feat: add AlmaLinux support, MPM selection, and modernize role

.gitignore

@@ -0,0 +1,21 @@
+# macOS
+.DS_Store
+
+# Editors
+.vscode/
+*.swp
+*.swo
+*~
+
+# Claude
+.claude/
+
+# Python
+*.pyc
+__pycache__/
+*.egg-info/
+.venv/
+venv/
+
+# Ansible
+*.retry

README.md

@@ -6,9 +6,15 @@ Ansible Role for Apache
 Requirements
 ------------
 
-This role require Ansible 2.0 or higher.
+This role requires Ansible 2.10 or higher.
 
-This role was designed for CentOS 6.x or CentOS 7.x
+Supported Platforms
+-------------------
+
+- AlmaLinux 9, 10
+- Amazon Linux 1, 2, 2023
+- CentOS 6, 7
+- Oracle Linux 6, 7
 
 Role Variables
 --------------

VERSION.md

@@ -1,3 +1,14 @@
+v1.0.0
+---------------------------
+- Add AlmaLinux 9 and 10 support
+- Add MPM selection support (prefork, worker, event) for all Apache 2.4 distros
+- Add apache_modular_config variable to replace brittle version checks in templates
+- Modernize Ansible syntax: FQCNs, YAML dict syntax, quoted file modes
+- Switch from ansible.builtin.yum to ansible.builtin.package for broad distro compatibility
+- Remove lock_timeout from package tasks
+- Update httpd.conf to use Apache 2.4 directive names (MaxRequestWorkers, MaxConnectionsPerChild)
+- Bump minimum Ansible version to 2.10
+
 v0.3.0
 ---------------------------
 Significant changes for OracleLinux - Use HTTPD24 packages from Oracle Software Collection instead of httpd

defaults/main.yml

@@ -3,6 +3,9 @@
 #httpd service name
 apache_httpd_service: httpd
 
+# Whether the distro uses conf.modules.d/ and Apache 2.4 conventions
+apache_modular_config: true
+
 # This will need to be increased substantially for forward-facing production applications
 apache_max_clients: 50
 

handlers/main.yml

@@ -1,7 +1,11 @@
 ---
 # handlers for httpd
 - name: reload httpd
-  service: name="{{ apache_httpd_service }}" state=reloaded
+  ansible.builtin.service:
+    name: "{{ apache_httpd_service }}"
+    state: reloaded
 
 - name: restart httpd
-  service: name="{{ apache_httpd_service }}" state=restarted
+  ansible.builtin.service:
+    name: "{{ apache_httpd_service }}"
+    state: restarted

meta/main.yml

@@ -1,14 +1,27 @@
 ---
 
 galaxy_info:
-  author: Rhythmic Operations <opsteam@rhythmictech.com>
+  author: Rhythmic Open Source <opensource@rhythmictech.com>
   description: Ansible Role for Apache management
   company: Rhythmic Technologies, Inc.
   license: Proprietary
-  min_ansible_version: 2.0
+  min_ansible_version: 2.10
   platforms:
+    - name: Amazon
+      versions:
+        - "1"
+        - "2"
+        - "2023"
     - name: CentOS
       versions:
         - "6"
         - "7"
+    - name: OracleLinux
+      versions:
+        - "6"
+        - "7"
+    - name: AlmaLinux
+      versions:
+        - "9"
+        - "10"
 dependencies: []

tasks/main.yml

@@ -1,86 +1,86 @@
 ---
 # compat for amazon linux
-- set_fact: ansible_distribution_major_version=1
+- name: Set Amazon Linux 1 major version
+  ansible.builtin.set_fact:
+    ansible_distribution_major_version: "1"
   when: ansible_distribution == "Amazon" and ansible_distribution_major_version == "NA"
   tags: ['apache']
 
 - name: Include OS and Version specific variables
-  include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
+  ansible.builtin.include_vars: "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
   tags: ['apache']
 
 - name: Include Oracle Linux 7 specific pre-install tasks
-  include_tasks: preinstall-oracle.yml
+  ansible.builtin.include_tasks: preinstall-oracle.yml
   when: ansible_distribution == "OracleLinux" and ansible_distribution_major_version == "7"
   tags: ['apache']
 
 # tasks for apache
-- name: ensure apache packages are installed
-  yum:
+- name: Ensure apache packages are installed
+  ansible.builtin.package:
     name: "{{ apache_packages }}"
     state: present
-    lock_timeout: 180
   tags: ['apache']
 
-- name: ensure apache collectd packages are installed
-  yum:
+- name: Ensure apache collectd packages are installed
+  ansible.builtin.package:
     name:
       - collectd-apache
     state: present
-    lock_timeout: 180
   when: apache_collectd_enable
   tags: ['apache']
 
