vuminh224/tp2_ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

inisital commit

Browse Source
This commit is contained in:
Olivier Barais
2021-12-02 11:43:36 +01:00
parent dd84b7dcab
commit 8545eb3d66
25 changed files with 515 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
LICENSE.md Normal file
View File

@@ -0,0 +1,2 @@
This work is licensed under the Creative Commons Attribution 3.0 Unported License.
To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/deed.en_US.

27
lamp_ubuntu1804_2hosts_withroles/README.md Normal file
View File

@@ -0,0 +1,27 @@
Building a simple LAMP stack and deploying Application using Ansible Playbooks.
-------------------------------------------
These playbooks require Ansible 1.2.
These playbooks are meant to be a reference and starter's guide to building
Ansible Playbooks. These playbooks were tested on CentOS 6.x so we recommend
that you use CentOS or RHEL to test these modules.
This LAMP stack can be on a single node or multiple nodes. The inventory file
'hosts' defines the nodes in which the stacks should be configured.
[webservers]
localhost
[dbservers]
bensible
Here the webserver would be configured on the local host and the dbserver on a
server called `bensible`. The stack can be deployed using the following
command:
ansible-playbook -i hosts site.yml
Once done, you can check the results by browsing to http://localhost/index.php.
You should see a simple test page and a list of databases retrieved from the
database server.

6
lamp_ubuntu1804_2hosts_withroles/group_vars/all Normal file
View File

@@ -0,0 +1,6 @@
---
# Variables listed here are applicable to all host groups
httpd_port: 80
ntpserver: 192.168.1.2
repository: https://github.com/barais/mywebapp.git

10
lamp_ubuntu1804_2hosts_withroles/group_vars/dbservers Normal file
View File

@@ -0,0 +1,10 @@
---
# The variables file used by the playbooks in the dbservers group.
# These don't have to be explicitly imported by vars_files: they are autopopulated.
mysqlservice: mysqld
mysql_port: 3306
dbuser: foouser
dbname: foodb
upassword: abc
mysql_root_password: root

6
lamp_ubuntu1804_2hosts_withroles/group_vars/webservers Normal file
View File

@@ -0,0 +1,6 @@
---
# The variables file used by the playbooks in the dbservers group.
# These don't have to be explicitly imported by vars_files: they are autopopulated.
databasepublicip: 192.168.56.142
publicip: 192.168.56.141

18
lamp_ubuntu1804_2hosts_withroles/hosts Normal file
View File

@@ -0,0 +1,18 @@
[webservers]
192.168.56.141
[dbservers]
192.168.56.142
[webservers:vars]
ansible_connection=ssh
ansible_ssh_user=vagrant
ansible_ssh_pass=vagrant
ansible_become_pass=vagrant
ansible_python_interpreter=/usr/bin/python3
[dbservers:vars]
ansible_connection=ssh
ansible_ssh_user=vagrant
ansible_ssh_pass=vagrant
ansible_become_pass=vagrant
ansible_python_interpreter=/usr/bin/python3

8
lamp_ubuntu1804_2hosts_withroles/roles/common/handlers/main.yml Normal file
View File

@@ -0,0 +1,8 @@
---
# Handler to handle common notifications. Handlers are called by other plays.
# See http://docs.ansible.com/playbooks_intro.html for more information about handlers.
- name: restart ntp
service:
name: ntp
state: restarted

23
lamp_ubuntu1804_2hosts_withroles/roles/common/tasks/main.yml Normal file
View File

@@ -0,0 +1,23 @@
---
# This playbook contains common plays that will be run on all nodes.
- name: Install ntp
apt:
name: ntp
update_cache: true
state: present
tags: ntp
- name: Configure ntp file
template:
src: ntp.conf.j2
dest: /etc/ntp.conf
tags: ntp
notify: restart ntp
- name: Start the ntp service
service:
name: ntp
state: started
enabled: yes
tags: ntp

