majic-ansible-roles Changeset

Changeset - a52f9fdabd0f

Parent rev.

Child rev.

[Not reviewed]

1 9 4

Branko Majic (branko) - 6 years ago 2018-08-03 17:29:42
branko@majic.rs

MAR-132: Added support for Debian 9 (Stretch) to web_server role:

- Introduced internal parameters for controlling differing package
names, service names, and paths for PHP FPM package.
- Added Debian 9 machines to Molecule configuration, including the
client machine.
- Restructured slightly preparaiton playbook to support both Jessie
and Stretch.
- Added custom pytest fixture for having a better way to determine
expected package names etc related to PHP.
- Created copy of private key/certificate pair used for testing of
mandatory parameters (to be used with Stretch machine).
- Fixed invalid specification for hosts on top of which the
connectivity test should be run.
- Updated a couple of task names (avoiding to reference PHP 5).
- Updated documentation.

13 files changed with 306 insertions and 40 deletions:

docs/rolereference.rst

docs/usage.rst

roles/web_server/defaults/main.yml

roles/web_server/files/php_fpm_umask.conf

rename

roles/web_server/handlers/main.yml

roles/web_server/molecule/default/molecule.yml

roles/web_server/molecule/default/prepare.yml

roles/web_server/molecule/default/tests/conftest.py

roles/web_server/molecule/default/tests/data/x509/parameters-mandatory-stretch64_https.key

134

roles/web_server/molecule/default/tests/data/x509/parameters-mandatory-stretch64_https.pem

roles/web_server/molecule/default/tests/test_client.py

roles/web_server/molecule/default/tests/test_default.py

roles/web_server/tasks/main.yml

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -1379,6 +1379,7 @@ Distribution compatibility @@
 Role is compatible with the following distributions:
 - Debian 8 (Jessie)
 - Debian 9 (Stretch)
 Examples

docs/usage.rst

➞

Show inline comments

   the name is also derived from the FQDN of website, for example
   ``admin-tbg_example_com``. Administrative user does not have a dedicated
   group, and instead belongs to same group as the application user.
-* PHP applications are executed via FastCGI, using the ``php5-fpm`` package.
+* PHP applications are executed via FastCGI, using *PHP-FPM*.
 * If you ever need to set some additional PHP FPM settings, this can easily be
   done via the ``additional_fpm_config`` role parameter. This particular example
   does not set any, though.
   application's group. In other words, all directories will have ``SGID`` bit
   set, allowing you to create files/directories that will have their group
   automatically set to the group of the parent directory.
-* Files are served (both by *Nginx* and *php5-fpm*) from sub-directory called
+* Files are served (both by *Nginx* and *PHP-FPM*) from sub-directory called
   ``htdocs`` (located in website directory). For example
   ``/var/www/tbg.example.com/htdocs/``. Normally, this can be a symlink to some
   other sub-directory within the website directory (useful for having multiple

roles/web_server/defaults/main.yml

➞

Show inline comments

@@ @@ -10,3 +10,8 @@ web_server_tls_protocols: @@
 web_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:\
 DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:\
 ECDHE-RSA-AES256-SHA384:!aNULL:!MD5:!EXPORT"
 # Internal parameters
 php_fpm_package_name: "{% if ansible_distribution_release == 'jessie' %}php5-fpm{% elif ansible_distribution_release == 'stretch' %}php-fpm{% endif %}"
 php_fpm_service_name: "{% if ansible_distribution_release == 'jessie' %}php5-fpm{% elif ansible_distribution_release == 'stretch' %}php7.0-fpm{% endif %}"
 php_base_config_dir: "{% if ansible_distribution_release == 'jessie' %}/etc/php5{% elif ansible_distribution_release == 'stretch' %}/etc/php/7.0{% endif %}"

roles/web_server/files/php_fpm_umask.conf

➞

Show inline comments

file renamed from roles/web_server/files/php5_fpm_umask.conf to roles/web_server/files/php_fpm_umask.conf

