diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 0dc78ba..0000000 --- a/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -wordpress-nginx/hosts -.DS_Store \ No newline at end of file diff --git a/roles/ansible-role-apache-php-fpm/.travis.yml b/.travis.yml similarity index 77% rename from roles/ansible-role-apache-php-fpm/.travis.yml rename to .travis.yml index a74f406..163e4c3 100644 --- a/roles/ansible-role-apache-php-fpm/.travis.yml +++ b/.travis.yml @@ -2,6 +2,10 @@ sudo: required env: + - distribution: centos + version: 6 + init: /sbin/init + run_opts: "" - distribution: centos version: 7 init: /usr/lib/systemd/systemd @@ -19,6 +23,7 @@ services: - docker before_install: + # - sudo apt-get update # Pull container - 'sudo docker pull ${distribution}:${version}' # Customize container @@ -26,18 +31,14 @@ before_install: script: - container_id=$(mktemp) - # Run container in detached state. + # Run container in detached state - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' - # Install required Galaxy roles. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-galaxy install geerlingguy.repo-remi geerlingguy.apache geerlingguy.php' - # Ansible syntax check. - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check' # Test role. - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml' - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml' # Test role idempotence. - > @@ -50,4 +51,4 @@ script: - 'sudo docker stop "$(cat ${container_id})"' notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ + webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/LICENSE.md b/LICENSE.md deleted file mode 100644 index 1b1fe9d..0000000 --- a/LICENSE.md +++ /dev/null @@ -1,5 +0,0 @@ -Modified by David Beck (techiscool@gmail.com) 2015 -Copyright (C) 2015 Eugene Varnavsky (varnavruz@gmail.com) - -This work is licensed under the Creative Commons Attribution 3.0 Unported License. -To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/deed.en_US. diff --git a/README.md b/README.md index f4b8ae7..100614d 100644 --- a/README.md +++ b/README.md @@ -1,34 +1,124 @@ -## WordPress+Nginx+PHP-FPM+MariaDB Deployment +# Ansible Role: Apache 2.x -- Requires Ansible 1.2 or newer -- Expects CentOS/RHEL 7.x host/s +[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-apache.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-apache) -RHEL7 version reflects changes in Red Hat Enterprise Linux and CentOS 7: -1. Network device naming scheme has changed -2. iptables is replaced with firewalld -3. MySQL is replaced with MariaDB +An Ansible Role that installs Apache 2.x on RHEL/CentOS, Debian/Ubuntu, SLES and Solaris. -These playbooks deploy a simple all-in-one configuration of the popular -WordPress blogging platform and CMS, frontend by the Nginx web server and the -PHP-FPM process manager. To use, copy the `hosts.example` file to `hosts` and -edit the `hosts` inventory file to include the names or URLs of the servers -you want to deploy. +## Requirements -Then run the playbook, like this: +If you are using SSL/TLS, you will need to provide your own certificate and key files. You can generate a self-signed certificate with a command like `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout example.key -out example.crt`. - ansible-playbook -i hosts site.yml +If you are using Apache with PHP, I recommend using the `geerlingguy.php` role to install PHP, and you can either use mod_php (by adding the proper package, e.g. `libapache2-mod-php5` for Ubuntu, to `php_packages`), or by also using `geerlingguy.apache-php-fpm` to connect Apache to PHP via FPM. See that role's README for more info. -The playbooks will configure MariaDB, WordPress, Nginx, and PHP-FPM. When the run -is complete, you can hit access server to begin the WordPress configuration. +## Role Variables -### Ideas for Improvement +Available variables are listed below, along with default values (see `defaults/main.yml`): -Here are some ideas for ways that these playbooks could be extended: + apache_enablerepo: "" -- Parameterize the WordPress deployment to handle multi-site configurations. -- Separate the components (PHP-FPM, MySQL, Nginx) onto separate hosts and -handle the configuration appropriately. -- Handle WordPress upgrades automatically. +The repository to use when installing Apache (only used on RHEL/CentOS systems). If you'd like later versions of Apache than are available in the OS's core repositories, use a repository like EPEL (which can be installed with the `geerlingguy.repo-epel` role). -We would love to see contributions and improvements, so please fork this -repository on GitHub and send us your changes via pull requests. \ No newline at end of file + apache_listen_ip: "*" + apache_listen_port: 80 + apache_listen_port_ssl: 443 + +The IP address and ports on which apache should be listening. Useful if you have another service (like a reverse proxy) listening on port 80 or 443 and need to change the defaults. + + apache_create_vhosts: true + apache_vhosts_filename: "vhosts.conf" + +If set to true, a vhosts file, managed by this role's variables (see below), will be created and placed in the Apache configuration folder. If set to false, you can place your own vhosts file into Apache's configuration folder and skip the convenient (but more basic) one added by this role. + + apache_remove_default_vhost: false + +On Debian/Ubuntu, a default virtualhost is included in Apache's configuration. Set this to `true` to remove that default virtualhost configuration file. + + apache_global_vhost_settings: | + DirectoryIndex index.php index.html + # Add other global settings on subsequent lines. + +You can add or override global Apache configuration settings in the role-provided vhosts file (assuming `apache_create_vhosts` is true) using this variable. By default it only sets the DirectoryIndex configuration. + + apache_vhosts: + # Additional optional properties: 'serveradmin, serveralias, extra_parameters'. + - servername: "local.dev" + documentroot: "/var/www/html" + +Add a set of properties per virtualhost, including `servername` (required), `documentroot` (required), `serveradmin` (optional), `serveralias` (optional) and `extra_parameters` (optional: you can add whatever additional configuration lines you'd like in here). + +Here's an example using `extra_parameters` to add a RewriteRule to redirect all requests to the `www.` site: + + - servername: "www.local.dev" + serveralias: "local.dev" + documentroot: "/var/www/html" + extra_parameters: | + RewriteCond %{HTTP_HOST} !^www\. [NC] + RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L] + +The `|` denotes a multiline scalar block in YAML, so newlines are preserved in the resulting configuration file output. + + apache_vhosts_ssl: [] + +No SSL vhosts are configured by default, but you can add them using the same pattern as `apache_vhosts`, with a few additional directives, like the following example: + + apache_vhosts_ssl: + - { + servername: "local.dev", + documentroot: "/var/www/html", + certificate_file: "/home/vagrant/example.crt", + certificate_key_file: "/home/vagrant/example.key", + certificate_chain_file: "/path/to/certificate_chain.crt" + } + +Other SSL directives can be managed with other SSL-related role variables. + + apache_ssl_protocol: "All -SSLv2 -SSLv3" + apache_ssl_cipher_suite: "AES256+EECDH:AES256+EDH" + +The SSL protocols and cipher suites that are used/allowed when clients make secure connections to your server. These are secure/sane defaults, but for maximum security, performand, and/or compatibility, you may need to adjust these settings. + + apache_mods_enabled: + - rewrite.load + - ssl.load + apache_mods_disabled: [] + +(Debian/Ubuntu ONLY) Which Apache mods to enable or disable (these will be symlinked into the appropriate location). See the `mods-available` directory inside the apache configuration directory (`/etc/apache2/mods-available` by default) for all the available mods. + + apache_packages: + - [platform-specific] + +The list of packages to be installed. This defaults to a set of platform-specific packages for RedHat or Debian-based systems (see `vars/RedHat.yml` and `vars/Debian.yml` for the default values). + + apache_state: started + +Set initial Apache daemon state to be enforced when this role is run. This should generally remain `started`, but you can set it to `stopped` if you need to fix the Apache config during a playbook run or otherwise would not like Apache started at the time this role is run. + + apache_ignore_missing_ssl_certificate: true + +If you would like to only create SSL vhosts when the vhost certificate is present (e.g. when using Let’s Encrypt), set `apache_ignore_missing_ssl_certificate` to `false`. When doing this, you might need to run your playbook more than once so all the vhosts are configured (if another part of the playbook generates the SSL certificates). + +## Dependencies + +None. + +## Example Playbook + + - hosts: webservers + vars_files: + - vars/main.yml + roles: + - { role: geerlingguy.apache } + +*Inside `vars/main.yml`*: + + apache_listen_port: 8080 + apache_vhosts: + - {servername: "example.com", documentroot: "/var/www/vhosts/example_com"} + +## License + +MIT / BSD + +## Author Information + +This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..4acdfce --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,44 @@ +--- +apache_enablerepo: "" + +apache_listen_ip: "*" +apache_listen_port: 80 +apache_listen_port_ssl: 443 + +apache_create_vhosts: true +apache_vhosts_filename: "vhosts.conf" + +# On Debian/Ubuntu, a default virtualhost is included in Apache's configuration. +# Set this to `true` to remove that default. +apache_remove_default_vhost: false + +apache_global_vhost_settings: | + DirectoryIndex index.php index.html + +apache_vhosts: + # Additional properties: 'serveradmin, serveralias, extra_parameters'. + - servername: "local.dev" + documentroot: "/var/www/html" + +apache_vhosts_ssl: [] + # Additional properties: 'serveradmin, extra_parameters'. + # - servername: "local.dev", + # documentroot: "/var/www/html", + # certificate_file: "/path/to/certificate.crt", + # certificate_key_file: "/path/to/certificate.key", + # # Optional. + # certificate_chain_file: "/path/to/certificate_chain.crt" + +apache_ignore_missing_ssl_certificate: true + +apache_ssl_protocol: "All -SSLv2 -SSLv3" +apache_ssl_cipher_suite: "AES256+EECDH:AES256+EDH" + +# Only used on Debian/Ubuntu. +apache_mods_enabled: + - rewrite.load + - ssl.load +apache_mods_disabled: [] + +# Set initial apache state. Recommended values: `started` or `stopped` +apache_state: started diff --git a/group_vars/all.yml b/group_vars/all.yml deleted file mode 100644 index ca92fc0..0000000 --- a/group_vars/all.yml +++ /dev/null @@ -1,335 +0,0 @@ ---- -# Variables listed here are applicable to all host groups -server_hostname: web01.redyhost.com -mysql_root_password: Ff!2KDSUOs10[tXR*Ms %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedlog - CustomLog "/var/log/httpd/{{ server_hostname }}_access.log" combinedlog - - ProxySet timeout=600 - - - servername: "www.2{{ server_hostname }}" - serveralias: "2{{ server_hostname }}" - documentroot: "/var/www/html/2{{ server_hostname }}" - extra_parameters: | - RewriteCond %{HTTP_HOST} !^www\. [NC] - RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L] - ErrorLog "/var/log/httpd/2{{ server_hostname }}_error.log" - ServerSignature Off - ProxyTimeout 600 - ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/html/2{{ server_hostname }}/$1" - LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedlog - CustomLog "/var/log/httpd/2{{ server_hostname }}_access.log" combinedlog - - ProxySet timeout=600 - - -# Disable All Updates -# By default automatic updates are enabled, set this value to true to disable all automatic updates -auto_up_disable: false - -#Define Core Update Level -# true = Development, minor, and major updates are all enabled -# false = Development, minor, and major updates are all disabled -# minor = Minor updates are enabled, development, and major updates are disabled -core_update_level: true - -# Defines PHP values -php_enablerepo: "remi-php70" - -# PHP-FPM configuration. -php_enable_php_fpm: true -php_fpm_pool_user: vmuser -php_fpm_pool_group: www-php - -php_apc_shm_size: "128M" -php_post_max_size: "256M" -php_upload_max_filesize: "1024M" -php_max_input_vars: "4000" - -# Interaction with which web server -php_webserver_daemon: "httpd" - -php_error_reporting: "E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE & ~E_WARNING" - -php_packages: - - php - - php-cli - - php-common - - php-devel - - php-fpm - - php-gd - - php-imap - - php-ldap - - php-mbstring - - php-mcrypt - - php-memcached - - php-mysql - - php-opcache - - php-pdo - - php-pear - - php-pecl-apcu - - php-xml - - php-twig - - php-xmlrpc - - php-pecl-uploadprogress - -# Drush -drush_keep_updated: yes -drush_force_update: yes - -# Nginx vhosts configuration -nginx_vhosts: - - listen: "{{ nginx_port }}" - server_name: "{{ server_hostname }} www.{{ server_hostname }}" - root: "/var/www/html/{{ server_hostname }}" - open_file_cache: "max=2000 inactive=120s" - open_file_cache_valid: "240s" - open_file_cache_min_uses: "5" - open_file_cache_errors: "off" - client_max_body_size: "5m" - client_body_timeout: "60" - index: "index.php index.html index.htm" - error_page: "403 =404" - access_log: "/var/log/nginx/{{ server_hostname }}_access.log" - error_log: "/var/log/nginx/{{ server_hostname }}_error.log" - extra_parameters: | - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - location ~ ^/sites/default/files/ { - try_files $uri @rewrite; - } - location ~ \.(gif|jpg|jpeg|png|ico|bmp|js|css|pdf|doc|webp|woff|ico|js|css|svg)(\?[a-zA-Z0-9\.\-_,])?$ { - expires max; - log_not_found off; - add_header Cache-Control "public"; - add_header X-Cache $upstream_cache_status; - } - location = /favicon.ico { - log_not_found off; - access_log off; - } - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - location / { - proxy_pass http://127.0.0.1:{{ apache_listen_port }}; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; - add_header X-Cache $upstream_cache_status; - add_header X-Loaded "/"; - add_header X-Your-IP $remote_addr; - } - location ~ \.php$ { - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header Host $host; - proxy_pass http://127.0.0.1:{{ apache_listen_port }}; - add_header X-Cache $upstream_cache_status; - add_header X-Loaded "php"; - add_header X-Your-IP $remote_addr; - } - location = /backup { - deny all; - } - location ~* \.(txt|log)$ { - allow 127.0.0.1; - deny all; - } - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ /\. { - access_log off; - log_not_found off; - deny all; - } - location ~ ~$ { - access_log off; - log_not_found off; - deny all; - } - location ~ /\.ht { - deny all; - } - location @rewrite { - # Some modules enforce no slash (/) at the end of the URL - # Else this rewrite block wouldn't be needed (GlobalRedirect) - rewrite ^/(.*)$ /index.php?q=$1 last; - } - - listen: "{{ nginx_port }}" - server_name: "2{{ server_hostname }} www.2{{ server_hostname }}" - root: "/var/www/html/2{{ server_hostname }}" - open_file_cache: "max=2000 inactive=120s" - open_file_cache_valid: "240s" - open_file_cache_min_uses: "5" - open_file_cache_errors: "off" - client_max_body_size: "5m" - client_body_timeout: "60" - index: "index.php index.html index.htm" - error_page: "403 =404" - access_log: "/var/log/nginx/2{{ server_hostname }}_access.log" - error_log: "/var/log/nginx/2{{ server_hostname }}_error.log" - extra_parameters: | - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - location ~ ^/sites/default/files/ { - try_files $uri @rewrite; - } - location ~ \.(gif|jpg|jpeg|png|ico|bmp|js|css|pdf|doc|webp|woff|ico|js|css|svg)(\?[a-zA-Z0-9\.\-_,])?$ { - expires max; - log_not_found off; - add_header Cache-Control "public"; - add_header X-Cache $upstream_cache_status; - } - location = /favicon.ico { - log_not_found off; - access_log off; - } - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - location / { - proxy_pass http://127.0.0.1:{{ apache_listen_port }}; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; - add_header X-Cache $upstream_cache_status; - add_header X-Loaded "/"; - add_header X-Your-IP $remote_addr; - } - location ~ \.php$ { - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header Host $host; - proxy_pass http://127.0.0.1:{{ apache_listen_port }}; - add_header X-Cache $upstream_cache_status; - add_header X-Loaded "php"; - add_header X-Your-IP $remote_addr; - } - location = /backup { - deny all; - } - location ~* \.(txt|log)$ { - allow 127.0.0.1; - deny all; - } - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ /\. { - access_log off; - log_not_found off; - deny all; - } - location ~ ~$ { - access_log off; - log_not_found off; - deny all; - } - location ~ /\.ht { - deny all; - } - location @rewrite { - # Some modules enforce no slash (/) at the end of the URL - # Else this rewrite block wouldn't be needed (GlobalRedirect) - rewrite ^/(.*)$ /index.php?q=$1 last; - } diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..25d14ec --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,5 @@ +--- +- name: restart apache + service: + name: "{{ apache_service }}" + state: restarted diff --git a/hosts b/hosts deleted file mode 100644 index c77885e..0000000 --- a/hosts +++ /dev/null @@ -1,2 +0,0 @@ -[lemp-server] -122.129.219.67:221 diff --git a/roles/ansible-role-memcached/meta/main.yml b/meta/main.yml similarity index 54% rename from roles/ansible-role-memcached/meta/main.yml rename to meta/main.yml index d7e368d..12200db 100644 --- a/roles/ansible-role-memcached/meta/main.yml +++ b/meta/main.yml @@ -3,22 +3,29 @@ dependencies: [] galaxy_info: author: geerlingguy - description: Memcached for Linux + description: Apache 2.x for RedHat/CentOS/Debian/Ubuntu/Solaris/Suse. company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" - min_ansible_version: 1.8 + min_ansible_version: 1.9 platforms: - name: EL versions: - - 6 - - 7 - - name: Ubuntu - versions: - - precise - - trusty + - all - name: Debian versions: - all + - name: Ubuntu + versions: + - precise + - raring + - saucy + - trusty + - xenial + - name: Suse + versions: + - all + - name: Solaris + versions: + - 11.3 galaxy_tags: - web - - database diff --git a/roles/ansible-role-apache-php-fpm/README.md b/roles/ansible-role-apache-php-fpm/README.md deleted file mode 100644 index 5591e6a..0000000 --- a/roles/ansible-role-apache-php-fpm/README.md +++ /dev/null @@ -1,57 +0,0 @@ -# Ansible Role: Apache PHP-FPM - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-apache-php-fpm.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-apache-php-fpm) - -An Ansible Role that configures Apache for PHP-FPM usage on RHEL/CentOS and Debian/Ubuntu. - -## Requirements - -This role is dependent upon `geerlingguy.apache`, and also requires you have PHP running with PHP-FPM somewhere on the server or elsewhere (I usually configure PHP with the `geerlingguy.php` role). - -Additionally, this role will only work correctly if you have Apache 2.4.9+ installed; on older versions of Debian/Ubuntu Linux (e.g. 12.04), you can add `ppa:ondrej/apache2` prior to Apache installation to install Apache 2.4, for example: - - - name: Add repository for Apache 2.4 on Ubuntu 12.04. - apt_repository: repo='ppa:ondrej/apache2' - when: ansible_distribution_version == "12.04" - -When configuring your Apache virtual hosts, you can add the following line to any vhost definition to enable passthrough to PHP-FPM: - - # If using a TCP port: - ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/example" - - # If using a Unix socket: - ProxyPassMatch ^/(.*\.php(/.*)?)$ "unix:/var/run/php5-fpm.sock|fcgi://localhost/var/www/example" - -For a full usage example with the `geerlingguy.apache` role, see the Example Playbook later in this README. - -## Role Variables - -None. - -## Dependencies - -None. - -## Example Playbook - - - hosts: webservers - - vars: - apache_vhosts: - - servername: "www.example.com" - documentroot: "/var/www/example" - extra_parameters: | - ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/example" - - roles: - - { role: geerlingguy.apache } - - { role: geerlingguy.php } - - { role: geerlingguy.apache-fastcgi-php } - -## License - -MIT / BSD - -## Author Information - -This role was created in 2016 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://www.ansiblefordevops.com/). diff --git a/roles/ansible-role-apache-php-fpm/meta/main.yml b/roles/ansible-role-apache-php-fpm/meta/main.yml deleted file mode 100644 index e4fe852..0000000 --- a/roles/ansible-role-apache-php-fpm/meta/main.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -dependencies: - - ansible-role-apache - -galaxy_info: - author: geerlingguy - description: Apache 2.4+ PHP-FPM support for Linux. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.4 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Debian - versions: - - wheezy - - jessie - - name: Ubuntu - versions: - - precise - - trusty - - xenial - galaxy_tags: - - web diff --git a/roles/ansible-role-apache-php-fpm/tasks/configure-Debian.yml b/roles/ansible-role-apache-php-fpm/tasks/configure-Debian.yml deleted file mode 100644 index f4eb185..0000000 --- a/roles/ansible-role-apache-php-fpm/tasks/configure-Debian.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: Enable mod_proxy_fcgi. - file: - src: "{{ apache_server_root }}/mods-available/{{ item }}" - dest: "{{ apache_server_root }}/mods-enabled/{{ item }}" - state: link - with_items: - - proxy.load - - proxy_fcgi.load - notify: restart apache diff --git a/roles/ansible-role-apache-php-fpm/tasks/configure-RedHat.yml b/roles/ansible-role-apache-php-fpm/tasks/configure-RedHat.yml deleted file mode 100644 index b42a7be..0000000 --- a/roles/ansible-role-apache-php-fpm/tasks/configure-RedHat.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# RHEL/CentOS 7 automatically installs and enables mod_proxy_fcgi by default. - -# RHEL/CentOS 6 installs Apache 2.2... and is much harder to get configured with -# FastCGI, but here are two guides: -# - Apache 2.2 + mod_fastcgi: http://stackoverflow.com/a/21409702/100134 -# - Apache 2.4 + mod_proxy_fcgi: http://unix.stackexchange.com/a/138903/16194 diff --git a/roles/ansible-role-apache-php-fpm/tasks/main.yml b/roles/ansible-role-apache-php-fpm/tasks/main.yml deleted file mode 100644 index 545b65d..0000000 --- a/roles/ansible-role-apache-php-fpm/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -# Configuration tasks. -- include: configure-Debian.yml - when: ansible_os_family == 'Debian' - -- include: configure-RedHat.yml - when: ansible_os_family == 'RedHat' diff --git a/roles/ansible-role-apache-php-fpm/tests/test.yml b/roles/ansible-role-apache-php-fpm/tests/test.yml deleted file mode 100644 index 88f3d7c..0000000 --- a/roles/ansible-role-apache-php-fpm/tests/test.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- hosts: all - - vars: - php_enablerepo: "remi,remi-php56" - apache_listen_port_ssl: 443 - apache_create_vhosts: true - apache_vhosts_filename: "vhosts.conf" - apache_vhosts: - - servername: "example.com" - documentroot: "/var/www/vhosts/example_com" - - pre_tasks: - - name: Add repository for PHP 5.5 + Apache 2.4 on Ubuntu 12.04. - apt_repository: repo='ppa:ondrej/php5' - when: ansible_distribution_version == "12.04" - - - name: Update apt cache on Ubuntu 12.04. - apt: update_cache=yes - when: ansible_distribution_version == "12.04" - - roles: - - role: geerlingguy.repo-remi - when: ansible_os_family == 'RedHat' - - role: geerlingguy.apache - - role: geerlingguy.php - - role: role_under_test diff --git a/roles/ansible-role-composer/.travis.yml b/roles/ansible-role-composer/.travis.yml deleted file mode 100644 index 0b8b54e..0000000 --- a/roles/ansible-role-composer/.travis.