bitfit/ansible_etalon_web
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
ansible_etalon_web/tasks/main.yml

312 lines
8.2 KiB
YAML
Raw Blame History

---
- name: check if apt.conf uses a proxy
shell: grep -Po '(?<=^Acquire::http::Proxy ")[^"]*' /etc/apt/apt.conf
register: proxy_grep
failed_when: false
changed_when: false
- name: set proxy variable
set_fact:
proxy: "{{ proxy_grep.stdout }}"
when: proxy_grep.stdout != ""
- name: /var/www bind mount in fstab
lineinfile:
dest: /etc/fstab
line: '/data/www /var/www none bind 0 0'
register: fstab_www
- name: mount /var/www
shell: 'mkdir -p /var/www && mv /var/www /data && mkdir -p /var/www && mount /var/www'
when: fstab_www.changed
- name: www subdirs
file:
dest: "/var/www/{{ item }}"
state: directory
with_items:
- def
- def/public
- name: www index.html
shell: "test -e /var/www/def/public/index.html || hostname > /var/www/def/public/index.html"
- name: install packages, jessie
tags: apt
apt:
name:
- apache2
- libapache2-mod-php5
- mysql-client
- php5-cli
- php5-curl
- php5-gd
- php5-json
- php5-ldap
- php5-mysqlnd
state: present
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "8"
- name: install packages, stretch-buster
tags: apt
apt:
name:
- apache2
- libapache2-mod-php
- mariadb-client
- php-cli
- php-bcmath
- php-curl
- php-gd
- php-json
- php-ldap
- php-mbstring
- php-mysql
- php-soap
- php-xml
- php-zip
state: present
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() == 9 or ansible_distribution_major_version|int() == 10
- name: sury repo pgp key, bullseye+
tags: apt
shell: "curl {{ (proxy is defined) | ternary('--proxy '+ proxy|default(''), '')}} -o /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg"
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() >= 11
- name: sury repo in sources list, bullseye
tags: apt
lineinfile:
dest: /etc/apt/sources.list.d/php-sury.list
line: 'deb https://packages.sury.org/php/ bullseye main'
create: yes
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() == 11
- name: sury repo in sources list, bookworm
tags: apt
lineinfile:
dest: /etc/apt/sources.list.d/php-sury.list
line: 'deb https://packages.sury.org/php/ bookworm main'
create: yes
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() >= 12
- name: apt update, bullseye+
tags: apt
apt:
update_cache: yes
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() >= 11
- name: set phpver for debian bullseye
set_fact:
phpver: "7.4"
when:
- (ansible_distribution == "Debian" and ansible_distribution_major_version|int() == 11) or
(ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int() >= 20)
- name: set phpver for debian bookworm+
set_fact:
phpver: "8.2"
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() >= 12
- name: install packages, bullseye+
tags: apt
apt:
name:
- apache2
- mariadb-client
- "php{{ phpver }}-cli"
- "php{{ phpver }}-fpm"
- "php{{ phpver }}-bcmath"
- "php{{ phpver }}-curl"
- "php{{ phpver }}-gd"
- "php{{ phpver }}-ldap"
- "php{{ phpver }}-mbstring"
- "php{{ phpver }}-mongodb"
- "php{{ phpver }}-mysql"
- "php{{ phpver }}-opcache"
- "php{{ phpver }}-readline"
- "php{{ phpver }}-redis"
- "php{{ phpver }}-soap"
- "php{{ phpver }}-xml"
- "php{{ phpver }}-zip"
state: present
when:
- phpver is defined
- name: install packages, bullseye+
tags: apt
apt:
name:
- "php{{ phpver }}-json"
state: present
when:
- phpver is defined
- phpver == "7.4"
- name: php fpm/pool.d/www.conf, bullseye+
template:
src: pool_www.conf
dest: "/etc/php/{{ phpver }}/fpm/pool.d/www.conf"
when:
- phpver is defined
- name: conf-available
copy:
src: "{{ item }}"
dest: /etc/apache2/conf-available
with_items:
- other-vhosts-access-log.conf
- charset.conf
- log-detailed.conf
- name: enable confs / modules, -buster
shell: "a2enconf charset log-detailed && a2enmod rewrite"
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() < 11
- name: enable confs / modules, bullseye+
shell: "a2enconf charset log-detailed && a2enmod rewrite headers proxy_fcgi"
when:
- (ansible_distribution == "Debian" and ansible_distribution_major_version|int() >= 11) or
(ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int() >= 20)
- name: virtualhost config, -buster
copy:
src: 000-default_modphp.conf
dest: /etc/apache2/sites-available/000-default.conf
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version|int() < 11
- name: virtualhost config, bullseye+
template:
src: 000-default_fpm.conf
dest: /etc/apache2/sites-available/000-default.conf
when:
- (ansible_distribution == "Debian" and ansible_distribution_major_version|int() >= 11) or
(ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int() >= 20)
- name: php config, jessie
copy:
src: hws.php.ini.modphp
dest: /etc/php5
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "8"
- name: php config symlinks, jessie
file:
state: link
src: /etc/php5/hws.php.ini
path: "/etc/php5/{{ item }}/conf.d/hws.php.ini"
with_items:
- apache2
- cli
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "8"
- name: php config, stretch
copy:
src: hws.php.ini.modphp
dest: /etc/php/7.0/hws.php.ini
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "9"
- name: php config, buster
copy:
src: hws.php.ini.modphp
dest: /etc/php/7.3/hws.php.ini
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "10"
#- name: php config, bullseye
# copy:
# src: hws.php.ini.fpm
# dest: /etc/php/7.4/hws.php.ini
# when:
# - (ansible_distribution == "Debian" and ansible_distribution_major_version|int() == 11) or
# (ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int() >= 20)
- name: php config symlinks, stretch
file:
state: link
src: /etc/php/7.0/hws.php.ini
path: "/etc/php/7.0/{{ item }}/conf.d/hws.php.ini"
with_items:
- apache2
- cli
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "9"
- name: php config symlinks, buster
file:
state: link
src: /etc/php/7.3/hws.php.ini
path: "/etc/php/7.3/{{ item }}/conf.d/hws.php.ini"
with_items:
- apache2
- cli
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version == "10"
#- name: php config symlinks, bullseye
# file:
# state: link
# src: /etc/php/7.4/hws.php.ini
# path: "/etc/php/7.4/{{ item }}/conf.d/hws.php.ini"
# with_items:
# - fpm
# - cli
# when:
# - ansible_distribution == "Debian"
# - ansible_distribution_major_version == "11"
- name: php logrotate config
copy:
src: logrotate.conf
dest: /etc/logrotate.d/php
- name: security.conf ServerTokens, bullseye+
tags: apt
lineinfile:
dest: /etc/apache2/conf-available/security.conf
regexp: "^ServerTokens"
line: "ServerTokens Prod"
when:
- (ansible_distribution == "Debian" and ansible_distribution_major_version|int() >= 11) or
(ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int() >= 20)
- name: security.conf ServerSignature, bullseye+
tags: apt
lineinfile:
dest: /etc/apache2/conf-available/security.conf
regexp: "^ServerSignature"
line: "ServerSignature Off"
when:
- (ansible_distribution == "Debian" and ansible_distribution_major_version|int() >= 11) or
(ansible_distribution == "Ubuntu" and ansible_distribution_major_version|int() >= 20)
# vim: set tabstop=2 shiftwidth=2 expandtab smarttab:
Reference in New Issue View Git Blame Copy Permalink