roles/web_server/handlers/main.yml

➞

Show inline comments

@@ @@ -5,7 +5,7 @@ @@
     name: nginx
     state: restarted
-- name: Restart php5-fpm
+- name: Restart PHP-FPM
   service:
-    name: php5-fpm
+    name: "{{ php_fpm_service_name }}"
     state: restarted

roles/web_server/molecule/default/molecule.yml

➞

Show inline comments

@@ @@ -14,9 +14,10 @@ lint: @@
 platforms:
   - name: client1
+  - name: client1-jessie
     groups:
       - client
       - jessie
     box: debian/contrib-jessie64
     memory: 256
     cpus: 1
@@ @@ -26,9 +27,23 @@ platforms: @@
         network_name: private_network
         type: static
   - name: client1-stretch
     groups:
       - client
       - stretch
     box: debian/contrib-stretch64
     memory: 256
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.21
         network_name: private_network
         type: static
   - name: parameters-mandatory-jessie64
     groups:
       - parameters-mandatory
       - jessie
     box: debian/contrib-jessie64
     memory: 512
     cpus: 1
@@ @@ -41,6 +56,7 @@ platforms: @@
   - name: parameters-optional-jessie64
     groups:
       - parameters-optional
       - jessie
     box: debian/contrib-jessie64
     memory: 512
     cpus: 1
@@ @@ -50,6 +66,32 @@ platforms: @@
         network_name: private_network
         type: static
   - name: parameters-mandatory-stretch64
     groups:
       - parameters-mandatory
       - stretch
     box: debian/contrib-stretch64
     memory: 512
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.32
         network_name: private_network
         type: static
   - name: parameters-optional-stretch64
     groups:
       - parameters-optional
       - stretch
     box: debian/contrib-stretch64
     memory: 512
     cpus: 1
     interfaces:
       - auto_config: true
         ip: 10.31.127.33
         network_name: private_network
         type: static
 provisioner:
   name: ansible
   config_options:

roles/web_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -18,7 +18,7 @@ @@
         update_cache: true
       changed_when: false
-- hosts: all
+- hosts: jessie
   become: true
   tasks:
@@ @@ -33,15 +33,38 @@ @@
         state: present
       with_dict:
 .31.127.20: "client1"
 .31.127.30: "parameters-mandatory parameters-mandatory-jessie64"
 .31.127.31: "parameters-optional parameters-optional-jessie64"
 .31.127.30: "parameters-mandatory"
 .31.127.31: "parameters-optional"
     - name: Install curl for testing redirects and webpage content
       apt:
         name: curl
         state: present
 - hosts: stretch
   become: true
   tasks:
     - name: Set-up the hosts file
       lineinfile:
         path: /etc/hosts
         regexp: "^{{ item.key }}"
         line: "{{ item.key }} {{ item.value }}"
         owner: root
         group: root
         mode: 0644
         state: present
       with_dict:
 .31.127.21: "client1"
 .31.127.32: "parameters-mandatory"
 .31.127.33: "parameters-optional"
     - name: Install curl for testing redirects and webpage content
       apt:
         name: curl
         state: present
-- hosts: client1
+- hosts: client
   become: true
   tasks:

roles/web_server/molecule/default/tests/conftest.py

➞

Show inline comments

@@ new file 100644 @@
 from collections import namedtuple
 import pytest
 @pytest.fixture
 def php_info(host):
     """
     Helper fixture used to define what the expected PHP-FPM package
     name, PHP-FPM service name, and PHP base configuration directory
     is based on Debian release.
     Currently supports Debian 8 (Jessie), and Debian 9 (Stretch).
     Resulting information can be accessed through returned named tuple
     with the following properties:
     - fpm_package (name of the PHP-FPM package)
     - fpm_service (name of the PHP-FPM system service)
     - base_config_dir (base configuration directory for PHP)
     """
     PHPInfo = namedtuple('PHPInfo', 'fpm_package fpm_service base_config_dir')
     ansible_facts = host.ansible("setup")["ansible_facts"]
     ansible_distribution_release = ansible_facts['ansible_distribution_release']
     if ansible_distribution_release == 'jessie':
         info = PHPInfo(fpm_package='php5-fpm', fpm_service='php5-fpm', base_config_dir='/etc/php5')
     elif ansible_distribution_release == 'stretch':
         info = PHPInfo(fpm_package='php-fpm', fpm_service='php7.0-fpm', base_config_dir='/etc/php/7.0')
     else:
         raise Exception('The php_info pytest fixture does not support Debian release: %s' % ansible_distribution_release)
     return info

roles/web_server/molecule/default/tests/data/x509/parameters-mandatory-stretch64_https.key