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -sudo: required -language: python -python: "2.7" - -env: - - SITE=test.yml - - SITE=test-global-require.yml - -before_install: - - sudo apt-get update -qq - - sudo apt-get install curl - -install: - # Install Ansible. - - pip install ansible - - # Add ansible.cfg to pick up roles path. - - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" - - # Install required dependencies. - - ansible-galaxy install geerlingguy.php - -script: - # Check the role/playbook's syntax. - - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" - - # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" - - # Run the role/playbook again, checking to make sure it's idempotent. - - > - ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # Check if composer is installed and working. - - composer - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-composer/README.md b/roles/ansible-role-composer/README.md deleted file mode 100644 index 11def04..0000000 --- a/roles/ansible-role-composer/README.md +++ /dev/null @@ -1,68 +0,0 @@ -# Ansible Role: Composer - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-composer.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-composer) - -Installs Composer, the PHP Dependency Manager, on any Linux or UNIX system. - -## Requirements - - - `php` (version 5.4+) should be installed and working (you can use the `geerlingguy.php` role to install). - - `git` should be installed and working (you can use the `geerlingguy.git` role to install). - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - composer_path: /usr/local/bin/composer - -The path where composer will be installed and available to your system. Should be in your user's `$PATH` so you can run commands simply with `composer` instead of the full path. - - composer_keep_updated: false - -Set this to `true` to update Composer to the latest release every time the playbook is run. - - composer_home_path: '~/.composer' - composer_home_owner: root - composer_home_group: root - -The `COMPOSER_HOME` path and directory ownership; this is the directory where global packages will be installed. - - composer_version: '' - -You can install a specific release of Composer, e.g. `composer_version: '1.0.0-alpha11'`. If left empty the latest development version will be installed. Note that `composer_keep_updated` will override this variable, as it will always install the latest development version. - - composer_global_packages: {} - -A list of packages to install globally (using `composer global require`). If you want to install any packages globally, add a list item with a dictionary with the `name` of the package and a `release`, e.g. `- { name: phpunit/phpunit, release: "4.7.*" }`. The 'release' is optional, and defaults to `@stable`. - - composer_add_to_path: true - -If `true`, and if there are any configured `composer_global_packages`, the `vendor/bin` directory inside `composer_home_path` will be added to the system's default `$PATH` (for all users). - - composer_github_oauth_token: '' - -GitHub OAuth token, used to avoid GitHub API rate limiting errors when building and rebuilding applications using Composer. Follow GitHub's directions to [Create a personal access token](https://help.github.com/articles/creating-an-access-token-for-command-line-use/) if you run into these rate limit errors. - - php_executable: php - -The executable name or full path to the PHP executable. This is defaulted to `php` if you don't override the variable. - -## Dependencies - -None (but make sure you've installed PHP; the `geerlingguy.php` role is recommended). - -## Example Playbook - - - hosts: servers - roles: - - geerlingguy.composer - -After the playbook runs, `composer` will be placed in `/usr/local/bin/composer` (this location is configurable), and will be accessible via normal system accounts. - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-composer/defaults/main.yml b/roles/ansible-role-composer/defaults/main.yml deleted file mode 100644 index a6313ea..0000000 --- a/roles/ansible-role-composer/defaults/main.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -composer_path: /usr/local/bin/composer -composer_keep_updated: false -composer_version: '' - -# The directory where global packages will be installed. -composer_home_path: '~/.composer' -composer_home_owner: root -composer_home_group: root - -# A list of packages to install globally. See commented examples below for -# usage; the 'release' is optional, and defaults to '@stable'. -composer_global_packages: [] - # - { name: phpunit/phpunit, release: "4.7.x" } - # - { name: phpunit/phpunit, release: "@stable" } - -composer_add_to_path: true - -# GitHub OAuth token (used to help overcome API rate limits). -composer_github_oauth_token: '' diff --git a/roles/ansible-role-composer/meta/main.yml b/roles/ansible-role-composer/meta/main.yml deleted file mode 100644 index c4b0b31..0000000 --- a/roles/ansible-role-composer/meta/main.yml +++ /dev/null @@ -1,43 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Composer PHP Dependency Manager - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.9 - platforms: - - name: EL - versions: - - all - - name: GenericUNIX - versions: - - all - - name: Fedora - versions: - - all - - name: opensuse - versions: - - all - - name: GenericBSD - versions: - - all - - name: FreeBSD - versions: - - all - - name: Ubuntu - versions: - - all - - name: SLES - versions: - - all - - name: GenericLinux - versions: - - all - - name: Debian - versions: - - all - galaxy_tags: - - packaging - - web diff --git a/roles/ansible-role-composer/tasks/global-require.yml b/roles/ansible-role-composer/tasks/global-require.yml deleted file mode 100644 index 0f6a323..0000000 --- a/roles/ansible-role-composer/tasks/global-require.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -- name: Install configured globally-required packages. - become: yes - become_user: "{{ composer_home_owner }}" - shell: > - COMPOSER_HOME={{ composer_home_path }} - composer global require {{ item.name }}:{{ item.release | default('@stable') }} --no-progress - creates={{ composer_home_path }}/vendor/{{ item.name }} - register: composer_global_require_result - with_items: "{{ composer_global_packages }}" - -- name: Add composer_home_path bin directory to global $PATH. - template: - src: composer.sh.j2 - dest: /etc/profile.d/composer.sh - mode: 0644 - when: composer_add_to_path diff --git a/roles/ansible-role-composer/tasks/main.yml b/roles/ansible-role-composer/tasks/main.yml deleted file mode 100644 index 6a65e99..0000000 --- a/roles/ansible-role-composer/tasks/main.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -- name: Set php_executable variable to a default if not defined. - set_fact: - php_executable: php - when: php_executable is not defined - -- name: Check if Composer is installed. - stat: "path={{ composer_path }}" - register: composer_bin - -- name: Download Composer installer. - get_url: - url: https://getcomposer.org/installer - dest: /tmp/composer-installer.php - mode: 0755 - when: not composer_bin.stat.exists - -- name: Run Composer installer. - command: > - {{ php_executable }} composer-installer.php {% if composer_version != '' %} --version={{ composer_version }}{% endif %} - chdir=/tmp - when: not composer_bin.stat.exists - -- name: Move Composer into globally-accessible location. - shell: > - mv /tmp/composer.phar {{ composer_path }} - creates={{ composer_path }} - when: not composer_bin.stat.exists - -- name: Update Composer to latest version (if configured). - shell: > - {{ php_executable }} {{ composer_path }} self-update - register: composer_update - changed_when: "'Updating to version' in composer_update.stdout" - when: composer_keep_updated - -- name: Ensure composer directory exists. - file: - path: "{{ composer_home_path }}" - owner: "{{ composer_home_owner }}" - group: "{{ composer_home_group }}" - state: directory - -- name: Add GitHub OAuth token for Composer (if configured). - template: - src: "auth.json.j2" - dest: "{{ composer_home_path }}/auth.json" - owner: "{{ composer_home_owner }}" - group: "{{ composer_home_group }}" - when: composer_github_oauth_token != '' - -- include: global-require.yml - when: composer_global_packages|length > 0 diff --git a/roles/ansible-role-composer/templates/auth.json.j2 b/roles/ansible-role-composer/templates/auth.json.j2 deleted file mode 100644 index a41c214..0000000 --- a/roles/ansible-role-composer/templates/auth.json.j2 +++ /dev/null @@ -1,5 +0,0 @@ -{ - "github-oauth": { - "github.com": "{{ composer_github_oauth_token }}" - } -} diff --git a/roles/ansible-role-composer/templates/composer.sh.j2 b/roles/ansible-role-composer/templates/composer.sh.j2 deleted file mode 100644 index 3e6cd7a..0000000 --- a/roles/ansible-role-composer/templates/composer.sh.j2 +++ /dev/null @@ -1 +0,0 @@ -export PATH=$PATH:{{ composer_home_path }}/vendor/bin diff --git a/roles/ansible-role-composer/tests/inventory b/roles/ansible-role-composer/tests/inventory deleted file mode 100644 index 2fbb50c..0000000 --- a/roles/ansible-role-composer/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/roles/ansible-role-composer/tests/test-global-require.yml b/roles/ansible-role-composer/tests/test-global-require.yml deleted file mode 100644 index 1a14413..0000000 --- a/roles/ansible-role-composer/tests/test-global-require.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -- hosts: localhost - remote_user: root - - vars: - php_enable_webserver: false - composer_global_packages: - - { name: phpunit/phpunit, release: "@stable" } - - roles: - - geerlingguy.php - - ansible-role-composer diff --git a/roles/ansible-role-composer/tests/test.yml b/roles/ansible-role-composer/tests/test.yml deleted file mode 100644 index e90b820..0000000 --- a/roles/ansible-role-composer/tests/test.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- hosts: localhost - remote_user: root - - vars: - php_enable_webserver: false - - roles: - - geerlingguy.php - - ansible-role-composer diff --git a/roles/ansible-role-drupal-console/.travis.yml b/roles/ansible-role-drupal-console/.travis.yml deleted file mode 100644 index 816fbdd..0000000 --- a/roles/ansible-role-drupal-console/.travis.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -sudo: required -language: python -python: "2.7" - -env: - - SITE=test.yml - - SITE=test-self-update.yml - -before_install: - - sudo apt-get update -qq - -install: - # Install Ansible. - - pip install ansible - - # Add ansible.cfg to pick up roles path. - - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" - - # Install required dependencies. - - ansible-galaxy install geerlingguy.php - -script: - # Check the role/playbook's syntax. - - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" - - # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" - - # Run the role/playbook again, checking to make sure it's idempotent. - - > - ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # Check if Drupal Console is installed and working. - - drupal - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-drupal-console/README.md b/roles/ansible-role-drupal-console/README.md deleted file mode 100644 index 83aa15b..0000000 --- a/roles/ansible-role-drupal-console/README.md +++ /dev/null @@ -1,45 +0,0 @@ -# Ansible Role: Drupal Console - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-drupal-console.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-drupal-console) - -Installs [Drupal Console](http://drupalconsole.com/) on any Linux or UNIX system. - -## Requirements - -`php` (version 5.4+) should be installed and working. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - drupal_console_path: /usr/local/bin/drupal - -The path where Drupal Console will be installed and available to your system. Should be in your user's `$PATH` so you can use Drupal Console by entering `drupal` instead of the full path. - - drupal_console_keep_updated: false - -By default, this role not update Drupal Console when it is run again. If you'd like always update Drupal Console to the latest version when this role is run, switch this variable to `true`. - - drupal_console_config: ~/.console - -The path to the Drupal Console configuration file. - -## Dependencies - - - geerlingguy.php (Installs PHP). - -## Example Playbook - - - hosts: servers - roles: - - { role: geerlingguy.drupal-console } - -After the playbook runs, `drupal` will be placed in `/usr/local/bin/drupal` (this location is configurable), and will be accessible via normal system accounts. - -## License - -MIT / BSD - -## Author Information - -This role was created in 2015 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-drupal-console/defaults/main.yml b/roles/ansible-role-drupal-console/defaults/main.yml deleted file mode 100644 index 5885c7a..0000000 --- a/roles/ansible-role-drupal-console/defaults/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -drupal_console_path: /usr/local/bin/drupal -drupal_console_keep_updated: false -drupal_console_config: ~/.console diff --git a/roles/ansible-role-drupal-console/meta/main.yml b/roles/ansible-role-drupal-console/meta/main.yml deleted file mode 100644 index e0962f1..0000000 --- a/roles/ansible-role-drupal-console/meta/main.yml +++ /dev/null @@ -1,44 +0,0 @@ ---- -dependencies: - - ansible-role-php - -galaxy_info: - author: geerlingguy - description: Drupal Console - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.4 - platforms: - - name: EL - versions: - - all - - name: GenericUNIX - versions: - - all - - name: Fedora - versions: - - all - - name: opensuse - versions: - - all - - name: GenericBSD - versions: - - all - - name: FreeBSD - versions: - - all - - name: Ubuntu - versions: - - all - - name: SLES - versions: - - all - - name: GenericLinux - versions: - - all - - name: Debian - versions: - - all - galaxy_tags: - - packaging - - web diff --git a/roles/ansible-role-drupal-console/tasks/main.yml b/roles/ansible-role-drupal-console/tasks/main.yml deleted file mode 100644 index 5be2194..0000000 --- a/roles/ansible-role-drupal-console/tasks/main.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -- name: Install Drupal Console. - get_url: - url: https://drupalconsole.com/installer - dest: "{{ drupal_console_path }}" - -- name: Ensure Drupal Console is executable. - file: - path: "{{ drupal_console_path }}" - mode: 0755 - -- name: Run Drupal Console init. - shell: > - php {{ drupal_console_path }} init - creates={{ drupal_console_config }} - -- name: Update Drupal Console to latest version (if configured). - shell: > - php {{ drupal_console_path }} self-update - register: drupal_console_update - changed_when: "'console has been updated' in drupal_console_update.stdout" - when: drupal_console_keep_updated diff --git a/roles/ansible-role-drupal-console/tests/inventory b/roles/ansible-role-drupal-console/tests/inventory deleted file mode 100644 index 2fbb50c..0000000 --- a/roles/ansible-role-drupal-console/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/roles/ansible-role-drupal-console/tests/test-self-update.yml b/roles/ansible-role-drupal-console/tests/test-self-update.yml deleted file mode 100644 index cb5934c..0000000 --- a/roles/ansible-role-drupal-console/tests/test-self-update.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- hosts: localhost - remote_user: root - - vars: - php_enable_webserver: false - drupal_console_keep_updated: true - - pre_tasks: - - name: Add ondrej repository for PHP 5.6. - apt_repository: repo='ppa:ondrej/php5-5.6' - - roles: - - geerlingguy.php - - ansible-role-drupal-console diff --git a/roles/ansible-role-drupal-console/tests/test.yml b/roles/ansible-role-drupal-console/tests/test.yml deleted file mode 100644 index cf4c49c..0000000 --- a/roles/ansible-role-drupal-console/tests/test.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- hosts: localhost - remote_user: root - - vars: - php_enable_webserver: false - - pre_tasks: - - name: Add ondrej repository for PHP 5.6. - apt_repository: repo='ppa:ondrej/php5-5.6' - - roles: - - geerlingguy.php - - ansible-role-drupal-console diff --git a/roles/ansible-role-drush/.travis.yml b/roles/ansible-role-drush/.travis.yml deleted file mode 100644 index 7125a00..0000000 --- a/roles/ansible-role-drush/.travis.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -language: python -python: "2.7" - -env: - - SITE=test.yml - -before_install: - - sudo add-apt-repository ppa:ondrej/php5 -y - - sudo apt-get update -q - - sudo apt-get update -qq - - sudo apt-get install curl - -install: - # Install Ansible. - - pip install ansible - - # Add ansible.cfg to pick up roles path. - - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" - - # Install required dependencies. - - ansible-galaxy install geerlingguy.php geerlingguy.composer geerlingguy.git - -script: - # Check the role/playbook's syntax. - - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" - - # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" - - # Run the role/playbook again, checking to make sure it's idempotent. - - > - ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # Check if drush is installed and working. - - drush --version - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-drush/README.md b/roles/ansible-role-drush/README.md deleted file mode 100644 index 6e8dc88..0000000 --- a/roles/ansible-role-drush/README.md +++ /dev/null @@ -1,56 +0,0 @@ -# Ansible Role: Drush - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-drush.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-drush) - -Installs Drush, a command line shell and scripting interface for Drupal, on any Linux or UNIX system. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - drush_install_path: /usr/local/share/drush - -The location of the entire drush installation (includes all the supporting files, as well as the `drush` executable file. - - drush_path: /usr/local/bin/drush - -The path where drush will be installed and available to your system. Should be in your user's `$PATH` so you can run commands simply with `drush` instead of the full path. - - drush_version: "master" - -The version of Drush to install (examples: `"master"` for the bleeding edge, `"7.x"`, `"6.x"`, `"6.2.0"`). This should be a string as it refers to a git branch, tag, or commit hash. - - drush_keep_updated: no - drush_force_update: no - -Whether to keep Drush up-to-date with the latest revision of the branch specified by `drush_version`, and whether to force the update (e.g. overwrite local modifications to the drush repository). - - drush_composer_cli_options: "--prefer-source --no-interaction" - -These options are the safest for avoiding GitHub API rate limits when installing Drush, and can be very helpful when working on dependencies/installation, but builds can be sped up substantially by changing the first option to --prefer-dist. - -## Dependencies - - - geerlingguy.git (Installs Git). - - geerlingguy.php (Installs PHP). - - geerlingguy.composer (Installs Composer). - -## Example Playbook - - - hosts: servers - roles: - - { role: geerlingguy.drush } - -After the playbook runs, the `drush` command will be accessible from normal system accounts. - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-drush/defaults/main.yml b/roles/ansible-role-drush/defaults/main.yml deleted file mode 100644 index eff2827..0000000 --- a/roles/ansible-role-drush/defaults/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -drush_install_path: /usr/local/share/drush -drush_path: /usr/local/bin/drush -drush_version: "master" -drush_keep_updated: no -drush_force_update: no - -# These options are the safest for avoiding GitHub API rate limits, but builds -# can be sped up substantially by changing to --prefer-dist. -drush_composer_cli_options: "--prefer-source --no-interaction" diff --git a/roles/ansible-role-drush/meta/main.yml b/roles/ansible-role-drush/meta/main.yml deleted file mode 100644 index d27dd2e..0000000 --- a/roles/ansible-role-drush/meta/main.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -dependencies: - - ansible-role-git - - ansible-role-php - - ansible-role-composer - -galaxy_info: - author: geerlingguy - description: Drush - command line shell for Drupal - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.4 - platforms: - - name: EL - versions: - - all - - name: GenericUNIX - versions: - - all - - name: Fedora - versions: - - all - - name: opensuse - versions: - - all - - name: GenericBSD - versions: - - all - - name: FreeBSD - versions: - - all - - name: Ubuntu - versions: - - all - - name: SLES - versions: - - all - - name: GenericLinux - versions: - - all - - name: Debian - versions: - - all - galaxy_tags: - - development - - web diff --git a/roles/ansible-role-drush/tasks/main.yml b/roles/ansible-role-drush/tasks/main.yml deleted file mode 100644 index 287fa65..0000000 --- a/roles/ansible-role-drush/tasks/main.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -- name: Clone Drush from GitHub. - git: - repo: https://github.com/drush-ops/drush.git - dest: "{{ drush_install_path }}" - version: "{{ drush_version }}" - update: "{{ drush_keep_updated }}" - force: "{{ drush_force_update }}" - register: drush_clone - -- name: Check for composer.json - stat: path={{ drush_install_path }}/composer.json - register: drush_composer - -# See: https://github.com/geerlingguy/ansible-role-drush/issues/6 -- name: Ensure Drush can be installed on Debian Wheezy. - shell: > - {{ composer_path }} update {{ drush_composer_cli_options }} - chdir={{ drush_install_path }} - when: drush_clone.changed and ansible_distribution == "Debian" and ansible_distribution_release == "wheezy" and drush_composer.stat.exists - -- name: Install Drush dependencies with Composer. - shell: > - {{ composer_path }} install {{ drush_composer_cli_options }} - chdir={{ drush_install_path }} - when: drush_clone.changed and drush_composer.stat.exists - -- name: Create drush symlink. - file: - src: "{{ drush_install_path }}/drush" - dest: "{{ drush_path }}" - state: link - -- name: Run drush to finish setting it up. - command: "{{ drush_path }}" - register: drush_result - changed_when: "'Execute a drush command' not in drush_result.stdout" - become: no diff --git a/roles/ansible-role-drush/tests/inventory b/roles/ansible-role-drush/tests/inventory deleted file mode 100644 index 2fbb50c..0000000 --- a/roles/ansible-role-drush/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/roles/ansible-role-drush/tests/test.yml b/roles/ansible-role-drush/tests/test.yml deleted file mode 100644 index da27b63..0000000 --- a/roles/ansible-role-drush/tests/test.