- name: ensure app group exists group: name: webapp.hlc state: present tags: - group - user - name: ensure app user exists user: name: webapp.hlc group: webapp.hlc home: /srv/www/hatchlearningcenter.org createhome: true state: present tags: - user - name: ensure app home directory permissions are set file: path: /srv/www/hatchlearningcenter.org mode: u=rwx,go=rx state: directory tags: - datadir - name: ensure publisher keys are trusted authorized_key: key: "{{ hlc_publisher_keys|join('\n') }}" user: webapp.hlc exclusive: true tags: - sshkey - name: ensure authorized_keys file permissions are correct file: path: /srv/www/hatchlearningcenter.org/.ssh/authorized_keys mode: u=rw,go= owner: webapp.hlc group: webapp.hlc setype: ssh_home_t tags: - sshkey - name: ensure apache is configured to serve hatchlearningcenter.org copy: src: hatchlearningcenter.org.httpd.conf dest: /etc/httpd/conf.d/hatchlearningcenter.org.conf mode: u=rw,go=r notify: reload httpd tags: - apache-config - name: ensure hatchlearningcenter.org data directory exists file: path: /srv/www/hatchlearningcenter.org/data mode: ug=rwx,o= owner: webapp.hlc group: apache setype: httpd_sys_rw_content_t state: directory tags: - datadir - name: ensure formsubmit is configured hatchlearningcenter.org attendance copy: content: '{{ hlc_formsubmit_attendance|to_nice_yaml(indent=2) }}' dest: /etc/formsubmit/hlc-attendance.yml mode: u=rw,go=r tags: - config - name: ensure formsubmit is configured hatchlearningcenter.org signup copy: content: '{{ hlc_formsubmit_signup|to_nice_yaml(indent=2) }}' dest: /etc/formsubmit/hlc-signup.yml mode: u=rw,go=r tags: - config - name: ensure formsubmit is configured hatchlearningcenter.org summer2024 copy: content: '{{ hlc_formsubmit_summer2024|to_nice_yaml(indent=2) }}' dest: /etc/formsubmit/hlc-summer2024.yml mode: u=rw,go=r tags: - config