dest: "{{ dokuwiki_webroot }}" extra_opts: [--strip-components=1] - name: Create data directory file: path: "/var/dokuwiki" state: directory mode: 0700 owner: www-data group: www-data - name: Chown webroot file: path: "{{ dokuwiki_webroot }}" state: directory recurse: yes owner: www-data group: www-data - name: Cleanup file: path: /var/www/dokuwiki.tgz state: absent when: not stat_webroot_index.stat.exists - name: Register certificates block: # Note: We copy over some insecure configs now # Reason being there's no way for the https role to handle every site's # configuration on its own. If it doesn't have to update the key, it # won't reload Apache and our site will never actually see https downtime - name: Configure insecure virtual host configs template: src: apache2-vhost.conf dest: "/etc/apache2/sites-enabled/{{ dokuwiki_url }}.conf" - name: Generate certificate include_role: name: https vars: website_url: "{{ dokuwiki_url }}" website_webroot: "{{ dokuwiki_webroot }}" - name: Secure Apache block: # If we copied over http-only configs before, they get oblooterated now - name: Copy over virtual host configs template: src: apache2-vhost-ssl.conf dest: "/etc/apache2/sites-enabled/{{ dokuwiki_url }}.conf" - name: Reload Apache service: name: apache2 state: reloaded enabled: true become: yes