-- name: ensure the base httpd config is in place
-  template:
+- name: Ensure the base httpd config is in place
+  ansible.builtin.template:
     src: "{{ apache_httpd_conf_template }}"
     dest: "{{ apache_httpd_conf_base }}/conf/httpd.conf"
     owner: root
     group: apache
-    mode: 0640
+    mode: "0640"
   notify: reload httpd
   tags: ['apache']
 
-- name: ensure the mpm config is in place
-  template:
+- name: Ensure the mpm config is in place
+  ansible.builtin.template:
     src: "etc.httpd.conf.modules.d.00-mpm.conf.j2"
     dest: "{{ apache_httpd_conf_base }}/conf.modules.d/00-mpm.conf"
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   notify: restart httpd
-  when: ansible_distribution_major_version == "7" or ( ansible_distribution == 'Amazon' and ansible_distribution_major_version == "2" )
+  when: apache_modular_config
   tags: ['apache']
 
-- name: ensure mod_autoindex is disabled
-  copy:
+- name: Ensure mod_autoindex is disabled
+  ansible.builtin.copy:
     content: "# This file intentionally left blank"
     dest: "{{ apache_httpd_conf_base }}/conf.d/autoindex.conf"
   notify: restart httpd
   tags: ['apache']
 
-- name: ensure the collectd httpd config is in place
-  template:
+- name: Ensure the collectd httpd config is in place
+  ansible.builtin.template:
     src: "etc.collectd.d.apache.conf.j2"
     dest: "/etc/collectd.d/apache.conf"
     owner: root
     group: apache
-    mode: 0640
+    mode: "0640"
   when: apache_collectd_enable
   tags: ['collectd', 'apache']
 
-- name: ensure httpd is running and enabled
-  service: 
+- name: Ensure httpd is running and enabled
+  ansible.builtin.service:
     name: "{{ apache_httpd_service }}"
     state: started
     enabled: true
   tags: ['apache']
 
-- name: ensure the logrotate config is in place
-  template:
+- name: Ensure the logrotate config is in place
+  ansible.builtin.template:
     src: "etc.logrotate.d.httpd.j2"
     dest: "/etc/logrotate.d/httpd"
     owner: root
     group: root
-    mode: 0640
+    mode: "0640"
   when: apache_enable_logrotate
-  tags: ['logrotate', 'apache']
+  tags: ['logrotate', 'apache']

tasks/preinstall-oracle.yml

@@ -1,7 +1,7 @@
-  - name: install Oracle EL7 SCL repo
-    yum:
-      name:
-        - scl-utils
-        - oracle-softwarecollection-release-el7
-      state: present
-    tags: ['apache']
+- name: Install Oracle EL7 SCL repo
+  ansible.builtin.package:
+    name:
+      - scl-utils
+      - oracle-softwarecollection-release-el7
+    state: present
+  tags: ['apache']

templates/etc.httpd.conf.httpd.conf.j2

@@ -10,7 +10,7 @@ User                    apache
 Group                   apache
 
 # Modules
-{% if ansible_distribution_major_version in ['7','2','2023'] %}
+{% if apache_modular_config %}
 Include                 conf.modules.d/*.conf
 {% else %}
 LoadModule              authz_default_module modules/mod_authz_default.so
@@ -41,24 +41,43 @@ KeepAliveTimeout        5
 ## KEEPALIVES DISABLED FOR THIS SERVER
 {% endif %}
 
-<IfModule prefork.c>
-StartServers            25
-MinSpareServers         25
-MaxSpareServers         50
-ServerLimit             {{ apache_max_clients }}
-MaxClients              {{ apache_max_clients }}
-MaxRequestsPerChild     50
+{% if apache_modular_config %}
+<IfModule mpm_prefork_module>
+    StartServers            25
+    MinSpareServers         25
+    MaxSpareServers         50
+    ServerLimit             {{ apache_max_clients }}
+    MaxRequestWorkers       {{ apache_max_clients }}
+    MaxConnectionsPerChild  50
+</IfModule>
+
+<IfModule mpm_worker_module>
+    StartServers            2
+    ServerLimit             16
+    MinSpareThreads         75
+    MaxSpareThreads         250
+    ThreadsPerChild         25
+    MaxRequestWorkers       {{ apache_max_clients }}
+    MaxConnectionsPerChild  10000
 </IfModule>
 
