161 lines
3.5 KiB
YAML
161 lines
3.5 KiB
YAML
---
|
|
- name: set phpver for rhel9
|
|
set_fact:
|
|
phpver: "84"
|
|
when:
|
|
- ansible_distribution == "RedHat"
|
|
- ansible_distribution_major_version|int() == 9
|
|
|
|
- name: install remi repo
|
|
tags: dnf
|
|
dnf:
|
|
name: "https://rpms.remirepo.net/enterprise/remi-release-9.rpm"
|
|
disable_gpg_check: yes
|
|
|
|
#- name: dnf module php [phpver]
|
|
# tags: dnf
|
|
# dnf:
|
|
# name:
|
|
# - "@php:remi-{{ phpver }}"
|
|
|
|
- name: install packages
|
|
tags: dnf
|
|
dnf:
|
|
name:
|
|
- httpd
|
|
- mod_ssl
|
|
- mysql
|
|
- redis
|
|
- "php{{ phpver }}-php-fpm"
|
|
- "php{{ phpver }}-php-cli"
|
|
- "php{{ phpver }}-php-bcmath"
|
|
- "php{{ phpver }}-php-gd"
|
|
- "php{{ phpver }}-php-ldap"
|
|
- "php{{ phpver }}-php-mbstring"
|
|
- "php{{ phpver }}-php-mysqlnd"
|
|
- "php{{ phpver }}-php-opcache"
|
|
- "php{{ phpver }}-php-soap"
|
|
- "php{{ phpver }}-php-xml"
|
|
- "php{{ phpver }}-php-pecl-zip"
|
|
- "php{{ phpver }}-php-pecl-mongodb"
|
|
- "php{{ phpver }}-php-pecl-redis6"
|
|
- "php{{ phpver }}-php-process"
|
|
when:
|
|
- phpver is defined
|
|
|
|
- name: enable httpd service
|
|
systemd_service:
|
|
name: httpd
|
|
enabled: true
|
|
|
|
- name: enable redis service
|
|
systemd_service:
|
|
name: redis
|
|
enabled: true
|
|
|
|
- name: enable php-fpm service [phpver]
|
|
systemd_service:
|
|
name: "php{{ phpver }}-php-fpm"
|
|
enabled: true
|
|
|
|
- name: php-fpm.d/www.conf [phpver]
|
|
template:
|
|
src: pool_www.conf_redhat
|
|
dest: "/etc/opt/remi/php{{ phpver }}/php-fpm.d/www.conf"
|
|
when:
|
|
- phpver is defined
|
|
|
|
- name: httpd.conf remove conf.d include
|
|
lineinfile:
|
|
path: /etc/httpd/conf/httpd.conf
|
|
regex: "^IncludeOptional conf.d/\\*.conf"
|
|
state: absent
|
|
|
|
- name: httpd.conf add conf-enabled include
|
|
lineinfile:
|
|
path: /etc/httpd/conf/httpd.conf
|
|
line: "IncludeOptional conf-enabled/*.conf"
|
|
|
|
- name: httpd.conf add sites-enabled include
|
|
lineinfile:
|
|
path: /etc/httpd/conf/httpd.conf
|
|
line: "IncludeOptional sites-enabled/*.conf"
|
|
|
|
- name: /etc/apache2 symlink
|
|
file:
|
|
path: /etc/apache2
|
|
src: httpd
|
|
state: link
|
|
|
|
- name: /var/log/apache2 symlink
|
|
file:
|
|
path: /var/log/apache2
|
|
src: httpd
|
|
state: link
|
|
|
|
- name: /etc/apache2/conf-enabled
|
|
file:
|
|
path: /etc/apache2/conf-enabled
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
|
|
- name: /etc/apache2/conf-available
|
|
file:
|
|
path: /etc/apache2/conf-available
|
|
src: conf-enabled
|
|
state: link
|
|
|
|
- name: /etc/apache2/sites-enabled
|
|
file:
|
|
path: /etc/apache2/sites-enabled
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
|
|
- name: /etc/apache2/sites-available
|
|
file:
|
|
path: /etc/apache2/sites-available
|
|
src: sites-enabled
|
|
state: link
|
|
|
|
- name: create security.conf
|
|
copy:
|
|
src: security.conf_redhat
|
|
dest: /etc/apache2/conf-enabled/security.conf
|
|
|
|
- name: create index.conf
|
|
copy:
|
|
content: "DirectoryIndex index.html index.php\n"
|
|
dest: /etc/apache2/conf-enabled/index.conf
|
|
|
|
- name: ssl.conf
|
|
template:
|
|
src: redhat_ssl.conf
|
|
dest: "/etc/apache2/conf-enabled/ssl.conf"
|
|
|
|
- name: set httpd_can_network_connect
|
|
seboolean:
|
|
name: httpd_can_network_connect
|
|
state: true
|
|
persistent: yes
|
|
when:
|
|
- ansible_selinux.status == 'enabled'
|
|
|
|
- name: set httpd_can_sendmail
|
|
seboolean:
|
|
name: httpd_can_sendmail
|
|
state: true
|
|
persistent: yes
|
|
when:
|
|
- ansible_selinux.status == 'enabled'
|
|
|
|
#D- name: php logrotate config
|
|
#D copy:
|
|
#D src: logrotate.conf
|
|
#D dest: /etc/logrotate.d/php
|
|
|
|
# vim: set tabstop=2 shiftwidth=2 expandtab smarttab:
|