bitfit/ansible_etalon_web
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
ansible_etalon_web/tasks/main.yml
root af69d886e8 v220904
2022-09-04 17:18:06 +02:00

273 lines
6.5 KiB
YAML
Raw Blame History

---
- name: check if apt.conf uses a proxy
shell: grep -Po '(?<=^Acquire::http::Proxy ")[^"]*' /etc/apt/apt.conf
register: proxy_grep
failed_when: false
changed_when: false
- name: set proxy variable
set_fact:
proxy: "{{ proxy_grep.stdout }}"
when: proxy_grep.stdout != ""
- name: /var/www bind mount in fstab
lineinfile:
dest: /etc/fstab
line: '/data/www /var/www none bind 0 0'
register: fstab_www
- name: mount /var/www
shell: 'mkdir -p /var/www && mv /var/www /data && mkdir -p /var/www && mount /var/www'
when: fstab_www.changed
- name: www subdirs
file:
dest: "/var/www/{{ item }}"
state: directory
with_items:
- def
- def/public
- name: www index.html
shell: "test -e /var/www/def/public/index.html || hostname > /var/www/def/public/index.html"
- name: install packages, jessie
tags: apt
apt:
name: "{{ item }}"
state: present
with_items:
- apache2
- libapache2-mod-php5
- mysql-client
- php5-cli
- php5-curl
- php5-gd
- php5-json
- php5-ldap
- php5-mysqlnd
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "8"
- name: install packages, stretch-buster
tags: apt
apt:
name: "{{ item }}"
state: present
with_items:
- apache2
- libapache2-mod-php
- mariadb-client
- php-cli
- php-bcmath
- php-curl
- php-gd
- php-json
- php-ldap
- php-mbstring
- php-mysql
- php-soap
- php-xml
- php-zip
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() == 9 or ansible_distribution_major_version|int() == 10
- name: sury repo pgp key, bullseye+
tags: apt
shell: "curl {{ (proxy is defined) | ternary('--proxy '+ proxy|default(''), '')}} -o /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg"
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() == 11
- name: sury repo in sources list, bullseye
tags: apt
lineinfile:
dest: /etc/apt/sources.list.d/php-sury.list
line: 'deb https://packages.sury.org/php/ bullseye main'
create: yes
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() == 11
- name: apt update, bullseye
tags: apt
apt:
update_cache: yes
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() == 11
- name: install packages, bullseye
tags: apt
apt:
name: "{{ item }}"
state: present
with_items:
- apache2
- mariadb-client
- php7.4-cli
- php7.4-fpm
- php7.4-bcmath
- php7.4-curl
- php7.4-gd
- php7.4-json
- php7.4-ldap
- php7.4-mbstring
- php7.4-mysql
- php7.4-opcache
- php7.4-readline
- php7.4-soap
- php7.4-xml
- php7.4-zip
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() == 11
- name: conf-available
copy:
src: "{{ item }}"
dest: /etc/apache2/conf-available
with_items:
- other-vhosts-access-log.conf
- charset.conf
- log-detailed.conf
- name: enable confs / modules, -buster
shell: "a2enconf charset log-detailed && a2enmod rewrite"
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() < 11
- name: enable confs / modules, bullseye+
shell: "a2enconf charset log-detailed && a2enmod rewrite headers proxy_fcgi"
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() >= 11
- name: virtualhost config, -buster
copy:
src: 000-default_modphp.conf
dest: /etc/apache2/sites-available/000-default.conf
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() < 11
- name: virtualhost config, bullseye
copy:
src: 000-default_fpm7.4.conf
dest: /etc/apache2/sites-available/000-default.conf
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() == 11
- name: php config, jessie
copy:
src: hws.php.ini.modphp
dest: /etc/php5
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "8"
- name: php config symlinks, jessie
file:
state: link
src: /etc/php5/hws.php.ini
path: "/etc/php5/{{ item }}/conf.d/hws.php.ini"
with_items:
- apache2
- cli
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "8"
- name: php config, stretch
copy:
src: hws.php.ini.modphp
dest: /etc/php/7.0/hws.php.ini
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "9"
- name: php config, buster
copy:
src: hws.php.ini.modphp
dest: /etc/php/7.3/hws.php.ini
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "10"
- name: php config, bullseye
copy:
src: hws.php.ini.fpm
dest: /etc/php/7.4/hws.php.ini
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "11"
- name: php config symlinks, stretch
file:
state: link
src: /etc/php/7.0/hws.php.ini
path: "/etc/php/7.0/{{ item }}/conf.d/hws.php.ini"
with_items:
- apache2
- cli
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "9"
- name: php config symlinks, buster
file:
state: link
src: /etc/php/7.3/hws.php.ini
path: "/etc/php/7.3/{{ item }}/conf.d/hws.php.ini"
with_items:
- apache2
- cli
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "10"
- name: php config symlinks, bullseye
file:
state: link
src: /etc/php/7.4/hws.php.ini
path: "/etc/php/7.4/{{ item }}/conf.d/hws.php.ini"
with_items:
- fpm
- cli
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "11"
- name: php logrotate config
copy:
src: logrotate.conf
dest: /etc/logrotate.d/php
- name: security.conf ServerTokens, bullseye+
tags: apt
lineinfile:
dest: /etc/apache2/conf-available/security.conf
regexp: "^ServerTokens"
line: "ServerTokens Prod"
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() >= 11
- name: security.conf ServerSignature, bullseye+
tags: apt
lineinfile:
dest: /etc/apache2/conf-available/security.conf
regexp: "^ServerSignature"
line: "ServerSignature Off"
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() >= 11
# vim: set tabstop=2 shiftwidth=2 expandtab smarttab:
Reference in New Issue View Git Blame Copy Permalink