12
lamp_ubuntu1804_2hosts_withroles/roles/common/templates/ntp.conf.j2 Normal file
View File

@@ -0,0 +1,12 @@
driftfile /var/lib/ntp/drift
restrict 127.0.0.1
restrict -6 ::1
server {{ ntpserver }}
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys

9
lamp_ubuntu1804_2hosts_withroles/roles/db/handlers/main.yml Normal file
View File

@@ -0,0 +1,9 @@
---
# Handler to handle DB tier notifications
- name: restart mysql
service:
name: mysql
state: restarted
become: yes

78
lamp_ubuntu1804_2hosts_withroles/roles/db/tasks/main.yml Normal file
View File

@@ -0,0 +1,78 @@
---
# This playbook will install mysql and create db user and give permissions.
- name: Install Mysql package
apt:
update_cache: true
name: ['mysql-server', 'python3-pip']
state: present
- name: Make sure pymysql is present
become: true # needed if the other tasks are not played as root
pip:
name: pymysql
state: present
- name: Create Mysql configuration file
template:
src: my.cnf.j2
dest: /etc/my.cnf
notify:
- restart mysql
- name: (DATABASE) Allow remote hosts to connect (Debian)
lineinfile:
path: /etc/mysql/mysql.conf.d/mysqld.cnf
backrefs: yes
regexp: '^bind-address'
line: 'bind-address = 0.0.0.0'
state: present
notify: restart mysql
- name: Start Mysql Service
service:
name: mysql
state: started
enabled: yes
- name: Sets the root password
no_log: true
mysql_user:
name: root
password: "{{ mysql_root_password }}"
login_unix_socket: /var/run/mysqld/mysqld.sock
ignore_errors: yes
#- name: Removes all anonymous user accounts
# mysql_user:
# name: ''
# host_all: yes
# state: absent
#- name: Removes the MySQL test database
# mysql_db:
# name: test
# state: absent
- name: Create Application Database
mysql_db:
name: "{{ dbname }}"
login_user: root
login_password: "{{ mysql_root_password }}"
state: present
- name: Create Application DB User
no_log: true
mysql_user:
name: "{{ dbuser }}"
password: "{{ upassword }}"
login_unix_socket: /var/run/mysqld/mysqld.sock
priv: "*.*:ALL"
host: '%'
state: present
login_user: root
login_password: "{{ mysql_root_password }}"

12
lamp_ubuntu1804_2hosts_withroles/roles/db/templates/my.cnf.j2 Normal file
View File

@@ -0,0 +1,12 @@
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
port={{ mysql_port }}
bind-address = 0.0.0.0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

8
lamp_ubuntu1804_2hosts_withroles/roles/web/handlers/main.yml Normal file
View File

@@ -0,0 +1,8 @@
---
# Handler for the webtier: handlers are called by other plays.
# See http://docs.ansible.com/playbooks_intro.html for more information about handlers.
- name: restart iptables
service:
name: iptables
state: restarted

14
lamp_ubuntu1804_2hosts_withroles/roles/web/tasks/copy_code.yml Normal file
View File

@@ -0,0 +1,14 @@
---
# These tasks are responsible for copying the latest dev/production code from
# the version control system.
- name: Copy the code from repository
git:
repo: "{{ repository }}"
dest: /var/www/html/
- name: Creates the index.php file
template:
src: index.php.j2
dest: /var/www/html/index.php
become: yes

28
lamp_ubuntu1804_2hosts_withroles/roles/web/tasks/install_httpd.yml Normal file
View File

@@ -0,0 +1,28 @@
---
# These tasks install http and the php modules.
- name: Install http and php etc
apt:
name: ['apache2', 'php', 'php-mysql', 'git']
state: present
become: yes
- name: Recursively remove directory
ansible.builtin.file:
path: /var/www/html
state: absent
- name: Create a directory if it does not exist
ansible.builtin.file:
path: /var/www/html
state: directory
mode: '0755'
- name: http service state
service:
name: apache2
state: started
enabled: yes
become: yes

