Refactor/Role: Merge role httpd_with_php into httpd Roundcube role

Start of roundcube role WIP
merge http

.ansible-lint.yml

@@ -0,0 +1,2 @@
+skip_list:
+  - yaml[line-length]

ANSIBLE/group_vars/all/all.yml

@@ -1,5 +1,6 @@
 svc_acct_name: "ubuntu"
 svc_acct_keys: 
   - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMvM9FL5V14ciT6qOSMx4zk3+K7F1aXQh6YjO+KDu94q hbaxter@telos_digital"
-  - "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAtUHnAtmjQd62/4edYxOCCSviJW7Wjn7TD/6eSYrXtRY87v9bAKYrPbUgWTQL+jMLFGCPzRoQCsEt/BZKoVASYzj9EQAatXFczYiXQQaBHlCEcRwtxYV5A2vjkAAmElwYtYAE8aKxDhFWPIlceB4DZ6x5pzlsztnaZKsLEs6PavEZ6UH/ubou6wSoBOWvFU1TZB1qwBfqD6QlkXJmjz7+Ci1MJSJ8kSAo9lFSPtE98pMfLG/NFAlYJSh4g7+qj8ghIGPFJxmmaHdvw/8+H1nY6kV38q4UoSjv9wnNeG+eOm/Uk8sUC/K9F777APRA4L7MjUrWY0m2fX8rMH+bTU/B1mdW/6o+/ooNXDPIjb6eKNpVC1cS/bP1z8Ki72pg7nbf8GRe3vN9kDj53HsDDzQ2WssOy6kt4Pq6qzUrco//VYQozNrSTfdV98mz1OzEhrq8qONvKz6rvurkne7hbfAcf0SyHM6bi1whzuuNw0gaGu0IoDNpH7HQsIxksRgwvdC9DWKA9V23piafL40OLQhAW1uqpCgO942zCGzCMiEB5OdjY/MakNU9LoQ9VQ2bJGrwLWDvudpzvYeaT70LQpnU9AEiO9fewBfVeFHX/02dFAffShp1hWso76A7Y9v5UaPmPKp/kJlhpQfDvgd6UY1w/MhkAiou9K/wm7bu0fwwZFE= telos@anothermouse.com"
-  - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOnTW/kBQfw/ET5luVvHeWl/tFo1BAJk86UWOGxLbNi30sr4uo+xkNTUvKK2wL+6sRs1MVXH2qxTXa8wG4BfdEZBBOej3I8ci3Yl1fqQV8PB0c/GifP5W1Gj6oZSGvKDAOweV2nr6QUx1BhA9nqg0LZaLt1vaa2d+fgW3R5qT0QKKx5fKEBT95fsjUI99Gi4EAT/VYcmDo/aDyl6crKI+/YRn+0cuq0vLoRpF3rYtBMnqXCobchoooA1W+vZauVh/l5IzgQaN2tTaM9WU8qUUt8j8YaPGMFszX2iZoI1gylF/mSXqP7htxH4KCy0g2AOnnK+8QN6GwHIkOfG6lGu1t nataliia.bobrova.s@gmail.com "
+  - "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEAtUHnAtmjQd62/4edYxOCCSviJW7Wjn7TD/6eSYrXtRY87v9bAKYrPbUgWTQL+jMLFGCPzRoQCsEt/BZKoVASYzj9EQAatXFczYiXQQaBHlCEcRwtxYV5A2vjkAAmElwYtYAE8aKxDhFWPIlceB4DZ6x5pzlsztnaZKsLEs6PavEZ6UH/ubou6wSoBOWvFU1TZB1qwBfqD6QlkXJmjz7+Ci1MJSJ8kSAo9lFSPtE98pMfLG/NFAlYJSh4g7+qj8ghIGPFJxmmaHdvw/8+H1nY6kV38q4UoSjv9wnNeG+eOm/Uk8sUC/K9F777APRA4L7MjUrWY0m2fX8rMH+bTU/B1mdW/6o+/ooNXDPIjb6eKNpVC1cS/bP1z8Ki72pg7nbf8GRe3vN9kDj53HsDDzQ2WssOy6kt4Pq6qzUrco//VYQozNrSTfdV98mz1OzEhrq8qONvKz6rvurkne7hbfAcf0SyHM6bi1whzuuNw0gaGu0IoDNpH7HQsIxksRgwvdC9DWKA9V23piafL40OLQhAW1uqpCgO942zCGzCMiEB5OdjY/MakNU9LoQ9VQ2bJGrwLWDvudpzvYeaT70LQpnU9AEiO9fewBfVeFHX/02dFAffShp1hWso76A7Y9v5UaPmPKp/kJlhpQfDvgd6UY1w/MhkAiou9K/wm7bu0fwwZFE= peter.edmond@telos.digital"
+  - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOnTW/kBQfw/ET5luVvHeWl/tFo1BAJk86UWOGxLbNi30sr4uo+xkNTUvKK2wL+6sRs1MVXH2qxTXa8wG4BfdEZBBOej3I8ci3Yl1fqQV8PB0c/GifP5W1Gj6oZSGvKDAOweV2nr6QUx1BhA9nqg0LZaLt1vaa2d+fgW3R5qT0QKKx5fKEBT95fsjUI99Gi4EAT/VYcmDo/aDyl6crKI+/YRn+0cuq0vLoRpF3rYtBMnqXCobchoooA1W+vZauVh/l5IzgQaN2tTaM9WU8qUUt8j8YaPGMFszX2iZoI1gylF/mSXqP7htxH4KCy0g2AOnnK+8QN6GwHIkOfG6lGu1t nataliia.bobrova.s@gmail.com "
+admin_email: "digital@telospartners.com"

