Initial code

handlers/main.yml

+---
+# file: roles/artifactory/handlers/main.yml
+
+- name: Re-create the artifactory container
+  docker_container:
+    name: artifactory
+    image:
+    init: no
+    state: started
+    recreate: yes
+    network_mode: host
+    restart_policy: always

meta/main.yml

+---
+
+dependencies:
+  - role: docker

tasks/apache.yml

+---
+# file: roles/artifactory/tasks/apache.yml
+
+- name: Set facts
+  set_fact:
+    apacheUser: www-data
+
+- name: Apache Modules
+  apache2_module:
+    state: present
+    name: '{{ item }}'
+  with_items:
+    - proxy
+    - proxy_http
+  notify:
+    - Restart Apache
+
+- name: Apache Configuration File
+  template:
+    src: vhost.conf
+    dest: /etc/apache2/sites-available/artifactory{{ apache_conf_ext }}
+    owner: root
+    group: root
+    mode: 0664
+  notify:
+    - Restart Apache
+
+- name: Apache enable site
+  command: a2ensite artifactory
+  args:
+    creates: /etc/apache2/sites-enabled/artifactory{{ apache_conf_ext }}
+  notify:
+    - Restart Apache

tasks/artifactory.yml

+---
+# file: roles/artifactory/tasks/artifactory.yml
+
+- name: Pull docker image
+  docker_image:
+    name: name/of/image
+    source: pull
+    force_source: yes
+  notify:
+    - Re-create the artifactory container

tasks/main.yml

+##
+# Ansible file to install Artifactory
+
+---
+# file: roles/artifactory/tasks/main.yml
+
+- name: Artifactory Role
+  set_fact:
+    role_artifactory_started: yes
+  tags:
+    - always
+
+- block:
+    - name: Install Certs
+      include_tasks: ../../letsencrypt/tasks/cert.yml
+      with_items: '{{ artifactory_settings|default([]) }}'
+      loop_control:
+        loop_var: domain
+      when: domain.protocol|default("https") == "https" and domain.letsencrypt|default(true)
+
+  when: (not excluded_roles or "letsencrypt" not in excluded_roles) and groups.proxyserver is not defined
+
+- block:
+
+    - name: Import apache
+      import_tasks: apache.yml
+      when: groups.proxyserver is not defined or inventory_hostname not in groups.proxyserver
+      tags:
+        - ApacheConfig
+
+    - name: Import artifactory
+      import_tasks: artifactory.yml
+
+    - name: Remember that this role had been run
+      set_fact:
+        role_artifactory_completed: yes
+      tags:
+        - always
+
+  when: (not excluded_roles or "artifactory" not in excluded_roles) and role_artifactory_completed is not defined

templates/letsencrypt.ini

+../../letsencrypt/templates/letsencrypt.ini
\ No newline at end of file

templates/vhost.conf

+<VirtualHost *:80>
+  Include /etc/apache2/{{ apache_conf_dir }}/global-redirect.conf
+
+{% if artifactory_protocol|default("https") == "https" and groups.proxyserver is not defined %}
+  ServerAdmin {{ apache_server_admin }}
+  ServerName  {{ artifactory_domain }}
+  ServerAlias {{ inventory_hostname }}
+
+  Include /etc/apache2/{{ apache_conf_dir }}/redirect-ssl.conf
+  Include /etc/apache2/{{ apache_conf_dir }}/letsencrypt-redirect.conf
+
+  SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+  LogLevel warn
+{% if apache_version|default('2.4') == '2.4' %}
+  ErrorLogFormat "[%{u}t] [%l] [pid %P] [client\ %{X-Forwarded-For}i] %M% ,\ referer:\ %{Referer}i"
+{% endif %}
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+  ErrorLog ${APACHE_LOG_DIR}/{{ artifactory_domain }}-error.log
+  CustomLog ${APACHE_LOG_DIR}/{{ artifactory_domain }}-access.log combined env=!forwarded
+  CustomLog ${APACHE_LOG_DIR}/{{ artifactory_domain }}-access.log proxy env=forwarded
+</VirtualHost>
+
+<VirtualHost *:443>
+  Include /etc/apache2/{{ apache_conf_dir }}/global-redirect.conf
+
+{% endif %}
+  ServerAdmin {{ apache_server_admin }}
+  ServerName  {{ artifactory_domain }}
+  ServerAlias {{ inventory_hostname }}
+
+  Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
+
+  DocumentRoot /var/www/html
+
+  <Proxy *>
+    Include /etc/apache2/conf-available/global-deny.conf
+  </Proxy>
+
+  ProxyPass {{ artifactory_basepath|default('') }}/ http://localhost:8891/
+  ProxyPassReverse {{ artifactory_basepath|default('') }}/ http://localhost:8891/
+
+  SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+  LogLevel warn
+{% if apache_version|default('2.4') == '2.4' %}
+  ErrorLogFormat "[%{u}t] [%l] [pid %P] [client\ %{X-Forwarded-For}i] %M% ,\ referer:\ %{Referer}i"
+{% endif %}
+  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+  ErrorLog ${APACHE_LOG_DIR}/{{ artifactory_domain }}-error.log
+  CustomLog ${APACHE_LOG_DIR}/{{ artifactory_domain }}-access.log combined env=!forwarded
+  CustomLog ${APACHE_LOG_DIR}/{{ artifactory_domain }}-access.log proxy env=forwarded
+
+  <IfModule mod_expires.c>
+    ExpiresActive {% if apache_cache.active %}On{% else %}Off{% endif %}
+
+    ExpiresDefault {{ apache_cache.default }}
+{% for type in apache_cache.bytype %}
+    ExpiresByType {{ type.type }} {{ type.default }}
+{% endfor %}
+  </IfModule>
+
+  SetEnvIf X-Forwarded-Proto https HTTPS=on
+
+  BrowserMatch "MSIE [2-6]" \
+    nokeepalive ssl-unclean-shutdown \
+    downgrade-1.0 force-response-1.0
+  # MSIE 7 and newer should be able to use keepalive
+  BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
+
+{% if artifactory_protocol|default("https") == "https" and groups.proxyserver is not defined %}
+  Include /etc/apache2/{{ apache_conf_dir }}/options-ssl-apache.conf
+  SSLCertificateFile /etc/letsencrypt/live/{{ artifactory_domain }}/cert.pem
+  SSLCertificateKeyFile /etc/letsencrypt/live/{{ artifactory_domain }}/privkey.pem
+  SSLCertificateChainFile /etc/letsencrypt/live/{{ artifactory_domain }}/chain.pem
+{% endif %}
+</VirtualHost>