Files @ b68d19ad38a3
Branch filter:

Location: majic-ansible-roles/roles/php_website/playbook.yml - annotation

b68d19ad38a3 4.1 KiB text/x-yaml Show Source Show as Raw Download as Raw
branko
MAR-33: Added initial scaffolding for wsgi_website tests:

- Added Molecule configuration file.
- Implemented test playbook that sets-up three separate instances of WSGI
website in order to test all variations of parameters.
- Added name for the set_fact task.
- Fixed linting errors related to mode that lacks leading zero.
- Added skip_ansible_lint tag for command that creates the Python virtual
environment.
- Added missing become keyword wherever become_user is specified.
- Fixed invalid parameter name for specifying if HTTPS should be enforced or
not.
- Added small initial sample WSGI apps that get deployed.
- Added static/media sample files.
- Added TLS material.
- Added initial dummy test file.
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
3dd7f39302f8
1b6495e2ba42
1b6495e2ba42
3dd7f39302f8
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
3dd7f39302f8
3dd7f39302f8
1b6495e2ba42
3dd7f39302f8
3dd7f39302f8
1b6495e2ba42
1b6495e2ba42
1b6495e2ba42
3dd7f39302f8
1b6495e2ba42
1b6495e2ba42
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8
3dd7f39302f8

---

- hosts: all
  tasks:

    - name: Update all caches to avoid errors due to missing remote archives
      apt:
        update_cache: yes

    - name: Set-up /etc/hosts entries
      lineinfile:
        dest: /etc/hosts
        line: "{{ ansible_eth0.ipv4.address }} parameters-mandatory parameters-optional.local php-website"

    - name: Install curl for testing redirects and webpage content
      apt:
        name: curl
        state: installed

    - name: Install swaks for testing mail forwarding
      apt:
        name: swaks
        state: installed

    - name: Install Postfix for testing mail forwarding (Exim4 not covered)
      apt:
        name: postfix
        state: installed

    - name: Set-up group for an additional user
      group:
        name: user
        state: present

    - name: Set-up additional user for testing mail delivery
      user:
        name: user
        group: user
        shell: /bin/bash

- hosts: all
  vars:
    # common
    ca_certificates:
      testca: "{{ lookup('file', 'tests/data/x509/ca.cert.pem') }}"

    # web_server
    default_https_tls_certificate: "{{ lookup('file', 'tests/data/x509/php-website_https.cert.pem') }}"
    default_https_tls_key: "{{ lookup('file', 'tests/data/x509/php-website_https.key.pem') }}"

    # Common parameters (general, not role).
    tls_certificate_dir: tests/data/x509/
    tls_private_key_dir: tests/data/x509/

  roles:
    - role: php_website
      fqdn: parameters-mandatory

    - role: php_website
      additional_fpm_config:
        "env[PATH]": "\"/usr/local/bin:/usr/bin:/bin\""
        "security.limit_extensions": ".php .myphp"
      additional_nginx_config:
        - comment: Custom missing page.
          value: error_page 404 /404.myphp;
      admin_uid: 5000
      deny_files_regex:
        - '^/secretfile.txt'
      enforce_https: no
      environment_indicator:
        background_colour: "#ff0000"
        text_colour: "#00ff00"
        text: "parameters-optional"
      fqdn: parameters-optional.local
      index: myindex.php
      https_tls_certificate: "{{ lookup('file', 'tests/data/x509/parameters-optional.local_https.cert.pem') }}"
      https_tls_key: "{{ lookup('file', 'tests/data/x509/parameters-optional.local_https.key.pem') }}"
      php_file_regex: "\\.myphp$"
      php_rewrite_urls:
        - ^/rewrite1/(.*)$ /rewrite.myphp?url=$1 last
        - ^/rewrite2/(.*)$ /rewrite.myphp?url=$1 last
      rewrites:
        - '^/rewrite_to_index1/(.*) /myindex.php last'
        - '^/rewrite_to_index2/(.*) /myindex.php last'
      packages:
        - php5-ldap
        - php5-json
        - libmariadb-client-lgpl-dev-compat
      uid: 5001
      website_mail_recipients: user

- hosts: all
  tasks:
    # parameters-mandatory application
    - name: Set-up directory where PHP files are hosted at
      file:
        path: /var/www/parameters-mandatory/htdocs
        state: directory
        owner: admin-parameters-mandatory
        group: web-parameters-mandatory
        mode: 0750

    - name: Deploy a couple of PHP pages for testing purposes
      copy:
        src: "tests/data/php/mandatory/{{ item }}"
        dest: "/var/www/parameters-mandatory/htdocs/{{ item }}"
        owner: admin-parameters-mandatory
        group: web-parameters-mandatory
        mode: 0640
      with_items:
        - index.php
        - index.php3

    # parameters-optional application
    - name: Set-up directory where PHP files are hosted at
      file:
        path: /var/www/parameters-optional.local/htdocs
        state: directory
        owner: admin-parameters-optional_local
        group: web-parameters-optional_local
        mode: 0750

    - name: Deploy a couple of PHP pages for testing purposes
      copy:
        src: "tests/data/php/optional/{{ item }}"
        dest: "/var/www/parameters-optional.local/htdocs/{{ item }}"
        owner: admin-parameters-optional_local
        group: web-parameters-optional_local
        mode: 0640
      with_items:
        - myindex.php
        - myindex.myphp
        - path.myphp
        - secretfile.txt
        - info.myphp
        - 404.myphp
        - rewrite.myphp
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.