-
Notifications
You must be signed in to change notification settings - Fork 12
/
Copy pathserver.yml
92 lines (84 loc) · 2.75 KB
/
server.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
---
- name: Install prerequisites
hosts: web
remote_user: root
gather_facts: false
tasks:
- name: Install Python 3.x
raw: which python || apt-get update && apt-get install -qq -y python-simplejson
register: python_check
changed_when: not python_check.stdout | search('/usr/bin/python')
- name: Add repository for PHP 7.
apt_repository: repo='ppa:ondrej/php'
- name: Sudo user Creation
hosts: web
remote_user: root
tasks:
- name: create sudo user
user: name="{{sudo_user}}"
password="{{ upassword | password_hash('sha512') }}"
state=present
createhome=yes
groups="sudo"
append=yes
shell=/bin/bash
comment="Comment"
- name: Set up authorized keys for the sudo user
authorized_key:
user: "{{sudo_user}}"
key: "{{github_keys}}"
- name: Web user creation
hosts: web
remote_user: root
tasks:
- name: create web user
user: name="{{web_user}}"
state=present
createhome=yes
groups="www-data"
append=yes
shell=/bin/bash
comment="Comment"
- name: Set up authorized keys for the web user
authorized_key:
user: "{{web_user}}"
key: "{{github_keys}}"
- name : Add Composer to path
lineinfile: dest=/home/web/.bashrc state=present line='export PATH="$PATH:$HOME/.composer/vendor/bin"'
- name: LEMP Provisioning
hosts: web
user: root
vars_files:
- vars/main.yml
roles:
- { role: geerlingguy.nginx }
- {role: geerlingguy.certbot }
- {role: geerlingguy.php }
- {role: geerlingguy.mysql }
- { role: geerlingguy.php-mysql }
- {role: geerlingguy.memcached }
- {role: geerlingguy.git }
- {role: geerlingguy.composer }
- {role: geerlingguy.nodejs }
- name: Laravel Homebase Setup
hosts: web
remote_user: root
tasks:
- name: Project Folder Creation
file: dest=/var/www/{{domain}} mode=2755 state=directory owner=web group=www-data
# - name: set APP_DEBUG=false
# lineinfile: dest=/var/www/laravel/.env regexp='^APP_DEBUG=' line=APP_DEBUG=false
# - name: set APP_ENV=production
# lineinfile: dest=/var/www/laravel/.env regexp='^APP_ENV=' line=APP_ENV=production
# - name: Install Certbot Plugin and create Certs
# raw without python
# shell for $HOME and other operators like > &
# https://blog.confirm.ch/ansible-modules-shell-vs-command/
# hosts: web
# remote_user: root
# tasks:
# - name: Install "python-certbot-nginx"
# command: sudo apt-get install python-certbot-nginx
# - name: Run certbot generation for each host
# command: /opt/certbot/certbot-auto --nginx -n -d {{ item['host'] }} --email {{ item['admin_email'] }} --redirect --agree-tos
# with_items: "{{ vhost_sites }}"