Files
@ 0079746d9a8b
Branch filter:
Location: majic-ansible-roles/roles/web_server/tasks/main.yml - annotation
0079746d9a8b
2.3 KiB
text/x-yaml
MAR-5: Updated the web server role to include deployment of some base packages for PHP and Python web apps.
373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b 0079746d9a8b | ---
- name: Install nginx
apt: name=nginx state=installed
- name: Allow nginx user to traverse the directory with TLS private keys
user: name=www-data append=yes groups=ssl-cert
notify:
- Restart nginx
- name: Deploy nginx TLS private key
copy: dest="/etc/ssl/private/{{ https_tls_key | basename }}" src="{{ https_tls_key }}"
mode=640 owner=root group=root
notify:
- Restart nginx
- name: Deploy nginx TLS certificate
copy: dest="/etc/ssl/certs/{{ https_tls_certificate | basename }}" src="{{ https_tls_certificate }}"
mode=644 owner=root group=root
notify:
- Restart nginx
- name: Deploy default vhost configuration
template: src="nginx-default.j2" dest="/etc/nginx/sites-available/default"
owner=root group=root mode=644
notify:
- Restart nginx
- name: Deploy firewall configuration for web server
copy: src="ferm_http.conf" dest="/etc/ferm/conf.d/30-web.conf" owner=root group=root mode=640
notify:
- Restart ferm
- name: Remove the default Debian html files
file: path="{{ item }}" state=absent
with_items:
- /var/www/html/index.nginx-debian.html
- /var/www/html/
- name: Create directory for storing the default website page
file: path="/var/www/default/" state=directory
owner=root group=www-data mode=750
- name: Deploy the default index.html
template: src="index.html.j2" dest=/var/www/default/index.html
owner=root group=www-data mode=640
- name: Enable nginx service
service: name=nginx enabled=yes state=started
- name: Install base packages for Python web applications
apt: name="{{ item }}" state=installed
with_items:
- supervisor
- virtualenv
- virtualenvwrapper
- name: Install base packages for PHP web applications
apt: name="{{ item }}" state=installed
with_items:
- php5-fpm
- name: Enable services used for running web applications
service: name="{{ item }}" enabled=yes state=started
with_items:
- php5-fpm
- supervisor
- name: Read timezone on server
slurp: src=/etc/timezone
register: server_timezone
- name: Configure timezone for PHP
template: src="php_timezone.ini.j2" dest="{{ item }}/30-timezone.ini"
owner=root group=root mode=644
with_items:
- /etc/php5/cli/conf.d/
- /etc/php5/fpm/conf.d/
notify:
- Restart php5-fpm
|