Files
@ 74b1cab547fc
Branch filter:
Location: majic-ansible-roles/roles/php_website/playbook.yml - annotation
74b1cab547fc
4.1 KiB
text/x-yaml
MAR-122: Fixed handling of complex package versions for pip with Ansible 2.x:
- Use list for installing specific version of pip in the "pipreqcheck" virtual
environment in common role.
- Removed superficious (and incorrect) definition for application admin username
in wsgi_website role.
- Updated test playbook for wsgi_website role to test the fix.
- Switched to passing-in package list for installing packages in virtual
environment instead of using "with_items" in wsgi_website role.
- Use list for installing specific version of pip in the "pipreqcheck" virtual
environment in common role.
- Removed superficious (and incorrect) definition for application admin username
in wsgi_website role.
- Updated test playbook for wsgi_website role to test the fix.
- Switched to passing-in package list for installing packages in virtual
environment instead of using "with_items" in wsgi_website role.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 | 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 8f33126c7555 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 3dd7f39302f8 1b6495e2ba42 1b6495e2ba42 3dd7f39302f8 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 3dd7f39302f8 3dd7f39302f8 1b6495e2ba42 3dd7f39302f8 3dd7f39302f8 1b6495e2ba42 1b6495e2ba42 1b6495e2ba42 3dd7f39302f8 1b6495e2ba42 1b6495e2ba42 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 3dd7f39302f8 | ---
- hosts: all
tasks:
- name: Update all caches to avoid errors due to missing remote archives
apt:
update_cache: yes
changed_when: False
- name: Set-up /etc/hosts entries
lineinfile:
dest: /etc/hosts
line: "{{ ansible_eth0.ipv4.address }} parameters-mandatory parameters-optional.local php-website"
- name: Install curl for testing redirects and webpage content
apt:
name: curl
state: installed
- name: Install swaks for testing mail forwarding
apt:
name: swaks
state: installed
- name: Install Postfix for testing mail forwarding (Exim4 not covered)
apt:
name: postfix
state: installed
- name: Set-up group for an additional user
group:
name: user
state: present
- name: Set-up additional user for testing mail delivery
user:
name: user
group: user
shell: /bin/bash
- hosts: all
vars:
# common
ca_certificates:
testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"
# web_server
default_https_tls_certificate: "{{ lookup('file', 'tests/data/x509/php-website_https.cert.pem') }}"
default_https_tls_key: "{{ lookup('file', 'tests/data/x509/php-website_https.key.pem') }}"
# Common parameters (general, not role).
tls_certificate_dir: tests/data/x509/
tls_private_key_dir: tests/data/x509/
roles:
- role: php_website
fqdn: parameters-mandatory
- role: php_website
additional_fpm_config:
"env[PATH]": "\"/usr/local/bin:/usr/bin:/bin\""
"security.limit_extensions": ".php .myphp"
additional_nginx_config:
- comment: Custom missing page.
value: error_page 404 /404.myphp;
admin_uid: 5000
deny_files_regex:
- '^/secretfile.txt'
enforce_https: no
environment_indicator:
background_colour: "#ff0000"
text_colour: "#00ff00"
text: "parameters-optional"
fqdn: parameters-optional.local
index: myindex.php
https_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional.local_https.cert.pem') }}"
https_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional.local_https.key.pem') }}"
php_file_regex: "\\.myphp$"
php_rewrite_urls:
- ^/rewrite1/(.*)$ /rewrite.myphp?url=$1 last
- ^/rewrite2/(.*)$ /rewrite.myphp?url=$1 last
rewrites:
- '^/rewrite_to_index1/(.*) /myindex.php last'
- '^/rewrite_to_index2/(.*) /myindex.php last'
packages:
- php5-ldap
- php5-json
- libmariadb-client-lgpl-dev-compat
uid: 5001
website_mail_recipients: user
- hosts: all
tasks:
# parameters-mandatory application
- name: Set-up directory where PHP files are hosted at
file:
path: /var/www/parameters-mandatory/htdocs
state: directory
owner: admin-parameters-mandatory
group: web-parameters-mandatory
mode: 0750
- name: Deploy a couple of PHP pages for testing purposes
copy:
src: "tests/data/php/mandatory/{{ item }}"
dest: "/var/www/parameters-mandatory/htdocs/{{ item }}"
owner: admin-parameters-mandatory
group: web-parameters-mandatory
mode: 0640
with_items:
- index.php
- index.php3
# parameters-optional application
- name: Set-up directory where PHP files are hosted at
file:
path: /var/www/parameters-optional.local/htdocs
state: directory
owner: admin-parameters-optional_local
group: web-parameters-optional_local
mode: 0750
- name: Deploy a couple of PHP pages for testing purposes
copy:
src: "tests/data/php/optional/{{ item }}"
dest: "/var/www/parameters-optional.local/htdocs/{{ item }}"
owner: admin-parameters-optional_local
group: web-parameters-optional_local
mode: 0640
with_items:
- myindex.php
- myindex.myphp
- path.myphp
- secretfile.txt
- info.myphp
- 404.myphp
- rewrite.myphp
|