➞

Show inline comments

@@ new file 100644 @@
 Public Key Info:
 	Public Key Algorithm: RSA
 	Key Security Level: Medium (2048 bits)
 modulus:
 :c0:7c:c1:64:b5:42:b5:c1:38:e8:02:5e:88:40:a2
 	c5:d3:de:7e:72:77:d4:d9:72:88:62:05:85:75:67:96
 :97:2c:9b:91:58:0f:83:ef:c7:64:1e:53:ed:0f:3c
 :e2:97:a3:20:c3:aa:f8:16:22:55:d8:e9:0a:19:9f
 	e7:3b:81:76:79:27:eb:56:c5:13:9f:f1:18:0b:e4:94
 b:d8:91:1e:65:64:b4:8c:5c:8d:79:f4:4d:e2:0a:5d
 	a5:53:82:27:b0:a7:da:19:8a:0b:f2:e2:da:87:b9:4e
 :47:1a:1c:b6:4a:15:52:40:e0:21:67:a1:3c:88:dd
 	e2:fb:37:53:9c:1d:69:17:a8:85:7a:03:a6:87:d4:c0
 	ea:da:73:7c:d9:91:e6:5f:aa:3d:28:dd:3d:33:aa:76
 :88:a0:5b:26:67:72:11:b2:16:03:78:c7:5c:cf:11
 	f3:66:17:53:6e:ac:01:c7:7f:7a:57:a7:9e:c0:4d:74
 e:f2:5a:89:bf:c4:16:8f:b9:7f:c1:bb:b7:8b:b1:96
 e:5f:ac:84:fa:01:66:57:ba:46:a5:7e:da:09:e8:bb
 a:26:13:44:b9:44:31:b7:82:6f:a5:8e:6c:23:8b:ea
 c:af:42:88:6c:a7:24:82:51:60:42:cf:b3:8d:54:f2
 :
 public exponent:
 :00:01:
 private exponent:
 :b5:dd:e9:d7:de:4f:3e:6d:66:f8:07:2d:0c:2d:8d
 	dd:be:75:ed:20:f8:49:ba:7e:35:8f:ef:c9:8e:09:26
 :bf:7e:1d:2a:71:7a:8f:5d:21:16:5e:75:4b:79:66
 :49:b1:9e:26:99:d9:52:f7:8e:cf:6f:d7:97:7c:68
 :d0:ae:5c:a2:d2:6d:d0:18:fa:96:d6:f3:b2:60:f0
 	f3:72:66:82:c2:a8:28:d2:a9:ab:de:7b:4e:8e:f0:de
 :13:97:d9:2a:57:1d:81:9d:e5:f6:42:12:d9:c3:e3
 :8b:ae:87:4c:50:a8:de:83:7f:80:f0:69:ee:49:1e
 	e2:ef:a8:f2:f7:b1:0f:a1:f8:64:0e:8d:6b:f8:e8:5e
 :24:f5:44:8d:23:76:e0:90:a4:f6:3b:98:46:93:58
 f:52:b1:12:f2:6f:02:96:40:0e:18:4d:19:20:20:3a
 :6c:cd:2e:05:c0:1a:bf:6c:74:c3:02:bb:9a:7f:e5
 e:bf:47:d6:c8:ee:71:43:d0:6f:f6:4f:72:65:ec:1a
 :91:18:97:6f:e7:21:df:22:9d:02:97:83:5b:52:ca
 :6f:07:74:67:70:80:85:d2:44:0c:b6:f6:b3:10:f2
 	b8:45:e9:8c:d1:c2:e7:67:6d:00:78:0e:30:c7:76:0f
 :
 prime1:
 :cf:69:36:e8:83:17:46:22:20:ec:59:24:f7:16:4f
 e:08:69:0d:29:32:24:9d:90:fb:8e:97:65:ba:3b:50
 e:ca:92:cd:9d:4f:fb:e3:7b:2b:41:58:6c:3a:e8:cd
