From f40fe331fd38f83a8989eb02b0138c8137a37eec Mon Sep 17 00:00:00 2001
From: Lars Beckers <lars.beckers@rwth-aachen.de>
Date: Thu, 13 Dec 2018 20:48:06 +0100
Subject: [PATCH] webserver: blacklist apache2

---
 webserver/files/pin-apache.conf |  3 +++
 webserver/tasks/main.yml        | 16 ++++++++++++++++
 2 files changed, 19 insertions(+)
 create mode 100644 webserver/files/pin-apache.conf

diff --git a/webserver/files/pin-apache.conf b/webserver/files/pin-apache.conf
new file mode 100644
index 0000000..6d7fa12
--- /dev/null
+++ b/webserver/files/pin-apache.conf
@@ -0,0 +1,3 @@
+Package: apache2
+Pin: release *
+Pin-Priority: -1
diff --git a/webserver/tasks/main.yml b/webserver/tasks/main.yml
index 8167e3c..b319a83 100644
--- a/webserver/tasks/main.yml
+++ b/webserver/tasks/main.yml
@@ -231,3 +231,19 @@
   tags:
     - nginx
     - webservices
+
+- name: ensure we can store apt preferences
+  file:
+    state: directory
+    path: /etc/apt/preferences.d
+  tags:
+    - nginx
+    - webservices
+
+- name: ensure nobody tries to depend on apache
+  copy:
+    src: pin-apache.conf
+    dest: /etc/apt/preferences.d/apache2
+  tags:
+    - nginx
+    - webservices
-- 
GitLab