diff --git a/tasks/apache.yml b/tasks/apache.yml
index 628ce7ed73bebefd28673f6c37c3a9841656a8ba..7dedb5151b466d000883f9dc5ae350307c85250b 100644
--- a/tasks/apache.yml
+++ b/tasks/apache.yml
@@ -15,3 +15,16 @@
command: a2ensite discourse creates=/etc/apache2/sites-enabled/discourse{{ apache_conf_ext }}
notify:
- "Apache | Restart Apache"
+
+- block:
+
+ - name: "Setup AuthType Basic"
+ htpasswd:
+ path: '/var/discourse/containers/passwords'
+ name: '{{ discourse_apache_auth.user }}'
+ password: '{{ discourse_apache_auth.password }}'
+ owner: 'root'
+ group: 'root'
+ mode: '664'
+
+ when: discourse_apache_auth is defined
diff --git a/tasks/install.yml b/tasks/install.yml
index 76b3ee80487403efd32fbe43c55b93dfd3a94612..3a5b58d8c78f66e80fd19f2cc842ad9a0520dee8 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -1,10 +1,6 @@
---
# file: roles/discourse/tasks/install.yml
-- name: "Configure Apache"
- include_tasks: apache.yml
- tags: 'always'
-
- name: "Clone Repository"
git:
accept_hostkey: yes
@@ -26,3 +22,7 @@
shell: '/var/discourse/launcher rebuild app'
when: discourse_repository.changed
+
+- name: "Configure Apache"
+ include_tasks: apache.yml
+ tags: 'always'
diff --git a/templates/vhost.conf b/templates/vhost.conf
index 9e1f54db80a35e9f55c522fb2e44ec5f2d166a50..f6b5078cc08d50cd80f4c9cd26d456a4fe8fdfad 100644
--- a/templates/vhost.conf
+++ b/templates/vhost.conf
@@ -40,9 +40,16 @@
AllowEncodedSlashes NoDecode
<Location />
- Require all granted
- ProxyPassReverse http://127.0.0.1:8181
- ProxyPassReverse http://{{ discourse_domain }}/
+{% if discourse_apache_auth is defined %}
+ AuthType {{ discourse_apache_auth.type }}
+ AuthName "{{ discourse_apache_auth.name }}"
+ AuthUserFile /var/discourse/containers/passwords
+ Require {{ discourse_apache_auth.user }} {{ discourse_apache_auth.password }}
+{% else %}
+ Require all granted
+{% endif %}
+ ProxyPassReverse http://127.0.0.1:8181
+ ProxyPassReverse http://{{ discourse_domain }}/
</Location>
RewriteEngine on