 :d9:14:b1:e0:22:d6:df:ec:c8:06:e4:85:f7:00:f0
 :a7:89:20:21:d8:ff:a9:3a:4d:59:06:30:04:fa:98
 	fd:60:bf:6f:3c:79:c3:ad:79:91:1c:a6:94:00:44:be
 	e7:43:59:5c:21:ab:1f:aa:c7:5b:e4:ad:d7:00:4c:13
 d:63:89:af:4c:b6:ea:86:b2:59:1d:c8:f7:ee:94:1e
 b:
 prime2:
 :ed:94:8b:24:82:ab:89:6a:16:d9:75:4b:a6:0c:fa
 f:84:13:0d:df:b6:33:6d:30:bc:a5:ee:f1:e3:3f:bf
 	fd:9e:c9:a8:21:1e:49:8b:a8:d1:d7:f2:49:24:a5:b7
 :00:13:e7:a8:83:e6:00:09:fa:85:f2:a4:93:06:9f
 :fd:c2:b0:a7:42:ca:20:17:d0:c6:41:14:6b:f1:71
 	aa:eb:81:b3:d9:b9:30:a8:0f:41:07:74:a2:0e:32:2a
 :7f:f8:7b:c9:3e:34:fe:e1:b9:a2:4f:f5:7a:aa:9d
 :92:dc:98:2b:63:2d:07:5d:75:55:fd:7f:5f:56:7e
 :
 coefficient:
 :71:c7:2c:4c:6e:e5:a5:38:ec:28:3f:54:9b:d7:4c
 :be:78:99:51:75:43:38:9a:8b:7e:d6:5a:c6:97:cc
 	ae:3b:34:83:aa:fc:f3:51:1a:69:38:b4:88:2e:f4:63
 :2f:23:92:3b:29:16:e1:52:91:37:d0:b3:e7:aa:2e
 	b6:b1:00:0a:a5:64:82:b0:8e:2f:25:9b:6f:eb:9f:56
 :57:75:9f:e6:65:36:42:c2:c9:e0:1c:b9:5d:b9:eb
 :86:29:36:87:fc:92:5d:9a:ac:d9:c7:f9:b4:28:24
 :f2:4a:51:20:3b:db:9b:7f:a4:8f:d8:e4:6f:6a:94
 exp1:
 :09:c2:1f:04:94:09:bc:5c:b0:92:20:2f:08:4f:ce
 c:bd:48:e6:96:c2:42:d5:0a:9b:a5:f0:ec:9b:e3:78
 :ee:23:16:f6:ef:af:60:8a:a0:5b:68:df:b7:be:3c
 c:2a:61:12:bb:cc:0c:20:23:38:b1:41:7e:8c:08:4e
 :aa:1a:af:d9:8e:40:07:d5:59:9c:7d:1e:39:c3:65
 	e0:e9:b4:d6:5e:0a:bd:8b:9c:57:b7:97:b8:1d:21:37
 f:4d:ba:99:ee:63:d5:98:df:79:31:72:5e:0f:8e:c6
 :b5:17:b9:4b:b1:53:61:18:80:a5:4b:55:f5:16:6d
 exp2:
 c:59:51:41:e1:70:48:cf:bc:1a:14:14:c4:7f:25:1e
 d:ae:55:e6:0f:c2:85:13:85:7c:79:c6:68:36:43:77
 	b8:c0:ab:74:41:2c:77:62:40:55:7a:7a:40:f9:b4:7a
 	a5:78:c0:18:aa:92:8e:6e:a6:80:c7:52:56:21:69:a0
 	b0:16:11:f9:1e:80:a0:41:a7:09:1f:3e:f5:d5:78:a6
 	e9:da:1b:b7:1b:49:64:a8:ca:48:20:16:38:23:ac:eb
 :43:bf:5c:13:ce:aa:1e:56:2e:b0:2d:7e:47:38:2f
 c:70:c1:c2:27:b3:ff:ca:eb:fb:3f:64:e0:79:86:59
 Public Key PIN:
