Changeset - 5b175621f79a
Parent rev.
Child rev.
[Not reviewed]
0 1 1
Branko Majic (branko) - 10 years ago 2015-08-31 23:40:37
branko@majic.rs
MAR-19: Fixed some docs. Made a bunch of parameters optional for web server role.
2 files changed with 18 insertions and 12 deletions:
docs/rolereference.rst
12
12
roles/web_server/defaults/main.yml
6
0 comments (0 inline, 0 general)
docs/rolereference.rst
Show inline comments
 
@@ -483,17 +483,17 @@ Parameters
 
**ldap_server_log_level** (string, optional, ``256``)
 
  Log level to use for the server. This should be compatible with OpenLDAP
 
  configuration option ``olcLogLevel``. See `OpenLDAP Administrator's Guide
 
  <http://www.openldap.org/doc/admin24/slapdconf2.html#cn=config>` for value
 
  description and syntax.
 

			




	
	
	
		
 
**ldap_server_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/FQDN_ldap.pem``)

			




	
	
	
		
 
**ldap_server_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_ldap.pem``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the X.509 certificate used for TLS

			




	
	
	
		
 
  for LDAP service. The file will be copied to directory ``/etc/ssl/certs/``.

			




	
	
	
		
 

			




	
	
	
		
 
**ldap_server_tls_key** (string, optional, ``{{ tls_private_key_dir }}/FQDN_ldap.key``)

			




	
	
	
		
 
**ldap_server_tls_key** (string, optional, ``{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_ldap.key``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the private key used for TLS for

			




	
	
	
		
 
  LDAP service. The file will be copied to directory ``/etc/ssl/private/``.

			




	
	
	
		
 

			




	
	
	
		
 
**ldap_server_ssf** (number, optional, ``128``)

			




	
	
	
		
 
  Minimum *Security Strength Factor* to require from all incoming

			




	
	
	
		
 
  connections. This applies for both remote and local connections.

			




	
	
		
 
@@ -588,17 +588,17 @@ Parameters

			




	
	
	
		
 

			




	
	
	
		
 
**xmpp_administrators** (list, mandatory)

			




	
	
	
		
 
  List of Prosody users that should be granted administrator privileges over

			




	
	
	
		
 
  Prosody. Each item is a string with value equal to XMPP user ID

			




	
	
	
		
 
  (i.e. ``john.doe@example.com``).

			




	
	
	
		
 

			




	
	
	
		
 
**xmpp_tls_key** (string, optional, ``{{ tls_private_key_dir }}/FQDN_xmpp.key``)

			




	
	
	
		
 
**xmpp_tls_key** (string, optional, ``{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_xmpp.key``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the private key used for TLS for

			




	
	
	
		
 
  XMPP service. The file will be copied to directory ``/etc/ssl/private/``.

			




	
	
	
		
 

			




	
	
	
		
 
**xmpp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/FQDN_xmpp.pem``)

			




	
	
	
		
 
**xmpp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_xmpp.pem``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the X.509 certificate used for TLS

			




	
	
	
		
 
  for SMTP service. The file will be copied to directory ``/etc/ssl/certs/``.

			




	
	
	
		
 

			




	
	
	
		
 
**xmpp_domains** (list, optional, ``ansible_facts[host]['domain']``)

			




	
	
	
		
 
  List of domains that are served by this Prosody instance. Each item is a

			




	
	
	
		
 
  string specifying a domain.

			




	
	
		
 
@@ -738,27 +738,27 @@ Parameters

			




	
	
	
		
 
**mail_user_uid** (integer, optional, ``whatever OS picks``)

			




	
	
	
		
 
  UID of the user that owns all the mail files.

			




	
	
	
		
 

			




	
	
	
		
 
**mail_user_gid** (integer, optional, ``whatever OS picks``)

			




	
	
	
		
 
  GID of the user that owns all the mail files.

