From f6483545f8f2ba2eef8453a0153f93a61ccd5e94 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Wed, 17 Feb 2021 18:25:26 +0100
Subject: [PATCH] ansible/roles/apache#10 Fix default configuration for Apache

---
 tasks/apache.yml | 37 +++++++++++++++++++------------------
 1 file changed, 19 insertions(+), 18 deletions(-)

diff --git a/tasks/apache.yml b/tasks/apache.yml
index c631a36..5774f81 100644
--- a/tasks/apache.yml
+++ b/tasks/apache.yml
@@ -68,6 +68,11 @@
   tags:
     - ApacheConfig
 
+- name: Verify if this is the initial installation
+  stat:
+    path: /etc/apache2/{{ apache_conf_dir }}/global-redirect.conf
+  register: apache_initial_install
+
 - name: Configure Security, Global Redirect, Global Deny, Logging
   template:
     src: etc-apache2-conf-available-{{item }}
@@ -134,7 +139,7 @@
     owner: root
     group: root
     mode: 0644
-  when: apache_server_default == "yes"
+  when: apache_server_default and not apache_initial_install.stat.exists
   notify:
     - Restart Apache
     - Checkout htdocs for default
@@ -146,7 +151,7 @@
     owner: root
     group: root
     mode: 0644
-  when: apache_server_default_ssl == "yes"
+  when: apache_server_default_ssl and not apache_initial_install.stat.exists
   notify:
     - Restart Apache
     - Checkout htdocs for default
@@ -164,32 +169,28 @@
     - Checkout htdocs for our site(s)
 
 - name: Disable the default site
-  command: a2dissite {{ item }}
-  with_items:
-    - default
-    - '{{ apache_conf_default_prefix }}default'
-  ignore_errors: yes
-  when: apache_server_default == "no"
+  command: a2dissite {{ apache_conf_default_prefix }}default
+  args:
+    removes: /etc/apache2/sites-enabled/{{ apache_conf_default_prefix }}default{{ apache_conf_ext }}
+  when: not apache_server_default
 
 - name: Disable the default ssl site
-  command: a2dissite {{ item }}
-  with_items:
-    - default-ssl
-    - '{{ apache_conf_default_prefix }}default-ssl'
-  ignore_errors: yes
-  when: apache_server_default_ssl == "no"
+  command: a2dissite default-ssl
+  args:
+    removes: /etc/apache2/sites-enabled/default-ssl{{ apache_conf_ext }}
+  when: not apache_server_default_ssl
 
 - name: Enable the default site
   command: a2ensite {{ apache_conf_default_prefix }}default
   args:
     creates: /etc/apache2/sites-enabled/{{ apache_conf_default_prefix }}default{{ apache_conf_ext }}
-  when: apache_server_default == "yes"
+  when: apache_server_default
 
 - name: Enable the default ssl site
-  command: a2ensite {{ apache_conf_default_prefix }}default-ssl
+  command: a2ensite default-ssl
   args:
-    creates: /etc/apache2/sites-enabled/{{ apache_conf_default_prefix }}default-ssl{{ apache_conf_ext }}
-  when: apache_server_default_ssl == "yes"
+    creates: /etc/apache2/sites-enabled/default-ssl{{ apache_conf_ext }}
+  when: apache_server_default_ssl
 
 - name: Enable our new site(s)
   command: a2ensite {{ item.vhost }}
-- 
GitLab