 	pin-sha256:8WMSWb7fAo1Mu4r8Cib3aGoqGUoXIP093eQI/lKAJ3g=
 Public Key ID:
 	sha256:f1631259bedf028d4cbb8afc0a26f7686a2a194a1720fd3ddde408fe52802778
 	sha1:2eb1121201a8f84def83e27fec8c60323f488a23
 -----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEAwHzBZLVCtcE46AJeiECixdPefnJ31NlyiGIFhXVnlgmXLJuR
 WA+D78dkHlPtDzwQ4pejIMOq+BYiVdjpChmf5zuBdnkn61bFE5/xGAvklBvYkR5l
 ZLSMXI159E3iCl2lU4InsKfaGYoL8uLah7lOmEcaHLZKFVJA4CFnoTyI3eL7N1Oc
 HWkXqIV6A6aH1MDq2nN82ZHmX6o9KN09M6p2goigWyZnchGyFgN4x1zPEfNmF1Nu
 rAHHf3pXp57ATXQ+8lqJv8QWj7l/wbu3i7GWnl+shPoBZle6RqV+2gnou0omE0S5
 RDG3gm+ljmwji+oMr0KIbKckglFgQs+zjVTyIwIDAQABAoIBAQC13enX3k8+bWb4
 By0MLY3dvnXtIPhJun41j+/JjgkmQL9+HSpxeo9dIRZedUt5ZnZJsZ4mmdlS947P
 b9eXfGiR0K5cotJt0Bj6ltbzsmDw83JmgsKoKNKpq957To7w3lQTl9kqVx2BneX2
 QhLZw+MXi66HTFCo3oN/gPBp7kke4u+o8vexD6H4ZA6Na/joXlIk9USNI3bgkKT2
 O5hGk1g/UrES8m8ClkAOGE0ZICA6M2zNLgXAGr9sdMMCu5p/5U6/R9bI7nFD0G/2
 T3Jl7Bp2kRiXb+ch3yKdApeDW1LKhm8HdGdwgIXSRAy29rMQ8rhF6YzRwudnbQB4
 DjDHdg8xAoGBAM9pNuiDF0YiIOxZJPcWT44IaQ0pMiSdkPuOl2W6O1BeypLNnU/7
 srQVhsOujNkdkUseAi1t/syAbkhfcA8FOniSAh2P+pOk1ZBjAE+pj9YL9vPHnD
 rXmRHKaUAES+50NZXCGrH6rHW+St1wBME31jia9MtuqGslkdyPfulB57AoGBAO2U
 iySCq4lqFtl1S6YM+h+EEw3ftjNtMLyl7vHjP7/9nsmoIR5Ji6jR1/JJJKW3iQAT
 iD5gAJ+oXypJMGnyL9wrCnQsogF9DGQRRr8XGq64Gz2bkwqA9BB3SiDjIqQ3/4
 e8k+NP7huaJP9XqqnZaS3JgrYy0HXXVV/X9fVn55AoGAVwnCHwSUCbxcsJIgLwhP
 zjy9SOaWwkLVCpul8Oyb43hD7iMW9u+vYIqgW2jft748jCphErvMDCAjOLFBfowI
 TjKqGq/ZjkAH1VmcfR45w2Xg6bTWXgq9i5xXt5e4HSE3j026me5j1ZjfeTFyXg+O
 xjm1F7lLsVNhGIClS1X1Fm0CgYBMWVFB4XBIz7waFBTEfyUeXa5V5g/ChROFfHnG
 aDZDd7jAq3RBLHdiQFV6ekD5tHqleMAYqpKObqaAx1JWIWmgsBYR+R6AoEGnCR8+
 dV4punaG7cbSWSoykggFjgjrOtWQ79cE86qHlYusC1+RzgvfHDBwiez/8rr+z9k
 HmGWQKBgGBxxyxMbuWlOOwoP1Sb10yXvniZUXVDOJqLftZaxpfMrjs0g6r881Ea
 aTi0iC70Y2YvI5I7KRbhUpE30LPnqi62sQAKpWSCsI4vJZtv659WRld1n+ZlNkLC
 yeAcuV2565SGKTaH/JJdmqzZx/m0KCRD8kpRIDvbm3+kj9jkb2qU
 -----END RSA PRIVATE KEY-----