			




	
	
	
		
 

			




	
	
	
		
 
**imap_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/FQDN_imap.pem``)

			




	
	
	
		
 
**imap_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_imap.pem``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the X.509 certificate used for TLS

			




	
	
	
		
 
  for IMAP and ManageSieve services. The file will be copied to directory

			




	
	
	
		
 
  ``/etc/ssl/certs/``.

			




	
	
	
		
 

			




	
	
	
		
 
**imap_tls_key** (string, optional, ``{{ tls_private_key_dir }}/FQDN_imap.key``)

			




	
	
	
		
 
**imap_tls_key** (string, optional, ``{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_imap.key``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the private key used for TLS for

			




	
	
	
		
 
  IMAP and ManageSieve services. The file will be copied to directory

			




	
	
	
		
 
  ``/etc/ssl/private/``.

			




	
	
	
		
 

			




	
	
	
		
 
**smtp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/FQDN_smtp.pem``)

			




	
	
	
		
 
**smtp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_smtp.pem``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the X.509 certificate used for TLS

			




	
	
	
		
 
  for SMTP service. The file will be copied to directory ``/etc/ssl/certs/``.

			




	
	
	
		
 

			




	
	
	
		
 
**smtp_tls_key** (string, optional, ``{{ tls_certificate_dir }}/FQDN_smtp.key``)

			




	
	
	
		
 
**smtp_tls_key** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_smtp.key``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the private key used for TLS for

			




	
	
	
		
 
  SMTP service. The file will be copied to directory ``/etc/ssl/private/``.

			




	
	
	
		
 

			




	
	
	
		
 
**imap_folder_separator** (string, optional, ``/``)

			




	
	
	
		
 
  Character used for separating the IMAP folders when clients are requesting

			




	
	
	
		
 
  listing from the server. Usually either slash(``/``) or dot(``.``).

			




	
	
		
 
@@ -894,24 +894,24 @@ The role implements the following:

			




	
	
	
		
 
* Installs and configures PHP FPM as a common base for PHP apps.

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Parameters

			




	
	
	
		
 
~~~~~~~~~~

			




	
	
	
		
 

			




	
	
	
		
 
**https_tls_key** (string, mandatory)

			




	
	
	
		
 
**https_tls_key** (string, optional, ``{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_web.key``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the private key used for TLS for

			




	
	
	
		
 
  HTTPS service. The file will be copied to directory ``/etc/ssl/private/``.

			




	
	
	
		
 

			




	
	
	
		
 
**https_tls_certificate** (string, mandatory)

			




	
	
	
		
 
**https_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_web.pem``)

			




	
	
	
		
 
  Path to file on Ansible host that contains the X.509 certificate used for TLS

			




	
	
	
		
 
  for HTTPS service. The file will be copied to directory ``/etc/ssl/certs/``.

			




	
	
	
		
 

			




	
	
	
		
 
**web_default_title** (string, mandatory)

			




	
	
	
		
 
**web_default_title** (string, optional, ``Welcome``)

			




	
	
	
		
 
  Title for the default web page shown to users (if no other vhosts were matched).

			




	
	
	
		
 

			




	
	
	
		
 
**web_default_message** (string, mandatory)

			




	
	
	
		
 
**web_default_message** (string, optional, ``You are attempting to access the web server using a wrong name or an IP address. Please check your URL.``)

			




	
	
	
		
 
  Message for the default web page shown to users (if no other vhosts were

			




	
	
	
		
 
  matched).

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
Examples

			




	
	
	
		
 
~~~~~~~~

			




        

    


    
    

    

        

                

                    roles/web_server/defaults/main.yml
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
new file 100644

			




	
	
	
		
 
---

			




	
	
	
		
 

			




	
	
	
		
 
https_tls_key: "{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_web.key"

			




	
	
	
		
 
https_tls_certificate: "{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_web.pem }}"

			




	
	
	
		
 
web_default_title: "Welcome"

			




	
	
	
		
 
web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.