Role Detail

geerlingguy.htpasswd

htpasswd installation and helper role for Linux servers.
Downloads
5
Type Ansible
Minimum Ansible Version 2.4
Installation $ ansible-galaxy install geerlingguy.htpasswd
Tags
apache
authentication
basic
htaccess
htpasswd
http
nginx
security
system
web
webserver
Last Commit
Last Imported
Version History
Version Release Date
1.0.0
OS Platforms
Platform Version
Debian buster
Debian etch
Debian jessie
Debian lenny
Debian sid
Debian squeeze
Debian stretch
Debian wheezy
EL 6
EL 7
Fedora 16
Fedora 17
Fedora 18
Fedora 19
Fedora 20
Fedora 21
Fedora 22
Fedora 23
Fedora 24
Fedora 25
Fedora 26
Fedora 27
Fedora 28
Ubuntu artful
Ubuntu bionic
Ubuntu lucid
Ubuntu maverick
Ubuntu natty
Ubuntu oneiric
Ubuntu precise
Ubuntu quantal
Ubuntu raring
Ubuntu saucy
Ubuntu trusty
Ubuntu utopic
Ubuntu vivid
Ubuntu wily
Ubuntu xenial
Ubuntu yakkety
Ubuntu zesty
Last 10 Imports
Completed Status
SUCCESS
SUCCESS
SUCCESS
SUCCESS
SUCCESS
SUCCESS
SUCCESS
SUCCESS
SUCCESS
SUCCESS

Ansible Role: htpasswd

Build Status

An Ansible Role that installs htpasswd and allows easy configuration of htpasswd authentication files and credentials (used for HTTP basic authentication with webservers like Apache and Nginx) on Linux-based servers.

Requirements

None.

Role Variables

Available variables are listed below, along with default values (see defaults/main.yml):

htpasswd_credentials:
  - path: /etc/nginx/passwdfile
    name: johndoe
    password: 'supersecure'
    owner: root
    group: www-data
    mode: 'u+rw,g+r'

  - path: /etc/apache2/passwdfile
    name: janedoe
    password: 'supersecure'
    owner: root
    group: www-data
    mode: 'u+rw,g+r'

A list of credentials to be generated (or removed) in the respective files defined by the path key for each dict. All parameters except mode are required (mode defaults to 'u+rw,g+r' (0640 in octal)).

Dependencies

None.

Example Playbooks

Apache Example

---
- hosts: apache-server

  vars:
    htpasswd_credentials:
      - path: /etc/apache-passwdfile
        name: johndoe
        password: 'supersecure'
        owner: root
        group: www-data
        mode: 'u+rw,g+r'

    apache_remove_default_vhost: True
    apache_vhosts:
      - listen: "80"
        servername: "htpassword.test"
        documentroot: "/var/www/html"
        extra_parameters: |
              <Directory "/var/www/html">
                  AuthType Basic
                  AuthName "Apache with basic auth."
                  AuthUserFile /etc/apache-passwdfile
                  Require valid-user
              </Directory>

  pre_tasks:
    - name: Update apt cache.
      apt: update_cache=yes cache_valid_time=600
      when: ansible_os_family == 'Debian'

  roles:
    - geerlingguy.apache
    - geerlingguy.htpasswd

Nginx Example

---
- hosts: nginx-server

  vars:
    htpasswd_credentials:
      - path: /etc/nginx/passwdfile
        name: johndoe
        password: 'supersecure'
        owner: root
        group: www-data
        mode: 'u+rw,g+r'

    nginx_remove_default_vhost: True
    nginx_vhosts:
      - listen: "80"
        server_name: "htpassword.test"
        root: "/var/www/html"
        index: "index.html index.html index.nginx-debian.html"
        filename: "htpassword.test.conf"
        extra_parameters: |
              location / {
                  auth_basic           "Nginx with basic auth.";
                  auth_basic_user_file /etc/nginx/passwdfile;
              }

  pre_tasks:
    - name: Update apt cache.
      apt: update_cache=yes cache_valid_time=600
      when: ansible_os_family == 'Debian'

  roles:
    - geerlingguy.apache
    - geerlingguy.htpasswd

License

MIT / BSD

Author Information

This role was created in 2018 by Jeff Geerling, author of Ansible for DevOps.

None