roles/web_server/molecule/default/tests/data/x509/parameters-mandatory-stretch64_https.pem

➞

Show inline comments

@@ new file 100644 @@
 -----BEGIN CERTIFICATE-----
 MIIELDCCApSgAwIBAgIMWWXRlyNKFAsg+sh2MA0GCSqGSIb3DQEBCwUAMEgxIjAg
 BgNVBAMTGUV4YW1wbGUgSW5jLiBUZXN0IFNpdGUgQ0ExFTATBgNVBAoTDEV4YW1w
 bGUgSW5jLjELMAkGA1UEBhMCU0UwHhcNMTcwNzEyMDczNjU1WhcNMjcwNzEwMDcz
 NjU1WjBFMR8wHQYDVQQDExZFeGFtcGUgSW5jLiBXZWIgU2VydmVyMRUwEwYDVQQK
 EwxFeGFtcGxlIEluYy4xCzAJBgNVBAYTAlNFMIIBIjANBgkqhkiG9w0BAQEFAAOC
 AQ8AMIIBCgKCAQEAwHzBZLVCtcE46AJeiECixdPefnJ31NlyiGIFhXVnlgmXLJuR
 WA+D78dkHlPtDzwQ4pejIMOq+BYiVdjpChmf5zuBdnkn61bFE5/xGAvklBvYkR5l
 ZLSMXI159E3iCl2lU4InsKfaGYoL8uLah7lOmEcaHLZKFVJA4CFnoTyI3eL7N1Oc
 HWkXqIV6A6aH1MDq2nN82ZHmX6o9KN09M6p2goigWyZnchGyFgN4x1zPEfNmF1Nu
 rAHHf3pXp57ATXQ+8lqJv8QWj7l/wbu3i7GWnl+shPoBZle6RqV+2gnou0omE0S5
 RDG3gm+ljmwji+oMr0KIbKckglFgQs+zjVTyIwIDAQABo4GYMIGVMAwGA1UdEwEB
 /wQCMAAwHwYDVR0RBBgwFoIUcGFyYW1ldGVycy1tYW5kYXRvcnkwEwYDVR0lBAww
 CgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQULrESEgGo+E3v
 g+J/7IxgMj9IiiMwHwYDVR0jBBgwFoAUN2vbkxxpfpJMa99zhfiEllmBT2swDQYJ
 KoZIhvcNAQELBQADggGBAI1mG7d1wPpA40JmBYll2KasIH/ldLN2eu8rAdM00Rep
 KPeMCwOEIoJp3LZL43fubQKP0okw1JstskQt6PPNbL53I8hIhUmKUQEEYXG3AIB8
 p7w2BSq+ROV3Te3Eu+aSCT+sXGnu7FPbioMoZb90tHdZWxMvDGGN/HNXFevM0h5j
 vf6O+HlBLXU5mClpyD95OR+ULvYwWWhFwWar6mM0l2ByffJzl21iRZT5pBnnEQY
 A9RhUwb7f++uByPlKl08OGAaf2fl9VQUIK2mbjRu3ARfFQWyB+8Mq3EqkYSxRA3
 dpe+thQ8u4dUddJnDdHT5L0/odkCWHfN7512+kCbV4fYq+iSWnIBF6yEa09WLLdq
 a5PHo/GGcA8P2SBGh0Jay/NSKpaIGhrCYp5mxiXm60oAHMYPXHZW0U28vtlAXkJb
 KeCCgR/4Wa0G0QnbiT29s5yDIYy3YgSL+3Ug3y0XGRKMaMzVNA4p4CBbJo1ybhVu
 XMygMYr+69hXbaCoeWn2Bg==
 -----END CERTIFICATE-----