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- hosts: localhost - remote_user: root - - vars: - php_enable_webserver: false - php_opcache_enable: "0" - - roles: - - geerlingguy.php - - geerlingguy.composer - - geerlingguy.git - - ansible-role-drush diff --git a/roles/ansible-role-git/.gitignore b/roles/ansible-role-git/.gitignore deleted file mode 100644 index b066709..0000000 --- a/roles/ansible-role-git/.gitignore +++ /dev/null @@ -1 +0,0 @@ -.LSOverride diff --git a/roles/ansible-role-git/.travis.yml b/roles/ansible-role-git/.travis.yml deleted file mode 100644 index a221fcc..0000000 --- a/roles/ansible-role-git/.travis.yml +++ /dev/null @@ -1,84 +0,0 @@ ---- -sudo: required - -env: - # Only test source install on latest supported OSes. - # - distribution: centos - # version: 7 - # init: /usr/lib/systemd/systemd - # run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" - # SITE: source - # GIT_VERSION: 2.7.1 - - distribution: ubuntu - version: 14.04 - init: /sbin/init - run_opts: "" - SITE: source - GIT_VERSION: 2.7.1 - - # Test package install on all supported OSes. - - distribution: centos - version: 6 - init: /sbin/init - run_opts: "" - SITE: package - GIT_VERSION: 1.7.1 - - distribution: centos - version: 7 - init: /usr/lib/systemd/systemd - run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" - SITE: package - GIT_VERSION: 1.8.3.1 - - distribution: ubuntu - version: 14.04 - init: /sbin/init - run_opts: "" - SITE: package - GIT_VERSION: 1.9.1 - - distribution: ubuntu - version: 12.04 - init: /sbin/init - run_opts: "" - SITE: package - GIT_VERSION: 1.7.9.5 - -services: - - docker - -before_install: - # - sudo apt-get update - # Pull container - - 'sudo docker pull ${distribution}:${version}' - # Customize container - - 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' - -script: - - container_id=$(mktemp) - # Run container in detached state - - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' - - # Ansible syntax check. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml --syntax-check' - - # Test role. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml' - - # Test role idempotence. - - > - sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # Ensure Git is installed and at the right version. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm which git' - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm test -x /usr/bin/git' - - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm git --version' - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm /usr/bin/git --version | grep -qF "$GIT_VERSION"' - - # Clean up - - 'sudo docker stop "$(cat ${container_id})"' - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-git/README.md b/roles/ansible-role-git/README.md deleted file mode 100644 index e7b6676..0000000 --- a/roles/ansible-role-git/README.md +++ /dev/null @@ -1,55 +0,0 @@ -# Ansible Role: Git - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-git.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-git) - -Installs Git, a distributed version control system, on any RHEL/CentOS or Debian/Ubuntu Linux system. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - workspace: /root - -Where certain files will be downloaded and adjusted prior to git installation, if needed. - - git_enablerepo: "" - -This variable, a well as `git_packages`, will be used to install git via a particular `yum` repo if `git_install_from_source` is false (CentOS only). Any additional repositories you have installed that you would like to use for a newer/different Git version. - - git_packages: - - git - - git-svn - -The specific Git packages that will be installed. By default, `git-svn` is included, but you can easily add this variable to your playbook's variables and remove `git-svn` if desired. - - git_install_from_source: false - git_install_path: "/usr" - git_version: "2.1.0" - -Whether to install Git from source; if set to `true`, `git_version` is required and will be used to install a particular version of git (see all available versions here: https://www.kernel.org/pub/software/scm/git/), and `git_install_path` defines where git should be installed. - - git_install_from_source_force_update: false - -If git is already installed at and older version, force a new source build. Only applies if `git_install_from_source` is `true`. - -## Dependencies - -None. - -## Example Playbook - - - hosts: servers - roles: - - { role: geerlingguy.git } - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-git/defaults/main.yml b/roles/ansible-role-git/defaults/main.yml deleted file mode 100644 index 7c64bc2..0000000 --- a/roles/ansible-role-git/defaults/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -workspace: /root - -# If git_install_from_source is set to false, these two variables define whether -# to use an additional repo for the package installation, and which git packages -# will be installed. -git_enablerepo: "" -git_packages: - - git - - git-svn - -# If set to TRUE, git will be installed from source, using the version set with -# the 'git_version' variable instead of using a package. -git_install_from_source: false -git_install_path: "/usr" -git_version: "2.7.1" - -# If git is already installed at and older version, force a new source build. -# Only applies if git_install_from_source is `true`. -git_install_from_source_force_update: false - -# Leave this at it's default. -git_reinstall_from_source: false diff --git a/roles/ansible-role-git/meta/main.yml b/roles/ansible-role-git/meta/main.yml deleted file mode 100644 index d119d20..0000000 --- a/roles/ansible-role-git/meta/main.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Git version control software - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.9 - platforms: - - name: EL - versions: - - all - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - galaxy_tags: - - development - - system diff --git a/roles/ansible-role-git/tasks/install-from-source.yml b/roles/ansible-role-git/tasks/install-from-source.yml deleted file mode 100644 index 3dc0458..0000000 --- a/roles/ansible-role-git/tasks/install-from-source.yml +++ /dev/null @@ -1,62 +0,0 @@ ---- -- name: Ensure git's dependencies are installed (RedHat). - yum: "pkg={{ item }} state=installed" - with_items: - - gettext-devel - - expat-devel - - curl-devel - - zlib-devel - - perl-devel - - openssl-devel - - subversion-perl - - make - - gcc - when: ansible_os_family == 'RedHat' - -- name: Ensure git's dependencies are installed (Debian). - apt: "pkg={{ item }} state=installed" - with_items: - - libcurl4-gnutls-dev - - libexpat1-dev - - gettext - - libssl-dev - - build-essential - - gcc - when: ansible_os_family == 'Debian' - -- name: Get installed version - command: git --version - changed_when: false - failed_when: false - # Ansible 1.8 feature. - # warn: no - register: git_installed_version - -- name: Force git install if the version numbers do not match - set_fact: - git_reinstall_from_source: true - when: 'git_install_from_source_force_update and (git_installed_version|success and (git_installed_version.stdout | regex_replace("^.*?([0-9\.]+)$", "\\1") | version_compare(git_version, operator="!=")))' - -- name: Download git. - get_url: - url: "https://www.kernel.org/pub/software/scm/git/git-{{ git_version }}.tar.gz" - dest: "{{ workspace }}/git-{{ git_version }}.tar.gz" - when: git_installed_version|failed or git_reinstall_from_source - -- name: Expand git archive. - unarchive: - src: "{{ workspace }}/git-{{ git_version }}.tar.gz" - dest: "{{ workspace }}" - creates: "{{ workspace }}/git-{{ git_version }}/README" - copy: no - when: git_installed_version|failed or git_reinstall_from_source - -- name: Build git. - command: > - make prefix={{ git_install_path }} {{ item }} - chdir={{ workspace }}/git-{{ git_version }} - with_items: - - all - - install - when: git_installed_version|failed or git_reinstall_from_source - become: yes diff --git a/roles/ansible-role-git/tasks/main.yml b/roles/ansible-role-git/tasks/main.yml deleted file mode 100644 index 22f2b81..0000000 --- a/roles/ansible-role-git/tasks/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -- name: Ensure git is installed (RedHat). - yum: - name: "{{ item }}" - state: installed - enablerepo: "{{ git_enablerepo }}" - with_items: "{{ git_packages }}" - when: (git_install_from_source == false) and (ansible_os_family == 'RedHat') - -- name: Update apt cache (Debian). - apt: update_cache=yes cache_valid_time=86400 - when: ansible_os_family == 'Debian' - -- name: Ensure git is installed (Debian). - apt: - name: "{{ item }}" - state: installed - with_items: "{{ git_packages }}" - when: (git_install_from_source == false) and (ansible_os_family == 'Debian') - -# Install git from source when git_install_from_source is true. -- include: install-from-source.yml - when: git_install_from_source == true diff --git a/roles/ansible-role-git/tests/Dockerfile.centos-7 b/roles/ansible-role-git/tests/Dockerfile.centos-7 deleted file mode 100644 index 8aa0654..0000000 --- a/roles/ansible-role-git/tests/Dockerfile.centos-7 +++ /dev/null @@ -1,27 +0,0 @@ -FROM centos:7 - -# Install systemd -- See https://hub.docker.com/_/centos/ -RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs -RUN yum -y update; yum clean all; \ -(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ -rm -f /lib/systemd/system/multi-user.target.wants/*; \ -rm -f /etc/systemd/system/*.wants/*; \ -rm -f /lib/systemd/system/local-fs.target.wants/*; \ -rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ -rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ -rm -f /lib/systemd/system/basic.target.wants/*; \ -rm -f /lib/systemd/system/anaconda.target.wants/*; - -# Install Ansible -RUN yum -y install epel-release -RUN yum -y install git ansible sudo -RUN yum clean all - -# Disable requiretty -RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers - -# Install Ansible inventory file -RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts - -VOLUME ["/sys/fs/cgroup"] -CMD ["/usr/sbin/init"] diff --git a/roles/ansible-role-git/tests/Dockerfile.ubuntu-12.04 b/roles/ansible-role-git/tests/Dockerfile.ubuntu-12.04 deleted file mode 100644 index d0c130c..0000000 --- a/roles/ansible-role-git/tests/Dockerfile.ubuntu-12.04 +++ /dev/null @@ -1,11 +0,0 @@ -FROM ubuntu:12.04 -RUN apt-get update - -# Install Ansible -RUN apt-get install -y software-properties-common python-software-properties git -RUN apt-add-repository -y ppa:ansible/ansible -RUN apt-get update -RUN apt-get install -y ansible - -# Install Ansible inventory file -RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/roles/ansible-role-git/tests/Dockerfile.ubuntu-14.04 b/roles/ansible-role-git/tests/Dockerfile.ubuntu-14.04 deleted file mode 100644 index ca33287..0000000 --- a/roles/ansible-role-git/tests/Dockerfile.ubuntu-14.04 +++ /dev/null @@ -1,11 +0,0 @@ -FROM ubuntu:14.04 -RUN apt-get update - -# Install Ansible -RUN apt-get install -y software-properties-common git -RUN apt-add-repository -y ppa:ansible/ansible -RUN apt-get update -RUN apt-get install -y ansible - -# Install Ansible inventory file -RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/roles/ansible-role-git/tests/test-package.yml b/roles/ansible-role-git/tests/test-package.yml deleted file mode 100644 index e76a3e0..0000000 --- a/roles/ansible-role-git/tests/test-package.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- hosts: all - - vars: - git_install_from_source: false - git_install_path: /usr/local - - pre_tasks: - - name: Ensure build dependencies are installed (RedHat). - yum: name=which state=present - when: ansible_os_family == 'RedHat' - - roles: - - role_under_test diff --git a/roles/ansible-role-git/tests/test-source.yml b/roles/ansible-role-git/tests/test-source.yml deleted file mode 100644 index a31cc4e..0000000 --- a/roles/ansible-role-git/tests/test-source.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- hosts: all - - vars: - git_install_from_source: true - git_install_from_source_force_update: true - git_version: 2.7.1 - - pre_tasks: - - name: Ensure build dependencies are installed (RedHat). - yum: name=which state=present - when: ansible_os_family == 'RedHat' - - roles: - - role_under_test diff --git a/roles/ansible-role-git/vars/main.yml b/roles/ansible-role-git/vars/main.yml deleted file mode 100644 index 10e268a..0000000 --- a/roles/ansible-role-git/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# This space intentionally left blank. diff --git a/roles/ansible-role-memcached/.gitignore b/roles/ansible-role-memcached/.gitignore deleted file mode 100644 index e43b0f9..0000000 --- a/roles/ansible-role-memcached/.gitignore +++ /dev/null @@ -1 +0,0 @@ -.DS_Store diff --git a/roles/ansible-role-memcached/.travis.yml b/roles/ansible-role-memcached/.travis.yml deleted file mode 100644 index 149e37c..0000000 --- a/roles/ansible-role-memcached/.travis.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -sudo: required -language: python -python: "2.7" - -env: - - SITE=test.yml - -before_install: - - sudo apt-get update -qq - - sudo apt-get install -y curl - -install: - # Install Ansible. - - pip install ansible - - # Add ansible.cfg to pick up roles path. - - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" - -script: - # Check the role/playbook's syntax. - - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" - - # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" - - # Run the role/playbook again, checking to make sure it's idempotent. - - > - ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # Check the version of Memcached (if this output fails, it's not running). - - memcached -h | head -1 - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-memcached/README.md b/roles/ansible-role-memcached/README.md deleted file mode 100644 index 79af09a..0000000 --- a/roles/ansible-role-memcached/README.md +++ /dev/null @@ -1,53 +0,0 @@ -# Ansible Role: Memcached - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-memcached.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-memcached) - -An Ansible Role that installs Memcached on RedHat/CentOS or Debian/Ubuntu Linux. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - memcached_user: memcache - -The user under which the Memcached daemon will run. - - memcached_port: 11211 - memcached_listen_ip: 127.0.0.1 - -The port and IP address (127.0.0.1 for localhost) on which Memcached will listen for requests. - - memcached_memory_limit: 64 - memcached_connections: 1024 - -Memcached limits. The maximum amount of RAM `memcached` will consume (64MB is the default), and the maximum number of simultaneous connections memcached will handle. - - memcached_log_file: /var/log/memcached.log - -The location of the memcached log file. - - memcached_log_verbosity: "" - -Normally memcached does not log anything. Change to "-v" to enable logging or to "-vv" for debug logging. - -## Dependencies - -None. - -## Example Playbook - - - hosts: cache - roles: - - { role: geerlingguy.memcached } - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-memcached/defaults/main.yml b/roles/ansible-role-memcached/defaults/main.yml deleted file mode 100644 index 9f47684..0000000 --- a/roles/ansible-role-memcached/defaults/main.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -memcached_port: 11211 -memcached_listen_ip: 127.0.0.1 - -memcached_memory_limit: 64 -memcached_connections: 1024 - -memcached_log_file: /var/log/memcached.log -memcached_log_verbosity: "" diff --git a/roles/ansible-role-memcached/handlers/main.yml b/roles/ansible-role-memcached/handlers/main.yml deleted file mode 100644 index 9aaea02..0000000 --- a/roles/ansible-role-memcached/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart memcached - service: name=memcached state=restarted diff --git a/roles/ansible-role-memcached/tasks/main.yml b/roles/ansible-role-memcached/tasks/main.yml deleted file mode 100644 index 2aa71cf..0000000 --- a/roles/ansible-role-memcached/tasks/main.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -# Include variables and define needed variables. -- name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}.yml" - -- name: Define memcached_user. - set_fact: - memcached_user: "{{ __memcached_user }}" - when: memcached_user is not defined - -# Setup/install tasks. -- include: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- include: setup-Debian.yml - when: ansible_os_family == 'Debian' - -# Configure Memcached. -- name: Copy Memcached configuration. - template: - src: memcached-{{ ansible_os_family }}.conf.j2 - dest: "{{ memcached_config_file }}" - owner: root - group: root - mode: 0644 - notify: restart memcached - -- name: Ensure Memcached is started and set to run on startup. - service: name=memcached state=started enabled=yes diff --git a/roles/ansible-role-memcached/tasks/setup-Debian.yml b/roles/ansible-role-memcached/tasks/setup-Debian.yml deleted file mode 100644 index 2a5b414..0000000 --- a/roles/ansible-role-memcached/tasks/setup-Debian.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: Update apt cache. - apt: update_cache=yes cache_valid_time=86400 - -- name: Install Memcached. - apt: name=memcached state=installed diff --git a/roles/ansible-role-memcached/tasks/setup-RedHat.yml b/roles/ansible-role-memcached/tasks/setup-RedHat.yml deleted file mode 100644 index 461cc35..0000000 --- a/roles/ansible-role-memcached/tasks/setup-RedHat.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: Install Memcached. - yum: name=memcached state=installed diff --git a/roles/ansible-role-memcached/templates/memcached-Debian.conf.j2 b/roles/ansible-role-memcached/templates/memcached-Debian.conf.j2 deleted file mode 100644 index fc6746f..0000000 --- a/roles/ansible-role-memcached/templates/memcached-Debian.conf.j2 +++ /dev/null @@ -1,28 +0,0 @@ -# {{ ansible_managed }} -# Run memcached as a daemon. This command is implied, and is not needed for the -# daemon to run. --d - -# Log memcached's output to /var/log/memcached -logfile {{ memcached_log_file }} -{{ memcached_log_verbosity }} - -# Start with a cap of 64 megs of memory. It's reasonable, and the daemon default -# Note that the daemon will grow to this size, but does not start out holding this much -# memory --m {{ memcached_memory_limit }} - -# Default connection port is 11211 --p {{ memcached_port }} - -# Run the daemon as root. The start-memcached will default to running as root if no -# -u command is present in this config file --u {{ memcached_user }} - -# Specify which IP address to listen on. The default is to listen on all IP addresses -# This parameter is one of the only security measures that memcached has, so make sure -# it's listening on a firewalled interface. --l {{ memcached_listen_ip }} - -# Limit the number of simultaneous incoming connections. The daemon default is 1024 --c {{ memcached_connections }} diff --git a/roles/ansible-role-memcached/templates/memcached-RedHat.conf.j2 b/roles/ansible-role-memcached/templates/memcached-RedHat.conf.j2 deleted file mode 100644 index c36f4f4..0000000 --- a/roles/ansible-role-memcached/templates/memcached-RedHat.conf.j2 +++ /dev/null @@ -1,20 +0,0 @@ -# {{ ansible_managed }} -# Default connection port is 11211 -PORT="{{ memcached_port }}" - -# The user to run memcached as. -USER="{{ memcached_user }}" - -# Limit the number of simultaneous incoming connections. The daemon default is 1024. -MAXCONN="{{ memcached_connections }}" - -# Start with a cap of 64 megs of memory. It's reasonable, and the daemon default -# Note that the daemon will grow to this size, but does not start out holding this much -# memory -CACHESIZE="{{ memcached_memory_limit }}" - -# Extra options: -# -l Specify which IP address to listen on. The default is to listen on all IP addresses -# This parameter is one of the only security measures that memcached has, so make sure -# it's listening on a firewalled interface. -OPTIONS="-l {{ memcached_listen_ip }} {{ memcached_log_verbosity }} >> {{ memcached_log_file }} 2>&1" diff --git a/roles/ansible-role-memcached/tests/inventory b/roles/ansible-role-memcached/tests/inventory deleted file mode 100644 index 2fbb50c..0000000 --- a/roles/ansible-role-memcached/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/roles/ansible-role-memcached/tests/test.yml b/roles/ansible-role-memcached/tests/test.yml deleted file mode 100644 index cc7aee2..0000000 --- a/roles/ansible-role-memcached/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - ansible-role-memcached diff --git a/roles/ansible-role-memcached/vars/Debian.yml b/roles/ansible-role-memcached/vars/Debian.yml deleted file mode 100644 index 6167345..0000000 --- a/roles/ansible-role-memcached/vars/Debian.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -__memcached_user: memcache -memcached_config_file: /etc/memcached.conf diff --git a/roles/ansible-role-memcached/vars/RedHat.yml b/roles/ansible-role-memcached/vars/RedHat.yml deleted file mode 100644 index 520ab01..0000000 --- a/roles/ansible-role-memcached/vars/RedHat.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -__memcached_user: memcached -memcached_config_file: /etc/sysconfig/memcached diff --git a/roles/ansible-role-mysql/.travis.yml b/roles/ansible-role-mysql/.travis.yml deleted file mode 100644 index 22cbfa4..0000000 --- a/roles/ansible-role-mysql/.travis.yml +++ /dev/null @@ -1,76 +0,0 @@ ---- -sudo: required - -env: - - distribution: centos - version: 6 - init: /sbin/init - run_opts: "" - playbook: test.yml - - distribution: centos - version: 7 - init: /usr/lib/systemd/systemd - run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" - playbook: centos-7-test.yml - - distribution: ubuntu - version: 14.04 - init: /sbin/init - run_opts: "" - playbook: test.yml - # - distribution: ubuntu - # version: 12.04 - # init: /sbin/init - # run_opts: "" - # playbook: test.yml - -services: - - docker - -before_install: - # Pull container - - 'sudo docker pull ${distribution}:${version}' - # Customize container - - 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' - -script: - - container_id=$(mktemp) - # Run container in detached state - - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' - - # Ansible syntax check. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} --syntax-check' - - # Test role. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' - - # Test role idempotence. - - > - sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # Some MySQL debugging (show all the logs). - - sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ls -lah /var/log - - sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm cat /var/log/mysql/error.log || true - - sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm cat /var/log/mysql.err || true - - # Check to make sure we can connect to MySQL via Unix socket. - - > - sudo docker exec "$(cat ${container_id})" mysql -u root -proot -e 'show databases;' - | grep -q 'information_schema' - && (echo 'MySQL running normally' && exit 0) - || (echo 'MySQL not running' && exit 1) - - # Check to make sure we can connect to MySQL via TCP. - - > - sudo docker exec "$(cat ${container_id})" mysql -u root -proot -h 127.0.0.1 -e 'show databases;' - | grep -q 'information_schema' - && (echo 'MySQL running normally' && exit 0) - || (echo 'MySQL not running' && exit 1) - - # Clean up - - sudo docker stop "$(cat ${container_id})" - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-mysql/README.md b/roles/ansible-role-mysql/README.md deleted file mode 100755 index 2740c36..0000000 --- a/roles/ansible-role-mysql/README.md +++ /dev/null @@ -1,143 +0,0 @@ -# Ansible Role: MySQL - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-mysql.