webserver-service

Example:

# Install Apache webserver, incl. letsencrypt and PHP
- webserver-service:
    webserver: apache
    letsencrypt_webroot: /var/www/html
    use_https: true
    letsencrypt_email: hello@frkl.io
    letsencrypt_domains:
    - dev.frkl.io
    use_php: true
    php_packages:
      debian:
      - php-zip
      - php-curl
      - php-gd
      - php-mbstring
      - php-mcrypt
      - php-xml
      - php-xmlrpc
      - php-mysql

Description

This frecklet helps you set up a webserver.

Currently the 'nginx' and 'apache' webservers are supported. This does not configure the webserver, except for some basic stuff. It does, however, setup dependencies like letsencrypt certificates, htpasswd files, etc.

More features are planned, like setting up php and configure it to work with the webserver, for example.

To do webserver configuration, use one of the templig frecklets, like 'apache-vhost-exists'. More of those will be coming in the future.

Resources

Variables

Name Type Default Description

basic_auth_user_file

string /etc/htpasswd

The file to store htpasswd information.

basic_auth_users

dict --

A dict with username as key, password as value.

letsencrypt_domains

list --

The domains (for requesting https certificates).

letsencrypt_email

string --

The email to use when requesting a letsencrypt certificate.

letsencrypt_staging

boolean False

Whether to use the letsencrypt staging server (for developing -- production only allows a few requests per day).

letsencrypt_webroot

string --

The document root, needed for letsencrypt certificate requests.

listen_port

integer 80

The port the webserver is listening on by default.

listen_port_https

integer 443

The port the webserver is listening on by default (for https).

php_config

dict ordereddict()

PHP config.

This forwards 'fpm'-related configuration key/values to the geerlingguy.php Ansible role". For a list of available vars refer to its README file.

php_fpm_config

dict ordereddict()

PHP fpm config.

This forwards 'fpm'-related configuration key/values to the geerlingguy.php Ansible role". Available vars:

  • php_fpm_listen: "127.0.0.1:9000"
  • php_fpm_listen_allowed_clients: "127.0.0.1"
  • php_fpm_pm_max_children: 50
  • php_fpm_pm_start_servers: 5
  • php_fpm_pm_min_spare_servers: 5
  • php_fpm_pm_max_spare_servers: 5

php_fpm_group

string --

The group to run the php-fpm daemon.

php_fpm_user

string --

The user to run the php-fpm daemon.

php_packages

dict ordereddict()

A map of platform-dependent php packages to install.

Specified in the form:

php_packages:
  <platform_matcher>:
    - <pkg1>
    - ...

For example:

php_packages:
  debian:
    - php-zip
  ubuntu:
    - php-zip
    - php-gd
  redhat:
    - <whatever, no idea how those are named>

restart_webserver

boolean False

Whether to restart the webserver afterwards.

skip_cert_request

boolean False

Whether to skip letsencrypt certificate request.

use_basic_auth

boolean False

Whether to setup basic auth.

use_https

boolean False

Whether to use https and request a letsencrypt certificate.

use_php

boolean False

Whether to install & enable PHP (fpm).

webserver

string nginx

The webserver to install, either 'nginx' (default) or 'apache'.

webserver_apache_config

dict --

Extra, Apache-specific vars.

webserver_group

string --

The group to run the webserver as (if applicable).

webserver_nginx_config

dict --

Key/Value pairs in this variable will be forwared to the geerligguy.nginx Nginx role, check its documentation for details.

webserver_use_pagespeed

boolean False

Whether to install and use the pagespeed module.

Only Nginx currently supported, when using this with Apache it will be ignored. Nginx will be built from source if set to true.

webserver_user

string --

The user to run the webserver as.

Examples

Example 1

Install Apache webserver, incl. letsencrypt and PHP

Code
- webserver-service:
    webserver: apache
    letsencrypt_webroot: /var/www/html
    use_https: true
    letsencrypt_email: hello@frkl.io
    letsencrypt_domains:
    - dev.frkl.io
    use_php: true
    php_packages:
      debian:
      - php-zip
      - php-curl
      - php-gd
      - php-mbstring
      - php-mcrypt
      - php-xml
      - php-xmlrpc
      - php-mysql

Example 2

Install Nginx webserver, incl. letsencrypt.

Code
- webserver-service:
    webserver: nginx
    letsencrypt_webroot: /var/ww/html
    use_https: true
    letsencrypt_email: hello@frkl.io
    letsencrypt_domains:
    - dev.frkl.io

Command-line

frecklecute webserver-service --help

Usage: frecklecute webserver-service [OPTIONS]

  This frecklet helps you set up a webserver.

  Currently the 'nginx' and 'apache' webservers are supported. This does not
  configure the webserver, except for some basic stuff. It does, however,
  setup dependencies like letsencrypt certificates, htpasswd files, etc.

  More features are planned, like setting up php and configure it to work
  with the webserver, for example.

  To do webserver configuration, use one of the templig frecklets, like
  'apache-vhost-exists'. More of those will be coming in the future.

Options:
  --basic-auth-user-file BASIC_AUTH_USER_FILE
                                  The file to store htpasswd information.
  --letsencrypt-domains DOMAIN    The domains (for requesting https
                                  certificates).
  --letsencrypt-email EMAIL       The email to use when requesting a
                                  letsencrypt certificate.
  --letsencrypt-staging / --no-letsencrypt-staging
                                  Whether to use the letsencrypt staging
                                  server (for developing -- production only
                                  allows a few requests per day).
  --letsencrypt-webroot PATH      The document root, needed for letsencrypt
                                  certificate requests.
  --listen-port PORT              The port the webserver is listening on by
                                  default.
  --listen-port-https PORT        The port the webserver is listening on by
                                  default (for https).
  --php-fpm-group GROUP           The group to run the php-fpm daemon.
  --php-fpm-user USER             The user to run the php-fpm daemon.
  --restart-webserver / --no-restart-webserver
                                  Whether to restart the webserver afterwards.
  --skip-cert-request / --no-skip-cert-request
                                  Whether to skip letsencrypt certificate
                                  request.
  --use-https / --no-use-https    Whether to use https and request a
                                  letsencrypt certificate.
  --use-php / --no-use-php        Whether to install & enable PHP (fpm).
  --webserver WEBSERVER           The webserver to install, either 'nginx'
                                  (default) or 'apache'.
  --webserver-group GROUP         The group to run the webserver as (if
                                  applicable).
  --use-pagespeed / --no-use-pagespeed
                                  Whether to install the pagespeed module.
  --webserver-user USERNAME       The user to run the webserver as.
  --help                          Show this message and exit.