|
|
@@ -0,0 +1,222 @@
|
|
|
+---
|
|
|
+- name: Install PHP and MySQL on Debian-based systems
|
|
|
+ hosts: debian
|
|
|
+ become: yes # Use privilege escalation to become the root user
|
|
|
+ vars:
|
|
|
+ db_username: wordpress
|
|
|
+ db_password: wordpress
|
|
|
+ db_name: wordpress
|
|
|
+ tasks:
|
|
|
+ - name: Update apt cache
|
|
|
+ ansible.builtin.apt:
|
|
|
+ update_cache: yes
|
|
|
+
|
|
|
+ # These two will be needed to install mysqlclient
|
|
|
+ - name: Install gcc, mariadb-dev, pkgconfig and pip3
|
|
|
+ ansible.builtin.apt:
|
|
|
+ name:
|
|
|
+ - gcc # needed to compile
|
|
|
+ - python3-dev # needed to compile
|
|
|
+ - mariadb-dev
|
|
|
+ - python3-pip
|
|
|
+ - pkgconfig
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: Install PHP
|
|
|
+ ansible.builtin.apt:
|
|
|
+ name:
|
|
|
+ - php
|
|
|
+ - php-fpm
|
|
|
+ - php-iconv # for WordPress
|
|
|
+ - php-mysqli # for WordPress/MySQL
|
|
|
+ - php-phar # for wp-cli
|
|
|
+ - php-json # for wp-cli
|
|
|
+ - php-openssl # for wp-cli
|
|
|
+ - php-curl # for wp-cli
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: Install curl
|
|
|
+ ansible.builtin.apt:
|
|
|
+ name: curl
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: Check if WordPress exists in /var/www/wordpress
|
|
|
+ stat:
|
|
|
+ path: /var/www/wordpress
|
|
|
+ register: wordpress_dir
|
|
|
+
|
|
|
+ - name: Check if wp-config.php exists in /var/www/wordpress
|
|
|
+ stat:
|
|
|
+ path: /var/www/wordpress/wp-config.php
|
|
|
+ register: wp_config
|
|
|
+
|
|
|
+ # Only if wordpress_dir.stat.exists is false, download WordPress
|
|
|
+ - name: Install WordPress using curl
|
|
|
+ command: curl -o /tmp/wordpress.tar.gz https://wordpress.org/latest.tar.gz
|
|
|
+ args:
|
|
|
+ creates: /tmp/wordpress.tar.gz
|
|
|
+ when: wordpress_dir.stat.exists == False
|
|
|
+
|
|
|
+ # Unzip WordPress only if /var/www/wordpress doesn't exist
|
|
|
+ - name: Unzip WordPress
|
|
|
+ # ansible.builtin.unarchive:
|
|
|
+ command: tar -xzf /tmp/wordpress.tar.gz -C /var/www
|
|
|
+ when: wordpress_dir.stat.exists == False
|
|
|
+
|
|
|
+ - name: Install Nginx
|
|
|
+ ansible.builtin.apk:
|
|
|
+ name: nginx
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: Install MariaDB Server
|
|
|
+ ansible.builtin.apk:
|
|
|
+ name: mariadb
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: Install MariaDB Client Tools
|
|
|
+ ansible.builtin.apk:
|
|
|
+ name: mariadb-client
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: Start Nginx Service
|
|
|
+ ansible.builtin.service:
|
|
|
+ name: nginx
|
|
|
+ state: started
|
|
|
+ enabled: yes # Ensure the MySQL service starts on boot
|
|
|
+
|
|
|
+ # Store mariadb status in a variable
|
|
|
+ # It'll be useful to conditionally run `/etc/init.d/mariadb setup`
|
|
|
+ - name: Check MariaDB status
|
|
|
+ command: rc-service mariadb status
|
|
|
+ register: mariadb_status
|
|
|
+ ignore_errors: yes
|
|
|
+
|
|
|
+ # # Echo 'MARIADB STARTED' if mariadb is running
|
|
|
+ # - name: Debug MariaDB status
|
|
|
+ # ansible.builtin.debug:
|
|
|
+ # msg: "MARIADB STARTED"
|
|
|
+ # when: mariadb_status.stdout.find('started') != -1
|
|
|
+
|
|
|
+ # # Echo 'MARIADB STOPPED' if mariadb is NOT running
|
|
|
+ # - name: Debug MariaDB status
|
|
|
+ # ansible.builtin.debug:
|
|
|
+ # msg: "MARIADB STOPPED"
|
|
|
+ # when: mariadb_status.stdout.find('started') == -1
|
|
|
+
|
|
|
+ # Problem I had: it failed here after 1st run
|
|
|
+ - name: MariaDB setup
|
|
|
+ command: /etc/init.d/mariadb setup
|
|
|
+ # run only if service is NOT running, that is, the output from
|
|
|
+ # `rc-service mariadb status` doesn't contain `started`
|
|
|
+ when: mariadb_status.stdout.find('started') == -1
|
|
|
+
|
|
|
+ - name: Start MariaDB Service
