Writing Ansible Playbook For Deploy Apache Website With Basic Authentication

Using Jinja2 Template, Ansible Vault, htpasswd Module For Deploy Apache With Basic Authentication

Posted by vmt1991 on 30 Nov 2020
Linux-Unix

* Writing Ansible Playbook For Deploy Apache Website With Basic Authentication

1/Prepare Static Inventory File And Ansible Configuration:

2/Create directory structure for store playbook and related files:

- Directory template will store Jinja2 template for create Apache Virtual Host

- Directory secret will store file include variable password for authentication user to access Web Page. This file will be encrypted with ansible-vault for protecting sensitive data.

- Directory mainbook will store playbook file for deployment.

 

3/Create secret file include password for authentication:

- Encrypt this file using ansible-vault

4/Create Jinja2 Teamplate For Creating Apache Virtual Host:

- Create Virtual Host using Ansible fact “ansible_hostname” to define value for ServerName and ServerAlias on Each Managed Host

- File htpasswd inlcud einformation for authentication user access Web Page On Virtual Host. This file will be created by using Ansible module htpasswd on main playbook

5/Writing Main Playbook For Deployment Apache Website With Basic Authentication:

- The main playbook will include multiple task with different function as below:

+ Install Apache In Supported OS Host (RedHat, Centos, Fedora)

+ Install Python passlib Module Using For Create htpassd File

+ Load content of secret password file to playbook

+ Create OS User web-user Used For Authentication Accessing Web

+ Create htpasswd File Include Username/Password For Authentication

+ Create Virtual Host Listen Port 8080 With Basic Authentication For Website

+ Restart Service Apache For Apply New Configuration

Link github download this Ansible playbook: https://github.com/vominhtri1991/Ansible_Apache_Ex.git

- name: Install Apache With Authentication On RedHat Web Servers

  hosts: webserver

  become: true

  vars:

    os_support:

     - RedHat

     - Centos

     - Fedora

  tasks:

    - name: Install Apache In Supported OS Host

      yum:

        name: httpd

        state: present

      when:

       - ansible_distribution in os_support

 

    - name: Install passlib module using for create htpassd file

      pip:

        name: passlib

 

    - name: Load secret password

      include_vars:

       file: /root/ansible/books/mainbook/secret/apache_password

 

    - name: Create User Authentication For Access Web

      user:

       name: web_user

       password: "{{ password | string }}"

       state: present

 

    - name: Create htpasswd File For Authentication

      htpasswd:

       path: /etc/httpd/.htpasswd

       name: web_user

       password: "{{ password | string}}"

       owner: root

 

    - name: Create Virtual Host Listen Port 8080 For Website

      template:

       src: /root/ansible/books/mainbook/template/mysite.conf

       dest: /etc/httpd/conf.d/mysite.conf

 

    - name: Restart service Apache

      service:

        name: httpd

        state: restarted

 

6/Check Syntax And Running This Playbook:

- Checking Virtual Host configuration file on each managed hsot and accessing website