ANSIBLE/group_vars/dev_roundcube/main.yml

@@ -0,0 +1,2 @@
+---
+httpd_php: true

ANSIBLE/group_vars/ubuntu/all.yaml

@@ -0,0 +1 @@
+php_user: ''

ANSIBLE/inventory/telos_digital.yml

@@ -10,3 +10,7 @@ eoq:
 monitor:
   hosts:
     monitor.telos.digital:
+dev_roundcube:
+  hosts:
+    test-webmail.telos.digital:
+      httpd_site_name: 'test-webmail.telos.digital'

ANSIBLE/roles/httpd/defaults/main.yml

@@ -0,0 +1,16 @@
+httpd_site_name: 'default'
+httpd_site_root: '/var/www/html'
+
+httpd_php: false
+httpd_php_version: 8.3
+httpd_php_pkgs:
+  - php
+  - php-fpm
+  - php-cli
+  - php-mysql
+  - php-curl
+  - php-gd
+  - php-mbstring
+  - php-xml
+  - php-zip
+ 

ANSIBLE/roles/httpd/handlers/main.yml

@@ -9,3 +9,7 @@
     name: apache2
     state: restarted
 
+- name: Restart PHP-FPM
+  service:
+    name: php{{ httpd_php_version }}-fpm
+    state: restarted

ANSIBLE/roles/httpd/tasks/main.yml

@@ -1,12 +1,12 @@
 ---
 - name: Install Apache2
-  apt:
+  ansible.builtin.apt:
     name: apache2
     state: present
-    update_cache: yes
+    update_cache: true
 
 - name: Install Certbot and Apache plugin
-  apt:
+  ansible.builtin.apt:
     name:
       - certbot
       - python3-certbot-apache
@@ -14,7 +14,7 @@
 
 - name: Ensure site root exists
   file:
-    path: "{{ site_root }}"
+    path: "{{ httpd_site_root }}"
     state: directory
     owner: www-data
     group: www-data
@@ -22,20 +22,20 @@
 
 - name: Create index.html
   template:
-    src: index.html.j2
-    dest: "{{ site_root }}/index.html"
+    src: httpd/index.html.j2
+    dest: "{{ httpd_site_root }}/index.html"
     owner: www-data
     group: www-data
     mode: '0644'
 
