diff --git a/meta/main.yml b/meta/main.yml index 803e076e81e8303c2ac5d3d82b7a56ac2f8e4e69..6733de8316223a774cd3727a2d77577122c8f0d4 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -7,4 +7,5 @@ galaxy_info: min_ansible_version: 1.2 #platforms: #categories: -dependencies: [] +dependencies: +- apache diff --git a/tasks/main.yml b/tasks/main.yml index 8e89f3cd00e64cbdfee05288b127695e95725916..af9d82f6cc19c22a62e89088e101852f963380c0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -73,23 +73,6 @@ state: present minute: '*/15' -- name: Enable mod-ssl in Apache - with_items: - - ssl - - headers - apache2_module: - name: '{{ item }}' - state: present - notify: - - Restart Apache - -- name: Disable default Apache site - file: - path: /etc/apache2/sites-enabled/000-default.conf - state: absent - notify: - - Restart Apache - - name: Add ownCloud Apache site template: src: owncloud.conf.j2 @@ -98,13 +81,7 @@ group: root mode: '0644' notify: - - Restart Apache - -- name: Open https port in firewall - ufw: - rule: allow - port: 443 - proto: tcp + - Reload Apache - name: Add daily backup job template: diff --git a/templates/owncloud.conf.j2 b/templates/owncloud.conf.j2 index f0bc2559d50e62156e400b6c2527b1a1dcea3d05..153249fb5e73626c450b9de73702155166eba7eb 100644 --- a/templates/owncloud.conf.j2 +++ b/templates/owncloud.conf.j2 @@ -1,13 +1,3 @@ <VirtualHost _default_:443> DocumentRoot /var/www/owncloud/ - SSLEngine on - SSLCertificateFile {{ tls_cert_path }} - SSLCertificateKeyFile {{ tls_key_path }} - SSLProtocol all -SSLv2 -SSLv3 - SSLCipherSuite !kRSA:!3DES:!RC4:!DES:!MD5:!aNULL:!NULL:AESGCM+ECDH:AES256+ECDH:AES128:+SHA1; - SSLHonorCipherOrder on - SSLCompression off - Header always set Strict-Transport-Security "max-age=15768000;includeSubDomains; preload" - ErrorLog ${APACHE_LOG_DIR}/error.log - CustomLog ${APACHE_LOG_DIR}/access.log combined </virtualHost>