3
lamp_ubuntu1804_2hosts_withroles/roles/web/tasks/main.yml Normal file
View File

@@ -0,0 +1,3 @@
---
- include: install_httpd.yml
- include: copy_code.yml

24
lamp_ubuntu1804_2hosts_withroles/roles/web/templates/index.php.j2 Normal file
View File

@@ -0,0 +1,24 @@
<html>
<head>
<title>Ansible Application</title>
</head>
<body>
</br>
<a href=http://{{ publicip }}/index.html>Homepage</a>
</br>
<?php
Print "Hello, World! I am a web server configured using Ansible and I am : ";
echo exec('hostname');
Print "</BR>";
echo "List of Databases: </BR>";
{% for host in groups['dbservers'] %}
$link = mysqli_connect('{{ databasepublicip }}', '{{ hostvars[host].dbuser }}', '{{ hostvars[host].upassword }}') or die(mysqli_connect_error($link));
{% endfor %}
$res = mysqli_query($link, "SHOW DATABASES;");
while ($row = mysqli_fetch_assoc($res)) {
echo $row['Database'] . "\n";
}
?>
</body>
</html>

26
lamp_ubuntu1804_2hosts_withroles/site.yml Normal file
View File

@@ -0,0 +1,26 @@
---
# This playbook deploys the whole application stack in this site.
- name: apply common configuration to all nodes
hosts: all
remote_user: vagrant
become: yes
roles:
- common
- name: configure and deploy the webservers and application code
hosts: webservers
remote_user: vagrant
become: yes
roles:
- web
- name: deploy MySQL and configure the databases
hosts: dbservers
remote_user: vagrant
become: yes
roles:
- db

17
lamp_ubuntu1804_onehost/files/apache.conf.j2 Normal file
View File

@@ -0,0 +1,17 @@
<VirtualHost *:{{ http_port }}>
ServerAdmin webmaster@localhost
ServerName {{ http_host }}
ServerAlias www.{{ http_host }}
DocumentRoot /var/www/{{ http_host }}
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/{{ http_host }}>
Options -Indexes
</Directory>
<IfModule mod_dir.c>
DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>
</VirtualHost>

2
lamp_ubuntu1804_onehost/files/info.php.j2 Normal file
View File

@@ -0,0 +1,2 @@
<?php
phpinfo();

7
lamp_ubuntu1804_onehost/hosts Normal file
View File

@@ -0,0 +1,7 @@
[webservers]
192.168.56.141 ansible_ssh_user=vagrant ansible_become_pass=vagrant ansible_python_interpreter=/usr/bin/python3
[webservers:vars]
ansible_connection=ssh
ansible_ssh_user=vagrant
ansible_ssh_pass=vagrant