 - name: Create Apache virtual host config
   template:
-    src: vhost.conf.j2
-    dest: /etc/apache2/sites-available/{{ site_name }}.conf
+    src: httpd/vhost.conf.j2
+    dest: "/etc/apache2/sites-available/{{ httpd_site_name }}.conf"
   notify: Reload Apache
 
 - name: Enable site
-  command: a2ensite {{ site_name }}
+  command: "a2ensite {{ httpd_site_name }}"
   notify: Reload Apache
 
 - name: Enable SSL module
@@ -51,9 +51,12 @@
 - name: Obtain Let's Encrypt certificate using certbot
   command: >
     certbot --apache -n --agree-tos --redirect
-    -d {{ site_name }}
+    -d {{ httpd_site_name }}
     --email {{ admin_email }}
   args:
-    creates: /etc/letsencrypt/live/{{ site_name }}/fullchain.pem
+    creates: "/etc/letsencrypt/live/{{ httpd_site_name }}/fullchain.pem"
 
+- name: PHP Application
+  when: httpd_php == true
+  ansible.builtin.include_tasks: php.yml
 

ANSIBLE/roles/httpd/tasks/php.yml

@@ -0,0 +1,32 @@
+---
+- name: Install PHP, PHP-FPM, and common extensions
+  ansible.builtin.apt:
+    name: "{{ httpd_php_pkgs }}"
+    state: present
+    update_cache: true
+- name: Enable Apache modules for PHP-FPM
+  ansible.builtin.command: a2enmod {{ item }}
+  loop:
+    - proxy_fcgi
+    - setenvif
+    - php{{ httpd_php_version }}  # or php8.1 depending on your distro
+  notify: Reload Apache
+  ignore_errors: true  # in case some modules aren't available
+
+- name: Ensure PHP-FPM service is running
+  ansible.builtin.service:
+    name: php{{ httpd_php_version }}-fpm
+    state: started
+    enabled: true
+  when: httpd_php_version is defined
+
+- name: Deploy custom PHP-FPM pool config
+  ansible.builtin.template:
+    src: php/www.conf.j2
+    dest: /etc/php/{{ httpd_php_version }}/fpm/pool.d/www.conf
+    owner: root
+    group: root
+    mode: '0644'
+  notify: Restart PHP-FPM
+
+

ANSIBLE/roles/httpd/templates/httpd/index.html.j2

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Welcome to {{ httpd_site_name }}</title>
+</head>
+<body>
+    <h1>Welcome to {{ httpd_site_name }}</h1>
+    <p>This site is served from: {{ httpd_site_root }}</p>
+</body>
+</html>
+

ANSIBLE/roles/httpd/templates/httpd/vhost.conf.j2

@@ -0,0 +1,14 @@
+<VirtualHost *:80>
+    ServerName {{ httpd_site_name }}
+    DocumentRoot {{ httpd_site_root }}
+
+    <Directory {{ httpd_site_root }}>
+        Options Indexes FollowSymLinks
+        AllowOverride All
+        Require all granted
+    </Directory>
+
+    ErrorLog ${APACHE_LOG_DIR}/{{ httpd_site_name }}_error.log
+    CustomLog ${APACHE_LOG_DIR}/{{ httpd_site_name }}_access.log combined
+</VirtualHost>
+

ANSIBLE/roles/httpd/templates/index.html.j2

@@ -1,12 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <title>Welcome to {{ site_name }}</title>
-</head>
-<body>
-    <h1>Welcome to {{ site_name }}</h1>
-    <p>This site is served from: {{ site_root }}</p>
-</body>
-</html>
-

ANSIBLE/roles/httpd/templates/php/www.conf.j2

@@ -3,7 +3,7 @@
 user = www-data
 group = www-data
 
-listen = /run/php/php{{ php_version }}-fpm.sock
+listen = /run/php/php{{ httpd_php_version }}-fpm.sock
 
 listen.owner = www-data
 listen.group = www-data
@@ -20,7 +20,7 @@ chdir = /
 ; Logging
 catch_workers_output = yes
 ; Uncomment for more detailed error logging
-; php_admin_value[error_log] = /var/log/php{{ php_version }}-fpm.log
+; php_admin_value[error_log] = /var/log/php{{ httpd_php_version }}-fpm.log
 ; php_admin_flag[log_errors] = on
 
