browbeat/ansible/install/roles/browbeat-results/tasks/main.yml
Chuck Short 959bed59a5 Enable linter test for ANSIBLE0013
Use shell only shell functionality is required.
The shell functionality should only be used when piping, redirecting or
chaining commands.

Change-Id: Icb9b1dd5ea22a2af895a87a9fa2cc1b9a488ac0c
Signed-off-by: Chuck Short <chucks@redhat.com>
2018-08-10 14:28:36 +00:00

70 lines
2.0 KiB
YAML

---
#
# Browbeat Results via httpd
#
- name: Install httpd
yum:
name: httpd
state: present
become: true
- name: Remove welcome.conf if it exists
file:
path: /etc/httpd/conf.d/welcome.conf
state: absent
become: true
notify:
- restart httpd
- name: Setup browbeat.conf in /etc/httpd/conf.d
template:
src: 00-browbeat.conf.j2
dest: "/etc/httpd/conf.d/00-browbeat-{{browbeat_user}}.conf"
owner: root
group: root
mode: 0644
become: true
notify:
- restart httpd
- name: Set seboolean(httpd_read_user_content)
seboolean:
name: httpd_read_user_content
state: yes
persistent: yes
become: true
when: "ansible_selinux['status'] == 'enabled'"
- name: Allow httpd to serve content in "{{ home_dir }}"
file:
path: "{{ home_dir }}"
state: directory
mode: 0755
# (akrzos) Port 9000 is already in use by zaqar-server with Newton and thus the fact that likely the
# user will choose a port that is not enabled by selinux to allow httpd to listen, we need to modify
# the ports enabled by selinux for httpd. If the port is already defined you will run into this
# issue if you use the "seport" ansible module:
# https://github.com/ansible/ansible-modules-extras/pull/2694
# This is not in upstream Ansible releases as of 2.1.1.0
- name: Allow httpd to listen to port ({{browbeat_results_port}})
command: "/usr/sbin/semanage port -m -t http_port_t -p tcp {{browbeat_results_port}}"
become: true
register: seport_modified
when: "ansible_selinux['status'] == 'enabled'"
ignore_errors: true
# If port can not be modified, it likely has to be added (Ex. Port 9002)
- name: Allow httpd to listen to port ({{browbeat_results_port}}) via add
command: "/usr/sbin/semanage port -a -t http_port_t -p tcp {{browbeat_results_port}}"
become: true
when: "(ansible_selinux['status'] == 'enabled') and (seport_modified.rc != 0)"
- name: Start httpd
service:
name: httpd
state: started
enabled: true
become: true