#4 Optimize loop control for variables and apache config

6eb3a9d5 · jurgenhaas · 021f2b5a · 6eb3a9d5 · 6eb3a9d5 · 6eb3a9d5
Commit 6eb3a9d5 authored 8 years ago by jurgenhaas
--- a/tasks/apache.yml
+++ b/tasks/apache.yml
@@ -4,37 +4,35 @@
 - name: "Apache Configuration File"
  template:
    src='vhost.conf'
-    dest='/etc/apache2/sites-available/{{ item.domain }}{{ apache_conf_ext }}'
+    dest='/etc/apache2/sites-available/{{ drupal_domain.domain }}{{ apache_conf_ext }}'
    owner='root'
    group='root'
    mode='664'
-  with_items: '{{ drupal.domains }}'
  notify:
    - "Apache | Restart Apache"

 - name: "Apache enable our new site(s)"
-  command: a2ensite {{ item.domain }} creates=/etc/apache2/sites-enabled/{{ item.domain }}{{ apache_conf_ext }}
-  with_items: '{{ drupal.domains }}'
+  command: a2ensite {{ drupal_domain.domain }} creates=/etc/apache2/sites-enabled/{{ drupal_domain.domain }}{{ apache_conf_ext }}
  notify:
    - "Apache | Restart Apache"

- name: "Ensure Password Directory"
-  file:
-    path='{{ webRoot }}/passwords'
-    state='directory'
-    owner='{{ apacheUser }}'
-    group='{{ apacheUser }}'
-    mode=755
-  with_items: '{{ drupal.domains }}'
-  when: item.apache_auth is defined
+- block:

- name: "Setup AuthType Basic"
-  htpasswd:
-    path='{{ webRoot }}/passwords/{{ item.apache_auth.user }}'
-    name='{{ item.apache_auth.user }}'
-    password='{{ item.apache_auth.password }}'
-    owner='{{ apacheUser }}'
-    group='{{ apacheUser }}'
-    mode='640'
-  with_items: '{{ drupal.domains }}'
-  when: item.apache_auth is defined
+  - name: "Ensure Password Directory"
+    file:
+      path='{{ webRoot }}/passwords'
+      state='directory'
+      owner='{{ apacheUser }}'
+      group='{{ apacheUser }}'
+      mode=755
+
+  - name: "Setup AuthType Basic"
+    htpasswd:
+      path='{{ webRoot }}/passwords/{{ drupal_domain.apache_auth.user }}'
+      name='{{ drupal_domain.apache_auth.user }}'
+      password='{{ drupal_domain.apache_auth.password }}'
+      owner='{{ apacheUser }}'
+      group='{{ apacheUser }}'
+      mode='640'
+
+  when: drupal_domain.apache_auth is defined
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -2,26 +2,28 @@
 # file: roles/drupal/tasks/install.yml

 - block:
-  - set_fact: drupal='{{ item }}'
-  - set_fact: installSource=[]
-  - set_fact: installSource={{ drupal.src }}
-    when: drupal.src is defined
-  - set_fact: webRoot='/var/www'
-  - set_fact: webRoot='{{ jailroot }}/{{ drupal.jail.name }}/var/www'
+  - set_fact:
+      webRoot='/var/www'
+      cronUser='root'
+      apacheUser='www-data'
+    when: drupal.jail is not defined
+  - set_fact:
+      webRoot='{{ jailroot }}/{{ drupal.jail.name }}/var/www'
+      cronUser='{{ drupal.jail.name }}'
+      apacheUser='{{ drupal.jail.name }}'
    when: drupal.jail is defined
-  - set_fact: drupalRoot='{{ webRoot }}{{ drupal.root|default("") }}'
-  - set_fact: docRoot='{{ webRoot }}{{ drupal.docroot|default(drupal.root|default("")) }}'
-  - set_fact: apacheUser='www-data'
-  - set_fact: apacheUser='{{ drupal.jail.name }}'
-    when: drupal.jail is defined
-  - set_fact: cronUser='root'
-  - set_fact: cronUser='{{ drupal.jail.name }}'
-    when: drupal.jail is defined
-  - set_fact: relativeRoot='{{ drupal.relativeRoot|default(drupal_links_relative_root) }}'
+  - set_fact:
+      installSource={{ drupal.src|default([]) }}
+      relativeRoot='{{ drupal.relativeRoot|default(drupal_links_relative_root) }}'
+      drupalRoot='{{ webRoot }}{{ drupal.root|default("") }}'
+      docRoot='{{ webRoot }}{{ drupal.docroot|default(drupal.root|default("")) }}'
  tags: always

 - name: "Configure Apache"
  include: apache.yml
+  with_items: '{{ drupal.domains }}'
+  loop_control:
+    loop_var: drupal_domain
  tags: 'ApacheConfig'

 - name: "Ensure Drupal Root Directory"

--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -18,7 +18,9 @@
  - name: "Install Drupal"
    include: install.yml
    with_items: '{{ drupal_settings }}'
-    when: limit_jail is not defined or item.jail is not defined or limit_jail == item.jail.name
+    loop_control:
+      loop_var: drupal
+    when: limit_jail is not defined or drupal.jail is not defined or limit_jail == drupal.jail.name

