First, still lacking TTL config

2021-09-17 14:41:58 +02:00 · 2021-09-17 14:41:58 +02:00 · f37046266f
commit f37046266f
3 changed files with 79 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,5 @@
+# Varnish role
+Installs Varnish in a simple manner, in front of an Apache Server. The Varnish cache runs on port 80 and Apache goes to port 8080.
+
+## Vars:
+* varnishram : in megabytes, RAM allocated to Varnish. Used in the template "customexec.conf.j2".
--- a/templates/customexec.conf.j2
+++ b/templates/customexec.conf.j2
@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s default,{{ varnishram }}m
--- a/varnish.yml
+++ b/varnish.yml
@ -0,0 +1,71 @@
+---
+- hosts: all
+  become: True
+
+  tasks: 
+    - name: Install Varnish
+      ansible.builtin.package:
+        name: varnish
+        state: present
+
+    - name: Create conf directory
+      ansible.builtin.file:
+        path: /etc/systemd/system/varnish.service.d
+        state: directory
+        mode: '0655'
+
+    - name: Dropping config in conf directory
+      ansible.builtin.template:
+        src: templates/customexec.conf.j2
+        dest: /etc/systemd/system/varnish.service.d/customexec.conf
+        mode: '0655'
+        owner: root
+        group: root
+
+    - name: Reload daemons, enable varnish
+      ansible.builtin.systemd:
+        daemon_reload: yes
+        name: varnish.service
+        enabled: yes
+        state: stopped
+
+    - name: Modfying Apache default port
+      ansible.builtin.lineinfile:
+        path: /etc/apache2/ports.conf
+        regexp: '^Listen 80$'
+        line: 'Listen 8080'
+        
+    - name: Find all enabled vhosts
+      ansible.builtin.find:
+        paths: /etc/apache2/sites-available
+        patterns: "*.conf"
+        follow: yes
+        file_type: file
+      register: vhosts
+
+    - name: dbg
+      ansible.builtin.debug:
+        var: vhosts.files
+
+    - name: Modfying VHosts
+      ansible.builtin.replace:
+        path: "{{ item.path }}"
+        regexp: '^\<[Vv]irtual[Hh]ost \*:80\>$'
+        replace: "<VirtualHost *:8080>"
+      with_items:
+        - "{{ vhosts.files }}"
+
+    - name: Activating Apache Headers Mod
+      community.general.apache2_module:
+        state: present
+        name: headers
+        identifier: headers_module
+
+    - name: Restart Varnish and Apache
+      ansible.builtin.systemd:
+        name: "{{ item }}"
+        state: restarted
+      with_items:
+        - "apache2.service"
+        - "varnish.service"
+