ansible-5（项目案例：apache虚拟主机的配置）

botang

[student@workstation ansible]$ tree v4.d
v4.d
├── files
│   ├── index-servera.html
│   ├── index-wwwa.html
│   ├── vhosts.conf
│   └── wwwa.pass
└── vars
    └── secret.yml

2 directories, 5 files

[student@workstation ansible]$ cat v4.d/files/wwwa.pass ( htpasswd -c -m /文件名 用户名）
testuser1:$apr1$oE0D6Utk$qlU7cjjt8a0ic8/YAHR9e.
testuser2:{SHA}pkxl4cxVt6gakc2TDshJtkXy2p4=

隐含文件要拷贝到：/var/www/html/wwwa：
.htaccess:

1. AuthName "servera test apache with user and password"
   
2. AuthUserFile "/etc/httpd/wwwa.pass"
   
3. AuthType Basic
   
4. require valid-user
   

复制代码

[student@workstation ansible]$ cat v4.d/files/index-server1.html
Welcome to server1.example.com.
[student@workstation ansible]$ cat v4.d/files/index-www1.html
Welcome to www1.example.com.


[student@workstation ansible]$ cat v4.d/files/vhosts.conf（拷贝自/usr/share/doc/httpd/httpd-vhost.conf）

<VirtualHost *:80>
    DocumentRoot "/var/www/html/servera"
    <Directory "/var/www/html/servera">
     <RequireAll>
      Require all granted
      Require not host serverc.lab.example.com
     </RequireAll>
    </Directory>   
    ServerName servera.lab.example.com
    ErrorLog "/var/log/httpd/servera.lab.example.com-error.log"
    CustomLog "/var/log/httpd/servera.lab.example.com-access.log" common
</VirtualHost>


<VirtualHost *:80>
    DocumentRoot "/var/www/html/wwwa"
    <Directory "/var/www/html/wwwa">
     AllowOverride  AuthConfig
    </Directory>   
    ServerName wwwa.lab.example.com
    ErrorLog "/var/log/httpd/wwwa.lab.example.com-error.log"
    CustomLog "/var/log/httpd/wwwa.lab.example.com-access.log" common
</VirtualHost>



[student@workstation ansible]$
------------------------------------------------------------
[student@workstation ansible]$ ansible-vault   view  v4.d/vars/secret.yml --vault-password-file=v3.d/vault.pass
web_pass: redhat123



v4-1_server1_E.yml:

1. ---
   
2. - name: Web Configuration
   
3.   hosts: servera
   
4.   vars:
   
5.     v_firewall_pkg: firewalld
   
6.     v_firewall_svc: firewalld
   
7.     v_web_pkg: httpd
   
8.     v_web_svc: httpd
   
9. 
   
10.     v_httpconf_src: ./v4.d/files/vhosts.conf
    
11.     v_httpconf_dest: /etc/httpd/conf.d/vhosts.conf
    
12. 
    
13.     v_server_root: /var/www/html/servera
    
14.     v_web_server_src: ./v4.d/files/index-servera.html
    
15.     v_web_server_dest: /var/www/html/servera/index.html
    
16. 
    
17.     v_www_root: /var/www/html/wwwa
    
18.     v_web_www_src: ./v4.d/files/index-wwwa.html
    
19.     v_web_www_dest: /var/www/html/wwwa/index.html
    
20.     v_htaccss_src: ./v4.d/files/.htaccess
    
21.     v_htaccess_dest: /var/www/html/wwwa/.htaccess
    
22.     v_secrets_src: ./v4.d/files/wwwa.pass
    
23.     v_secrets_dest: /etc/httpd/wwwa.pass
    
24.   tasks:
    
25.   - name: Install Web Packages
    
26.     yum:
    
27.       name: "{{ v_web_pkg }}"
    
28.       state: latest
    
29. 
    
30.   - name: Create Remote Directory for server
    
31.     file:
    
32.       path: "{{ v_server_root }}"
    
33.       # recurse: yes
    
34.       state: directory
    
35. 
    
36.   - name: Create Remote Directory for www
    
37.     file:
    
38.       path: "{{ v_www_root }}"
    
39.       #recurse: yes
    
40.       state: directory
    
41. 
    
42.   - name: Copy index.html for server
    
43.     copy:
    
44.       src: "{{ v_web_server_src }}"
    
45.       dest: "{{ v_web_server_dest }}"
    
46. 
    
47.   - name: Modified the index.html for server
    
48.     lineinfile:
    
49.       path: "{{ v_web_server_dest }}"
    
50.       line: "{{ ansible_facts['fqdn'] }} and {{ ansible_facts['default_ipv4']['address'] }}"
    
51.       state: present
    
52. 
    
53.   - name: Copy index.html for www
    
54.     copy:
    
55.       src: "{{ v_web_www_src }}"
    
56.       dest: "{{ v_web_www_dest }}"
    
57. 
    
58.   - name: Modified the index.html for server
    
59.     lineinfile:
    
60.       path: "{{ v_web_www_dest }}"
    
61.       line: "{{ ansible_facts['fqdn'] }} and {{ ansible_default_ipv4['address'] }}"
    
62.       state: present
    
63. 
    
64.   - name: Copy Web Configuration
    
65.     copy:
    
66.       src: "{{ v_httpconf_src }}"
    
67.       dest: "{{ v_httpconf_dest }}"
    
68. 
    
69.   - name: Copy Web Passwd
    
70.     copy:
    
71.       src: "{{ v_secrets_src }}"
    
72.       dest: "{{ v_secrets_dest }}"
    
73. 
    
74.   - name: Copy Web Htaccess
    
75.     copy:
    
76.       src: "{{ v_htaccess_src }}"
    
77.       dest: "{{ v_htaccess_dest }}"
    
78. 
    
79.   - name: Start Web
    
80.     service:
    
81.       name: "{{ v_web_svc }}"
    
82.       state: restarted
    
83.       enabled: yes
    
84. 
    
85.   - name: Firewalld Service Enable and Started
    
86.     service:
    
87.       name: "{{ v_firewall_svc }}"
    
88.       state: started
    
89.       enabled: yes
    
90. 
    
91.   - name: Open the Port for the Web Server
    
92.     firewalld:
    
93.       service: http
    
94.       permanent: yes
    
95.       state: enabled
    
96.       immediate: yes
    
97. 
    
98. - name: Test Web Server with Basic Auth
    
99.   hosts: localhost
    
100.   vars:
     
101.     web_user: testuser1
     
102.   vars_files:
     
103.     - ./v4.d/vars/secret.yml
     
104.   tags:
     
105.     - tag1
     
106.   tasks:
     
107.   - name: Connect to Web Server without Basic Authentication
     
108.     uri:
     
109.       url: http://servera.lab.example.com
     
110.       return_content: yes
     
111.       status_code: 200
     
112.     register: v_result_server
     
113. 
     
114.   - name: Connect to Web Server with Basic Authentication
     
115.     uri:
     
116.       url: http://wwwa.lab.example.com
     
117.       validate_certs: no
     
118.       force_basic_auth: yes
     
119.       user: "{{ web_user }}"
     
120.       password: "{{ web_pass }}"
     
121.       return_content: yes
     
122.       status_code: 200
     
123.     register: v_result_www
     
124. 
     
125.   - name: Show the Result
     
126.     debug:
     
127.       var: "{{ item }}"
     
128.     loop:
     
129.       - v_result_server.content
     
130.       - v_result_server.status
     
131.       - v_result_www.content
     
132.       - v_result_www.status
     
133.   
     
134.    
     

复制代码