50 lines
1.4 KiB
YAML
50 lines
1.4 KiB
YAML
---
|
|
- import_playbook: "include/deploy-kvm-guest.yml myhosts=static"
|
|
|
|
- name: configure instance
|
|
hosts: static
|
|
user: root
|
|
gather_facts: true
|
|
|
|
vars_files:
|
|
- "{{ ansible_private }}/vars.yml"
|
|
|
|
roles:
|
|
- base
|
|
- role: keytab
|
|
principals:
|
|
- "host/{{ inventory_hostname }}@FOO.SH"
|
|
- "nfs/{{ inventory_hostname }}@FOO.SH"
|
|
- nfs_client
|
|
- sssd
|
|
- autofs
|
|
- apache
|
|
|
|
tasks:
|
|
- name: allow apache to access nfs mounts from selinux
|
|
seboolean:
|
|
name: httpd_use_nfs
|
|
state: true
|
|
persistent: true
|
|
- name: share role and home directories to apache
|
|
copy:
|
|
dest: /etc/httpd/conf.local.d/public_html.conf
|
|
content: |
|
|
UserDir enabled
|
|
UserDir public_html
|
|
<Directory "/home/*/public_html">
|
|
Options SymLinksIfOwnerMatch IncludesNoExec Indexes MultiViews
|
|
AllowOverride AuthConfig FileInfo Indexes Limit
|
|
Require all granted
|
|
</Directory>
|
|
|
|
AliasMatch ^/roles/([a-z]*)/(.*) /roles/$1/public/public_html/$2
|
|
<Directory "/roles/*/public/public_html">
|
|
Options FollowSymLinks IncludesNoExec Indexes MultiViews
|
|
AllowOverride AuthConfig FileInfo Indexes Limit
|
|
Require all granted
|
|
</Directory>
|
|
mode: 0644
|
|
owner: root
|
|
group: "{{ ansible_wheel }}"
|
|
notify: restart apache
|