AnsiblePilot — Master Ansible Automation

AnsiblePilot is the leading resource for learning Ansible automation, DevOps, and infrastructure as code. Browse over 1,400 tutorials covering Ansible modules, playbooks, roles, collections, and real-world examples. Whether you are a beginner or an experienced engineer, our step-by-step guides help you automate Linux, Windows, cloud, containers, and network infrastructure.

Popular Topics

About Luca Berton

Luca Berton is an Ansible automation expert, author of 8 Ansible books published by Apress and Leanpub including "Ansible for VMware by Examples" and "Ansible for Kubernetes by Example", and creator of the Ansible Pilot YouTube channel. He shares practical automation knowledge through tutorials, books, and video courses to help IT professionals and DevOps engineers master infrastructure automation.

Configure Apache Vhost on RedHat Using Ansible Playbook

By Luca Berton · Published 2024-01-01 · Category: installation

Automate Apache virtual host setup on RedHat systems with Ansible. Learn to manage web server installation, configuration, and firewall settings.

Configure Apache Vhost on RedHat Using Ansible Playbook

How to deploy a webserver apache httpd virtual host on RedHat-like systems with Ansible?

I'm going to show you a live Playbook with some simple Ansible code. This Playbook is quick and dirty but shows you the basics of Ansible automation technology that you could use in your System Administrator every day. I'm Luca Berton and welcome to today's episode of Ansible Pilot.

See also: Deploy Apache HTTPD with Podman Using Ansible Playbook

Deploy a web server apache httpd virtualhost on RedHat-like systems

• install packages => ansible.builtin.yum • document root => ansible.builtin.file • custom index.html => ansible.builtin.copy • Apache virtualhost => ansible.builtin.template • start service => ansible.builtin.service • open firewall => ansible.posix.firewalld

Today we're talking about how to Deploy a web server apache httpd on RedHat-like Linux systems. The full process requires six steps that you could automate with different Ansible modules. Firstly you need to install the httpd package and dependency using the ansible.builtin.yum Ansible module. Secondly, you need to create the document root with the right permission with the ansible.builtin.file module. Thirsty, you need to create the custom index.html with ansible.builtin.copy Ansible module. You could upgrade this step using the template module. Fourthly, you need to set up Apache configuration for the specific virtual host using the ansible.builtin.template module. Fifthly, you need to start the httpd service and enable it on boot and all the dependant using the ansible.builtin.service Ansible module. Sixthly you need to open the relevant firewall service-related ports using the ansible.posix.firewalld Ansible module.

## Playbook

Deploy a web server apache httpd virtual host on RedHat-like systems with Ansible Playbook.

code

• httpd_redhat_vhost.yml 
---
- name: setup webserver with vhost
  hosts: all
  become: true
  vars:
    app_user: "apache"
    http_host: "example.com"
    http_conf: "example.com.conf"
    http_port: "80"
  tasks:
    - name: httpd installed
      ansible.builtin.yum:
        name: httpd
        state: latest

- name: document root exist
      ansible.builtin.file:
        path: "/var/www/{{ http_host }}"
        state: directory
        owner: "{{ app_user }}"
        mode: '0755'
        setype: "httpd_sys_content_t"


- name: custom index.html
      ansible.builtin.copy:
        dest: "/var/www/{{ http_host }}/index.html"
        content: |
          Custom Web Page


- name: setup Apache virtualhost
      ansible.builtin.template:
        src: "templates/httpd.conf.j2"
        dest: "/etc/httpd/conf.d/{{ http_conf }}"


- name: httpd service enabled
      ansible.builtin.service:
        name: httpd
        enabled: true
        state: restarted


- name: open firewall
      ansible.posix.firewalld:
        service: http
        state: enabled
        immediate: true
        permanent: true
• templates/httpd.conf.j2

<VirtualHost *:{{ http_port }}>
  ServerAdmin webmaster@localhost
  ServerName {{ http_host }}
  ServerAlias www.{{ http_host }}
  ErrorLog /var/log/httpd/error.log
  CustomLog /var/log/httpd/access.log combined
  DocumentRoot "/var/www/{{ http_host }}"
</VirtualHost>

execution

ansible-pilot $ ansible-playbook -i virtualmachines/demo/inventory services/httpd_redhat_vhost.yml
PLAY [setup webserver with vhost] *****************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [httpd installed] ****************************************************************************
changed: [demo.example.com]
TASK [document root exist] ************************************************************************
changed: [demo.example.com]
TASK [custom index.html] **************************************************************************
changed: [demo.example.com]
TASK [setup Apache virtualhost] *******************************************************************
changed: [demo.example.com]
TASK [httpd service enabled] **********************************************************************
changed: [demo.example.com]
TASK [open firewall] ******************************************************************************
changed: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com           : ok=7    changed=6    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
ansible-pilot $

idempotency

ansible-pilot $ ansible-playbook -i virtualmachines/demo/inventory services/httpd_redhat_vhost.yml
PLAY [setup webserver with vhost] *****************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [httpd installed] ****************************************************************************
ok: [demo.example.com]
TASK [document root exist] ************************************************************************
ok: [demo.example.com]
TASK [custom index.html] **************************************************************************
ok: [demo.example.com]
TASK [setup Apache virtualhost] *******************************************************************
ok: [demo.example.com]
TASK [httpd service enabled] **********************************************************************
ok: [demo.example.com]
TASK [open firewall] ******************************************************************************
ok: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com           : ok=7    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
ansible-pilot $

