Ansible Pilot

Deploy a web server apache httpd virtualhost on RedHat-like systems - Ansible modules yum, file, copy, template, service and firewalld

How to automate the deployment of a web server apache httpd virtual host "example.com" on RedHat-like systems with custom web page taking care of downloading, installing, and enabling the service instantly and on boot and open the relevant firewall ports with Ansible modules yum, file, copy, template, service, and firewalld. CentOS, Fedora, RockyLinux, AlmaLinux, Amazon Linux all the similar distributions.

March 1, 2022
Access the Complete Video Course and Learn Quick Ansible by 200+ Practical Lessons

How to deploy a webserver apache httpd virtual host on RedHat-like systems with Ansible?

I’m going to show you a live demo with some simple Ansible code. This demo is quick and dirty but shows you the basics of Ansible automation technology that you could use in your System Administrator every day. I’m Luca Berton and welcome to today’s episode of Ansible Pilot.

Deploy a web server apache httpd virtualhost on RedHat-like systems

Today we’re talking about how to Deploy a web server apache httpd on RedHat-like Linux systems. The full process requires six steps that you could automate with different Ansible modules. Firstly you need to install the httpd package and dependency using the ansible.builtin.yum Ansible module. Secondly, you need to create the document root with the right permission with the ansible.builtin.file module. Thirsty, you need to create the custom index.html with ansible.builtin.copy Ansible module. You could upgrade this step using the template module. Fourthly, you need to set up Apache configuration for the specific virtual host using the ansible.builtin.template module. Fifthly, you need to start the httpd service and enable it on boot and all the dependant using the ansible.builtin.service Ansible module. Sixthly you need to open the relevant firewall service-related ports using the ansible.posix.firewalld Ansible module.

The Best Resources For Ansible

Certifications

Video Course

Printed Book

eBooks

demo

Deploy a web server apache httpd virtual host on RedHat-like systems with Ansible Playbook.

code

---
- name: setup webserver with vhost
  hosts: all
  become: true
  vars:
    app_user: "apache"
    http_host: "example.com"
    http_conf: "example.com.conf"
    http_port: "80"
  tasks:
    - name: httpd installed
      ansible.builtin.yum:
        name: httpd
        state: latest

    - name: document root exist
      ansible.builtin.file:
        path: "/var/www/{{ http_host }}"
        state: directory
        owner: "{{ app_user }}"
        mode: '0755'
        setype: "httpd_sys_content_t"

    - name: custom index.html
      ansible.builtin.copy:
        dest: "/var/www/{{ http_host }}/index.html"
        content: |
          Custom Web Page          

    - name: setup Apache virtualhost
      ansible.builtin.template:
        src: "templates/httpd.conf.j2"
        dest: "/etc/httpd/conf.d/{{ http_conf }}"

    - name: httpd service enabled
      ansible.builtin.service:
        name: httpd
        enabled: true
        state: restarted

    - name: open firewall
      ansible.posix.firewalld:
        service: http
        state: enabled
        immediate: true
        permanent: true
<VirtualHost *:{{ http_port }}>
  ServerAdmin webmaster@localhost
  ServerName {{ http_host }}
  ServerAlias www.{{ http_host }}
  ErrorLog /var/log/httpd/error.log
  CustomLog /var/log/httpd/access.log combined
  DocumentRoot "/var/www/{{ http_host }}"
</VirtualHost>

execution

ansible-pilot $ ansible-playbook -i virtualmachines/demo/inventory services/httpd_redhat_vhost.yml
PLAY [setup webserver with vhost] *****************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [httpd installed] ****************************************************************************
changed: [demo.example.com]
TASK [document root exist] ************************************************************************
changed: [demo.example.com]
TASK [custom index.html] **************************************************************************
changed: [demo.example.com]
TASK [setup Apache virtualhost] *******************************************************************
changed: [demo.example.com]
TASK [httpd service enabled] **********************************************************************
changed: [demo.example.com]
TASK [open firewall] ******************************************************************************
changed: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com           : ok=7    changed=6    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
ansible-pilot $

idempotency

ansible-pilot $ ansible-playbook -i virtualmachines/demo/inventory services/httpd_redhat_vhost.yml
PLAY [setup webserver with vhost] *****************************************************************
TASK [Gathering Facts] ****************************************************************************
ok: [demo.example.com]
TASK [httpd installed] ****************************************************************************
ok: [demo.example.com]
TASK [document root exist] ************************************************************************
ok: [demo.example.com]
TASK [custom index.html] **************************************************************************
ok: [demo.example.com]
TASK [setup Apache virtualhost] *******************************************************************
ok: [demo.example.com]
TASK [httpd service enabled] **********************************************************************
ok: [demo.example.com]
TASK [open firewall] ******************************************************************************
ok: [demo.example.com]
PLAY RECAP ****************************************************************************************
demo.example.com           : ok=7    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
ansible-pilot $

