111 lines
2.8 KiB
YAML
Executable File
111 lines
2.8 KiB
YAML
Executable File
##################################################
|
|
# DO Community Playbooks: LAMP on Ubuntu 18.04
|
|
##################################################
|
|
---
|
|
- hosts: all
|
|
become: true
|
|
vars_files:
|
|
- vars/default.yml
|
|
|
|
tasks:
|
|
- name: Install prerequisites
|
|
apt:
|
|
name: 'aptitude'
|
|
update_cache: true
|
|
|
|
#Apache Configuration
|
|
- name: Install LAMP Packages
|
|
apt:
|
|
name: [ 'apache2', 'python3-pip', 'mysql-server', 'php', 'php-mysql', 'libapache2-mod-php', 'munin-node' ]
|
|
state: present
|
|
|
|
- name: Make sure pymysql is present
|
|
become: true # needed if the other tasks are not played as root
|
|
pip:
|
|
name: pymysql
|
|
state: present
|
|
|
|
- name: Create document root
|
|
file:
|
|
path: "/var/www/{{ http_host }}"
|
|
state: directory
|
|
owner: "{{ app_user }}"
|
|
mode: '0755'
|
|
|
|
- name: Set up Apache virtualhost
|
|
template:
|
|
src: "files/apache.conf.j2"
|
|
dest: "/etc/apache2/sites-available/{{ http_conf }}"
|
|
notify: Reload Apache
|
|
|
|
- name: Enable new site
|
|
shell: /usr/sbin/a2ensite {{ http_conf }}
|
|
notify: Reload Apache
|
|
|
|
- name: Disable default Apache site
|
|
shell: /usr/sbin/a2dissite 000-default.conf
|
|
when: disable_default
|
|
notify: Reload Apache
|
|
|
|
# MySQL Configuration
|
|
- name: Sets the root password
|
|
mysql_user:
|
|
name: root
|
|
password: "{{ mysql_root_password }}"
|
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
|
|
|
- name: Removes all anonymous user accounts
|
|
mysql_user:
|
|
name: ''
|
|
host_all: yes
|
|
state: absent
|
|
login_user: root
|
|
login_password: "{{ mysql_root_password }}"
|
|
|
|
- name: Removes the MySQL test database
|
|
mysql_db:
|
|
name: test
|
|
state: absent
|
|
login_user: root
|
|
login_password: "{{ mysql_root_password }}"
|
|
|
|
# UFW Configuration
|
|
- name: "UFW - Allow HTTP on port {{ http_port }}"
|
|
ufw:
|
|
rule: allow
|
|
port: "{{ http_port }}"
|
|
proto: tcp
|
|
|
|
# Munin Configuration
|
|
#https://stackoverflow.com/questions/77941169/ansible-add-line-update-etc-hosts-when-outdated
|
|
- name: Install Munin Node
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/munin/munin-node.conf
|
|
regexp: '^allow'
|
|
line: "allow ^127\\.0\\.0\\.1$"
|
|
|
|
- name: Restart munin-node
|
|
systemd:
|
|
name: munin-node
|
|
state: restarted
|
|
enabled: yes
|
|
|
|
- name : configure docker-compose
|
|
copy:
|
|
src: "files/docker-compose.yml"
|
|
dest: "/home/{{ app_user }}/docker-compose.yml"
|
|
owner: "{{ app_user }}"
|
|
mode: '0644'
|
|
|
|
|
|
handlers:
|
|
- name: Reload Apache
|
|
service:
|
|
name: apache2
|
|
state: reloaded
|
|
|
|
- name: Restart Apache
|
|
service:
|
|
name: apache2
|
|
state: restarted
|