|
|
|
+ ansible.builtin.service:
|
|
|
+ name: mariadb
|
|
|
+ state: started
|
|
|
+ enabled: yes # Ensure the MariaDB service starts on boot
|
|
|
+
|
|
|
+ - name: Install mysqlclient
|
|
|
+ ansible.builtin.pip:
|
|
|
+ name: mysqlclient
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: create MySQL database
|
|
|
+ mysql_db:
|
|
|
+ check_implicit_admin: yes
|
|
|
+ login_user: "{{ db_username }}"
|
|
|
+ login_password: "{{ db_password }}"
|
|
|
+ name: "{{ db_name }}"
|
|
|
+ encoding: utf8mb4
|
|
|
+ collation: utf8mb4_unicode_ci
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: create MySQL user
|
|
|
+ mysql_user:
|
|
|
+ name: "{{ db_username }}"
|
|
|
+ password: "{{ db_password }}"
|
|
|
+ priv: "{{ db_name }}.*:ALL,GRANT"
|
|
|
+ state: present
|
|
|
+
|
|
|
+ - name: Downlownload wp salt config
|
|
|
+ command: curl https://api.wordpress.org/secret-key/1.1/salt/
|
|
|
+ register: wp_salt
|
|
|
+ when: wp_config.stat.exists == False
|
|
|
+
|
|
|
+ # Register wp-salt content as variable
|
|
|
+ # - name: Read wp-salt content
|
|
|
+ # ansible.builtin.slurp:
|
|
|
+ # src: /tmp/wp-salt
|
|
|
+ # register: wp_salt
|
|
|
+
|
|
|
+ # Use variables from vars above and from wp_salt
|
|
|
+ - name: Create wp-config.php
|
|
|
+ ansible.builtin.template:
|
|
|
+ src: templates/wp-config-sample.php.j2
|
|
|
+ dest: /var/www/wordpress/wp-config.php
|
|
|
+ owner: root
|
|
|
+ group: root
|
|
|
+ mode: 0644
|
|
|
+ when: wp_config.stat.exists == False
|
|
|
+
|
|
|
+ # Check that default.conf.bak exists
|
|
|
+ - name: Check if default.conf.bak exists
|
|
|
+ ansible.builtin.stat:
|
|
|
+ path: /etc/nginx/http.d/default.conf.bak
|
|
|
+ register: default_conf_bak
|
|
|
+
|
|
|
+ # Backup nginx default vhost config if not already backed up
|
|
|
+ - name: Backup default Nginx vhost config
|
|
|
+ command: mv /etc/nginx/http.d/default.conf /etc/nginx/http.d/default.conf.bak
|
|
|
+ when: default_conf_bak.stat.exists == False
|
|
|
+
|
|
|
+ # Overwrite default vhost config with our own
|
|
|
+ - name: Write new vhost config
|
|
|
+ ansible.builtin.template:
|
|
|
+ src: templates/nginx-wordpress.conf.j2
|
|
|
+ dest: /etc/nginx/http.d/nginx-wordpress.conf
|
|
|
+ owner: root
|
|
|
+ group: root
|
|
|
+ mode: 0644
|
|
|
+
|
|
|
+ - name: Restart PHP-FPM
|
|
|
+ ansible.builtin.service:
|
|
|
+ name: php-fpm81
|
|
|
+ state: restarted
|
|
|
+ enabled: yes # Ensure the PHP-FPM service starts on boot
|
|
|
+
|
|
|
+ - name: Restart Nginx
|
|
|
+ ansible.builtin.service:
|
|
|
+ name: nginx
|
|
|
+ state: restarted
|
|
|
+ enabled: yes # Ensure the PHP-FPM service starts on boot
|
|
|
+
|
|
|
+ # Check if wp-cli exists
|
|
|
+ - name: Check if wp-cli exists
|
|
|
+ ansible.builtin.stat:
|
|
|
+ path: /usr/local/bin/wp
|
|
|
+ register: wp_cli
|
|
|
+
|
|
|
+ # Download WordPress CLI
|
|
|
+ - name: Download WordPress CLI
|
|
|
+ command: curl -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
|
|
|
+ args:
|
|
|
+ creates: /usr/local/bin/wp
|
|
|
+ when: wp_cli.stat.exists == False
|
|
|
+
|
|
|
+ # Make WordPress CLI executable
|
|
|
+ - name: Make WordPress CLI executable
|
|
|
+ command: chmod +x /usr/local/bin/wp
|
|
|
+
|
|
|
+ # Check if WordPress is installed
|
|
|
+ - name: Check if WordPress is installed
|
|
|
+ command: wp core is-installed --path=/var/www/wordpress
|
|
|
+ register: wp_installed
|
|
|
+ ignore_errors: yes
|
|
|
+
|
|
|
+ # WP core install (cwd: /var/www/wordpress)
|
|
|
+ - name: Install WordPress
|
|
|
+ command: wp core install --url=192.168.1.85 --title=My\ Blog --admin_user=admin --admin_password=admin --admin_email=benoithubert@gmail.com
|
|
|
+ args:
|
|
|
+ chdir: /var/www/wordpress
|
|
|
+ when: wp_installed.rc != 0
|