 ; Additional PHP configuration values

ANSIBLE/roles/httpd/templates/vhost.conf.j2

@@ -1,14 +0,0 @@
-<VirtualHost *:80>
-    ServerName {{ site_name }}
-    DocumentRoot {{ site_root }}
-
-    <Directory {{ site_root }}>
-        Options Indexes FollowSymLinks
-        AllowOverride All
-        Require all granted
-    </Directory>
-
-    ErrorLog ${APACHE_LOG_DIR}/{{ site_name }}_error.log
-    CustomLog ${APACHE_LOG_DIR}/{{ site_name }}_access.log combined
-</VirtualHost>
-

ANSIBLE/roles/httpd_with_php/handlers/main.yml

@@ -1,16 +0,0 @@
----
-- name: Reload Apache
-  service:
-    name: apache2
-    state: reloaded
-
-- name: Restart Apache
-  service:
-    name: apache2
-    state: restarted
-
-- name: Restart PHP-FPM
-  service:
-    name: php{{ php_version }}-fpm
-    state: restarted
-

ANSIBLE/roles/httpd_with_php/tasks/main.yml

@@ -1,59 +0,0 @@
----
-- name: Install Apache2
-  apt:
-    name: apache2
-    state: present
-    update_cache: yes
-
-- name: Install Certbot and Apache plugin
-  apt:
-    name:
-      - certbot
-      - python3-certbot-apache
-    state: present
-
-- name: Ensure site root exists
-  file:
-    path: "{{ site_root }}"
-    state: directory
-    owner: www-data
-    group: www-data
-    mode: '0755'
-
-- name: Create index.html
-  template:
-    src: index.html.j2
-    dest: "{{ site_root }}/index.html"
-    owner: www-data
-    group: www-data
-    mode: '0644'
-
-- name: Create Apache virtual host config
-  template:
-    src: vhost.conf.j2
-    dest: /etc/apache2/sites-available/{{ site_name }}.conf
-  notify: Reload Apache
-
-- name: Enable site
-  command: a2ensite {{ site_name }}
-  notify: Reload Apache
-
-- name: Enable SSL module
-  command: a2enmod ssl
-  notify: Reload Apache
-
-- name: Ensure Apache is running and enabled
-  service:
-    name: apache2
-    state: started
-    enabled: yes
-
-- name: Obtain Let's Encrypt certificate using certbot
-  command: >
-    certbot --apache -n --agree-tos --redirect
-    -d {{ site_name }}
-    --email {{ admin_email }}
-  args:
-    creates: /etc/letsencrypt/live/{{ site_name }}/fullchain.pem
-
-- import_tasks: php.yml

ANSIBLE/roles/httpd_with_php/tasks/php.yml

@@ -1,42 +0,0 @@
----
-- name: Install PHP, PHP-FPM, and common extensions
-  apt:
-    name:
-      - php
-      - php-fpm
-      - php-cli
-      - php-mysql
-      - php-curl
-      - php-gd
-      - php-mbstring
-      - php-xml
-      - php-zip
-    state: present
-    update_cache: yes
-
-- name: Enable Apache modules for PHP-FPM
-  command: a2enmod {{ item }}
-  loop:
-    - proxy_fcgi
-    - setenvif
-    - php{{ php_version }}  # or php8.1 depending on your distro
-  notify: Reload Apache
-  ignore_errors: yes  # in case some modules aren't available
-
-- name: Ensure PHP-FPM service is running
-  service:
-    name: php{{ php_version }}-fpm
-    state: started
-    enabled: yes
-  when: php_version is defined
-
-- name: Deploy custom PHP-FPM pool config
-  template:
-    src: www.conf.j2
-    dest: /etc/php/{{ php_version }}/fpm/pool.d/www.conf
-    owner: root
-    group: root
-    mode: '0644'
-  notify: Restart PHP-FPM
-
-

