From f37046266fc80638717f8845d3dba6464594dacd Mon Sep 17 00:00:00 2001
From: Justine <justine.pelletreau@gmail.com>
Date: Fri, 17 Sep 2021 14:41:58 +0200
Subject: [PATCH] First, still lacking TTL config

---
 README.md                    |  5 +++
 templates/customexec.conf.j2 |  3 ++
 varnish.yml                  | 71 ++++++++++++++++++++++++++++++++++++
 3 files changed, 79 insertions(+)
 create mode 100644 README.md
 create mode 100644 templates/customexec.conf.j2
 create mode 100755 varnish.yml

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..89fbd8f
--- /dev/null
+++ b/README.md
@@ -0,0 +1,5 @@
+# Varnish role
+Installs Varnish in a simple manner, in front of an Apache Server. The Varnish cache runs on port 80 and Apache goes to port 8080.
+
+## Vars:
+* varnishram : in megabytes, RAM allocated to Varnish. Used in the template "customexec.conf.j2".
diff --git a/templates/customexec.conf.j2 b/templates/customexec.conf.j2
new file mode 100644
index 0000000..aaefdf1
--- /dev/null
+++ b/templates/customexec.conf.j2
@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s default,{{ varnishram }}m
diff --git a/varnish.yml b/varnish.yml
new file mode 100755
index 0000000..c107c32
--- /dev/null
+++ b/varnish.yml
@@ -0,0 +1,71 @@
+---
+- hosts: all
+  become: True
+
+  tasks: 
+    - name: Install Varnish
+      ansible.builtin.package:
+        name: varnish
+        state: present
+
+    - name: Create conf directory
+      ansible.builtin.file:
+        path: /etc/systemd/system/varnish.service.d
+        state: directory
+        mode: '0655'
+
+    - name: Dropping config in conf directory
+      ansible.builtin.template:
+        src: templates/customexec.conf.j2
+        dest: /etc/systemd/system/varnish.service.d/customexec.conf
+        mode: '0655'
+        owner: root
+        group: root
+
+    - name: Reload daemons, enable varnish
+      ansible.builtin.systemd:
+        daemon_reload: yes
+        name: varnish.service
+        enabled: yes
+        state: stopped
+
+    - name: Modfying Apache default port
+      ansible.builtin.lineinfile:
+        path: /etc/apache2/ports.conf
+        regexp: '^Listen 80$'
+        line: 'Listen 8080'
+        
+    - name: Find all enabled vhosts
+      ansible.builtin.find:
+        paths: /etc/apache2/sites-available
+        patterns: "*.conf"
+        follow: yes
+        file_type: file
+      register: vhosts
+
+    - name: dbg
+      ansible.builtin.debug:
+        var: vhosts.files
+
+    - name: Modfying VHosts
+      ansible.builtin.replace:
+        path: "{{ item.path }}"
+        regexp: '^\<[Vv]irtual[Hh]ost \*:80\>$'
+        replace: "<VirtualHost *:8080>"
+      with_items:
+        - "{{ vhosts.files }}"
+
+    - name: Activating Apache Headers Mod
+      community.general.apache2_module:
+        state: present
+        name: headers
+        identifier: headers_module
+
+    - name: Restart Varnish and Apache
+      ansible.builtin.systemd:
+        name: "{{ item }}"
+        state: restarted
+      with_items:
+        - "apache2.service"
+        - "varnish.service"
+