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-mysql) - -Installs and configures MySQL or MariaDB server on RHEL/CentOS or Debian/Ubuntu servers. - -## Requirements - -No special requirements; note that this role requires root access, so either run it in a playbook with a global `become: yes`, or invoke the role in your playbook like: - - - hosts: database - roles: - - role: geerlingguy.mysql - become: yes - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - mysql_user_home: /root - -The home directory inside which Python MySQL settings will be stored, which Ansible will use when connecting to MySQL. This should be the home directory of the user which runs this Ansible role. - - mysql_root_password: root - -The MySQL root user account password. - - mysql_root_password_update: no - -Whether to force update the MySQL root user's password. By default, this role will only change the root user's password when MySQL is first configured. You can force an update by setting this to `yes`. - -> Note: If you get an error like `ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)` after a failed or interrupted playbook run, this usually means the root password wasn't originally updated to begin with. Try either removing the `.my.cnf` file inside the configured `mysql_user_home` or updating it and setting `password=''` (the insecure default password). Run the playbook again, with `mysql_root_password_update` set to `yes`, and the setup should complete. - - mysql_enabled_on_startup: yes - -Whether MySQL should be enabled on startup. - - overwrite_global_mycnf: yes - -Whether the global my.cnf should be overwritten each time this role is run. Setting this to `no` tells Ansible to only create the `my.cnf` file if it doesn't exist. This should be left at its default value (`yes`) if you'd like to use this role's variables to configure MySQL. - - mysql_config_include_files: [] - -A list of files that should override the default global my.cnf. Each item in the array requires a "src" parameter which is a path to a file. An optional "force" parameter can force the file to be updated each time ansible runs. - - mysql_databases: [] - -The MySQL databases to create. A database has the values `name`, `encoding` (defaults to `utf8`), `collation` (defaults to `utf8_general_ci`) and `replicate` (defaults to `1`, only used if replication is configured). The formats of these are the same as in the `mysql_db` module. - - mysql_users: [] - -The MySQL users and their privileges. A user has the values `name`, `host` (defaults to `localhost`), `password`, `priv` (defaults to `*.*:USAGE`), `append_privs` (defaults to `no`), `state` (defaults to `present`). The formats of these are the same as in the `mysql_user` module. - - mysql_packages: - - mysql - - mysql-server - -(OS-specific, RedHat/CentOS defaults listed here) Packages to be installed. In some situations, you may need to add additional packages, like `mysql-devel`. - - mysql_enablerepo: "" - -(RedHat/CentOS only) If you have enabled any additional repositories (might I suggest geerlingguy.repo-epel or geerlingguy.repo-remi), those repositories can be listed under this variable (e.g. `remi,epel`). This can be handy, as an example, if you want to install later versions of MySQL. - - mysql_port: "3306" - mysql_bind_address: '0.0.0.0' - mysql_datadir: /var/lib/mysql - -Default MySQL connection configuration. - - mysql_log: "" - mysql_log_error: /var/log/mysqld.log - mysql_syslog_tag: mysqld - -MySQL logging configuration. Setting `mysql_log` (the general query log) or `mysql_log_error` to `syslog` will make MySQL log to syslog using the `mysql_syslog_tag`. - - mysql_slow_query_log_enabled: no - mysql_slow_query_log_file: /var/log/mysql-slow.log - mysql_slow_query_time: 2 - -Slow query log settings. Note that the log file will be created by this role, but if you're running on a server with SELinux or AppArmor, you may need to add this path to the allowed paths for MySQL, or disable the mysql profile. For example, on Debian/Ubuntu, you can run `sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/usr.sbin.mysqld && sudo service apparmor restart`. - - mysql_key_buffer_size: "256M" - mysql_max_allowed_packet: "64M" - mysql_table_open_cache: "256" - [...] - -The rest of the settings in `defaults/main.yml` control MySQL's memory usage. The default values are tuned for a server where MySQL can consume ~512 MB RAM, so you should consider adjusting them to suit your particular server better. - - mysql_server_id: "1" - mysql_max_binlog_size: "100M" - mysql_expire_logs_days: "10" - mysql_replication_role: '' - mysql_replication_master: '' - mysql_replication_user: [] - -Replication settings. Set `mysql_server_id` and `mysql_replication_role` by server (e.g. the master would be ID `1`, with the `mysql_replication_role` of `master`, and the slave would be ID `2`, with the `mysql_replication_role` of `slave`). The `mysql_replication_user` uses the same keys as `mysql_users`, and is created on master servers, and used to replicate on all the slaves. - -### MariaDB usage - -This role works with either MySQL or a compatible version of MariaDB. On RHEL/CentOS 7+, the mariadb database engine was substituted as the default MySQL replacement package. No modifications are necessary though all of the variables still reference 'mysql' instead of mariadb. - -#### Ubuntu 14.04 and 16.04 MariaDB configuration - -On Ubuntu, the package names are named differently, so the `mysql_package` variable needs to be altered. Set the following variables (at a minimum): - - mysql_packages: - - mariadb-client - - mariadb-server - - python-mysqldb - -## Dependencies - -None. - -## Example Playbook - - - hosts: db-servers - become: yes - vars_files: - - vars/main.yml - roles: - - { role: geerlingguy.mysql } - -*Inside `vars/main.yml`*: - - mysql_root_password: super-secure-password - mysql_databases: - - name: example_db - encoding: latin1 - collation: latin1_general_ci - mysql_users: - - name: example_user - host: "%" - password: similarly-secure-password - priv: "example_db.*:ALL" - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-mysql/defaults/main.yml b/roles/ansible-role-mysql/defaults/main.yml deleted file mode 100755 index 0c7807d..0000000 --- a/roles/ansible-role-mysql/defaults/main.yml +++ /dev/null @@ -1,95 +0,0 @@ ---- -mysql_user_home: /root -mysql_root_username: root -mysql_root_password: root - -# Set this to `yes` to forcibly update the root password. -mysql_root_password_update: no - -mysql_enabled_on_startup: yes - -# update my.cnf. each time role is run? yes | no -overwrite_global_mycnf: yes - -# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only -# for RedHat systems (and derivatives). -mysql_enablerepo: "" - -# Define a custom list of packages to install; if none provided, the default -# package list from vars/[OS-family].yml will be used. -# mysql_packages: -# - mysql -# - mysql-server -# - MySQL-python - -# MySQL connection settings. -mysql_port: "3306" -mysql_bind_address: '0.0.0.0' -mysql_datadir: /var/lib/mysql -mysql_pid_file: /var/run/mysqld/mysqld.pid -mysql_skip_name_resolve: no - -# Slow query log settings. -mysql_slow_query_log_enabled: no -mysql_slow_query_log_file: /var/log/mysql-slow.log -mysql_slow_query_time: 2 - -# Memory settings (default values optimized ~512MB RAM). -mysql_key_buffer_size: "256M" -mysql_max_allowed_packet: "64M" -mysql_table_open_cache: "256" -mysql_sort_buffer_size: "1M" -mysql_read_buffer_size: "1M" -mysql_read_rnd_buffer_size: "4M" -mysql_myisam_sort_buffer_size: "64M" -mysql_thread_cache_size: "8" -mysql_query_cache_size: "16M" -mysql_max_connections: 151 - -# Other settings. -mysql_wait_timeout: 28800 - -# InnoDB settings. -# Set .._buffer_pool_size up to 80% of RAM but beware of setting too high. -mysql_innodb_file_per_table: "1" -mysql_innodb_buffer_pool_size: "256M" -# Set .._log_file_size to 25% of buffer pool size. -mysql_innodb_log_file_size: "64M" -mysql_innodb_log_buffer_size: "8M" -mysql_innodb_flush_log_at_trx_commit: "1" -mysql_innodb_lock_wait_timeout: 50 - -# mysqldump settings. -mysql_mysqldump_max_allowed_packet: "64M" - -# Logging settings. -mysql_log: "" -mysql_log_error: /var/log/mysql.err -mysql_syslog_tag: mysql - -mysql_config_include_files: [] -# - src: path/relative/to/playbook/file.cnf -# - { src: path/relative/to/playbook/anotherfile.cnf, force: yes } - -# Databases. -mysql_databases: [] -# - name: example -# collation: utf8_general_ci -# encoding: utf8 -# replicate: 1 - -# Users. -mysql_users: [] -# - name: example -# host: 127.0.0.1 -# password: secret -# priv: *.*:USAGE - -# Replication settings (replication is only enabled if master/user have values). -mysql_server_id: "1" -mysql_max_binlog_size: "100M" -mysql_expire_logs_days: "10" -mysql_replication_role: '' -mysql_replication_master: '' -# Same keys as `mysql_users` above. -mysql_replication_user: [] diff --git a/roles/ansible-role-mysql/handlers/main.yml b/roles/ansible-role-mysql/handlers/main.yml deleted file mode 100755 index 429abe3..0000000 --- a/roles/ansible-role-mysql/handlers/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -- name: restart mysql - service: "name={{ mysql_daemon }} state=restarted sleep=5" diff --git a/roles/ansible-role-mysql/meta/main.yml b/roles/ansible-role-mysql/meta/main.yml deleted file mode 100755 index 0432274..0000000 --- a/roles/ansible-role-mysql/meta/main.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: MySQL server for RHEL/CentOS and Debian/Ubuntu. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.9 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Ubuntu - versions: - - all - - name: Debian - versions: - - all - galaxy_tags: - - database diff --git a/roles/ansible-role-mysql/tasks/configure.yml b/roles/ansible-role-mysql/tasks/configure.yml deleted file mode 100644 index d8a4585..0000000 --- a/roles/ansible-role-mysql/tasks/configure.yml +++ /dev/null @@ -1,69 +0,0 @@ ---- -- name: Copy my.cnf global MySQL configuration. - template: - src: my.cnf.j2 - dest: "{{ mysql_config_file }}" - owner: root - group: root - mode: 0644 - force: "{{ overwrite_global_mycnf }}" - notify: restart mysql - -- name: Verify mysql include directory exists. - file: - path: "{{ mysql_config_include_dir }}" - state: directory - owner: root - group: root - mode: 0755 - when: mysql_config_include_files | length - -- name: Copy my.cnf override files into include directory. - template: - src: "{{ item.src }}" - dest: "{{ mysql_config_include_dir }}/{{ item.src | basename }}" - owner: root - group: root - mode: 0644 - force: "{{ item.force | default(False) }}" - with_items: "{{ mysql_config_include_files }}" - notify: restart mysql - -- name: Create slow query log file (if configured). - shell: "touch {{ mysql_slow_query_log_file }} creates={{ mysql_slow_query_log_file }}" - when: mysql_slow_query_log_enabled - -- name: Create datadir if it does not exist - file: - path: "{{ mysql_datadir }}" - state: directory - owner: mysql - group: mysql - mode: 0755 - setype: mysqld_db_t - -- name: Set ownership on slow query log file (if configured). - file: - path: "{{ mysql_slow_query_log_file }}" - state: file - owner: mysql - group: mysql - mode: 0640 - when: mysql_slow_query_log_enabled - -- name: Create error log file (if configured). - shell: "touch {{ mysql_log_error }} creates={{ mysql_log_error }}" - when: mysql_log == "" and mysql_log_error != "" - -- name: Set ownership on error log file (if configured). - file: - path: "{{ mysql_log_error }}" - state: file - owner: mysql - group: mysql - mode: 0640 - when: mysql_log == "" and mysql_log_error != "" - -- name: Ensure MySQL is started and enabled on boot. - service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" - register: mysql_service_configuration diff --git a/roles/ansible-role-mysql/tasks/databases.yml b/roles/ansible-role-mysql/tasks/databases.yml deleted file mode 100755 index 681e515..0000000 --- a/roles/ansible-role-mysql/tasks/databases.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Ensure MySQL databases are present. - mysql_db: - name: "{{ item.name }}" - collation: "{{ item.collation | default('utf8_general_ci') }}" - encoding: "{{ item.encoding | default('utf8') }}" - state: present - with_items: "{{ mysql_databases }}" diff --git a/roles/ansible-role-mysql/tasks/main.yml b/roles/ansible-role-mysql/tasks/main.yml deleted file mode 100755 index 627d917..0000000 --- a/roles/ansible-role-mysql/tasks/main.yml +++ /dev/null @@ -1,42 +0,0 @@ ---- -# Variable configuration. -- name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}.yml" - when: ansible_os_family != "RedHat" - -- name: Include OS-specific variables (RedHat). - include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" - when: ansible_os_family == "RedHat" - -- name: Define mysql_packages. - set_fact: - mysql_packages: "{{ __mysql_packages | list }}" - when: mysql_packages is not defined - -- name: Define mysql_daemon. - set_fact: - mysql_daemon: "{{ __mysql_daemon }}" - when: mysql_daemon is not defined - -- name: Define mysql_slow_query_log_file. - set_fact: - mysql_slow_query_log_file: "{{ __mysql_slow_query_log_file }}" - when: mysql_slow_query_log_file is not defined - -# Setup/install tasks. -- include: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- include: setup-Debian.yml - when: ansible_os_family == 'Debian' - -- name: Check if MySQL packages were installed. - set_fact: - mysql_install_packages: "{{ (rh_mysql_install_packages is defined and rh_mysql_install_packages.changed) or (deb_mysql_install_packages is defined and deb_mysql_install_packages.changed) }}" - -# Configure MySQL. -- include: configure.yml -- include: secure-installation.yml -- include: databases.yml -- include: users.yml -- include: replication.yml diff --git a/roles/ansible-role-mysql/tasks/replication.yml b/roles/ansible-role-mysql/tasks/replication.yml deleted file mode 100755 index ec56dfc..0000000 --- a/roles/ansible-role-mysql/tasks/replication.yml +++ /dev/null @@ -1,51 +0,0 @@ ---- -- name: Ensure replication user exists on master. - mysql_user: - name: "{{ mysql_replication_user.name }}" - host: "{{ mysql_replication_user.host | default('%') }}" - password: "{{ mysql_replication_user.password }}" - priv: "{{ mysql_replication_user.priv | default('*.*:REPLICATION SLAVE') }}" - state: present - when: > - (mysql_replication_role == 'master') - and mysql_replication_user - and (mysql_replication_master != '') - -- name: Check slave replication status. - mysql_replication: mode=getslave - ignore_errors: true - register: slave - when: > - mysql_replication_role == 'slave' - and (mysql_replication_master != '') - -- name: Check master replication status. - mysql_replication: mode=getmaster - delegate_to: "{{ mysql_replication_master }}" - register: master - when: > - slave|failed - and (mysql_replication_role == 'slave') - and (mysql_replication_master != '') - -- name: Configure replication on the slave. - mysql_replication: - mode: changemaster - master_host: "{{ mysql_replication_master }}" - master_user: "{{ mysql_replication_user.name }}" - master_password: "{{ mysql_replication_user.password }}" - master_log_file: "{{ master.File }}" - master_log_pos: "{{ master.Position }}" - ignore_errors: True - when: > - slave|failed - and (mysql_replication_role == 'slave') - and (mysql_replication_master != '') - and mysql_replication_user - -- name: Start replication. - mysql_replication: mode=startslave - when: > - slave|failed - and (mysql_replication_role == 'slave') - and (mysql_replication_master != '') diff --git a/roles/ansible-role-mysql/tasks/secure-installation.yml b/roles/ansible-role-mysql/tasks/secure-installation.yml deleted file mode 100755 index 200dfeb..0000000 --- a/roles/ansible-role-mysql/tasks/secure-installation.yml +++ /dev/null @@ -1,44 +0,0 @@ ---- -- name: Disallow root login remotely - command: 'mysql -NBe "{{ item }}"' - with_items: - - DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1') - changed_when: False - -- name: Get list of hosts for the root user. - command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = "root" ORDER BY (Host="localhost") ASC' - register: mysql_root_hosts - changed_when: false - -# Note: We do not use mysql_user for this operation, as it doesn't always update -# the root password correctly. See: https://goo.gl/MSOejW -- name: Update MySQL root password for localhost root account. - shell: > - mysql -u root -NBe - 'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' - with_items: "{{ mysql_root_hosts.stdout_lines }}" - when: mysql_install_packages | bool or mysql_root_password_update - -# Has to be after the root password assignment, for idempotency. -- name: Copy .my.cnf file with root password credentials. - template: - src: "user-my.cnf.j2" - dest: "{{ mysql_user_home }}/.my.cnf" - owner: root - group: root - mode: 0600 - -- name: Get list of hosts for the anonymous user. - command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""' - register: mysql_anonymous_hosts - changed_when: false - -- name: Remove anonymous MySQL users. - mysql_user: - name: "" - host: "{{ item }}" - state: absent - with_items: "{{ mysql_anonymous_hosts.stdout_lines }}" - -- name: Remove MySQL test database. - mysql_db: "name='test' state=absent" diff --git a/roles/ansible-role-mysql/tasks/setup-Debian.yml b/roles/ansible-role-mysql/tasks/setup-Debian.yml deleted file mode 100755 index 4ead891..0000000 --- a/roles/ansible-role-mysql/tasks/setup-Debian.yml +++ /dev/null @@ -1,26 +0,0 @@ ---- -- name: Check if MySQL is already installed. - stat: path=/etc/init.d/mysql - register: mysql_installed - -- name: Update apt cache if MySQL is not yet installed. - apt: update_cache=yes - when: mysql_installed.stat.exists == false - -- name: Ensure MySQL Python libraries are installed. - apt: "name=python-mysqldb state=installed" - -- name: Ensure MySQL packages are installed. - apt: "name={{ item }} state=installed" - with_items: "{{ mysql_packages }}" - register: deb_mysql_install_packages - -# Because Ubuntu starts MySQL as part of the install process, we need to stop -# mysql and remove the logfiles in case the user set a custom log file size. -- name: Ensure MySQL is stopped after initial install. - service: "name={{ mysql_daemon }} state=stopped" - when: mysql_installed.stat.exists == false - -- name: Delete innodb log files created by apt package after initial install. - shell: "rm -f {{ mysql_datadir }}/ib_logfile[01]" - when: mysql_installed.stat.exists == false diff --git a/roles/ansible-role-mysql/tasks/setup-RedHat.yml b/roles/ansible-role-mysql/tasks/setup-RedHat.yml deleted file mode 100755 index fc05bee..0000000 --- a/roles/ansible-role-mysql/tasks/setup-RedHat.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Ensure MySQL packages are installed. - yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" - with_items: "{{ mysql_packages }}" - register: rh_mysql_install_packages - -- name: Ensure MySQL Python libraries are installed. - yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" diff --git a/roles/ansible-role-mysql/tasks/users.yml b/roles/ansible-role-mysql/tasks/users.yml deleted file mode 100755 index 6c41ce7..0000000 --- a/roles/ansible-role-mysql/tasks/users.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Ensure MySQL users are present. - mysql_user: - name: "{{ item.name }}" - host: "{{ item.host | default('localhost') }}" - password: "{{ item.password }}" - priv: "{{ item.priv | default('*.*:USAGE') }}" - state: "{{ item.state | default('present') }}" - append_privs: "{{ item.append_privs | default('no') }}" - with_items: "{{ mysql_users }}" - no_log: true diff --git a/roles/ansible-role-mysql/templates/my.cnf.j2 b/roles/ansible-role-mysql/templates/my.cnf.j2 deleted file mode 100755 index c4abb34..0000000 --- a/roles/ansible-role-mysql/templates/my.cnf.j2 +++ /dev/null @@ -1,110 +0,0 @@ -[client] -#password = your_password -port = {{ mysql_port }} -socket = {{ mysql_socket }} - -[mysqld] -port = {{ mysql_port }} -bind-address = {{ mysql_bind_address }} -datadir = {{ mysql_datadir }} -socket = {{ mysql_socket }} -pid-file = {{ mysql_pid_file }} -{% if mysql_skip_name_resolve %} -skip-name-resolve -{% endif %} - -# Logging configuration. -{% if mysql_log_error == 'syslog' or mysql_log == 'syslog' %} -syslog -syslog-tag = {{ mysql_syslog_tag }} -{% else %} -{% if mysql_log %} -log = {{ mysql_log }} -{% endif %} -log-error = {{ mysql_log_error }} -{% endif %} - -{% if mysql_slow_query_log_enabled %} -# Slow query log configuration. -slow_query_log = 1 -slow_query_log_file = {{ mysql_slow_query_log_file }} -long_query_time = {{ mysql_slow_query_time }} -{% endif %} - -{% if mysql_replication_master %} -# Replication -server-id = {{ mysql_server_id }} - -{% if mysql_replication_role == 'master' %} -log_bin = mysql-bin -log-bin-index = mysql-bin.index -expire_logs_days = {{ mysql_expire_logs_days }} -max_binlog_size = {{ mysql_max_binlog_size }} - -{% for db in mysql_databases %} -{% if db.replicate|default(1) %} -binlog_do_db = {{ db.name }} -{% else %} -binlog_ignore_db = {{ db.name }} -{% endif %} -{% endfor %} -{% endif %} - -{% if mysql_replication_role == 'slave' %} -read_only -relay-log = relay-bin -relay-log-index = relay-bin.index -{% endif %} -{% endif %} - -# Disabling symbolic-links is recommended to prevent assorted security risks -symbolic-links = 0 - -# User is ignored when systemd is used (fedora >= 15). -user = mysql - -# http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html -;performance_schema - -# Memory settings. -key_buffer_size = {{ mysql_key_buffer_size }} -max_allowed_packet = {{ mysql_max_allowed_packet }} -table_open_cache = {{ mysql_table_open_cache }} -sort_buffer_size = {{ mysql_sort_buffer_size }} -read_buffer_size = {{ mysql_read_buffer_size }} -read_rnd_buffer_size = {{ mysql_read_rnd_buffer_size }} -myisam_sort_buffer_size = {{ mysql_myisam_sort_buffer_size }} -thread_cache_size = {{ mysql_thread_cache_size }} -query_cache_size = {{ mysql_query_cache_size }} -max_connections = {{ mysql_max_connections }} - -# Other settings. -wait_timeout = {{ mysql_wait_timeout }} - -# InnoDB settings. -default-storage-engine = innodb -innodb_file_per_table = {{ mysql_innodb_file_per_table }} -innodb_buffer_pool_size = {{ mysql_innodb_buffer_pool_size }} -innodb_log_file_size = {{ mysql_innodb_log_file_size }} -innodb_log_buffer_size = {{ mysql_innodb_log_buffer_size }} -innodb_flush_log_at_trx_commit = {{ mysql_innodb_flush_log_at_trx_commit }} -innodb_lock_wait_timeout = {{ mysql_innodb_lock_wait_timeout }} -innodb_flush_method = O_DIRECT -innodb_open_files = 600 -innodb_additional_mem_pool_size = 8M -innodb_thread_concurrency = 0 - -[mysqldump] -quick -max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} - -[mysqld_safe] -pid-file = {{ mysql_pid_file }} - -{% if mysql_config_include_files | length %} -# * IMPORTANT: Additional settings that can override those from this file! -# The files must end with '.cnf', otherwise they'll be ignored. -# -!includedir {{ mysql_config_include_dir }} -{% endif %} - diff --git a/roles/ansible-role-mysql/templates/user-my.cnf.j2 b/roles/ansible-role-mysql/templates/user-my.cnf.j2 deleted file mode 100755 index 95cae66..0000000 --- a/roles/ansible-role-mysql/templates/user-my.cnf.j2 +++ /dev/null @@ -1,3 +0,0 @@ -[client] -user={{ mysql_root_username }} -password="{{ mysql_root_password }}" diff --git a/roles/ansible-role-mysql/tests/Dockerfile.centos-6 b/roles/ansible-role-mysql/tests/Dockerfile.centos-6 deleted file mode 100755 index 4a4e7b8..0000000 --- a/roles/ansible-role-mysql/tests/Dockerfile.centos-6 +++ /dev/null @@ -1,15 +0,0 @@ -FROM centos:6 - -# Install Ansible -RUN yum -y update; yum clean all; -RUN yum -y install epel-release -RUN yum -y install git ansible sudo -RUN yum clean all - -# Disable requiretty -RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers - -# Install Ansible inventory file -RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts - -CMD ["/usr/sbin/init"] diff --git a/roles/ansible-role-mysql/tests/Dockerfile.centos-7 b/roles/ansible-role-mysql/tests/Dockerfile.centos-7 deleted file mode 100755 index 8aa0654..0000000 --- a/roles/ansible-role-mysql/tests/Dockerfile.centos-7 +++ /dev/null @@ -1,27 +0,0 @@ -FROM centos:7 - -# Install systemd -- See https://hub.docker.com/_/centos/ -RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs -RUN yum -y update; yum clean all; \ -(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ -rm -f /lib/systemd/system/multi-user.target.wants/*; \ -rm -f /etc/systemd/system/*.wants/*; \ -rm -f /lib/systemd/system/local-fs.target.wants/*; \ -rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ -rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ -rm -f /lib/systemd/system/basic.target.wants/*; \ -rm -f /lib/systemd/system/anaconda.target.wants/*; - -# Install Ansible -RUN yum -y install epel-release -RUN yum -y install git ansible sudo -RUN yum clean all - -# Disable requiretty -RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers - -# Install Ansible inventory file -RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts - -VOLUME ["/sys/fs/cgroup"] -CMD ["/usr/sbin/init"] diff --git a/roles/ansible-role-mysql/tests/Dockerfile.ubuntu-12.04 b/roles/ansible-role-mysql/tests/Dockerfile.ubuntu-12.04 deleted file mode 100755 index 8aebd65..0000000 --- a/roles/ansible-role-mysql/tests/Dockerfile.ubuntu-12.04 +++ /dev/null @@ -1,14 +0,0 @@ -FROM ubuntu:12.04 -RUN apt-get update - -# Install Ansible -RUN apt-get install -y software-properties-common python-software-properties git -RUN apt-add-repository -y ppa:ansible/ansible -RUN apt-get update -RUN apt-get install -y ansible - -COPY initctl_faker . -RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl - -# Install Ansible inventory file -RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/roles/ansible-role-mysql/tests/Dockerfile.ubuntu-14.04 b/roles/ansible-role-mysql/tests/Dockerfile.ubuntu-14.04 deleted file mode 100755 index f81cabe..0000000 --- a/roles/ansible-role-mysql/tests/Dockerfile.ubuntu-14.04 +++ /dev/null @@ -1,14 +0,0 @@ -FROM ubuntu:14.04 -RUN apt-get update - -# Install Ansible -RUN apt-get install -y software-properties-common git -RUN apt-add-repository -y ppa:ansible/ansible -RUN apt-get update -RUN apt-get install -y ansible - -COPY initctl_faker . -RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl - -# Install Ansible inventory file -RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/roles/ansible-role-mysql/tests/centos-7-test.yml b/roles/ansible-role-mysql/tests/centos-7-test.yml deleted file mode 100755 index 57a6171..0000000 --- a/roles/ansible-role-mysql/tests/centos-7-test.