cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Chetan_Tiwary_
Community Manager
Community Manager
yesterday
  • 115 Views

Take the Ansible Playbook Challenge

Write an ansible playbook to automate configuration of Apache HTTPD.

Your playbook should make sure that :

  1. Correct package is installed.
  2. Make sure the firewall permits HTTP and HTTPS traffic.
  3. Make sure the web server is started and enabled.
  4. Use Jinja2 templates for configuration files if required.
  5. Use CA cert, .key and .crt files wherever applicable accordingly.
  6. SELinux file context taken care of.
Labels (4)
0 Kudos
Join the discussion
3 Replies
erich
Mission Specialist
Mission Specialist
yesterday
  • 93 Views

---
- name: Configure Apache HTTPD
hosts: web_servers
become: true
vars:
httpd_package: httpd
firewall_services:
- http
- https
ssl_cert_path: /etc/ssl/certs/apache-cert.crt
ssl_key_path: /etc/ssl/private/apache-key.key
ssl_ca_cert_path: /etc/ssl/certs/ca-cert.pem
httpd_config_template: "templates/httpd.conf.j2"

tasks:
- name: Install Apache HTTPD package
package:
name: "{{ httpd_package }}"
state: present

- name: Ensure firewall allows HTTP and HTTPS traffic
firewalld:
service: "{{ item }}"
permanent: true
state: enabled
immediate: yes
loop: "{{ firewall_services }}"
become: true

- name: Start and enable Apache HTTPD service
service:
name: httpd
state: started
enabled: true

- name: Configure SSL certificates
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
loop:
- { src: "files/ca-cert.pem", dest: "{{ ssl_ca_cert_path }}", mode: '0644' }
- { src: "files/apache-cert.crt", dest: "{{ ssl_cert_path }}", mode: '0644' }
- { src: "files/apache-key.key", dest: "{{ ssl_key_path }}", mode: '0600' }

- name: Ensure SELinux file context for SSL certificates
sefcontext:
target: "{{ item }}"
setype: cert_t
loop:
- "{{ ssl_cert_path }}"
- "{{ ssl_key_path }}"
- "{{ ssl_ca_cert_path }}"

- name: Apply SELinux file context changes
command: restorecon -Rv /etc/ssl/certs /etc/ssl/private

- name: Configure Apache HTTPD using Jinja2 template
template:
src: "{{ httpd_config_template }}"
dest: /etc/httpd/conf/httpd.conf
mode: '0644'

- name: Restart Apache HTTPD to apply new configuration
service:
name: httpd
state: restarted

Ahmed95
Cadet
Cadet
11 hours ago
  • 40 Views

what i do?

 

HariharMishra
Cadet
Cadet
9 hours ago
  • 30 Views

Hi All,

This is my Ansible play book for question number 03:

---
- name: Configure Apache HTTPD
hosts: webservers
become: yes
vars:
httpd_package: "httpd"
firewall_ports:
- 80
- 443
apache_config_template: "httpd.conf.j2"
cert_file: "/etc/pki/tls/certs/your_domain.crt"
key_file: "/etc/pki/tls/private/your_domain.key"
ca_cert_file: "/etc/pki/tls/certs/CA.crt"
httpd_service: "httpd"
apache_config_path: "/etc/httpd/conf/httpd.conf"

tasks:

# 1. Ensure Apache HTTPD package is installed
- name: Install Apache HTTPD
package:
name: "{{ httpd_package }}"
state: present

# 2. Allow HTTP and HTTPS traffic through the firewall
- name: Open firewall for HTTP and HTTPS
firewalld:
service: "{{ item }}"
permanent: true
state: enabled
loop: "{{ firewall_ports }}"
notify:
- reload firewalld

# 3. Make sure the web server is started and enabled
- name: Ensure Apache HTTPD is running and enabled
service:
name: "{{ httpd_service }}"
state: started
enabled: true

# 4. Configure the Apache HTTPD using Jinja2 template
- name: Configure Apache HTTPD
template:
src: "{{ apache_config_template }}"
dest: "{{ apache_config_path }}"
notify:
- restart apache

# 5. Ensure the SSL certificate a

Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright ?2024 Red Hat, Inc. Privacy policy Terms of use