ANSIBLE/roles/httpd_with_php/templates/index.html.j2

@@ -1,12 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <title>Welcome to {{ site_name }}</title>
-</head>
-<body>
-    <h1>Welcome to {{ site_name }}</h1>
-    <p>This site is served from: {{ site_root }}</p>
-</body>
-</html>
-

ANSIBLE/roles/httpd_with_php/templates/vhost.conf.j2

@@ -1,14 +0,0 @@
-<VirtualHost *:80>
-    ServerName {{ site_name }}
-    DocumentRoot {{ site_root }}
-
-    <Directory {{ site_root }}>
-        Options Indexes FollowSymLinks
-        AllowOverride All
-        Require all granted
-    </Directory>
-
-    ErrorLog ${APACHE_LOG_DIR}/{{ site_name }}_error.log
-    CustomLog ${APACHE_LOG_DIR}/{{ site_name }}_access.log combined
-</VirtualHost>
-

ANSIBLE/roles/roundcube/defaults/main.yml

@@ -0,0 +1,14 @@
+---
+roundcube_version: '1.6.11'
+roundcube_version_sha256: 'sha256:a230e432065555bfa27bea3fcf4ac672f2359ef28ad84f5945ea3ccf702e7466'
+roundcube_user: 'www-data'
+roundcube_db_dsnw: 'mysql://roundcube:pass@localhost/roundcubemail'
+roundcube_imap_host: 'localhost:143'
+roundcube_smtp_host: 'localhost:587'
+roundcube_support_url: 'support@test.com'
+roundcube_product_name: 'Webmail'
+roundcube_des_key: 'rcmail-!24ByteDESkey*Str'
+roundcube_skin: 'elastic'
+roundcube_enabled_plugins:
+  - archive
+  - zipdownload

ANSIBLE/roles/roundcube/tasks/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Load Roundcube Release
+  ansible.builtin.include_tasks: roundcube-release.yml
+- name: Congigure Roundcube
+  ansible.builtin.include_tasks: roundcube-config.yml

ANSIBLE/roles/roundcube/tasks/roundcube-config.yml

@@ -0,0 +1,12 @@
+---
+- name: Configure Roundcube config.inc.php
+  ansible.builtin.template:
+    src: config/config.inc.php.j2
+    dest: "{{ roundcube_base_dir }}/roundcubemail-{{ roundcube_version }}/config/config.inc.php"
+    mode: '640'
+    owner: "{{ roundcube_user }}"
+- name: Remove Roundcube Installer Dir 
+  ansible.builtin.file:
+    dest: "{{ roundcube_base_dir }}/roundcubemail-{{ roundcube_version }}/installer/"
+    state: absent
+

ANSIBLE/roles/roundcube/tasks/roundcube-release.yml

@@ -0,0 +1,22 @@
+---
+- name: Download Roundcube Archive from GitHub Released Page
+  ansible.builtin.get_url:
+    url: "https://github.com/roundcube/roundcubemail/releases/download/{{ roundcube_version }}/roundcubemail-{{ roundcube_version }}-complete.tar.gz"
+    dest: "/opt/roundcube_{{ roundcube_version }}.tar.gz"
+    checksum: "{{ roundcube_version_sha256 }}"
+    mode: '644'
+    force: false
+- name: Ensure Roundcube Base Dir exsists
+  ansible.builtin.file:
+    dest: "{{ roundcube_base_dir }}"
+    mode: '0755'
+    state: 'directory'
+- name: Unarchive Roundcube release
+  ansible.builtin.unarchive:
+    src: "/opt/roundcube_{{ roundcube_version }}.tar.gz"
+    dest: "{{ roundcube_base_dir }}"
+    creates: "{{ roundcube_base_dir }}/roundcubemail-{{ roundcube_version }}"
+    owner: "{{ roundcube_user }}"
+    group: "{{ roundcube_user }}"
+    remote_src: true
+