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -- hosts: all - vars: - mysql_packages: - - mariadb - - mariadb-server - - mariadb-libs - - MySQL-python - - perl-DBD-MySQL - mysql_daemon: mariadb - mysql_log_error: /var/log/mariadb/mariadb.log - mysql_syslog_tag: mariadb - mysql_pid_file: /var/run/mariadb/mariadb.pid - roles: - - role_under_test diff --git a/roles/ansible-role-mysql/tests/initctl_faker b/roles/ansible-role-mysql/tests/initctl_faker deleted file mode 100755 index a2267f3..0000000 --- a/roles/ansible-role-mysql/tests/initctl_faker +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh -ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" - -case "$ALIAS_CMD" in - start|stop|restart|reload|status) - exec service $1 $ALIAS_CMD - ;; -esac - -case "$1" in - list ) - exec service --status-all - ;; - reload-configuration ) - exec service $2 restart - ;; - start|stop|restart|reload|status) - exec service $2 $1 - ;; - \?) - exit 0 - ;; -esac diff --git a/roles/ansible-role-mysql/tests/inventory b/roles/ansible-role-mysql/tests/inventory deleted file mode 100755 index 2fbb50c..0000000 --- a/roles/ansible-role-mysql/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/roles/ansible-role-mysql/tests/test.yml b/roles/ansible-role-mysql/tests/test.yml deleted file mode 100755 index 0ed0b43..0000000 --- a/roles/ansible-role-mysql/tests/test.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -- hosts: all - roles: - - role_under_test diff --git a/roles/ansible-role-mysql/vars/Debian.yml b/roles/ansible-role-mysql/vars/Debian.yml deleted file mode 100755 index 097be99..0000000 --- a/roles/ansible-role-mysql/vars/Debian.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -__mysql_daemon: mysql -__mysql_packages: - - mysql-common - - mysql-server -__mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log -mysql_config_file: /etc/mysql/my.cnf -mysql_config_include_dir: /etc/mysql/conf.d -mysql_socket: /var/run/mysqld/mysqld.sock diff --git a/roles/ansible-role-mysql/vars/RedHat-6.yml b/roles/ansible-role-mysql/vars/RedHat-6.yml deleted file mode 100755 index 71117a2..0000000 --- a/roles/ansible-role-mysql/vars/RedHat-6.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -__mysql_daemon: mysqld -__mysql_packages: - - mysql - - mysql-server -__mysql_slow_query_log_file: /var/log/mysql-slow.log -mysql_config_file: /etc/my.cnf -mysql_config_include_dir: /etc/my.cnf.d -mysql_socket: /var/lib/mysql/mysql.sock diff --git a/roles/ansible-role-mysql/vars/RedHat-7.yml b/roles/ansible-role-mysql/vars/RedHat-7.yml deleted file mode 100755 index d692e00..0000000 --- a/roles/ansible-role-mysql/vars/RedHat-7.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -__mysql_daemon: mariadb -__mysql_packages: - - mariadb - - mariadb-server - - mariadb-libs - - MySQL-python - - perl-DBD-MySQL -__mysql_slow_query_log_file: /var/log/mysql-slow.log -mysql_log_error: /var/log/mariadb/mariadb.log -mysql_syslog_tag: mariadb -mysql_pid_file: /var/lib/mysql/mariadb.pid -mysql_config_file: /etc/my.cnf -mysql_config_include_dir: /etc/my.cnf.d -mysql_socket: /var/lib/mysql/mysql.sock diff --git a/roles/ansible-role-nginx/.travis.yml b/roles/ansible-role-nginx/.travis.yml deleted file mode 100644 index 13d7de0..0000000 --- a/roles/ansible-role-nginx/.travis.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -sudo: required -language: python -python: "2.7" - -env: - - SITE=test.yml - -before_install: - - sudo apt-get update -qq - - sudo apt-get install -y curl - -install: - # Install Ansible. - - pip install ansible - - # Add ansible.cfg to pick up roles path. - - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" - -script: - # Check the role/playbook's syntax. - - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" - - # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" - - # Run the role/playbook again, checking to make sure it's idempotent. - - > - ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # TODO - get the test working. Probably need to add a virtual host. - # Request a page via Nginx, to make sure Nginx is running and responds. - # - "curl http://localhost/" - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-nginx/README.md b/roles/ansible-role-nginx/README.md deleted file mode 100755 index 854fa32..0000000 --- a/roles/ansible-role-nginx/README.md +++ /dev/null @@ -1,122 +0,0 @@ -# Ansible Role: Nginx - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-nginx.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-nginx) - -Installs Nginx on RedHat/CentOS or Debian/Ubuntu Linux, or FreeBSD servers. - -This role installs and configures the latest version of Nginx from the Nginx yum repository (on RedHat-based systems) or via apt (on Debian-based systems) or pkgng (on FreeBSD systems). You will likely need to do extra setup work after this role has installed Nginx, like adding your own [virtualhost].conf file inside `/etc/nginx/conf.d/`, describing the location and options to use for your particular website. - -## Requirements - -None. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - nginx_vhosts: [] - -A list of vhost definitions (server blocks) for Nginx virtual hosts. If left empty, you will need to supply your own virtual host configuration. See the commented example in `defaults/main.yml` for available server options. If you have a large number of customizations required for your server definition(s), you're likely better off managing the vhost configuration file yourself, leaving this variable set to `[]`. - - nginx_vhosts: - - listen: "80 default_server" - server_name: "example.com" - root: "/var/www/example.com" - index: "index.php index.html index.htm" - error_page: "" - access_log: "" - error_log: "" - extra_parameters: | - location ~ \.php$ { - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - -An example of a fully-populated nginx_vhosts entry, using a `|` to declare a block of syntax for the `extra_parameters`. - - nginx_remove_default_vhost: false - -Whether to remove the 'default' virtualhost configuration supplied by Nginx. Useful if you want the base `/` URL to be directed at one of your own virtual hosts configured in a separate .conf file. - - nginx_upstreams: [] - -If you are configuring Nginx as a load balancer, you can define one or more upstream sets using this variable. In addition to defining at least one upstream, you would need to configure one of your server blocks to proxy requests through the defined upstream (e.g. `proxy_pass http://myapp1;`). See the commented example in `defaults/main.yml` for more information. - - nginx_user: "nginx" - -The user under which Nginx will run. Defaults to `nginx` for RedHat, and `www-data` for Debian. - - nginx_worker_processes: "1" - nginx_worker_connections: "1024" - nginx_multi_accept: "off" - -`nginx_worker_processes` should be set to the number of cores present on your machine. Connections (find this number with `grep processor /proc/cpuinfo | wc -l`). `nginx_worker_connections` is the number of connections per process. Set this higher to handle more simultaneous connections (and remember that a connection will be used for as long as the keepalive timeout duration for every client!). You can set `nginx_multi_accept` to `on` if you want Nginx to accept all connections immediately. - - nginx_error_log: "/var/log/nginx/error.log warn" - nginx_access_log: "/var/log/nginx/access.log main buffer=16k" - -Configuration of the default error and access logs. Set to `off` to disable a log entirely. - - nginx_sendfile: "on" - nginx_tcp_nopush: "on" - nginx_tcp_nodelay: "on" - -TCP connection options. See [this blog post](https://t37.net/nginx-optimization-understanding-sendfile-tcp_nodelay-and-tcp_nopush.html) for more information on these directives. - - nginx_keepalive_timeout: "65" - nginx_keepalive_requests: "100" - -Nginx keepalive settings. Timeout should be set higher (10s+) if you have more polling-style traffic (AJAX-powered sites especially), or lower (<10s) if you have a site where most users visit a few pages and don't send any further requests. - - nginx_client_max_body_size: "64m" - -This value determines the largest file upload possible, as uploads are passed through Nginx before hitting a backend like `php-fpm`. If you get an error like `client intended to send too large body`, it means this value is set too low. - - nginx_server_names_hash_bucket_size: "64" - -If you have many server names, or have very long server names, you might get an Nginx error on startup requiring this value to be increased. - - nginx_proxy_cache_path: "" - -Set as the `proxy_cache_path` directive in the `nginx.conf` file. By default, this will not be configured (if left as an empty string), but if you wish to use Nginx as a reverse proxy, you can set this to a valid value (e.g. `"/var/cache/nginx keys_zone=cache:32m"`) to use Nginx's cache (further proxy configuration can be done in individual server configurations). - - nginx_extra_http_options: "" - -Extra lines to be inserted in the top-level `http` block in `nginx.conf`. The value should be defined literally (as you would insert it directly in the `nginx.conf`, adhering to the Nginx configuration syntax - such as `;` for line termination, etc.), for example: - - nginx_extra_http_options: | - proxy_buffering off; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Scheme $scheme; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - - nginx_default_release: "" - -(For Debian/Ubuntu only) Allows you to set a different repository for the installation of Nginx. As an example, if you are running Debian's wheezy release, and want to get a newer version of Nginx, you can install the `wheezy-backports` repository and set that value here, and Ansible will use that as the `-t` option while installing Nginx. - - nginx_ppa_use: false - nginx_ppa_version: stable - -(For Ubuntu only) Allows you to use the official Nginx PPA instead of the system's package. You can set the version to `stable` or `development`. - -## Dependencies - -None. - -## Example Playbook - - - hosts: server - roles: - - { role: geerlingguy.nginx } - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-nginx/defaults/main.yml b/roles/ansible-role-nginx/defaults/main.yml deleted file mode 100755 index 8c9f67e..0000000 --- a/roles/ansible-role-nginx/defaults/main.yml +++ /dev/null @@ -1,68 +0,0 @@ ---- -# Used only for Debian/Ubuntu installation, as the -t option for apt. -nginx_default_release: "" - -# Use the official Nginx PPA for Ubuntu, and the version to use if so. -nginx_ppa_use: false -nginx_ppa_version: stable - -# The name of the nginx apt/yum package to install. -nginx_package_name: "nginx" - -nginx_worker_processes: "auto" -nginx_worker_connections: "1024" -nginx_multi_accept: "off" - -nginx_error_log: "/var/log/nginx/error.log warn" -nginx_access_log: "/var/log/nginx/access.log main buffer=16k" - -nginx_sendfile: "on" -nginx_tcp_nopush: "on" -nginx_tcp_nodelay: "on" - -nginx_keepalive_timeout: "65" -nginx_keepalive_requests: "100" - -nginx_client_max_body_size: "64m" - -nginx_server_names_hash_bucket_size: "64" - -nginx_proxy_cache_path: "" - -nginx_extra_conf_options: "" -# Example extra main options, used within the main nginx's context: -# nginx_extra_conf_options: | -# env VARIABLE; -# include /etc/nginx/main.d/*.conf; - -nginx_extra_http_options: "" -# Example extra http options, printed inside the main server http config: -# nginx_extra_http_options: | -# proxy_buffering off; -# proxy_set_header X-Real-IP $remote_addr; -# proxy_set_header X-Scheme $scheme; -# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -# proxy_set_header Host $http_host; - -nginx_remove_default_vhost: false -nginx_vhosts: [] -# Example vhost below, showing all available options: -# - listen: "80 default_server" # default: "80 default_server" -# server_name: "example.com" # default: N/A -# root: "/var/www/example.com" # default: N/A -# index: "index.html index.htm" # default: "index.html index.htm" -# -# # Properties that are only added if defined: -# error_page: "" -# access_log: "" -# error_log: "" -# extra_parameters: "" # Can be used to add extra config blocks (multiline). - -nginx_upstreams: [] -# - name: myapp1 -# strategy: "ip_hash" # "least_conn", etc. -# servers: { -# "srv1.example.com", -# "srv2.example.com weight=3", -# "srv3.example.com" -# } diff --git a/roles/ansible-role-nginx/handlers/main.yml b/roles/ansible-role-nginx/handlers/main.yml deleted file mode 100755 index 3f6d024..0000000 --- a/roles/ansible-role-nginx/handlers/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -- name: restart nginx - service: name=nginx state=restarted - -- name: validate nginx configuration - command: nginx -t -c /etc/nginx/nginx.conf - changed_when: False - -- name: reload nginx - service: name=nginx state=reloaded diff --git a/roles/ansible-role-nginx/meta/main.yml b/roles/ansible-role-nginx/meta/main.yml deleted file mode 100755 index fab65e4..0000000 --- a/roles/ansible-role-nginx/meta/main.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Nginx installation for Linux and FreeBSD. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.8 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - - name: FreeBSD - versions: - - 10.3 - - 10.2 - - 10.1 - - 10.0 - - 9.3 - galaxy_tags: - - development - - web diff --git a/roles/ansible-role-nginx/tasks/main.yml b/roles/ansible-role-nginx/tasks/main.yml deleted file mode 100755 index d0d9ef8..0000000 --- a/roles/ansible-role-nginx/tasks/main.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -# Variable setup. -- name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}.yml" - -- name: Define nginx_user. - set_fact: - nginx_user: "{{ __nginx_user }}" - when: nginx_user is not defined - -# Setup/install tasks. -- include: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- include: setup-Ubuntu.yml - when: ansible_distribution == 'Ubuntu' - -- include: setup-Debian.yml - when: ansible_os_family == 'Debian' - -- include: setup-FreeBSD.yml - when: ansible_os_family == 'FreeBSD' - -# Vhost configuration. -- include: vhosts.yml - -# Nginx setup. -- name: Copy nginx configuration in place. - template: - src: nginx.conf.j2 - dest: "{{ nginx_conf_file_path }}" - owner: root - group: "{{ root_group }}" - mode: 0644 - notify: - - reload nginx - -- name: Copy headers config file in place. - template: - src: headers.conf.j2 - dest: "{{ nginx_conf_path }}" - owner: root - group: "{{ root_group }}" - mode: 0644 - notify: - - reload nginx - -- name: Ensure nginx is started and enabled to start at boot. - service: name=nginx state=started enabled=yes diff --git a/roles/ansible-role-nginx/tasks/setup-Debian.yml b/roles/ansible-role-nginx/tasks/setup-Debian.yml deleted file mode 100755 index 43f9ab8..0000000 --- a/roles/ansible-role-nginx/tasks/setup-Debian.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -- name: Update apt cache. - apt: update_cache=yes cache_valid_time=86400 - -- name: Ensure nginx is installed. - apt: - name: "{{ nginx_package_name }}" - state: installed - default_release: "{{ nginx_default_release }}" diff --git a/roles/ansible-role-nginx/tasks/setup-FreeBSD.yml b/roles/ansible-role-nginx/tasks/setup-FreeBSD.yml deleted file mode 100755 index 7aa8837..0000000 --- a/roles/ansible-role-nginx/tasks/setup-FreeBSD.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: Update pkg cache. - shell: pkg update -f - -- name: Ensure nginx is installed. - pkgng: - name: "{{ nginx_package_name }}" - state: present - -- name: Create logs directory. - file: - path: /var/log/nginx - state: directory diff --git a/roles/ansible-role-nginx/tasks/setup-RedHat.yml b/roles/ansible-role-nginx/tasks/setup-RedHat.yml deleted file mode 100755 index a1563b7..0000000 --- a/roles/ansible-role-nginx/tasks/setup-RedHat.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Enable nginx repo. - template: - src: nginx.repo.j2 - dest: /etc/yum.repos.d/nginx.repo - owner: root - group: root - mode: 0644 - -- name: Ensure nginx is installed. - yum: - name: "{{ nginx_package_name }}" - state: installed - enablerepo: nginx diff --git a/roles/ansible-role-nginx/tasks/setup-Ubuntu.yml b/roles/ansible-role-nginx/tasks/setup-Ubuntu.yml deleted file mode 100755 index 920dc0b..0000000 --- a/roles/ansible-role-nginx/tasks/setup-Ubuntu.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Add PPA for Nginx. - apt_repository: - repo: 'ppa:nginx/{{ nginx_ppa_version }}' - state: present - update_cache: yes - register: nginx_ppa_added - when: nginx_ppa_use - -- name: Ensure nginx will reinstall if the PPA was just added. - apt: - name: nginx - state: absent - when: nginx_ppa_added.changed diff --git a/roles/ansible-role-nginx/tasks/vhosts.yml b/roles/ansible-role-nginx/tasks/vhosts.yml deleted file mode 100755 index 8e7ff76..0000000 --- a/roles/ansible-role-nginx/tasks/vhosts.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -- name: Creates Nginx conf directories - file: path={{ nginx_vhost_path }} state=directory mode=0755 recurse=yes - when: nginx_vhosts|length > 0 - -- name: Remove default nginx vhost config file (if configured). - file: - path: "{{ nginx_default_vhost_path }}" - state: absent - when: nginx_remove_default_vhost - notify: - - reload nginx - -- name: Add managed vhost config file (if any vhosts are configured). - template: - src: vhosts.j2 - dest: "{{ nginx_vhost_path }}/vhosts.conf" - mode: 0644 - when: nginx_vhosts|length > 0 - notify: - - reload nginx - -- name: Creates Nginx vhost directory - file: path=/var/www/html/{{ server_hostname }} state=directory owner={{ php_fpm_pool_user }} group={{ php_fpm_pool_group }} mode=0755 recurse=yes - when: nginx_vhosts|length > 0 - notify: - - reload nginx - -- name: Remove managed vhost config file (if no vhosts are configured). - file: - path: "{{ nginx_vhost_path }}/vhosts.conf" - state: absent - when: nginx_vhosts|length == 0 - notify: - - reload nginx - diff --git a/roles/ansible-role-nginx/templates/headers.conf.j2 b/roles/ansible-role-nginx/templates/headers.conf.j2 deleted file mode 100644 index 3dc3b46..0000000 --- a/roles/ansible-role-nginx/templates/headers.conf.j2 +++ /dev/null @@ -1,7 +0,0 @@ -{% if nginx_bigpipe_enable %} - add_header X-Accel-Buffering: no; -{% endif %} -add_header X-Frame-Options SAMEORIGIN; -add_header X-Content-Type-Options nosniff; -add_header X-XSS-Protection "1; mode=block"; -add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'"; diff --git a/roles/ansible-role-nginx/templates/nginx.conf.j2 b/roles/ansible-role-nginx/templates/nginx.conf.j2 deleted file mode 100755 index 86eda73..0000000 --- a/roles/ansible-role-nginx/templates/nginx.conf.j2 +++ /dev/null @@ -1,63 +0,0 @@ -user {{ nginx_user }}; - -error_log {{ nginx_error_log }}; -pid {{ nginx_pidfile }}; - -worker_processes {{ nginx_worker_processes }}; - -events { - worker_connections {{ nginx_worker_connections }}; - multi_accept {{ nginx_multi_accept }}; -} - -{% if nginx_extra_conf_options %} -{{ nginx_extra_conf_options }} -{% endif %} - -http { - include {{ nginx_mime_file_path }}; - default_type application/octet-stream; - - server_names_hash_bucket_size {{ nginx_server_names_hash_bucket_size }}; - - client_max_body_size {{ nginx_client_max_body_size }}; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log {{ nginx_access_log }}; - - sendfile {{ nginx_sendfile }}; - tcp_nopush {{ nginx_tcp_nopush }}; - tcp_nodelay {{ nginx_tcp_nodelay }}; - - keepalive_timeout {{ nginx_keepalive_timeout }}; - keepalive_requests {{ nginx_keepalive_requests }}; - - gzip on; - -{% if nginx_proxy_cache_path %} - proxy_cache_path {{ nginx_proxy_cache_path }}; -{% endif %} - -{% if nginx_extra_http_options %} - {{ nginx_extra_http_options }} -{% endif %} - -{% for upstream in nginx_upstreams %} - upstream {{ upstream.name }} { -{% if upstream.strategy is defined %} - {{ upstream.strategy }}; -{% endif %} -{% for server in upstream.servers %} - server {{ server }}; -{% endfor %} - } -{% endfor %} - - include {{ nginx_conf_path }}/*.conf; -{% if nginx_conf_path != nginx_vhost_path %} - include {{ nginx_vhost_path }}/*; -{% endif %} -} diff --git a/roles/ansible-role-nginx/templates/nginx.repo.j2 b/roles/ansible-role-nginx/templates/nginx.repo.j2 deleted file mode 100755 index 9a853b7..0000000 --- a/roles/ansible-role-nginx/templates/nginx.repo.j2 +++ /dev/null @@ -1,5 +0,0 @@ -[nginx] -name=nginx repo -baseurl=http://nginx.org/packages/centos/{{ ansible_distribution_major_version }}/$basearch/ -gpgcheck=0 -enabled=1 diff --git a/roles/ansible-role-nginx/templates/vhosts.j2 b/roles/ansible-role-nginx/templates/vhosts.j2 deleted file mode 100755 index 04dbf9e..0000000 --- a/roles/ansible-role-nginx/templates/vhosts.j2 +++ /dev/null @@ -1,33 +0,0 @@ -{% for vhost in nginx_vhosts %} -server { - listen {{ vhost.listen | default('80 default_server') }}; - - {% if vhost.server_name is defined %} - server_name {{ vhost.server_name }}; - {% endif %} - - {% if vhost.root is defined %} - root {{ vhost.root }}; - {% endif %} - - index {{ vhost.index | default('index.html index.htm') }}; - - {% if vhost.error_page is defined %} - error_page {{ vhost.error_page }}; - {% endif %} - {% if vhost.access_log is defined %} - access_log {{ vhost.access_log }}; - {% endif %} - {% if vhost.error_log is defined %} - error_log {{ vhost.error_log }} error; - {% endif %} - - {% if vhost.return is defined %} - return {{ vhost.return }}; - {% endif %} - - {% if vhost.extra_parameters is defined %} - {{ vhost.extra_parameters }} - {% endif %} -} -{% endfor %} diff --git a/roles/ansible-role-nginx/tests/inventory b/roles/ansible-role-nginx/tests/inventory deleted file mode 100755 index 2fbb50c..0000000 --- a/roles/ansible-role-nginx/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/roles/ansible-role-nginx/tests/test.yml b/roles/ansible-role-nginx/tests/test.yml deleted file mode 100755 index 5b55b97..0000000 --- a/roles/ansible-role-nginx/tests/test.