Need to support multiple users for basic http auth

[dale-c-anderson]

In some cases, we need to have multiple users set up to access a given virtual host. The role currently only supports a single user.

Ideally, we'd like to be able to specify something like:

http_auth_users:
 - username: foo
   password: <vault-encrypted string>
 - username: bar
   password: <vault-encrypted string>
   state: absent   # "present" would be the default, but we need to allow for removal.

for a given vhost, and then the role could loop over these and add or remove them as specified.

If there's a clever way to keep supporting the old single user method, while implementing multi users, that would be ideal, but more likely we'll have to support both ways of specifying users for a while and deprecate the single user way. (i.e. dont forget to handle

ansible-role-virtual-host/templates/etc/nginx/includes/ACCOUNT-PROJECT.core.conf.j2

Line 8 in 7e2955b

{% elif require_http_auth == true

)

[dale-c-anderson]

Until this gets added, it's possible to just manually add htpasswd tasks to your playbook, you just need to use the same path and permissions that the role uses:

  tasks:
    - name: Add additional users to htpasswd
      htpasswd:
        path: "/etc/nginx/includes/deny-anonymous.{{ linux_owner }}-{{ project }}.htpasswd"
        name: foobar
        password: !vault
          $ANSIBLE_VAULT;1.1;AES256
          XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
          XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
        state: present
        owner: root
        group: www-data  # on debian machines; will be 'nginx' for redhat
        mode: '0640'
      tags:
        - htpasswd