Meher Chaitanya's Blog
Making the apache HTPPD server automation idempotent

Making the apache HTPPD server automation idempotent

Meher Chaitanya's photo
Meher Chaitanya
·

4 min read

When we use the HTTPD server of apache, sometimes we want to change the config file to change the port on which the server should work and the document root path in which the files that are supposed to be hosted are present

Now we need to create a webserver with the help of Ansible and also change the config file, like a port number.

So first let's create some variables for us to work on this playbook

- hosts: httpd
  vars:
    porthttpd: "2000"
    conffile: httpd.conf
    docroot: "/var/www/html/"
    webfiles: "./html_dir"

Here Hostname is httpd that I have configured in my inventory.

  • porthttpd: is for the port we are going to change
  • conffile: this is the file name that we want to copy to the managed node which has the configurations
  • docroot: this is the document path where our HTML files are going to be located
  • webfiles: this is the path of the directory where the HTML files are located inside the controller node

Now here is the httpd.conf file which we are going to export

Listen {{ porthttpd }}

<VirtualHost {{ ansible_facts['default_ipv4']['address'] }}:{{ porthttpd }}>
    DocumentRoot {{ docroot }}
</VirtualHost>

Now we start writing the tasks

  • we install and start the httpd server using package and service module respectively
- name: install httpd server
  ansible.builtin.package:
    name: httpd
    state: present

- name: start httpd server
  ansible.builtin.service:
    name: httpd
    state: started
  • Next, we need to allow the permissions for the port to be accessible in the network and for this, we need to write rules in SELinux and firewalld services. For this I am going to use seport and firewalld modules provided by ansible
- name: allow port from firewalld
  ansible.posix.firewalld:
    port: "{{porthttpd}}/tcp"
    permanent: yes
    state: enabled
    immediate: true

- name: allow port from selinux
  community.general.seport:
    ports: "{{porthttpd}}"
    proto: tcp
    setype: http_port_t
    state: present
  • now everything is ready to start but we need to copy a template config file to /etc/httpd/conf.d. Here we introduce a new concept called "handler". Handlers are similar to tasks but are executed only when we notify from another task. 
- name: copy the config file
  ansible.builtin.template:
    src: ./{{conffile}}
    dest: /etc/httpd/conf.d/
  notify:
    - restart apache httpd

Handler code

- name: restart apache httpd
  ansible.builtin.service:
    name: httpd
    state: restarted
    enabled: yes

NOTE: handler code is written in a different keyword with the tasks called handlers and not inside the tasks keyword

Now we just upload the HTML files and the magic is done

- name: copy the html files
  ansible.builtin.template:
    src: "{{ item }}"
    dest: "{{ docroot }}"
  with_fileglob: "{{webfiles}}/*"

In the above code, all the files inside the directory will be looped and copied to the document root of the managed node.

Now we can curl or use the browser to view the output and now we made the webserver configuration process idempotent. 🙂

🙏Thank you and hope you have enjoyed this post and found it useful

apacheserveransibleautomationweb