
Quack, In the meeting you seem to be astonished the role does not handle rewrite rules and I wanted to comment on that. There are services like Apache or postfix which have a lot of directives, and sometimes to make things worse order matters. In this case it is simply not possible to maintain a solution that would be able to do just ANYTHING. If you added wrappers around these directives then you would have to maintain a lot of code that just bring nothing really to help you in your deployment. So the design of httpd that Misc originally created and was extended is the following: an opinionated way to setup the basics of a web server and vhost configuration, and a way to include extra custom config. Some often used features like redirects, reverse proxying etc are included but they simply cannot handle all possible customization. So what makes the design practical is that with the inclusion system you can add your own Apache rules and either complement what the role does (that's what we're doing for Jenkins) or simply replace it. With that in mind, you can easily extend the role features with companion roles. The httpd role sets important variables (remember _vhost_confdir and httpd_usergroup?) and you do not need to guess were to put files, what user to use for Apache, all is calculated for you depending on your vhost installation and OS too (the Apache user and systemd service name differ from OS to OS for eg.). This way we created roles for specific usage that complement httpd without conflicting: - httpd_php_fpm - httpd_wsgi (for Python) - httpd_passenger (originally for Ruby but Python and NodeJS are supported now) and you can add your own. So this role is old and things like variable names could be improved, the TLS method choice could be set in one practical variable instead of ~3, there's just no way to handle ports other than 80 and 443 at the moment, and do we need to be able to setup local .htpasswd password files nowadays? So it could still be improved but I think the foundation is solid. Anyway, suggestions are welcome :-). \_o<