-{% if ansible_distribution_major_version == '7' or ansible_distribution_major_version == '2'  %}
-<IfModule event.c>
-StartServers 2
-ServerLimit 16
-MinSpareThreads 75
-MaxSpareThreads 250
-ThreadsPerChild 25
-MaxRequestWorkers {{ apache_max_clients }}
-MaxConnectionsPerChild 10000
+<IfModule mpm_event_module>
+    StartServers            2
+    ServerLimit             16
+    MinSpareThreads         75
+    MaxSpareThreads         250
+    ThreadsPerChild         25
+    MaxRequestWorkers       {{ apache_max_clients }}
+    MaxConnectionsPerChild  10000
+</IfModule>
+{% else %}
+<IfModule prefork.c>
+    StartServers            25
+    MinSpareServers         25
+    MaxSpareServers         50
+    ServerLimit             {{ apache_max_clients }}
+    MaxClients              {{ apache_max_clients }}
+    MaxRequestsPerChild     50
 </IfModule>
 {% endif %}
 
@@ -70,7 +89,7 @@ EnableSendfile on
 # Response Control
 AddDefaultCharset       UTF-8
 TypesConfig             /etc/mime.types
-{% if ansible_distribution_major_version != '7' and ansible_distribution_major_version != '2' %}
+{% if not apache_modular_config %}
 DefaultType             text/plain
 {% endif %}
 MIMEMagicFile           conf/magic
@@ -166,7 +185,7 @@ LogFormat "{ \
   }" json-proxy
 
 
-{% if ansible_distribution_major_version == '6' %}
+{% if not apache_modular_config %}
 NameVirtualHost *:{{ apache_server_listen_port }}
 {% endif %}
 

templates/etc.logrotate.d.httpd.j2

@@ -10,7 +10,7 @@
     daily
     rotate {{ apache_logrotate_days }}
     postrotate
-{% if ansible_distribution_major_version in ['7','2','2023'] %}
+{% if apache_modular_config %}
         /bin/systemctl reload httpd.service > /dev/null 2>/dev/null || true
 {% else %}
         /sbin/service httpd reload > /dev/null 2>/dev/null || true

vars/AlmaLinux-10.yml

@@ -0,0 +1,6 @@
+apache_httpd_conf_base: "/etc/httpd"
+apache_httpd_conf_template: "etc.httpd.conf.httpd.conf.j2"
+apache_httpd_service: httpd
+apache_modular_config: true
+apache_packages:
+  - httpd

vars/AlmaLinux-9.yml

@@ -0,0 +1,6 @@
+apache_httpd_conf_base: "/etc/httpd"
+apache_httpd_conf_template: "etc.httpd.conf.httpd.conf.j2"
+apache_httpd_service: httpd
+apache_modular_config: true
+apache_packages:
+  - httpd

vars/Amazon-1.yml

@@ -1,5 +1,6 @@
 apache_httpd_conf_base: "/etc/httpd"
 apache_httpd_conf_template: "etc.httpd.conf.httpd.conf.j2"
 apache_httpd_service: httpd
-apache_packages: 
+apache_modular_config: false
+apache_packages:
   - httpd

vars/Amazon-2.yml

@@ -1,5 +1,6 @@
 apache_httpd_conf_base: "/etc/httpd"
 apache_httpd_conf_template: "etc.httpd.conf.httpd.conf.j2"
 apache_httpd_service: httpd
-apache_packages: 
+apache_modular_config: true
+apache_packages:
   - httpd

vars/Amazon-2023.yml

@@ -1,5 +1,6 @@
 apache_httpd_conf_base: "/etc/httpd"
 apache_httpd_conf_template: "etc.httpd.conf.httpd.conf.j2"
 apache_httpd_service: httpd
-apache_packages: 
+apache_modular_config: true
+apache_packages:
   - httpd

vars/CentOS-6.yml

@@ -1,5 +1,6 @@
 apache_httpd_conf_base: "/etc/httpd"
 apache_httpd_conf_template: "etc.httpd.conf.httpd.conf.j2"
 apache_httpd_service: httpd
-apache_packages: 
+apache_modular_config: false
+apache_packages:
   - httpd

vars/CentOS-7.yml

@@ -1,5 +1,6 @@
 apache_httpd_conf_base: "/etc/httpd"
 apache_httpd_conf_template: "etc.httpd.conf.httpd.conf.j2"
 apache_httpd_service: httpd
-apache_packages: 
+apache_modular_config: true
+apache_packages:
   - httpd

vars/OracleLinux-6.yml

@@ -1,5 +1,6 @@
 apache_httpd_conf_base: "/etc/httpd"
 apache_httpd_conf_template: "etc.httpd.conf.httpd.conf.j2"
 apache_httpd_service: httpd
-apache_packages: 
+apache_modular_config: false
+apache_packages:
   - httpd