lhubert
/
ansible-lemp-wordpress
forked from bh/ansible-lemp-wordpress


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233
							---
- name: Install PHP and MySQL on Debian-based systems
  hosts: debian
  become: yes
  # vars:
  #   db_username: wordpress
  #   db_password: wordpress
  #   db_name: wordpress
  #   site_url: debian-111
  tasks:
    - name: Update apt cache
      ansible.builtin.apt:
        update_cache: yes

    # Utilisés pour installer/compiler le package python mysqlclient
    # - name: Install gcc, mariadb-dev, pkgconfig and pip3
    #   ansible.builtin.apt:
    #     name:
    #       - gcc # needed to compile
    #       - python3-dev # needed to compile
    #       # - mariadb-dev
    #       - python3-pip
    #       # - pkgconfig
    #     state: present

    # Remarque : php 8.2 pour Debian Bookworm
    - name: Install PHP
      ansible.builtin.apt:
        name:
          - php8.2
          - php8.2-fpm
          - php8.2-iconv # for WordPress
          - php8.2-mysqli # for WordPress/MySQL
          - php8.2-phar # for wp-cli
          # - php8.2-json # for wp-cli
          # pas de package php8.2-openssl pour Debian Bookworm
          # - php8.2-openssl # for wp-cli
          - php8.2-curl # for wp-cli
        state: present

    - name: Install curl
      ansible.builtin.apt:
        name: curl
        state: present

    - name: Install Nginx
      ansible.builtin.apt:
        name: nginx
        state: present

    - name: Check if WordPress exists in /var/www/wordpress
      stat:
        path: /var/www/wordpress
      register: wordpress_dir

    - name: Check if wp-config.php exists in /var/www/wordpress
      stat:
        path: /var/www/wordpress/wp-config.php
      register: wp_config

    # Only if wordpress_dir.stat.exists is false, download WordPress
    - name: Install WordPress using curl
      command: curl -o /tmp/wordpress.tar.gz https://wordpress.org/latest.tar.gz
      args:
        creates: /tmp/wordpress.tar.gz
      when: wordpress_dir.stat.exists == False

    # Unzip WordPress only if /var/www/wordpress doesn't exist
    - name: Unzip WordPress
      # ansible.builtin.unarchive:
      command: tar -xzf /tmp/wordpress.tar.gz -C /var/www
      when: wordpress_dir.stat.exists == False

    - name: Install MariaDB Server & Client
      ansible.builtin.apt:
        name:
          - mariadb-server
          - mariadb-client
        state: present

    # - name: Start Nginx Service
    #   ansible.builtin.service:
    #     name: nginx
    #     state: started
    #     enabled: yes # Ensure the MySQL service starts on boot

    # Store mariadb status in a variable
    # It'll be useful to conditionally run `/etc/init.d/mariadb setup`
    - name: Check MariaDB status
      command: service mariadb status
      register: mariadb_status
      ignore_errors: yes

    # # Echo 'MARIADB STARTED' if mariadb is running
    # - name: Debug MariaDB status
    #   ansible.builtin.debug:
    #     msg: "MARIADB STARTED"
    #   when: mariadb_status.stdout.find('started') != -1

    # # Echo 'MARIADB STOPPED' if mariadb is NOT running
    # - name: Debug MariaDB status
    #   ansible.builtin.debug:
    #     msg: "MARIADB STOPPED"
    #   when: mariadb_status.stdout.find('started') == -1

    # Problem I had: it failed here after 1st run
    # - name: MariaDB setup
    #   command: /etc/init.d/mariadb setup
    #   # run only if service is NOT running, that is, the output from
    #   # `rc-service mariadb status` doesn't contain `started`
    #   when: mariadb_status.stdout.find('started') == -1

    - name: Start MariaDB Service
      ansible.builtin.service:
        name: mariadb
        state: started
        enabled: yes # Ensure the MariaDB service starts on boot

    # On ne va pas le faire avec pip mais avec apt
    # - name: Install mysqlclient
    #   ansible.builtin.pip:
    #     name: mysqlclient
    #     state: present

    - name: Installer le client MySQL pour Python
      ansible.builtin.apt:
        name: python3-mysqldb
        state: present
        update_cache: yes

    - name: create MySQL database
      mysql_db:
        check_implicit_admin: yes
        login_user: "{{ db_username }}"
        login_password: "{{ db_password }}"
        name: "{{ db_name }}"
        encoding: utf8mb4
        collation: utf8mb4_unicode_ci
        state: present

    - name: create MySQL user
      mysql_user:
        name: "{{ db_username }}"
        password: "{{ db_password }}"
        priv: "{{ db_name }}.*:ALL,GRANT"
        state: present

    - name: Downlownload wp salt config
      command: curl https://api.wordpress.org/secret-key/1.1/salt/
      register: wp_salt
      when: wp_config.stat.exists == False

    # Register wp-salt content as variable
    # - name: Read wp-salt content
    #   ansible.builtin.slurp:
    #     src: /tmp/wp-salt
    #   register: wp_salt

    # Use variables from vars above and from wp_salt
    - name: Create wp-config.php
      ansible.builtin.template:
        src: templates/wp-config-sample.php.j2
        dest: /var/www/wordpress/wp-config.php
        owner: root
        group: root
        mode: 0644
      when: wp_config.stat.exists == False

    # Overwrite default vhost config with our own
    - name: Write WordPress vhost config
      ansible.builtin.template:
        src: templates/nginx-wordpress.conf.j2
        dest: /etc/nginx/sites-available/nginx-wordpress.conf
        owner: root
        group: root
        mode: 0644

    - name: Create symbolic link to enable the vhost
      ansible.builtin.file:
        src: /etc/nginx/sites-available/nginx-wordpress.conf
        dest: /etc/nginx/sites-enabled/nginx-wordpress.conf
        state: link

    # remove `default` symlink from sites-enabled
    - name: Remove default symlink from sites-enabled
      ansible.builtin.file:
        path: /etc/nginx/sites-enabled/default
        state: absent

    - name: Restart PHP-FPM
      ansible.builtin.service:
        name: php8.2-fpm
        state: restarted
        enabled: yes # Ensure the PHP-FPM service starts on boot

    - name: Restart Nginx
      ansible.builtin.service:
        name: nginx
        state: restarted
        enabled: yes # Ensure the PHP-FPM service starts on boot

    # Check if wp-cli exists
    - name: Check if wp-cli exists
      ansible.builtin.stat:
        path: /usr/local/bin/wp
      register: wp_cli

    # Download WordPress CLI
    - name: Download WordPress CLI
      command: curl -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
      args:
        creates: /usr/local/bin/wp
      when: wp_cli.stat.exists == False

    # Make WordPress CLI executable
    - name: Make WordPress CLI executable
      command: chmod +x /usr/local/bin/wp

    # Check if WordPress is installed
    - name: Check if WordPress is installed
      command: sudo -u debian wp core is-installed --path=/var/www/wordpress
      register: wp_installed
      ignore_errors: yes

    # WP core install (cwd: /var/www/wordpress)
    - name: Install WordPress
      command: sudo -u debian wp core install --url={{ site_url }} --title=My\ Blog --admin_user=admin --admin_password=admin --admin_email=benoithubert@gmail.com
      # WP-CLI complains if we run it as root, so we become a regular user
      become: no
      # Shou
      args:
        chdir: /var/www/wordpress
      when: wp_installed.rc != 0