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - role: ansible-role-nginx - nginx_use_ppa: true diff --git a/roles/ansible-role-nginx/vars/Debian.yml b/roles/ansible-role-nginx/vars/Debian.yml deleted file mode 100755 index cb12770..0000000 --- a/roles/ansible-role-nginx/vars/Debian.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -root_group: root -nginx_conf_path: /etc/nginx/conf.d -nginx_conf_file_path: /etc/nginx/nginx.conf -nginx_mime_file_path: /etc/nginx/mime.types -nginx_pidfile: /run/nginx.pid -nginx_vhost_path: /etc/nginx/sites-enabled -nginx_default_vhost_path: /etc/nginx/sites-enabled/default -__nginx_user: "www-data" diff --git a/roles/ansible-role-nginx/vars/FreeBSD.yml b/roles/ansible-role-nginx/vars/FreeBSD.yml deleted file mode 100755 index b032f98..0000000 --- a/roles/ansible-role-nginx/vars/FreeBSD.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -root_group: wheel -nginx_conf_path: /usr/local/etc/nginx/conf.d -nginx_conf_file_path: /usr/local/etc/nginx/nginx.conf -nginx_mime_file_path: /usr/local/etc/nginx/mime.types -nginx_pidfile: /var/run/nginx.pid -nginx_vhost_path: /usr/local/etc/nginx/sites-enabled -nginx_default_vhost_path: /usr/local/etc/nginx/sites-enabled/default -__nginx_user: "www" diff --git a/roles/ansible-role-nginx/vars/RedHat.yml b/roles/ansible-role-nginx/vars/RedHat.yml deleted file mode 100755 index 0138f8d..0000000 --- a/roles/ansible-role-nginx/vars/RedHat.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -root_group: root -nginx_conf_path: /etc/nginx/conf.d -nginx_conf_file_path: /etc/nginx/nginx.conf -nginx_mime_file_path: /etc/nginx/mime.types -nginx_pidfile: /var/run/nginx.pid -nginx_vhost_path: /etc/nginx/conf.d -nginx_default_vhost_path: /etc/nginx/conf.d/default.conf -__nginx_user: "nginx" diff --git a/roles/ansible-role-php/.travis.yml b/roles/ansible-role-php/.travis.yml deleted file mode 100644 index 0fe9aae..0000000 --- a/roles/ansible-role-php/.travis.yml +++ /dev/null @@ -1,84 +0,0 @@ ---- -sudo: required - -env: - # Only test source install on latest supported OSes. - - distribution: centos - version: 7 - init: /usr/lib/systemd/systemd - run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" - SITE: source - PHP_VERSION: 7.0.5 - - distribution: ubuntu - version: 14.04 - init: /sbin/init - run_opts: "" - SITE: source - PHP_VERSION: 7.0.5 - - # Test package install on all supported OSes. - - distribution: centos - version: 7 - init: /usr/lib/systemd/systemd - run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" - SITE: package - PHP_VERSION: 7.0 - - distribution: ubuntu - version: 14.04 - init: /sbin/init - run_opts: "" - SITE: package - PHP_VERSION: 7.0 - - distribution: ubuntu - version: 12.04 - init: /sbin/init - run_opts: "" - SITE: package - PHP_VERSION: 5.6 - -services: - - docker - -before_install: - # - sudo apt-get update - # Pull container - - 'sudo docker pull ${distribution}:${version}' - # Customize container - - 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' - -script: - - container_id=$(mktemp) - # Run container in detached state - - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' - - # Install dependencies. - - 'sudo docker exec "$(cat ${container_id})" ansible-galaxy install -r /etc/ansible/roles/role_under_test/tests/requirements.yml' - - # Ansible syntax check. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml --syntax-check' - - # Test role. - - 'travis_wait 30 sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml' - - # Test role idempotence. - - > - sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # Ensure PHP is installed and at the right version. - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm which php' - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm test -x /usr/bin/php' - - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm php --version' - - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm /usr/bin/php --version | grep -qF "PHP $PHP_VERSION"' - - # Ensure PHP configurations have taken effect. - - sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm php -i | grep 'memory_limit.*192' - - # Clean up - - 'sudo docker stop "$(cat ${container_id})"' - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-php/README.md b/roles/ansible-role-php/README.md deleted file mode 100755 index 9bdd4e3..0000000 --- a/roles/ansible-role-php/README.md +++ /dev/null @@ -1,204 +0,0 @@ -# Ansible Role: PHP - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-php.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-php) - -Installs PHP on RedHat/CentOS and Debian/Ubuntu servers. - -## Requirements - -If you're using an older LTS release of Ubuntu or RHEL, with an old/outdated version of PHP, you need to use a repo or PPA with a maintained PHP version, as this role only works with [PHP versions that are currently supported](http://php.net/supported-versions.php) by the PHP community. - -## Role Variables - -Available variables are listed below, along with default values (see `defaults/main.yml`): - - php_packages: [] - -A list of the PHP packages to install (OS-specific by default). You'll likely want to install common packages like `php`, `php-cli`, `php-devel` and `php-pdo`, and you can add in whatever other packages you'd like (for example, `php-gd` for image manipulation, or `php-ldap` if you need to connect to an LDAP server for authentication). - -_Note: If you're using Debian/Ubuntu, you also need to install `libapache2-mod-fastcgi` (for cgi/PHP-FPM) or `libapache2-mod-php7.0` (or a similar package depending on PHP version) if you want to use `mod_php` with Apache._ - - php_enable_webserver: true - -If your usage of PHP is tied to a web server (e.g. Apache or Nginx), leave this default value. If you are using PHP server-side or to run some small application, set this value to `false` so this role doesn't attempt to interact with a web server. - - php_webserver_daemon: "httpd" - -The default values for the HTTP server deamon are `httpd` (used by Apache) for RedHat/CentOS, or `apache2` (also used by Apache) for Debian/Ubuntu. If you are running another webserver (for example, `nginx`), change this value to the name of the daemon under which the webserver runs. - - php_enablerepo: "" - -(RedHat/CentOS only) If you have enabled any additional repositories (might I suggest [geerlingguy.repo-epel](https://github.com/geerlingguy/ansible-role-repo-epel) or [geerlingguy.repo-remi](https://github.com/geerlingguy/ansible-role-repo-remi)), those repositories can be listed under this variable (e.g. `remi-php70,epel`). This can be handy, as an example, if you want to install the latest version of PHP 7.0, which is in the Remi repository. - - php_packages_state: "installed" - -If you have enabled any additional repositories such as [geerlingguy.repo-epel](https://github.com/geerlingguy/ansible-role-repo-epel) or [geerlingguy.repo-remi](https://github.com/geerlingguy/ansible-role-repo-remi), you may want an easy way to swap PHP versions on the fly. By default, this is set to 'installed'. You can now override this variable to 'latest'. Combined with php_enablerepo, a user now doesn't need to manually uninstall the existing PHP packages before installing them from a different repository. - - php_executable: "php" - -The executable to run when calling PHP from the command line. You should only change this if running `php` on your server doesn't target the correct executable, or if you're using software collections on RHEL/CentOS and need to target a different version of PHP. - -### PHP-FPM - -PHP-FPM is a simple and robust FastCGI Process Manager for PHP. It can dramatically ease scaling of PHP apps and is the normal way of running PHP-based sites and apps when using a webserver like Nginx (though it can be used with other webservers just as easily). - -When using this role with PHP running as `php-fpm` instead of as a process inside a webserver (e.g. Apache's `mod_php`), you need to set the following variable to `true`: - - php_enable_php_fpm: false - -If you're using Apache, you can easily get it configured to work with PHP-FPM using the [geerlingguy.apache-php-fpm](https://github.com/geerlingguy/ansible-role-apache-php-fpm) role. - - php_fpm_listen: "127.0.0.1:9000" - php_fpm_listen_allowed_clients: "127.0.0.1" - php_fpm_pm_max_children: 50 - php_fpm_pm_start_servers: 5 - php_fpm_pm_min_spare_servers: 5 - php_fpm_pm_max_spare_servers: 5 - -Specific settings inside the default `www.conf` PHP-FPM pool. If you'd like to manage additional settings, you can do so either by replacing the file with your own template or using `lineinfile` like this role does inside `tasks/configure.yml`. - -### php.ini settings - - php_use_managed_ini: true - -By default, all the extra defaults below are applied through the php.ini included with this role. You can self-manage your php.ini file (if you need more flexility in its configuration) by setting this to `false` (in which case all the below variables will be ignored). - - php_memory_limit: "256M" - php_max_execution_time: "60" - php_max_input_time: "60" - php_max_input_vars: "1000" - php_realpath_cache_size: "32K" - php_upload_max_filesize: "64M" - php_post_max_size: "32M" - php_date_timezone: "America/Chicago" - php_allow_url_fopen: "On" - php_sendmail_path: "/usr/sbin/sendmail -t -i" - php_output_buffering: "4096" - php_short_open_tag: false - php_error_reporting: "E_ALL & ~E_DEPRECATED & ~E_STRICT" - php_display_errors: "Off" - php_display_startup_errors: "On" - php_expose_php: "On" - php_session_cookie_lifetime: 0 - php_session_gc_probability: 1 - php_session_gc_divisor: 1000 - php_session_gc_maxlifetime: 1440 - php_session_save_handler: files - php_session_save_path: '' - -Various defaults for PHP. Only used if `php_use_managed_ini` is set to `true`. - -### OpCache-related Variables - -The OpCache is included in PHP starting in version 5.5, and the following variables will only take effect if the version of PHP you have installed is 5.5 or greater. - - php_opcache_enable: "1" - php_opcache_enable_cli: "0" - php_opcache_memory_consumption: "96" - php_opcache_interned_strings_buffer: "16" - php_opcache_max_accelerated_files: "4096" - php_opcache_max_wasted_percentage: "5" - php_opcache_validate_timestamps: "1" - php_opcache_revalidate_path: "0" - php_opcache_revalidate_freq: "2" - php_opcache_max_file_size: "0" - -OpCache ini directives that are often customized on a system. Make sure you have enough memory and file slots allocated in the OpCache (`php_opcache_memory_consumption`, in MB, and `php_opcache_max_accelerated_files`) to contain all the PHP code you are running. If not, you may get less-than-optimal performance! - - php_opcache_conf_filename: [platform-specific] - -The platform-specific opcache configuration filename. Generally the default should work, but in some cases, you may need to override the filename. - -### APCu-related Variables - - php_enable_apc: true - -Whether to enable APCu. Other APCu variables will be ineffective if this is set to false. - - php_apc_shm_size: "96M" - php_apc_enable_cli: "0" - -APCu ini directives that are often customized on a system. Set the `php_apc_shm_size` so it will hold all cache entries in memory with a little overhead (fragmentation or APC running out of memory will slow down PHP *dramatically*). - - php_apc_conf_filename: [platform-specific] - -The platform-specific APC configuration filename. Generally the default should work, but in some cases, you may need to override the filename. - -#### Ensuring APC is installed - -If you use APC, you will need to make sure APC is installed (it is installed by default, but if you customize the `php_packages` list, you need to include APC in the list): - - - *On RHEL/CentOS systems*: Make sure `php-pecl-apcu` is in the list of `php_packages`. - - *On Debian/Ubuntu systems*: Make sure `php-apcu` is in the list of `php_packages`. - -### Installing from Source - -If you need a specific version of PHP, or would like to test the latest (e.g. master) version of PHP, there's a good chance there's no suitable package already available in your platform's package manager. In these cases, you may choose to install PHP from source by compiling it directly. - -Note that source compilation takes *much* longer than installing from packages (PHP HEAD takes 5+ minutes to compile on a modern quad-core computer, just as a point of reference). - - php_install_from_source: false - -Set this to `true` to install PHP from source instead of installing from packages. - - php_source_version: "master" - -The version of PHP to install from source (a git branch, tag, or commit hash). - - php_source_clone_dir: "~/php-src" - php_source_install_path: "/opt/php" - php_source_install_gmp_path: "/usr/include/x86_64-linux-gnu/gmp.h" - -Location where source will be cloned and installed, and the location of the GMP header file (which can be platform/distribution specific). - - php_source_make_command: "make" - -Set the `make` command to `make --jobs=X` where `X` is the number of cores present on the server where PHP is being compiled. Will speed up compilation times dramatically if you have multiple cores. - - php_source_configure_command: > - [...] - -The `./configure` command that will build the Makefile to be used for PHP compilation. Add in all the options you need for your particular environment. Using a folded scalar (`>`) allows you to define the variable over multiple lines, which is extremely helpful for legibility and source control! - -A few other notes/caveats for specific configurations: - - - **Apache with `mpm_prefork`**: If you're using Apache with prefork as a webserver for PHP, you will need to make sure `apxs2` is available on your system (e.g. by installing `apache2-prefork-dev` in Ubuntu), and you will need to make sure the option `--with-apxs2` is defined in `php_source_configure_command`. Finally, you will need to make sure the `mpm_prefork` module is loaded instead of `mpm_worker` or `mpm_event`, and likely add a `phpX.conf` (where `X` is the major version of PHP) configuration file to the Apache module config folder with contents like [`php7.conf`](https://gist.github.com/geerlingguy/5ae5445f28e71264e8c1). - - **Apache with `mpm_event` or `mpm_worker`**: If you're using Apache with event or worker as a webserver for PHP, you will need to compile PHP with FPM. Make sure the option `--enable-fpm` is defined in `php_source_configure_command`. You'll also need to make sure Apache's support for CGI and event is installed (e.g. by installing `apache2-mpm-event` and `libapache2-mod-fastcgi`) and the `mpm_event` module is loaded. - - **Nginx**: If you're using Nginx as a webserver for PHP, you will need to compile PHP with FPM. Make sure the option `--enable-fpm` is defined in `php_source_configure_command`. - -## Dependencies - -None. - -## Example Playbook - - - hosts: webservers - vars_files: - - vars/main.yml - roles: - - { role: geerlingguy.php } - -*Inside `vars/main.yml`*: - - php_memory_limit: "128M" - php_max_execution_time: "90" - php_upload_max_filesize: "256M" - php_packages: - - php - - php-cli - - php-common - - php-devel - - php-gd - - php-mbstring - - php-pdo - - php-pecl-apcu - - php-xml - ... - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-php/defaults/main.yml b/roles/ansible-role-php/defaults/main.yml deleted file mode 100755 index 866f82f..0000000 --- a/roles/ansible-role-php/defaults/main.yml +++ /dev/null @@ -1,117 +0,0 @@ ---- -# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). -php_enablerepo: "" - -# State that the system package installer should use for PHP the enabled repo (e.g. "installed,latest") -php_packages_state: installed - -# Set this to false if you're not using PHP with Apache/Nginx/etc. -php_enable_webserver: true - -# PHP-FPM configuration. -php_enable_php_fpm: false -php_fpm_listen: "127.0.0.1:9000" -php_fpm_listen_allowed_clients: "127.0.0.1" -php_fpm_pm_max_children: 50 -php_fpm_pm_start_servers: 5 -php_fpm_pm_min_spare_servers: 5 -php_fpm_pm_max_spare_servers: 5 -php_fpm_pool_user: vmuser -php_fpm_pool_group: vmuser - -# The executable to run when calling PHP from the command line. -php_executable: "php" - -# OpCache settings (useful for PHP >=5.5). -php_opcache_enable: "1" -php_opcache_enable_cli: "0" -php_opcache_memory_consumption: "96" -php_opcache_interned_strings_buffer: "16" -php_opcache_max_accelerated_files: "4096" -php_opcache_max_wasted_percentage: "5" -php_opcache_validate_timestamps: "1" -php_opcache_revalidate_path: "0" -php_opcache_revalidate_freq: "2" -php_opcache_max_file_size: "0" -php_opcache_blacklist_filename: "" - -# APCu settings. -php_enable_apc: true -php_apc_shm_size: "96M" -php_apc_enable_cli: "0" - -# If this is set to false, none of the following options will have any effect. -# Any and all changes to /etc/php.ini will be your responsibility. -php_use_managed_ini: true - -php_expose_php: "On" -php_memory_limit: "256M" -php_max_execution_time: "60" -php_max_input_time: "60" -php_max_input_vars: "1000" -php_realpath_cache_size: "32K" -php_upload_max_filesize: "64M" -php_post_max_size: "32M" -php_date_timezone: "America/Chicago" -php_allow_url_fopen: "On" - -php_sendmail_path: "/usr/sbin/sendmail -t -i" -php_output_buffering: "4096" -php_short_open_tag: false - -php_session_cookie_lifetime: 0 -php_session_gc_probability: 1 -php_session_gc_divisor: 1000 -php_session_gc_maxlifetime: 1440 -php_session_save_handler: files -php_session_save_path: '' - -php_error_reporting: "E_ALL & ~E_DEPRECATED & ~E_STRICT" -php_display_errors: "Off" -php_display_startup_errors: "Off" - -# Install PHP from source (instead of using a package manager) with these vars. -php_install_from_source: false -php_source_version: "master" -php_source_clone_dir: "~/php-src" -php_source_install_path: "/opt/php" -php_source_install_gmp_path: "/usr/include/x86_64-linux-gnu/gmp.h" -# For faster compile time: "make --jobs=X" where X is # of cores present. -php_source_make_command: "make" -php_source_configure_command: > - ./configure - --prefix={{ php_source_install_path }} - --with-config-file-path={{ php_conf_paths | first }} - --enable-mbstring - --enable-zip - --enable-bcmath - --enable-pcntl - --enable-ftp - --enable-exif - --enable-calendar - --enable-opcache - --enable-pdo - --enable-sysvmsg - --enable-sysvsem - --enable-sysvshm - --enable-wddx - --with-curl - --with-mcrypt - --with-iconv - --with-gmp - --with-pspell - --with-gd - --with-jpeg-dir=/usr - --with-png-dir=/usr - --with-zlib-dir=/usr - --with-xpm-dir=/usr - --with-freetype-dir=/usr - --enable-gd-native-ttf - --enable-gd-jis-conv - --with-openssl - --with-pdo-mysql=/usr - --with-gettext=/usr - --with-zlib=/usr - --with-bz2=/usr - --with-recode=/usr - --with-mysqli=/usr/bin/mysql_config diff --git a/roles/ansible-role-php/handlers/main.yml b/roles/ansible-role-php/handlers/main.yml deleted file mode 100755 index 454476d..0000000 --- a/roles/ansible-role-php/handlers/main.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -- name: restart webserver - service: - name: "{{ php_webserver_daemon }}" - state: restarted - notify: restart php-fpm - when: php_enable_webserver - -- name: restart php-fpm - service: - name: "{{ php_fpm_daemon }}" - state: restarted - when: php_enable_php_fpm diff --git a/roles/ansible-role-php/meta/main.yml b/roles/ansible-role-php/meta/main.yml deleted file mode 100755 index 0778cae..0000000 --- a/roles/ansible-role-php/meta/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: PHP for RedHat/CentOS/Debian/Ubuntu. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.9 - platforms: - - name: EL - versions: - - 6 - - 7 - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - galaxy_tags: - - development - - web diff --git a/roles/ansible-role-php/tasks/configure-apcu.yml b/roles/ansible-role-php/tasks/configure-apcu.yml deleted file mode 100755 index 5a3badb..0000000 --- a/roles/ansible-role-php/tasks/configure-apcu.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: Check for existing APCu config files. - find: - paths: "{{ item }}" - contains: 'extension(\s+)?=(\s+)?apc[u]?\.so' - register: php_installed_apc_confs - with_items: "{{ php_extension_conf_paths }}" - -- name: Remove any non-role-supplied APCu config files. - file: - path: "{{ item.1.path }}" - state: absent - when: php_apc_conf_filename != (item.1.path.split('/') | last) - with_subelements: - - "{{ php_installed_apc_confs.results }}" - - files - notify: restart webserver - -- name: Ensure APCu config file is present. - template: - src: apc.ini.j2 - dest: "{{ item }}/{{ php_apc_conf_filename }}" - owner: root - group: root - force: yes - mode: 0644 - with_items: "{{ php_extension_conf_paths }}" - when: php_enable_apc - notify: restart webserver - -- name: Remove APCu config file if APC is disabled. - file: - path: "{{ item }}/{{ php_apc_conf_filename }}" - state: absent - with_items: "{{ php_extension_conf_paths }}" - when: not php_enable_apc - notify: restart webserver diff --git a/roles/ansible-role-php/tasks/configure-fpm.yml b/roles/ansible-role-php/tasks/configure-fpm.yml deleted file mode 100755 index d8dd579..0000000 --- a/roles/ansible-role-php/tasks/configure-fpm.yml +++ /dev/null @@ -1,72 +0,0 @@ ---- -- name: Define php_fpm_daemon. - set_fact: - php_fpm_daemon: "{{ __php_fpm_daemon }}" - when: php_fpm_daemon is not defined - -- name: Define php_fpm_pool_conf_path. - set_fact: - php_fpm_pool_conf_path: "{{ __php_fpm_pool_conf_path }}" - when: php_fpm_pool_conf_path is not defined - -- name: Define php_fpm_pool_user. - set_fact: - php_fpm_pool_user: "{{ __php_fpm_pool_user }}" - when: php_fpm_pool_user is not defined - -- name: Define php_fpm_pool_group. - set_fact: - php_fpm_pool_group: "{{ __php_fpm_pool_group }}" - when: php_fpm_pool_group is not defined - -- name: Stat php_fpm_pool_conf_path - stat: - path: "{{ php_fpm_pool_conf_path | dirname }}" - register: php_fpm_pool_conf_path_dir_stat - -- name: Ensure the default pool directory exists. - file: - path: "{{ php_fpm_pool_conf_path | dirname }}" - state: directory - owner: root - group: root - mode: 0755 - when: php_fpm_pool_conf_path_dir_stat.stat.islnk is not defined - -- name: Ensure the default pool exists. - template: - src: www.conf.j2 - dest: "{{ php_fpm_pool_conf_path }}" - owner: root - group: root - mode: 0644 - force: yes - -- name: Configure php-fpm pool (if enabled). - lineinfile: - dest: "{{ php_fpm_pool_conf_path }}" - regexp: "{{ item.regexp }}" - line: "{{ item.line }}" - state: present - with_items: - - regexp: "^listen.?=.+$" - line: "listen = {{ php_fpm_listen }}" - - regexp: '^listen\.allowed_clients.?=.+$' - line: "listen.allowed_clients = {{ php_fpm_listen_allowed_clients }}" - - regexp: '^pm\.max_children.?=.+$' - line: "pm.max_children = {{ php_fpm_pm_max_children }}" - - regexp: '^pm\.start_servers.?=.+$' - line: "pm.start_servers = {{ php_fpm_pm_start_servers }}" - - regexp: '^pm\.min_spare_servers.?=.+$' - line: "pm.min_spare_servers = {{ php_fpm_pm_min_spare_servers }}" - - regexp: '^pm\.max_spare_servers.?=.+$' - line: "pm.max_spare_servers = {{ php_fpm_pm_max_spare_servers }}" - when: php_enable_php_fpm - notify: restart php-fpm - -- name: Ensure php-fpm is started and enabled at boot (if configured). - service: - name: "{{ php_fpm_daemon }}" - state: started - enabled: yes - when: php_enable_php_fpm diff --git a/roles/ansible-role-php/tasks/configure-opcache.yml b/roles/ansible-role-php/tasks/configure-opcache.yml deleted file mode 100755 index cd02e3f..0000000 --- a/roles/ansible-role-php/tasks/configure-opcache.