94
lamp_ubuntu1804_onehost/playbook.yml Executable file
View File

@@ -0,0 +1,94 @@
##################################################
# DO Community Playbooks: LAMP on Ubuntu 18.04
##################################################
---
- hosts: all
become: true
vars_files:
- vars/default.yml
tasks:
- name: Install prerequisites
apt:
name: 'aptitude'
update_cache: true
#Apache Configuration
- name: Install LAMP Packages
apt:
name: [ 'apache2', 'python3-pip', 'mysql-server', 'php', 'php-mysql', 'libapache2-mod-php' ]
state: present
- name: Make sure pymysql is present
become: true # needed if the other tasks are not played as root
pip:
name: pymysql
state: present
- name: Create document root
file:
path: "/var/www/{{ http_host }}"
state: directory
owner: "{{ app_user }}"
mode: '0755'
- name: Set up Apache virtualhost
template:
src: "files/apache.conf.j2"
dest: "/etc/apache2/sites-available/{{ http_conf }}"
notify: Reload Apache
- name: Enable new site
shell: /usr/sbin/a2ensite {{ http_conf }}
notify: Reload Apache
- name: Disable default Apache site
shell: /usr/sbin/a2dissite 000-default.conf
when: disable_default
notify: Reload Apache
# MySQL Configuration
- name: Sets the root password
mysql_user:
name: root
password: "{{ mysql_root_password }}"
login_unix_socket: /var/run/mysqld/mysqld.sock
- name: Removes all anonymous user accounts
mysql_user:
name: ''
host_all: yes
state: absent
login_user: root
login_password: "{{ mysql_root_password }}"
- name: Removes the MySQL test database
mysql_db:
name: test
state: absent
login_user: root
login_password: "{{ mysql_root_password }}"
# UFW Configuration
- name: "UFW - Allow HTTP on port {{ http_port }}"
ufw:
rule: allow
port: "{{ http_port }}"
proto: tcp
# PHP Info Page
- name: Sets Up PHP Info Page
template:
src: "files/info.php.j2"
dest: "/var/www/{{ http_host }}/info.php"
handlers:
- name: Reload Apache
service:
name: apache2
state: reloaded
- name: Restart Apache
service:
name: apache2
state: restarted

47
lamp_ubuntu1804_onehost/readme.md Normal file
View File

@@ -0,0 +1,47 @@
# LAMP on Ubuntu 18.04
This playbook will install a LAMP environment (**L**inux, **A**pache, **M**ySQL and **P**HP) on an Ubuntu 18.04 machine, as explained in the guide on [How to Use Ansible to Install and Configure LAMP on Ubuntu 18.04](#). A virtualhost will be created with the options specified in the `vars/default.yml` variable file.
## Settings
- `mysql_root_password`: the password for the MySQL root account.
- `app_user`: a remote non-root user on the Ansible host that will own the application files.
- `http_host`: your domain name.
- `http_conf`: the name of the configuration file that will be created within Apache.
- `http_port`: HTTP port, default is 80.
- `disable_default`: whether or not to disable the default Apache website. When set to true, your new virtualhost should be used as default website. Default is true.
## Running this Playbook
Quickstart guide for those already familiar with Ansible:
### 1. Obtain the playbook
```shell
git clone https://github.com/do-community/ansible-playbooks.git
cd ansible-playbooks/lamp_ubuntu1804
```
### 2. Customize Options
```shell
nano vars/default.yml
```
```yml
---
mysql_root_password: "mysql_root_password"
app_user: "sammy"
http_host: "your_domain"
http_conf: "your_domain.conf"
http_port: "80"
disable_default: true
```
### 3. Run the Playbook
```command
ansible-playbook -l [target] -i [inventory file] -u [remote user] playbook.yml
```
For more information on how to run this Ansible setup, please check this guide: [soon]().

7
lamp_ubuntu1804_onehost/vars/default.yml Normal file
View File

@@ -0,0 +1,7 @@
---
mysql_root_password: "mysql_root_password"
app_user: "vagrant"
http_host: "demotlc"
http_conf: "demotlc.conf"
http_port: "80"
disable_default: true

27
vagrant/Vagrantfile vendored Normal file
View File

@@ -0,0 +1,27 @@
# ####################################################################
# ################### CONFIGURATION VARIABLES ########################
# ####################################################################
IMAGE_NAME = "bento/ubuntu-18.04" # Image to use
MEM = 2048 # Amount of RAM
CPU = 1 # Number of processors
SLAVE_NBR = 2 # Number of slaves node
Vagrant.configure("2") do |config|
# RAM and CPU config
config.vm.provider "virtualbox" do |v|
v.memory = MEM
v.cpus = CPU
end
# Slave node config
(1..SLAVE_NBR).each do |i|
config.ssh.insert_key = false
config.vm.define "slave-#{i}" do |slave|
# OS and Hostname
slave.vm.box = IMAGE_NAME
slave.vm.hostname = "slave-#{i}"
slave.vm.network "private_network", ip: "192.168.56.14#{i}"
end
end
end