before execution

ansible-pilot $ ssh [email protected]
Last login: Tue Mar  1 16:49:38 2022 from 192.168.0.59
[devops@demo ~]$ sudo su
[root@demo devops]# cat /etc/os-release 
NAME="Red Hat Enterprise Linux"
VERSION="8.5 (Ootpa)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="8.5"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Red Hat Enterprise Linux 8.5 (Ootpa)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:8::baseos"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://access.redhat.com/documentation/red_hat_enterprise_linux/8/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_BUGZILLA_PRODUCT_VERSION=8.5
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.5"
[root@demo devops]# dnf list httpd
Updating Subscription Management repositories.
Red Hat Enterprise Linux 8 for x86_64 - AppStream (RPMs)            4.7 MB/s |  39 MB     00:08    
Red Hat Enterprise Linux 8 for x86_64 - BaseOS (RPMs)               5.2 MB/s |  43 MB     00:08    
Last metadata expiration check: 0:00:01 ago on Tue 01 Mar 2022 04:51:54 PM UTC.
Available Packages
httpd.x86_64       2.4.37-43.module+el8.5.0+13806+b30d9eec.1        rhel-8-for-x86_64-appstream-rpms
[root@demo devops]# rpm -qa | grep httpd
[root@demo devops]# cat /etc/httpd/conf.d/example.com.conf
cat: /etc/httpd/conf.d/example.com.conf: No such file or directory
[root@demo devops]# cat /var/www/example.com/index.html
cat: /var/www/example.com/index.html: No such file or directory
[root@demo devops]# ls -al /var/www/example.com/
ls: cannot access '/var/www/example.com/': No such file or directory
[root@demo devops]# systemctl status httpd
Unit httpd.service could not be found.
[root@demo devops]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: cockpit dhcpv6-client ssh
  ports: 
  protocols: 
  forward: no
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
[root@demo devops]#

after execution

ansible-pilot $ ssh [email protected]
Last login: Tue Mar  1 15:44:18 2022 from 192.168.0.59
[devops@demo ~]$ sudo su
[root@demo devops]# dnf list httpd
Updating Subscription Management repositories.
Last metadata expiration check: 0:01:21 ago on Tue 01 Mar 2022 03:43:25 PM UTC.
Installed Packages
httpd.x86_64      2.4.37-43.module+el8.5.0+13806+b30d9eec.1       @rhel-8-for-x86_64-appstream-rpms
[root@demo devops]# rpm -qa | grep httpd
httpd-tools-2.4.37-43.module+el8.5.0+13806+b30d9eec.1.x86_64
redhat-logos-httpd-84.5-1.el8.noarch
httpd-filesystem-2.4.37-43.module+el8.5.0+13806+b30d9eec.1.noarch
httpd-2.4.37-43.module+el8.5.0+13806+b30d9eec.1.x86_64
[root@demo devops]# cat /etc/httpd/conf.d/example.com.conf
<VirtualHost *:80>
  ServerAdmin webmaster@localhost
  ServerName example.com
  ServerAlias www.example.com
  ErrorLog /var/log/httpd/error.log
  CustomLog /var/log/httpd/access.log combined
  DocumentRoot "/var/www/example.com"
</VirtualHost>
[root@demo devops]# cat /var/www/example.com/index.html 
Custom Web Page
[root@demo devops]# ls -al /var/www/example.com/
total 4
drwxr-xr-x. 2 apache root 24 Mar  1 15:43 .
drwxr-xr-x. 5 root   root 52 Mar  1 15:43 ..
-rw-r--r--. 1 root   root 16 Mar  1 15:43 index.html
[root@demo devops]# ls -alZ /var/www/example.com/
total 4
drwxr-xr-x. 2 apache root unconfined_u:object_r:httpd_sys_content_t:s0 24 Mar  1 15:43 .
drwxr-xr-x. 5 root   root system_u:object_r:httpd_sys_content_t:s0     52 Mar  1 15:43 ..
-rw-r--r--. 1 root   root system_u:object_r:httpd_sys_content_t:s0     16 Mar  1 15:43 index.html
[root@demo devops]# systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2022-03-01 15:43:39 UTC; 2min 20s ago
     Docs: man:httpd.service(8)
 Main PID: 7516 (httpd)
   Status: "Running, listening on: port 80"
    Tasks: 213 (limit: 4952)
   Memory: 25.0M
   CGroup: /system.slice/httpd.service
           ├─7516 /usr/sbin/httpd -DFOREGROUND
           ├─7517 /usr/sbin/httpd -DFOREGROUND
           ├─7518 /usr/sbin/httpd -DFOREGROUND
           ├─7519 /usr/sbin/httpd -DFOREGROUND
           └─7520 /usr/sbin/httpd -DFOREGROUND
Mar 01 15:43:38 demo.example.com systemd[1]: Starting The Apache HTTP Server...
Mar 01 15:43:39 demo.example.com systemd[1]: Started The Apache HTTP Server.
Mar 01 15:43:39 demo.example.com httpd[7516]: Server configured, listening on: port 80
[root@demo devops]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0 eth1
  sources: 
  services: cockpit dhcpv6-client http ssh
  ports: 
  protocols: 
  forward: no
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
  [root@demo devops]# cat /var/log/httpd/access.log
  192.168.0.59 - - [01/Mar/2022:16:03:58 +0000] "GET / HTTP/1.1" 200 17 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:03:58 +0000] "GET /favicon.ico HTTP/1.1" 404 196 "http://demo.example.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:04:02 +0000] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:04:10 +0000] "GET /favicon.ico HTTP/1.1" 404 196 "http://demo.example.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:04:55 +0000] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15"
  192.168.0.59 - - [01/Mar/2022:16:04:57 +0000] "-" 408 - "-" "-"

web server apache httpd virtual host on RedHat-like system

code with ❤️ in GitHub

Recap

Now you know how to deploy a web server apache httpd virtual host on RedHat-like systems with Ansible. Subscribe to the YouTube channel, Medium, and Website, X (formerly Twitter) to not miss the next episode of the Ansible Pilot.

Academy

Learn the Ansible automation technology with some real-life examples in my

My book Ansible By Examples: 200+ Automation Examples For Linux and Windows System Administrator and DevOps

BUY the Complete PDF BOOK to easily Copy and Paste the 250+ Ansible code

Want to keep this project going? Please donate

Access the Complete Video Course and Learn Quick Ansible by 200+ Practical Lessons
Follow me

Subscribe not to miss any new releases