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -- name: Check for existing OpCache config files. - find: - paths: "{{ item }}" - contains: 'zend_extension(\s+)?=(\s+)?opcache\.so' - register: php_installed_opcache_confs - with_items: "{{ php_extension_conf_paths }}" - -- name: Remove any non-role-supplied OpCache config files. - file: - path: "{{ item.1.path }}" - state: absent - when: php_opcache_conf_filename != (item.1.path.split('/') | last) - with_subelements: - - "{{ php_installed_opcache_confs.results }}" - - files - notify: restart webserver - -- name: Ensure OpCache config file is present. - template: - src: opcache.ini.j2 - dest: "{{ item }}/{{ php_opcache_conf_filename }}" - owner: root - group: root - force: yes - mode: 0644 - with_items: "{{ php_extension_conf_paths }}" - when: php_opcache_enable - notify: restart webserver - -- name: Remove OpCache config file if OpCache is disabled. - file: - path: "{{ item }}/{{ php_opcache_conf_filename }}" - state: absent - with_items: "{{ php_extension_conf_paths }}" - when: not php_opcache_enable - notify: restart webserver diff --git a/roles/ansible-role-php/tasks/configure.yml b/roles/ansible-role-php/tasks/configure.yml deleted file mode 100755 index f4fa94c..0000000 --- a/roles/ansible-role-php/tasks/configure.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -- name: Ensure configuration directories exist. - file: - path: "{{ item }}" - state: directory - follow: true - with_flattened: - - "{{ php_conf_paths }}" - - "{{ php_extension_conf_paths }}" - -- name: Place PHP configuration file in place. - template: - src: php.ini.j2 - dest: "{{ item }}/php.ini" - owner: root - group: root - mode: 0644 - with_items: "{{ php_conf_paths }}" - notify: restart webserver - when: php_use_managed_ini diff --git a/roles/ansible-role-php/tasks/install-from-source.yml b/roles/ansible-role-php/tasks/install-from-source.yml deleted file mode 100755 index 83a52a3..0000000 --- a/roles/ansible-role-php/tasks/install-from-source.yml +++ /dev/null @@ -1,150 +0,0 @@ ---- -- name: Ensure dependencies for building from source are installed (RedHat). - yum: "pkg={{ item }} state=installed" - with_items: - - autoconf - - automake - - libtool - - bison - - make - - curl-devel - - recode-devel - - aspell-devel - - libxml2-devel - - pkgconfig - - libmcrypt-devel - - t1lib-devel - - libXpm-devel - - libpng-devel - - libjpeg-turbo-devel - - bzip2-devel - - openssl-devel - - freetype-devel - - libicu-devel - - mariadb-devel - - gmp-devel - when: ansible_os_family == 'RedHat' - -- name: Update apt cache (Debian). - apt: update_cache=yes cache_valid_time=86400 - when: ansible_os_family == 'Debian' - -- name: Ensure dependencies for building from source are installed (Debian). - apt: "pkg={{ item }} state=installed" - with_items: - - build-essential - - autoconf - - automake - - libtool - - bison - - pkg-config - - re2c - - libxml2-dev - - libcurl4-openssl-dev - - libbz2-dev - - libjpeg-dev - - libpng12-dev - - libxpm-dev - - libfreetype6-dev - - libgmp3-dev - - libmcrypt-dev - - libmysqlclient-dev - - libpspell-dev - - librecode-dev - - libssl-dev - when: ansible_os_family == 'Debian' - -- name: Define php_fpm_daemon (if not defined already). - set_fact: - php_fpm_daemon: "php-fpm" - when: php_fpm_daemon is not defined - -- name: Check if gmp.h is already in a location accessible to gcc. - stat: path=/usr/include/gmp.h - register: gmp_file - -- name: Ensure gmp.h is symlinked into a location accessible to gcc. - file: - src: "{{ php_source_install_gmp_path }}" - dest: /usr/include/gmp.h - state: link - when: gmp_file.stat.exists == false - -- name: Check if PHP is installed. - command: which php - changed_when: false - failed_when: false - register: php_installed - -- name: Clone the PHP repository. - git: - repo: https://git.php.net/repository/php-src.git - dest: "{{ php_source_clone_dir }}" - version: "{{ php_source_version }}" - accept_hostkey: yes - depth: 1 - when: php_installed|failed - -- name: Ensure PHP installation path exists. - file: - path: "{{ php_source_install_path }}" - state: directory - mode: 0755 - when: php_installed|failed - -- name: Build configure script. - shell: > - ./buildconf --force - chdir={{ php_source_clone_dir }} - when: php_installed|failed - -- name: Run configure script. - shell: > - {{ php_source_configure_command }} - chdir={{ php_source_clone_dir }} - when: php_installed|failed - -- name: Make and install PHP. - shell: > - {{ item }} - chdir={{ php_source_clone_dir }} - with_items: - - "{{ php_source_make_command }}" - - make install - when: php_installed|failed - -- name: Ensure php executable is symlinked into a standard path. - file: - src: "{{ php_source_install_path }}/bin/php" - dest: /usr/bin/php - state: link - -# PHP FPM configuration. -- name: Ensure php-fpm executable is symlinked into a standard path. - file: - src: "{{ php_source_install_path }}/sbin/php-fpm" - dest: "/usr/sbin/{{ php_fpm_daemon }}" - state: link - when: "'--enable-fpm' in php_source_configure_command" - -- name: Ensure php-fpm init script is installed. - template: - src: fpm-init.j2 - dest: "/etc/init.d/{{ php_fpm_daemon }}" - mode: 0755 - when: "'--enable-fpm' in php_source_configure_command" - notify: restart php-fpm - -- name: Ensure php-fpm config directory exists. - file: - path: "{{ php_fpm_conf_path }}" - state: directory - when: "'--enable-fpm' in php_source_configure_command" - -- name: Ensure php-fpm config file is installed. - template: - src: php-fpm.conf.j2 - dest: "{{ php_fpm_conf_path }}/php-fpm.conf" - mode: 0644 - when: "'--enable-fpm' in php_source_configure_command" - notify: restart php-fpm diff --git a/roles/ansible-role-php/tasks/main.yml b/roles/ansible-role-php/tasks/main.yml deleted file mode 100755 index 1e82cee..0000000 --- a/roles/ansible-role-php/tasks/main.yml +++ /dev/null @@ -1,61 +0,0 @@ ---- -# Variable setup. -- name: Include OS-specific variables. - include_vars: "{{ ansible_os_family }}.yml" - -- name: Define php_packages. - set_fact: - php_packages: "{{ __php_packages | list }}" - when: php_packages is not defined - -- name: Define php_webserver_daemon. - set_fact: - php_webserver_daemon: "{{ __php_webserver_daemon }}" - when: php_webserver_daemon is not defined - -- name: Define php_conf_paths. - set_fact: - php_conf_paths: "{{ __php_conf_paths }}" - when: php_conf_paths is not defined - -- name: Define php_extension_conf_paths. - set_fact: - php_extension_conf_paths: "{{ __php_extension_conf_paths }}" - when: php_extension_conf_paths is not defined - -- name: Define php_apc_conf_filename. - set_fact: - php_apc_conf_filename: "{{ __php_apc_conf_filename }}" - when: php_apc_conf_filename is not defined - -- name: Define php_opcache_conf_filename (Ubuntu 16.04). - set_fact: - php_opcache_conf_filename: "10-opcache.ini" - when: php_opcache_conf_filename is not defined and ansible_distribution_version == "16.04" - -- name: Define php_opcache_conf_filename. - set_fact: - php_opcache_conf_filename: "{{ __php_opcache_conf_filename }}" - when: php_opcache_conf_filename is not defined - -- name: Define php_fpm_conf_path. - set_fact: - php_fpm_conf_path: "{{ __php_fpm_conf_path }}" - when: php_fpm_conf_path is not defined - -# Setup/install tasks. -- include: setup-RedHat.yml - when: (php_install_from_source == false) and (ansible_os_family == 'RedHat') - -- include: setup-Debian.yml - when: (php_install_from_source == false) and (ansible_os_family == 'Debian') - -# Install PHP from source when php_install_from_source is true. -- include: install-from-source.yml - when: php_install_from_source == true - -# Configure PHP. -- include: configure.yml -- include: configure-apcu.yml -- include: configure-opcache.yml -- include: configure-fpm.yml diff --git a/roles/ansible-role-php/tasks/setup-Debian.yml b/roles/ansible-role-php/tasks/setup-Debian.yml deleted file mode 100755 index f77278a..0000000 --- a/roles/ansible-role-php/tasks/setup-Debian.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- name: Update apt cache. - apt: update_cache=yes cache_valid_time=86400 - -- name: Ensure PHP packages are installed. - apt: - name: "{{ item }}" - state: "{{ php_packages_state }}" - with_items: "{{ php_packages }}" - register: php_package_install - notify: restart webserver - -- name: Delete APCu configuration file if this role will provide one. - file: - path: "{{ item }}/{{ php_apc_conf_filename }}" - state: absent - with_items: "{{ php_extension_conf_paths }}" - when: php_enable_apc and php_package_install.changed - notify: restart webserver - -- name: Delete OpCache configuration file if this role will provide one. - file: - path: "{{ item }}/{{ php_opcache_conf_filename }}" - state: absent - with_items: "{{ php_extension_conf_paths }}" - when: php_opcache_enable and php_package_install.changed - notify: restart webserver diff --git a/roles/ansible-role-php/tasks/setup-RedHat.yml b/roles/ansible-role-php/tasks/setup-RedHat.yml deleted file mode 100755 index 6cfde8c..0000000 --- a/roles/ansible-role-php/tasks/setup-RedHat.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -- name: Ensure PHP packages are installed. - yum: - name: "{{ item }}" - state: "{{ php_packages_state }}" - enablerepo: "{{ php_enablerepo }}" - with_items: "{{ php_packages }}" - notify: restart webserver diff --git a/roles/ansible-role-php/templates/apc.ini.j2 b/roles/ansible-role-php/templates/apc.ini.j2 deleted file mode 100644 index bfd5706..0000000 --- a/roles/ansible-role-php/templates/apc.ini.j2 +++ /dev/null @@ -1,4 +0,0 @@ -extension=apcu.so -apc.shm_size={{ php_apc_shm_size }} -apc.enable_cli={{ php_apc_enable_cli }} -apc.rfc1867=1 diff --git a/roles/ansible-role-php/templates/fpm-init.j2 b/roles/ansible-role-php/templates/fpm-init.j2 deleted file mode 100755 index 4d6a6d5..0000000 --- a/roles/ansible-role-php/templates/fpm-init.j2 +++ /dev/null @@ -1,170 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: php-fpm {{ php_fpm_daemon }} -# Required-Start: $remote_fs $network -# Required-Stop: $remote_fs $network -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: starts {{ php_fpm_daemon }} -# Description: Starts The PHP FastCGI Process Manager Daemon -### END INIT INFO - -# Author: Ondrej Sury - -PATH=/sbin:/usr/sbin:/bin:/usr/bin -DESC="PHP FastCGI Process Manager" -NAME={{ php_fpm_daemon }} -DAEMON=/usr/sbin/$NAME -DAEMON_ARGS="--daemonize --fpm-config {{ php_fpm_conf_path }}/php-fpm.conf" -PIDFILE=/var/run/{{ php_fpm_daemon }}.pid -TIMEOUT=2 -SCRIPTNAME=/etc/init.d/$NAME - -# Exit if the package is not installed -[ -x "$DAEMON" ] || exit 0 - -# Read configuration variable file if it is present -[ -r /etc/default/$NAME ] && . /etc/default/$NAME - -# Load the VERBOSE setting and other rcS variables -. /lib/init/vars.sh - -# Define LSB log_* functions. -# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. -. /lib/lsb/init-functions - -# Don't run if we are running upstart -if init_is_upstart; then - exit 1 -fi - -# -# Function to check the correctness of the config file -# -do_check() -{ - /usr/lib/php5/php5-fpm-checkconf || return 1 - return 0 -} - -# -# Function that starts the daemon/service -# -do_start() -{ - # Return - # 0 if daemon has been started - # 1 if daemon was already running - # 2 if daemon could not be started - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ - || return 1 - start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ - $DAEMON_ARGS 2>/dev/null \ - || return 2 - # Add code here, if necessary, that waits for the process to be ready - # to handle requests from services started subsequently which depend - # on this one. As a last resort, sleep for some time. -} - -# -# Function that stops the daemon/service -# -do_stop() -{ - # Return - # 0 if daemon has been stopped - # 1 if daemon was already stopped - # 2 if daemon could not be stopped - # other if a failure occurred - start-stop-daemon --stop --quiet --retry=QUIT/$TIMEOUT/TERM/5/KILL/5 --pidfile $PIDFILE --name $NAME - RETVAL="$?" - [ "$RETVAL" = 2 ] && return 2 - # Wait for children to finish too if this is a daemon that forks - # and if the daemon is only ever run from this initscript. - # If the above conditions are not satisfied then add some other code - # that waits for the process to drop all resources that could be - # needed by services started subsequently. A last resort is to - # sleep for some time. - start-stop-daemon --stop --quiet --oknodo --retry=0/$TIMEOUT/TERM/5/KILL/5 --exec $DAEMON - [ "$?" = 2 ] && return 2 - # Many daemons don't delete their pidfiles when they exit. - rm -f $PIDFILE - return "$RETVAL" -} - -# -# Function that sends a SIGHUP to the daemon/service -# -do_reload() { - # - # If the daemon can reload its configuration without - # restarting (for example, when it is sent a SIGHUP), - # then implement that here. - # - start-stop-daemon --stop --signal USR2 --quiet --pidfile $PIDFILE --name $NAME - return 0 -} - -case "$1" in - start) - [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" - do_start - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - stop) - [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" - do_stop - case "$?" in - 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; - 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; - esac - ;; - status) - status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? - ;; - check) - do_check yes - ;; - reload|force-reload) - log_daemon_msg "Reloading $DESC" "$NAME" - do_reload - log_end_msg $? - ;; - reopen-logs) - log_daemon_msg "Reopening $DESC logs" $NAME - if start-stop-daemon --stop --signal USR1 --oknodo --quiet \ - --pidfile $PIDFILE --exec $DAEMON - then - log_end_msg 0 - else - log_end_msg 1 - fi - ;; - restart) - log_daemon_msg "Restarting $DESC" "$NAME" - do_stop - case "$?" in - 0|1) - do_start - case "$?" in - 0) log_end_msg 0 ;; - 1) log_end_msg 1 ;; # Old process is still running - *) log_end_msg 1 ;; # Failed to start - esac - ;; - *) - # Failed to stop - log_end_msg 1 - ;; - esac - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2 - exit 1 - ;; -esac - -: diff --git a/roles/ansible-role-php/templates/opcache.ini.j2 b/roles/ansible-role-php/templates/opcache.ini.j2 deleted file mode 100755 index f60fb89..0000000 --- a/roles/ansible-role-php/templates/opcache.ini.j2 +++ /dev/null @@ -1,14 +0,0 @@ -zend_extension=opcache.so -opcache.enable={{ php_opcache_enable }} -opcache.enable_cli={{ php_opcache_enable_cli }} -opcache.memory_consumption={{ php_opcache_memory_consumption }} -opcache.interned_strings_buffer={{ php_opcache_interned_strings_buffer }} -opcache.max_accelerated_files={{ php_opcache_max_accelerated_files }} -opcache.max_wasted_percentage={{ php_opcache_max_wasted_percentage }} -opcache.validate_timestamps={{ php_opcache_validate_timestamps }} -opcache.revalidate_path={{ php_opcache_revalidate_path }} -opcache.revalidate_freq={{ php_opcache_revalidate_freq }} -opcache.max_file_size={{ php_opcache_max_file_size }} -{% if php_opcache_blacklist_filename != '' %} -opcache.blacklist_filename={{ php_opcache_blacklist_filename }} -{% endif %} diff --git a/roles/ansible-role-php/templates/php-fpm.conf.j2 b/roles/ansible-role-php/templates/php-fpm.conf.j2 deleted file mode 100755 index 12b277f..0000000 --- a/roles/ansible-role-php/templates/php-fpm.conf.j2 +++ /dev/null @@ -1,12 +0,0 @@ -;;;;;;;;;;;;;;;;;;;;; -; FPM Configuration ; -;;;;;;;;;;;;;;;;;;;;; - -include={{ php_fpm_conf_path }}/pool.d/*.conf - -;;;;;;;;;;;;;;;;;; -; Global Options ; -;;;;;;;;;;;;;;;;;; - -[global] -error_log = /var/log/php-fpm.log diff --git a/roles/ansible-role-php/templates/php.ini.j2 b/roles/ansible-role-php/templates/php.ini.j2 deleted file mode 100755 index d6ad9df..0000000 --- a/roles/ansible-role-php/templates/php.ini.j2 +++ /dev/null @@ -1,225 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -engine = On -short_open_tag = {{ php_short_open_tag }} -asp_tags = Off -precision = 14 -output_buffering = {{ php_output_buffering }} - -zlib.output_compression = Off - -implicit_flush = Off -unserialize_callback_func = -serialize_precision = 17 -disable_functions = -disable_classes = - -zend.enable_gc = On - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -expose_php = {{ php_expose_php }} - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -max_execution_time = {{ php_max_execution_time }} -max_input_time = {{ php_max_input_time }} -max_input_vars = {{ php_max_input_vars }} -memory_limit = {{ php_memory_limit }} - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -error_reporting = {{ php_error_reporting }} -display_errors = {{ php_display_errors }} -display_startup_errors = {{ php_display_startup_errors }} -log_errors = On -log_errors_max_len = 1024 -ignore_repeated_errors = Off -ignore_repeated_source = Off -report_memleaks = On -track_errors = Off -html_errors = On - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -variables_order = "GPCS" -request_order = "GP" -register_argc_argv = Off -auto_globals_jit = On - -post_max_size = {{ php_post_max_size }} -auto_prepend_file = -auto_append_file = - -default_mimetype = "text/html" -always_populate_raw_post_data = -1 - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -doc_root = -user_dir = - -enable_dl = Off - -realpath_cache_size = {{ php_realpath_cache_size }} - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -file_uploads = On -upload_max_filesize = {{ php_upload_max_filesize }} -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -allow_url_fopen = {{ php_allow_url_fopen }} -allow_url_include = Off - -default_socket_timeout = 60 - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[CLI Server] -cli_server.color = On - -[Date] -date.timezone = {{ php_date_timezone }} - -[Pdo_mysql] -pdo_mysql.cache_size = 2000 -pdo_mysql.default_socket= - -[mail function] -; For Win32 only. -SMTP = localhost -smtp_port = 25 - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -sendmail_path = {{ php_sendmail_path }} - -mail.add_x_header = On - -[SQL] -sql.safe_mode = Off - -[ODBC] -odbc.allow_persistent = On -odbc.check_persistent = On -odbc.max_persistent = -1 -odbc.max_links = -1 -odbc.defaultlrl = 4096 -odbc.defaultbinmode = 1 - -[MySQL] -mysql.allow_local_infile = On -mysql.allow_persistent = On -mysql.cache_size = 2000 -mysql.max_persistent = -1 -mysql.max_links = -1 -mysql.default_port = -mysql.default_socket = -mysql.default_host = -mysql.default_user = -mysql.default_password = -mysql.connect_timeout = 60 -mysql.trace_mode = Off - -[MySQLi] -mysqli.max_persistent = -1 -mysqli.allow_persistent = On -mysqli.max_links = -1 -mysqli.cache_size = 2000 -mysqli.default_port = 3306 -mysqli.default_socket = -mysqli.default_host = -mysqli.default_user = -mysqli.default_pw = -mysqli.reconnect = Off - -[mysqlnd] -mysqlnd.collect_statistics = On -mysqlnd.collect_memory_statistics = Off - -[PostgreSQL] -pgsql.allow_persistent = On -pgsql.auto_reset_persistent = Off -pgsql.max_persistent = -1 -pgsql.max_links = -1 -pgsql.ignore_notice = 0 -pgsql.log_notice = 0 - -[bcmath] -bcmath.scale = 0 - -[Session] -session.save_handler = {{ php_session_save_handler }} -session.save_path = {{ php_session_save_path }} -session.use_cookies = 1 -session.use_only_cookies = 1 -session.name = PHPSESSID -session.auto_start = 0 - -session.cookie_lifetime = {{ php_session_cookie_lifetime }} -session.cookie_path = / -session.cookie_domain = -session.cookie_httponly = - -session.serialize_handler = php - -session.gc_probability = {{ php_session_gc_probability }} -session.gc_divisor = {{ php_session_gc_divisor }} -session.gc_maxlifetime = {{ php_session_gc_maxlifetime }} - -session.bug_compat_42 = Off -session.bug_compat_warn = Off -session.referer_check = - -session.cache_limiter = nocache -session.cache_expire = 180 - -session.use_trans_sid = 0 - -session.hash_function = 0 -session.hash_bits_per_character = 5 - -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -mssql.allow_persistent = On -mssql.max_persistent = -1 -mssql.max_links = -1 -mssql.min_error_severity = 10 -mssql.min_message_severity = 10 -mssql.compatability_mode = Off -mssql.secure_connection = Off - -[Tidy] -tidy.clean_output = Off - -[soap] -soap.wsdl_cache_enabled=1 -soap.wsdl_cache_dir="/tmp" -soap.wsdl_cache_ttl=86400 -soap.wsdl_cache_limit = 5 - -[ldap] -ldap.max_links = -1 diff --git a/roles/ansible-role-php/templates/www.conf.j2 b/roles/ansible-role-php/templates/www.conf.j2 deleted file mode 100755 index af29d54..0000000 --- a/roles/ansible-role-php/templates/www.conf.j2 +++ /dev/null @@ -1,28 +0,0 @@ -[www] -listen = 127.0.0.1:9000 -listen.allowed_clients = 127.0.0.1 -user = {{ php_fpm_pool_user }} -group = {{ php_fpm_pool_group }} - -pm = dynamic -pm.max_children = 50 -pm.start_servers = 5 -pm.min_spare_servers = 5 -pm.max_spare_servers = 5 -pm.max_requests = 500 - -slowlog = /var/log/php-fpm/www-slow.log -chdir = /var/www/html/{{ server_hostname }} -security.limit_extensions = .php .php3 .php4 .php5 .php7 - -catch_workers_output = yes -php_admin_value[memory_limit] = {{ php_memory_limit }} -php_admin_value[post_max_size] = {{ php_post_max_size }} -php_admin_value[upload_max_filesize] = {{ php_upload_max_filesize }} -php_admin_value[max_input_vars] = {{ php_max_input_vars }} -php_admin_value[error_log] = /var/log/php-fpm/www-error.log -php_admin_flag[log_errors] = on -php_value[session.save_handler] = files -php_value[session.save_path] = /var/lib/php/session -php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache -php_value[opcache.file_cache] = /var/lib/php/opcache diff --git a/roles/ansible-role-php/tests/Dockerfile.centos-7 b/roles/ansible-role-php/tests/Dockerfile.centos-7 deleted file mode 100755 index 8aa0654..0000000 --- a/roles/ansible-role-php/tests/Dockerfile.centos-7 +++ /dev/null @@ -1,27 +0,0 @@ -FROM centos:7 - -# Install systemd -- See https://hub.docker.com/_/centos/ -RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs -RUN yum -y update; yum clean all; \ -(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ -rm -f /lib/systemd/system/multi-user.target.wants/*; \ -rm -f /etc/systemd/system/*.wants/*; \ -rm -f /lib/systemd/system/local-fs.target.wants/*; \ -rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ -rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ -rm -f /lib/systemd/system/basic.target.wants/*; \ -rm -f /lib/systemd/system/anaconda.target.wants/*; - -# Install Ansible -RUN yum -y install epel-release -RUN yum -y install git ansible sudo -RUN yum clean all - -# Disable requiretty -RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers - -# Install Ansible inventory file -RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts - -VOLUME ["/sys/fs/cgroup"] -CMD ["/usr/sbin/init"] diff --git a/roles/ansible-role-php/tests/Dockerfile.ubuntu-12.04 b/roles/ansible-role-php/tests/Dockerfile.ubuntu-12.04 deleted file mode 100755 index d0c130c..0000000 --- a/roles/ansible-role-php/tests/Dockerfile.ubuntu-12.04 +++ /dev/null @@ -1,11 +0,0 @@ -FROM ubuntu:12.04 -RUN apt-get update - -# Install Ansible -RUN apt-get install -y software-properties-common python-software-properties git -RUN apt-add-repository -y ppa:ansible/ansible -RUN apt-get update -RUN apt-get install -y ansible - -# Install Ansible inventory file -RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/roles/ansible-role-php/tests/Dockerfile.ubuntu-14.04 b/roles/ansible-role-php/tests/Dockerfile.ubuntu-14.04 deleted file mode 100755 index ca33287..0000000 --- a/roles/ansible-role-php/tests/Dockerfile.ubuntu-14.04 +++ /dev/null @@ -1,11 +0,0 @@ -FROM ubuntu:14.04 -RUN apt-get update - -# Install Ansible -RUN apt-get install -y software-properties-common git -RUN apt-add-repository -y ppa:ansible/ansible -RUN apt-get update -RUN apt-get install -y ansible - -# Install Ansible inventory file -RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/roles/ansible-role-php/tests/inventory b/roles/ansible-role-php/tests/inventory deleted file mode 100755 index 2fbb50c..0000000 --- a/roles/ansible-role-php/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/roles/ansible-role-php/tests/requirements.yml b/roles/ansible-role-php/tests/requirements.yml deleted file mode 100755 index 711227a..0000000 --- a/roles/ansible-role-php/tests/requirements.