  - name: "Install Drupal Databases and Users"
    include: mysql.yml

--- a/templates/vhost.conf
+++ b/templates/vhost.conf
 <VirtualHost *:80>
  Include /etc/apache2/{{ apache_conf_dir }}/global-redirect.conf

-{% if item.protocol|default("https") == "https" and groups.proxyserver is not defined %}
+{% if drupal_domain.protocol|default("https") == "https" and groups.proxyserver is not defined %}
  ServerAdmin {{ apache_server_admin }}
-  ServerName  {{ item.domain }}
-  ServerAlias {{ item.domain }}{% for alias in item.aliases|default([]) %} {{ alias }}{% endfor %}
+  ServerName  {{ drupal_domain.domain }}
+  ServerAlias {{ drupal_domain.domain }}{% for alias in drupal_domain.aliases|default([]) %} {{ alias }}{% endfor %}

  RewriteEngine on
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

-  ErrorLog ${APACHE_LOG_DIR}/{{ item.domain }}-error.log
+  ErrorLog ${APACHE_LOG_DIR}/{{ drupal_domain.domain }}-error.log
  LogLevel warn
  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
  SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
-  CustomLog ${APACHE_LOG_DIR}/{{ item.domain }}-access.log combined env=!forwarded
-  CustomLog ${APACHE_LOG_DIR}/{{ item.domain }}-access.log proxy env=forwarded
+  CustomLog ${APACHE_LOG_DIR}/{{ drupal_domain.domain }}-access.log combined env=!forwarded
+  CustomLog ${APACHE_LOG_DIR}/{{ drupal_domain.domain }}-access.log proxy env=forwarded
 </VirtualHost>

 <VirtualHost *:443>
@@ -22,8 +22,8 @@

 {% endif %}
  ServerAdmin {{ apache_server_admin }}
-  ServerName  {{ item.domain }}
-  ServerAlias {{ item.domain }}{% for alias in item.aliases|default([]) %} {{ alias }}{% endfor %}
+  ServerName  {{ drupal_domain.domain }}
+  ServerAlias {{ drupal_domain.domain }}{% for alias in drupal_domain.aliases|default([]) %} {{ alias }}{% endfor %}


 {% if drupal.jail is defined %}
@@ -34,11 +34,11 @@
  <Directory {{ docRoot }}/>
    Options +ExecCGI +Indexes +FollowSymLinks +MultiViews
    AllowOverride All
-{% if item.apache_auth is defined %}
-    AuthType {{ item.apache_auth.type }}
-    AuthName "{{ item.apache_auth.name }}"
-    AuthUserFile {{ webRoot }}/passwords/{{ item.apache_auth.user }}
-    Require user {{ item.apache_auth.user }}
+{% if drupal_domain.apache_auth is defined %}
+    AuthType {{ drupal_domain.apache_auth.type }}
+    AuthName "{{ drupal_domain.apache_auth.name }}"
+    AuthUserFile {{ webRoot }}/passwords/{{ drupal_domain.apache_auth.user }}
+    Require user {{ drupal_domain.apache_auth.user }}
 {% else %}
 {% if apache_version == '2.2' %}
    Order allow,deny
@@ -52,12 +52,12 @@
    Require all denied
  </Directory>

-  ErrorLog ${APACHE_LOG_DIR}/{{ item.domain }}-error.log
+  ErrorLog ${APACHE_LOG_DIR}/{{ drupal_domain.domain }}-error.log
  LogLevel warn
  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
  SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
-  CustomLog ${APACHE_LOG_DIR}/{{ item.domain }}-access.log combined env=!forwarded
-  CustomLog ${APACHE_LOG_DIR}/{{ item.domain }}-access.log proxy env=forwarded
+  CustomLog ${APACHE_LOG_DIR}/{{ drupal_domain.domain }}-access.log combined env=!forwarded
+  CustomLog ${APACHE_LOG_DIR}/{{ drupal_domain.domain }}-access.log proxy env=forwarded

  <IfModule mod_expires.c>
    ExpiresActive {% if apache_cache.active %}On{% else %}Off{% endif %}
@@ -70,12 +70,12 @@

  SetEnvIf X-Forwarded-Proto https HTTPS=on

-{% if item.protocol|default("https") == "https" and groups.proxyserver is not defined %}
-{% if item.letsencrypt|default(true) %}
-  SSLCertificateFile /etc/letsencrypt/live/{{ item.domain }}/cert.pem
-  SSLCertificateKeyFile /etc/letsencrypt/live/{{ item.domain }}/privkey.pem
+{% if drupal_domain.protocol|default("https") == "https" and groups.proxyserver is not defined %}
+{% if drupal_domain.letsencrypt|default(true) %}
+  SSLCertificateFile /etc/letsencrypt/live/{{ drupal_domain.domain }}/cert.pem
+  SSLCertificateKeyFile /etc/letsencrypt/live/{{ drupal_domain.domain }}/privkey.pem
  Include /etc/letsencrypt/options-ssl-apache.conf
-  SSLCertificateChainFile /etc/letsencrypt/live/{{ item.domain }}/chain.pem
+  SSLCertificateChainFile /etc/letsencrypt/live/{{ drupal_domain.domain }}/chain.pem
 {% else %}
  # TODO: Add ssl certificates here
 {% endif %}