ANSIBLE/roles/roundcube/templates/config/config.inc.php.j2

@@ -0,0 +1,67 @@
+<?php
+
+/*
+ +-----------------------------------------------------------------------+
+ | Local configuration for the Roundcube Webmail installation.           |
+ |                                                                       |
+ | This is a sample configuration file only containing the minimum       |
+ | setup required for a functional installation. Copy more options       |
+ | from defaults.inc.php to this file to override the defaults.          |
+ |                                                                       |
+ | This file is part of the Roundcube Webmail client                     |
+ | Copyright (C) The Roundcube Dev Team                                  |
+ |                                                                       |
+ | Licensed under the GNU General Public License version 3 or            |
+ | any later version with exceptions for skins & plugins.                |
+ | See the README file for a full license statement.                     |
+ +-----------------------------------------------------------------------+
+*/
+
+$config = [];
+
+// Database connection string (DSN) for read+write operations
+// Format (compatible with PEAR MDB2): db_provider://user:password@host/database
+// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle
+// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
+// NOTE: for SQLite use absolute path (Linux): 'sqlite:////full/path/to/sqlite.db?mode=0646'
+//       or (Windows): 'sqlite:///C:/full/path/to/sqlite.db'
+$config['db_dsnw'] = '{{ roundcube_db_dsnw }}';
+
+// IMAP host chosen to perform the log-in.
+// See defaults.inc.php for the option description.
+$config['imap_host'] = '{{ roundcube_imap_host }}';
+
+// SMTP server host (for sending mails).
+// See defaults.inc.php for the option description.
+$config['smtp_host'] = '{{ roundcube_smtp_host }}';
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$config['smtp_user'] = '%u';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$config['smtp_pass'] = '%p';
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$config['support_url'] = '{{ roundcube_support_url }}';
+
+// Name your service. This is displayed on the login screen and in the window title
+$config['product_name'] = '{{ roundcube_product_name }}';
+
+// This key is used to encrypt the users imap password which is stored
+// in the session record. For the default cipher method it must be
+// exactly 24 characters long.
+// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
+$config['des_key'] = '{{ roundcube_des_key }}';
+
+// List of active plugins (in plugins/ directory)
+$config['plugins'] = [
+{% for plugin in roundcube_enabled_plugins %}
+    '{{ plugin }}',
+{% endfor %}
+];
+
+// skin name: folder from skins/
+$config['skin'] = '{{ roundcube_skin }}';

ANSIBLE/roles/roundcube/vars/main.yml

@@ -0,0 +1,2 @@
+---
+roundcube_base_dir: "/srv/roundcube"

ANSIBLE/roles/svc_acct/tasks/main.yml

@@ -8,7 +8,7 @@
 - name: Wheel Group
   when: ansible_facts['os_family'] == "RedHat"
   ansible.builtin.user:
-    name: servicelink
+    name: "{{ svc_acct_name }}"
     groups: wheel
     append: true
 - name: Sudo Group
@@ -17,13 +17,13 @@
     name: "{{ svc_acct_name }}"
     groups: sudo
     append: true
-- name: Make servicelink sudo Passwordless
+- name: "Make sudo passwordless for {{ svc_acct_name }}"
   ansible.builtin.lineinfile:
     path: /etc/sudoers
     state: present
     line: "{{ svc_acct_name }}  ALL=(ALL)       NOPASSWD: ALL"
     validate: /usr/sbin/visudo -cf %s
-- name: "Make .ssh  dir"
+- name: "Create or fix ~/.ssh dir"
   ansible.builtin.file:
     path: "/home/{{ svc_acct_name }}/.ssh/"
     state: directory
@@ -37,7 +37,7 @@
     owner: "{{ svc_acct_name }}"
     group: "{{ svc_acct_name }}"
     mode: "0600"
-- name: Add Publickey
+- name: Add Publickeys
   ansible.builtin.lineinfile:
     path: "/home//{{ svc_acct_name }}/.ssh/authorized_keys"
     line: "{{ item }}"

ANSIBLE/roundcube.yml

@@ -0,0 +1,9 @@
+---
+- name: Install http php and mariadb
+  hosts: dev_roundcube
+  become: true
+  gather_facts: true
+  roles:
+#    - httpd_with_php
+    - roundcube
+    - svc_acct