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -- src: geerlingguy.repo-remi diff --git a/roles/ansible-role-php/tests/test-package.yml b/roles/ansible-role-php/tests/test-package.yml deleted file mode 100755 index 8e749e8..0000000 --- a/roles/ansible-role-php/tests/test-package.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -- hosts: all - - vars: - php_enable_webserver: false - php_memory_limit: "192M" - php_enablerepo: "remi,remi-php70" - - pre_tasks: - - include_vars: test-vars-ubuntu1204.yml - when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '12.04' - - - name: Ensure build dependencies are installed (RedHat). - yum: name=which state=present - when: ansible_os_family == 'RedHat' - - - name: Add repository for PHP 7. - apt_repository: repo='ppa:ondrej/php' - when: ansible_distribution == 'Ubuntu' and ansible_distribution_version != '12.04' - - - name: Add repository for PHP 5.6. - apt_repository: repo='ppa:ondrej/php5-5.6' - when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '12.04' - - roles: - - { role: geerlingguy.repo-remi, when: ansible_os_family == 'RedHat' } - - role_under_test diff --git a/roles/ansible-role-php/tests/test-source.yml b/roles/ansible-role-php/tests/test-source.yml deleted file mode 100755 index cac5349..0000000 --- a/roles/ansible-role-php/tests/test-source.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -- hosts: all - - vars: - php_enable_webserver: false - php_install_from_source: true - php_source_clone_dir: /root/php-src - php_source_make_command: "make --jobs=2" - php_source_version: "php-7.0.5" - php_memory_limit: "192M" - - pre_tasks: - - name: Ensure build dependencies are installed (RedHat). - yum: name=which state=present - when: ansible_os_family == 'RedHat' - - roles: - - role_under_test diff --git a/roles/ansible-role-php/tests/test-vars-ubuntu1204.yml b/roles/ansible-role-php/tests/test-vars-ubuntu1204.yml deleted file mode 100755 index 9fabcac..0000000 --- a/roles/ansible-role-php/tests/test-vars-ubuntu1204.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -php_version: "5.6" -php_packages: - - php5 - - php5-mcrypt - - php5-cli - - php5-common - - php5-curl - - php5-dev - - php5-fpm - - php5-gd - - php-pear - - libpcre3-dev -php_conf_paths: - - /etc/php5/fpm - - /etc/php5/apache2 - - /etc/php5/cli -php_extension_conf_paths: - - /etc/php5/fpm/conf.d - - /etc/php5/apache2/conf.d - - /etc/php5/cli/conf.d -php_fpm_daemon: php5-fpm -php_fpm_conf_path: "/etc/php5/fpm" diff --git a/roles/ansible-role-php/vars/Debian.yml b/roles/ansible-role-php/vars/Debian.yml deleted file mode 100755 index ae927c2..0000000 --- a/roles/ansible-role-php/vars/Debian.yml +++ /dev/null @@ -1,37 +0,0 @@ ---- -__php_packages: - - php7.0-common - - php7.0-cli - - php7.0-dev - - php7.0-fpm - - libpcre3-dev - - php7.0-gd - - php7.0-curl - - php7.0-imap - - php7.0-json - - php7.0-opcache - - php7.0-xml - - php7.0-mbstring - - php-sqlite3 - - php-apcu -__php_webserver_daemon: "apache2" - -# Vendor-specific configuration paths on Debian/Ubuntu make my brain asplode. -__php_conf_paths: - - /etc/php/7.0/fpm - - /etc/php/7.0/apache2 - - /etc/php/7.0/cli - -__php_extension_conf_paths: - - /etc/php/7.0/fpm/conf.d - - /etc/php/7.0/apache2/conf.d - - /etc/php/7.0/cli/conf.d - -__php_apc_conf_filename: 20-apcu.ini -__php_opcache_conf_filename: 05-opcache.ini -__php_fpm_daemon: php7.0-fpm -__php_fpm_conf_path: "/etc/php/7.0/fpm" -__php_fpm_pool_conf_path: "{{ __php_fpm_conf_path }}/pool.d/www.conf" - -__php_fpm_pool_user: www-data -__php_fpm_pool_group: www-data diff --git a/roles/ansible-role-php/vars/RedHat.yml b/roles/ansible-role-php/vars/RedHat.yml deleted file mode 100755 index 630cf27..0000000 --- a/roles/ansible-role-php/vars/RedHat.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -__php_packages: - - php - - php-cli - - php-common - - php-devel - - php-fpm - - php-gd - - php-imap - - php-ldap - - php-mbstring - - php-opcache - - php-pdo - - php-pear - - php-pecl-apcu - - php-xml - - php-xmlrpc -__php_webserver_daemon: "httpd" - -__php_conf_paths: - - /etc - -__php_extension_conf_paths: - - /etc/php.d - -__php_apc_conf_filename: 50-apc.ini -__php_opcache_conf_filename: 10-opcache.ini -__php_fpm_daemon: php-fpm -__php_fpm_conf_path: "/etc/fpm" -__php_fpm_pool_conf_path: "/etc/php-fpm.d/www.conf" - -__php_fpm_pool_user: vmuser -__php_fpm_pool_group: nginx diff --git a/roles/ansible-role-postfix/.travis.yml b/roles/ansible-role-postfix/.travis.yml deleted file mode 100644 index df7b654..0000000 --- a/roles/ansible-role-postfix/.travis.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -sudo: required -language: python -python: "2.7" - -env: - - SITE=test.yml - -before_install: - - sudo apt-get update -qq - -install: - # Install Ansible. - - pip install ansible - - # Add ansible.cfg to pick up roles path. - - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" - -script: - # Check the role/playbook's syntax. - - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" - - # Run the role/playbook with ansible-playbook. - - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" - - # Run the role/playbook again, checking to make sure it's idempotent. - - > - ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo - | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) - || (echo 'Idempotence test: fail' && exit 1) - - # TODO - Add test to check if postfix is working correctly. - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/ansible-role-postfix/README.md b/roles/ansible-role-postfix/README.md deleted file mode 100644 index 6bb46a1..0000000 --- a/roles/ansible-role-postfix/README.md +++ /dev/null @@ -1,31 +0,0 @@ -# Ansible Role: Postfix - -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-postfix.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-postfix) - -Installs postfix on RedHat/CentOS or Debian/Ubuntu. - -## Requirements - -If you're using this as an SMTP relay server, you will need to do that on your own, and open TCP port 25 in your server firewall. - -## Role Variables - -None. - -## Dependencies - -None. - -## Example Playbook - - - hosts: all - roles: - - { role: geerlingguy.postfix } - -## License - -MIT / BSD - -## Author Information - -This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/roles/ansible-role-postfix/defaults/main.yml b/roles/ansible-role-postfix/defaults/main.yml deleted file mode 100644 index ed97d53..0000000 --- a/roles/ansible-role-postfix/defaults/main.yml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/roles/ansible-role-postfix/meta/main.yml b/roles/ansible-role-postfix/meta/main.yml deleted file mode 100644 index 1f034f1..0000000 --- a/roles/ansible-role-postfix/meta/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -dependencies: [] - -galaxy_info: - author: geerlingguy - description: Postfix for RedHat/CentOS or Debian/Ubuntu. - company: "Midwestern Mac, LLC" - license: "license (BSD, MIT)" - min_ansible_version: 1.8 - platforms: - - name: EL - versions: - - all - - name: Debian - versions: - - all - - name: Ubuntu - versions: - - all - galaxy_tags: - - networking - - system - - mail diff --git a/roles/ansible-role-postfix/tasks/main.yml b/roles/ansible-role-postfix/tasks/main.yml deleted file mode 100644 index 6d0ca1a..0000000 --- a/roles/ansible-role-postfix/tasks/main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Ensure postfix is installed (RedHat). - yum: name=postfix state=installed - when: ansible_os_family == 'RedHat' - -- name: Ensure postfix is installed (Debian). - apt: name=postfix state=installed - when: ansible_os_family == 'Debian' - -- name: Ensure postfix is started and enabled at boot. - service: name=postfix state=started enabled=yes diff --git a/roles/ansible-role-postfix/tests/inventory b/roles/ansible-role-postfix/tests/inventory deleted file mode 100644 index 2fbb50c..0000000 --- a/roles/ansible-role-postfix/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/roles/ansible-role-postfix/tests/test.yml b/roles/ansible-role-postfix/tests/test.yml deleted file mode 100644 index f404e40..0000000 --- a/roles/ansible-role-postfix/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - ansible-role-postfix diff --git a/roles/common/files/RPM-GPG-KEY-EPEL-7 b/roles/common/files/RPM-GPG-KEY-EPEL-7 deleted file mode 100644 index a1d6f25..0000000 --- a/roles/common/files/RPM-GPG-KEY-EPEL-7 +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.11 (GNU/Linux) - -mQINBFKuaIQBEAC1UphXwMqCAarPUH/ZsOFslabeTVO2pDk5YnO96f+rgZB7xArB -OSeQk7B90iqSJ85/c72OAn4OXYvT63gfCeXpJs5M7emXkPsNQWWSju99lW+AqSNm -jYWhmRlLRGl0OO7gIwj776dIXvcMNFlzSPj00N2xAqjMbjlnV2n2abAE5gq6VpqP -vFXVyfrVa/ualogDVmf6h2t4Rdpifq8qTHsHFU3xpCz+T6/dGWKGQ42ZQfTaLnDM -jToAsmY0AyevkIbX6iZVtzGvanYpPcWW4X0RDPcpqfFNZk643xI4lsZ+Y2Er9Yu5 -S/8x0ly+tmmIokaE0wwbdUu740YTZjCesroYWiRg5zuQ2xfKxJoV5E+Eh+tYwGDJ -n6HfWhRgnudRRwvuJ45ztYVtKulKw8QQpd2STWrcQQDJaRWmnMooX/PATTjCBExB -9dkz38Druvk7IkHMtsIqlkAOQMdsX1d3Tov6BE2XDjIG0zFxLduJGbVwc/6rIc95 -T055j36Ez0HrjxdpTGOOHxRqMK5m9flFbaxxtDnS7w77WqzW7HjFrD0VeTx2vnjj -GqchHEQpfDpFOzb8LTFhgYidyRNUflQY35WLOzLNV+pV3eQ3Jg11UFwelSNLqfQf -uFRGc+zcwkNjHh5yPvm9odR1BIfqJ6sKGPGbtPNXo7ERMRypWyRz0zi0twARAQAB -tChGZWRvcmEgRVBFTCAoNykgPGVwZWxAZmVkb3JhcHJvamVjdC5vcmc+iQI4BBMB -AgAiBQJSrmiEAhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBqL66iNSxk -5cfGD/4spqpsTjtDM7qpytKLHKruZtvuWiqt5RfvT9ww9GUUFMZ4ZZGX4nUXg49q -ixDLayWR8ddG/s5kyOi3C0uX/6inzaYyRg+Bh70brqKUK14F1BrrPi29eaKfG+Gu -MFtXdBG2a7OtPmw3yuKmq9Epv6B0mP6E5KSdvSRSqJWtGcA6wRS/wDzXJENHp5re -9Ism3CYydpy0GLRA5wo4fPB5uLdUhLEUDvh2KK//fMjja3o0L+SNz8N0aDZyn5Ax -CU9RB3EHcTecFgoy5umRj99BZrebR1NO+4gBrivIfdvD4fJNfNBHXwhSH9ACGCNv -HnXVjHQF9iHWApKkRIeh8Fr2n5dtfJEF7SEX8GbX7FbsWo29kXMrVgNqHNyDnfAB -VoPubgQdtJZJkVZAkaHrMu8AytwT62Q4eNqmJI1aWbZQNI5jWYqc6RKuCK6/F99q -thFT9gJO17+yRuL6Uv2/vgzVR1RGdwVLKwlUjGPAjYflpCQwWMAASxiv9uPyYPHc -ErSrbRG0wjIfAR3vus1OSOx3xZHZpXFfmQTsDP7zVROLzV98R3JwFAxJ4/xqeON4 -vCPFU6OsT3lWQ8w7il5ohY95wmujfr6lk89kEzJdOTzcn7DBbUru33CQMGKZ3Evt -RjsC7FDbL017qxS+ZVA/HGkyfiu4cpgV8VUnbql5eAZ+1Ll6Dw== -=hdPa ------END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/roles/common/files/RPM-GPG-KEY-NGINX b/roles/common/files/RPM-GPG-KEY-NGINX deleted file mode 100644 index 2528b45..0000000 --- a/roles/common/files/RPM-GPG-KEY-NGINX +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.11 (FreeBSD) - -mQENBE5OMmIBCAD+FPYKGriGGf7NqwKfWC83cBV01gabgVWQmZbMcFzeW+hMsgxH -W6iimD0RsfZ9oEbfJCPG0CRSZ7ppq5pKamYs2+EJ8Q2ysOFHHwpGrA2C8zyNAs4I -QxnZZIbETgcSwFtDun0XiqPwPZgyuXVm9PAbLZRbfBzm8wR/3SWygqZBBLdQk5TE -fDR+Eny/M1RVR4xClECONF9UBB2ejFdI1LD45APbP2hsN/piFByU1t7yK2gpFyRt -97WzGHn9MV5/TL7AmRPM4pcr3JacmtCnxXeCZ8nLqedoSuHFuhwyDnlAbu8I16O5 -XRrfzhrHRJFM1JnIiGmzZi6zBvH0ItfyX6ttABEBAAG0KW5naW54IHNpZ25pbmcg -a2V5IDxzaWduaW5nLWtleUBuZ2lueC5jb20+iQE+BBMBAgAoBQJOTjJiAhsDBQkJ -ZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCr9b2Ce9m/YpvjB/98uV4t -94d0oEh5XlqEZzVMrcTgPQ3BZt05N5xVuYaglv7OQtdlErMXmRWaFZEqDaMHdniC -sF63jWMd29vC4xpzIfmsLK3ce9oYo4t9o4WWqBUdf0Ff1LMz1dfLG2HDtKPfYg3C -8NESud09zuP5NohaE8Qzj/4p6rWDiRpuZ++4fnL3Dt3N6jXILwr/TM/Ma7jvaXGP -DO3kzm4dNKp5b5bn2nT2QWLPnEKxvOg5Zoej8l9+KFsUnXoWoYCkMQ2QTpZQFNwF -xwJGoAz8K3PwVPUrIL6b1lsiNovDgcgP0eDgzvwLynWKBPkRRjtgmWLoeaS9FAZV -ccXJMmANXJFuCf26iQEcBBABAgAGBQJOTkelAAoJEKZP1bF62zmo79oH/1XDb29S -YtWp+MTJTPFEwlWRiyRuDXy3wBd/BpwBRIWfWzMs1gnCjNjk0EVBVGa2grvy9Jtx -JKMd6l/PWXVucSt+U/+GO8rBkw14SdhqxaS2l14v6gyMeUrSbY3XfToGfwHC4sa/ -Thn8X4jFaQ2XN5dAIzJGU1s5JA0tjEzUwCnmrKmyMlXZaoQVrmORGjCuH0I0aAFk -RS0UtnB9HPpxhGVbs24xXZQnZDNbUQeulFxS4uP3OLDBAeCHl+v4t/uotIad8v6J -SO93vc1evIje6lguE81HHmJn9noxPItvOvSMb2yPsE8mH4cJHRTFNSEhPW6ghmlf -Wa9ZwiVX5igxcvaIRgQQEQIABgUCTk5b0gAKCRDs8OkLLBcgg1G+AKCnacLb/+W6 -cflirUIExgZdUJqoogCeNPVwXiHEIVqithAM1pdY/gcaQZmIRgQQEQIABgUCTk5f -YQAKCRCpN2E5pSTFPnNWAJ9gUozyiS+9jf2rJvqmJSeWuCgVRwCcCUFhXRCpQO2Y -Va3l3WuB+rgKjsQ= -=A015 ------END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/roles/common/files/epel.repo b/roles/common/files/epel.repo deleted file mode 100644 index 0301cc7..0000000 --- a/roles/common/files/epel.repo +++ /dev/null @@ -1,8 +0,0 @@ -[epel] -name=Extra Packages for Enterprise Linux 7 - $basearch -#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch -mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch -failovermethod=priority -enabled=1 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 \ No newline at end of file diff --git a/roles/common/files/nginx.repo b/roles/common/files/nginx.repo deleted file mode 100644 index 9060b8d..0000000 --- a/roles/common/files/nginx.repo +++ /dev/null @@ -1,7 +0,0 @@ -[nginx] -name=Nginx repo - $basearch -baseurl=http://nginx.org/packages/centos/7/$basearch -failovermethod=priority -gpgcheck=1 -enabled=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NGINX diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml deleted file mode 100644 index b16fe11..0000000 --- a/roles/common/tasks/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# Setup/install tasks. -- include: setup-RedHat.yml - when: ansible_os_family == 'RedHat' - -- hostname: name={{ server_hostname }} - -- name: Creates custom users - user: name=vmuser comment=DefaultUser groups=wheel password={{ default_user_password }} shell=/bin/bash createhome=yes - -- name: Creates custom PHP users - user: name=www-php comment=DefaultPHPUser shell=/sbin/nologin createhome=no diff --git a/roles/common/tasks/setup-RedHat.yml b/roles/common/tasks/setup-RedHat.yml deleted file mode 100644 index c7ab2e8..0000000 --- a/roles/common/tasks/setup-RedHat.yml +++ /dev/null @@ -1,19 +0,0 @@ -- name: Copy the NGINX repository definition - copy: src=nginx.repo dest=/etc/yum.repos.d/ - -- name: Copy the EPEL repository definition - copy: src=epel.repo dest=/etc/yum.repos.d/ - -- name: Create the GPG key for NGINX - copy: src=RPM-GPG-KEY-NGINX dest=/etc/pki/rpm-gpg - -- name: Create the GPG key for EPEL - copy: src=RPM-GPG-KEY-EPEL-7 dest=/etc/pki/rpm-gpg - -- name: Creates Docroot vhost directory - file: path=/var/www/html/{{ item.value.name }} state=directory owner={{ default_user_username }} group={{ php_fpm_pool_group }} mode=0755 recurse=yes - when: nginx_vhosts|length > 0 - with_dict: "{{ vhost_domains }}" - notify: - - reload nginx - - reload apache diff --git a/roles/wordpress/tasks/main.yml b/roles/wordpress/tasks/main.yml deleted file mode 100644 index 8a577cb..0000000 --- a/roles/wordpress/tasks/main.yml +++ /dev/null @@ -1,60 +0,0 @@ ---- -- name: Download WordPress - get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz - sha256sum="{{ wp_sha256sum }}" - -- name: Extract archive - command: chdir=/srv/ /bin/tar xvf wordpress-{{ wp_version }}.tar.gz creates=/srv/wordpress - -- name: Add group "wordpress" - group: name=wordpress - -- name: Add user "wordpress" - user: name=wordpress group=wordpress home=/srv/wordpress/ - -- name: Fetch random salts for WordPress config - local_action: command curl https://api.wordpress.org/secret-key/1.1/salt/ - register: "wp_salt" - sudo: no - -- name: Create WordPress database - mysql_db: name={{ wp_db_name }} state=present - -- name: Create WordPress database user - mysql_user: name={{ wp_db_user }} password={{ wp_db_password }} priv={{ wp_db_name }}.*:ALL host='localhost' state=present - -- name: Copy WordPress config file - template: src=wp-config.php dest=/srv/wordpress/ - -- name: Change ownership of WordPress installation - file: path=/srv/wordpress/ owner=wordpress group=wordpress state=directory recurse=yes - -- name: install SEManage - yum: pkg=policycoreutils-python state=present - -- name: set the SELinux policy for the Wordpress directory - command: semanage fcontext -a -t httpd_sys_content_t "/srv/wordpress(/.*)?" - -- name: set the SELinux policy for wp-config.php - command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-config\.php" - -- name: set the SELinux policy for wp-content directory - command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content(/.*)?" - -- name: set the SELinux policy for the *.php files - command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/.*\.php" - -- name: set the SELinux policy for the Upgrade directory - command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/upgrade(/.*)?" - -- name: set the SELinux policy for the Uploads directory - command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/uploads(/.*)?" - -- name: set the SELinux policy for the wp-includes php files - command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-includes/.*\.php" - -- name: set the SELinux on all the Files - command: restorecon -Rv /srv/wordpress - -- name: Start php-fpm Service - service: name=php-fpm state=started enabled=yes diff --git a/roles/wordpress/templates/wp-config.php b/roles/wordpress/templates/wp-config.php deleted file mode 100644 index 5694520..0000000 --- a/roles/wordpress/templates/wp-config.php +++ /dev/null @@ -1,90 +0,0 @@ - + ServerName {{ vhost.servername }} +{% if vhost.serveralias is defined %} + ServerAlias {{ vhost.serveralias }} +{% endif %} +{% if vhost.documentroot is defined %} + DocumentRoot {{ vhost.documentroot }} +{% endif %} + +{% if vhost.serveradmin is defined %} + ServerAdmin {{ vhost.serveradmin }} +{% endif %} +{% if vhost.documentroot is defined %} + + AllowOverride All + Options -Indexes +FollowSymLinks +{% if apache_vhosts_version == "2.2" %} + Order allow,deny + Allow from all +{% else %} + Require all granted +{% endif %} + +{% endif %} +{% if vhost.extra_parameters is defined %} + {{ vhost.extra_parameters }} +{% endif %} + + +{% endfor %} + +{# Set up SSL VirtualHosts #} +{% for vhost in apache_vhosts_ssl %} +{% if apache_ignore_missing_ssl_certificate or apache_ssl_certificates.results[loop.index0].stat.exists %} + + ServerName {{ vhost.servername }} +{% if vhost.serveralias is defined %} + ServerAlias {{ vhost.serveralias }} +{% endif %} +{% if vhost.documentroot is defined %} + DocumentRoot {{ vhost.documentroot }} +{% endif %} + + SSLEngine on + SSLCipherSuite {{ apache_ssl_cipher_suite }} + SSLProtocol {{ apache_ssl_protocol }} + SSLHonorCipherOrder On +{% if apache_vhosts_version == "2.4" %} + SSLCompression off +{% endif %} + SSLCertificateFile {{ vhost.certificate_file }} + SSLCertificateKeyFile {{ vhost.certificate_key_file }} +{% if vhost.certificate_chain_file is defined %} + SSLCertificateChainFile {{ vhost.certificate_chain_file }} +{% endif %} + +{% if vhost.serveradmin is defined %} + ServerAdmin {{ vhost.serveradmin }} +{% endif %} +{% if vhost.documentroot is defined %} + + AllowOverride All + Options -Indexes +FollowSymLinks +{% if apache_vhosts_version == "2.2" %} + Order allow,deny + Allow from all +{% else %} + Require all granted +{% endif %} + +{% endif %} +{% if vhost.extra_parameters is defined %} + {{ vhost.extra_parameters }} +{% endif %} + + +{% endif %} +{% endfor %} diff --git a/roles/ansible-role-git/tests/Dockerfile.centos-6 b/tests/Dockerfile.centos-6 similarity index 100% rename from roles/ansible-role-git/tests/Dockerfile.centos-6 rename to tests/Dockerfile.centos-6 diff --git a/roles/ansible-role-apache-php-fpm/tests/Dockerfile.centos-7 b/tests/Dockerfile.centos-7 similarity index 100% rename from roles/ansible-role-apache-php-fpm/tests/Dockerfile.centos-7 rename to tests/Dockerfile.centos-7 diff --git a/roles/ansible-role-apache-php-fpm/tests/Dockerfile.ubuntu-12.04 b/tests/Dockerfile.ubuntu-12.04 similarity index 100% rename from roles/ansible-role-apache-php-fpm/tests/Dockerfile.ubuntu-12.04 rename to tests/Dockerfile.ubuntu-12.04 diff --git a/roles/ansible-role-apache-php-fpm/tests/Dockerfile.ubuntu-14.04 b/tests/Dockerfile.ubuntu-14.04 similarity index 100% rename from roles/ansible-role-apache-php-fpm/tests/Dockerfile.ubuntu-14.04 rename to tests/Dockerfile.ubuntu-14.04 diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..f5c5ca6 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,13 @@ +--- +- hosts: all + + vars: + apache_listen_port_ssl: 443 + apache_create_vhosts: true + apache_vhosts_filename: "vhosts.conf" + apache_vhosts: + - servername: "example.com" + documentroot: "/var/www/vhosts/example_com" + + roles: + - role_under_test diff --git a/vars/Debian.yml b/vars/Debian.yml new file mode 100644 index 0000000..7ff09c5 --- /dev/null +++ b/vars/Debian.yml @@ -0,0 +1,14 @@ +--- +apache_service: apache2 +apache_daemon: apache2 +apache_daemon_path: /usr/sbin/ +apache_server_root: /etc/apache2 +apache_conf_path: /etc/apache2 + +__apache_packages: + - apache2 + - apache2-utils + +apache_ports_configuration_items: + - regexp: "^Listen " + line: "Listen {{ apache_listen_port }}" diff --git a/vars/RedHat.yml b/vars/RedHat.yml new file mode 100644 index 0000000..d79fa5a --- /dev/null +++ b/vars/RedHat.yml @@ -0,0 +1,20 @@ +--- +apache_service: httpd +apache_daemon: httpd +apache_daemon_path: /usr/sbin/ +apache_server_root: /etc/httpd +apache_conf_path: /etc/httpd/conf.d + +apache_vhosts_version: "2.2" + +__apache_packages: + - httpd + - httpd-devel + - mod_ssl + - openssh + +apache_ports_configuration_items: + - regexp: "^Listen " + line: "Listen {{ apache_listen_port }}" + - regexp: "^#?NameVirtualHost " + line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}" diff --git a/vars/Solaris.yml b/vars/Solaris.yml new file mode 100644 index 0000000..576291e --- /dev/null +++ b/vars/Solaris.yml @@ -0,0 +1,19 @@ +--- +apache_service: apache24 +apache_daemon: httpd +apache_daemon_path: /usr/apache2/2.4/bin/ +apache_server_root: /etc/apache2/2.4/ +apache_conf_path: /etc/apache2/2.4/conf.d + +apache_vhosts_version: "2.2" + +__apache_packages: + - web/server/apache-24 + - web/server/apache-24/module/apache-ssl + - web/server/apache-24/module/apache-security + +apache_ports_configuration_items: + - regexp: "^Listen " + line: "Listen {{ apache_listen_port }}" + - regexp: "^#?NameVirtualHost " + line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}" diff --git a/vars/Suse.yml b/vars/Suse.yml new file mode 100644 index 0000000..27703f3 --- /dev/null +++ b/vars/Suse.yml @@ -0,0 +1,18 @@ +--- +apache_service: apache2 +apache_daemon: httpd2 +apache_daemon_path: /usr/sbin/ +apache_server_root: /etc/apache2 +apache_conf_path: /etc/apache2/conf.d + +apache_vhosts_version: "2.2" + +__apache_packages: + - apache2 + - openssh + +apache_ports_configuration_items: + - regexp: "^Listen " + line: "Listen {{ apache_listen_port }}" + - regexp: "^#?NameVirtualHost " + line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}" diff --git a/vars/apache-22.yml b/vars/apache-22.yml new file mode 100644 index 0000000..c932f93 --- /dev/null +++ b/vars/apache-22.yml @@ -0,0 +1,12 @@ +--- +apache_vhosts_version: "2.2" +apache_default_vhost_filename: 000-default +apache_ports_configuration_items: + - { + regexp: "^Listen ", + line: "Listen {{ apache_listen_port }}" + } + - { + regexp: "^#?NameVirtualHost ", + line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}" + } diff --git a/vars/apache-24.yml b/vars/apache-24.yml new file mode 100644 index 0000000..449a444 --- /dev/null +++ b/vars/apache-24.yml @@ -0,0 +1,8 @@ +--- +apache_vhosts_version: "2.4" +apache_default_vhost_filename: 000-default.conf +apache_ports_configuration_items: + - { + regexp: "^Listen ", + line: "Listen {{ apache_listen_port }}" + }