before execution

ansible-pilot $ ssh devops@demo.example.com
Last login: Tue Mar  1 16:49:38 2022 from 192.168.0.59
[devops@demo ~]$ sudo su
[root@demo devops]# cat /etc/os-release 
NAME="Red Hat Enterprise Linux"
VERSION="8.5 (Ootpa)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="8.5"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Red Hat Enterprise Linux 8.5 (Ootpa)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:8::baseos"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://access.redhat.com/documentation/red_hat_enterprise_linux/8/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_BUGZILLA_PRODUCT_VERSION=8.5
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.5"
[root@demo devops]# dnf list httpd
Updating Subscription Management repositories.
Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)            4.7 MB/s |  39 MB     00:08    
Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)               5.2 MB/s |  43 MB     00:08    
Last metadata expiration check: 0:00:01 ago on Tue 01 Mar 2022 04:51:54 PM UTC.
Available Packages
httpd.x86_64       2.4.37-43.module+el8.5.0+13806+b30d9eec.1        rhel-8-for-x86_64-appstream-rpms
[root@demo devops]# rpm -qa | grep httpd
[root@demo devops]# cat /etc/httpd/conf.d/example.com.conf
cat: /etc/httpd/conf.d/example.com.conf: No such file or directory
[root@demo devops]# cat /var/www/example.com/index.html
cat: /var/www/example.com/index.html: No such file or directory
[root@demo devops]# ls -al /var/www/example.com/
ls: cannot access '/var/www/example.com/': No such file or directory
[root@demo devops]# systemctl status httpd
Unit httpd.service could not be found.
[root@demo devops]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: cockpit dhcpv6-client ssh
  ports: 
  protocols: 
  forward: no
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
[root@demo devops]#

after execution

ansible-pilot $ ssh devops@demo.example.com
Last login: Tue Mar  1 15:44:18 2022 from 192.168.0.59
[devops@demo ~]$ sudo su
[root@demo devops]# dnf list httpd
Updating Subscription Management repositories.
Last metadata expiration check: 0:01:21 ago on Tue 01 Mar 2022 03:43:25 PM UTC.
Installed Packages
httpd.x86_64      2.4.37-43.module+el8.5.0+13806+b30d9eec.1       @rhel-8-for-x86_64-appstream-rpms
[root@demo devops]# rpm -qa | grep httpd
httpd-tools-2.4.37-43.module+el8.5.0+13806+b30d9eec.1.x86_64
redhat-logos-httpd-84.5-1.el8.noarch
httpd-filesystem-2.4.37-43.module+el8.5.0+13806+b30d9eec.1.noarch
httpd-2.4.37-43.module+el8.5.0+13806+b30d9eec.1.x86_64
[root@demo devops]# cat /etc/httpd/conf.d/example.com.conf
<VirtualHost *:80>
  ServerAdmin webmaster@localhost
  ServerName example.com
  ServerAlias www.example.com
  ErrorLog /var/log/httpd/error.log
  CustomLog /var/log/httpd/access.log combined
  DocumentRoot "/var/www/example.com"
</VirtualHost>
[root@demo devops]# cat /var/www/example.com/index.html 
Custom Web Page
[root@demo devops]# ls -al /var/www/example.com/
total 4
drwxr-xr-x. 2 apache root 24 Mar  1 15:43 .
drwxr-xr-x. 5 root   root 52 Mar  1 15:43 ..
-rw-r--r--. 1 root   root 16 Mar  1 15:43 index.html
[root@demo devops]# ls -alZ /var/www/example.com/
total 4
drwxr-xr-x. 2 apache root unconfined_u:object_r:httpd_sys_content_t:s0 24 Mar  1 15:43 .
drwxr-xr-x. 5 root   root system_u:object_r:httpd_sys_content_t:s0     52 Mar  1 15:43 ..
-rw-r--r--. 1 root   root system_u:object_r:httpd_sys_content_t:s0     16 Mar  1 15:43 index.html
[root@demo devops]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-03-01 15:43:39 UTC; 2min 20s ago
     Docs: man:httpd.service(8)
 Main PID: 7516 (httpd)
   Status: "Running, listening on: port 80"
    Tasks: 213 (limit: 4952)
   Memory: 25.0M
   CGroup: /system.slice/httpd.service
           ├─7516 /usr/sbin/httpd -DFOREGROUND
           ├─7517 /usr/sbin/httpd -DFOREGROUND
           ├─7518 /usr/sbin/httpd -DFOREGROUND
           ├─7519 /usr/sbin/httpd -DFOREGROUND
           └─7520 /usr/sbin/httpd -DFOREGROUND
Mar 01 15:43:38 demo.example.com systemd[1]: Starting The Apache HTTP Server...
Mar 01 15:43:39 demo.example.com systemd[1]: Started The Apache HTTP Server.
Mar 01 15:43:39 demo.example.com httpd[7516]: Server configured, listening on: port 80
[root@demo devops]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: cockpit dhcpv6-client http ssh
  ports: 
  protocols: 
  forward: no
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
  [root@demo devops]# cat /var/log/httpd/access.log
  192.168.0.59 - - [01/Mar/2022:16:03:58 +0000] "GET / HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:03:58 +0000] "GET /favicon.ico HTTP/1.1" 404 196 "http://demo.example.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:04:02 +0000] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:04:10 +0000] "GET /favicon.ico HTTP/1.1" 404 196 "http://demo.example.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:04:55 +0000] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:04:57 +0000] "-" 408 - "-" "-"
web server apache httpd virtual host on RedHat-like system

code with ❤️ in GitHub

Conclusion

Now you know how to deploy a web server apache httpd virtual host on RedHat-like systems with Ansible.

See also: Deploy Apache HTTPD Container with Podman via Ansible

Related Articles

rendering Jinja2 templates with AnsibleAnsible become guideAnsible inventory groups and variablestouch and modification time via ansible.builtin.file

Category: installation

Watch the video: Configure Apache Vhost on RedHat Using Ansible Playbook — Video Tutorial

Browse all Ansible tutorials · AnsiblePilot Home