roles/web_server/molecule/default/tests/test_client.py

➞

Show inline comments

@@ @@ -4,7 +4,7 @@ import testinfra.utils.ansible_runner @@
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
-    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['clients'])
+    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['client'])
 def test_connectivity(host):

roles/web_server/molecule/default/tests/test_default.py

➞

Show inline comments

@@ @@ -7,7 +7,7 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( @@
     os.environ['MOLECULE_INVENTORY_FILE']).get_hosts(['parameters-mandatory', 'parameters-optional'])
 def test_installed_packages(host):
+def test_installed_packages(host, php_info):
     """
     Tests if the required packages have been installed.
     """
@@ @@ -15,7 +15,7 @@ def test_installed_packages(host): @@
     assert host.package('nginx').is_installed
     assert host.package('virtualenv').is_installed
     assert host.package('virtualenvwrapper').is_installed
-    assert host.package('php5-fpm').is_installed
+    assert host.package(php_info.fpm_package).is_installed
 def test_nginx_user(host):
@@ @@ -138,7 +138,7 @@ def test_default_vhost_index_page_file(host): @@
         assert page.mode == 0o640
 def test_services(host):
+def test_services(host, php_info):
     """
     Tests if services are enabled at boot and running.
     """
@@ @@ -147,7 +147,7 @@ def test_services(host): @@
     assert service.is_enabled
     assert service.is_running
-    service = host.service('php5-fpm')
+    service = host.service(php_info.fpm_service)
     assert service.is_enabled
     assert service.is_running
@@ @@ -161,7 +161,7 @@ def test_sockets(host): @@
     assert host.socket("tcp://443").is_listening
 def test_socket_directories(host):
+def test_socket_directories(host, php_info):
     """
     Tests if directories containing sockets for WSGI and PHP apps are created
     correctly.
@@ @@ -173,7 +173,7 @@ def test_socket_directories(host): @@
     assert directory.group == 'www-data'
     assert directory.mode == 0o750
-    directory = host.file('/run/php5-fpm')
+    directory = host.file('/run/%s' % php_info.fpm_service)
     assert directory.is_directory
     assert directory.user == 'root'
     assert directory.group == 'www-data'
@@ @@ -186,53 +186,53 @@ def test_socket_directories(host): @@
     assert config.mode == 0o644
     assert 'd /run/wsgi/ 0750 root www-data - -' in config.content
-    config = host.file('/etc/tmpfiles.d/php5-fpm.conf')
+    config = host.file('/etc/tmpfiles.d/%s.conf' % php_info.fpm_service)
     assert config.is_file
     assert config.user == 'root'
     assert config.group == 'root'
     assert config.mode == 0o644
-    assert 'd /run/php5-fpm/ 0750 root www-data - -' in config.content
+    assert 'd /run/%s/ 0750 root www-data - -' % php_info.fpm_service in config.content
-def test_php5_fpm_service_overrides(host):
+def test_php_fpm_service_overrides(host, php_info):
     """
-    Tests if overrides for php5-fpm service are deployed correctly.
+    Tests if overrides for PHP-FPM service are deployed correctly.
     """
-    directory = host.file('/etc/systemd/system/php5-fpm.service.d')
+    directory = host.file('/etc/systemd/system/%s.service.d' % php_info.fpm_service)
     assert directory.is_directory
     assert directory.user == 'root'
     assert directory.group == 'root'
     assert directory.mode == 0o755
-    config = host.file('/etc/systemd/system/php5-fpm.service.d/umask.conf')
+    config = host.file('/etc/systemd/system/%s.service.d/umask.conf' % php_info.fpm_service)
     assert config.is_file
     assert config.user == 'root'
     assert config.group == 'root'
     assert config.mode == 0o644
 def test_php_timezone_configuration(host):
+def test_php_timezone_configuration(host, php_info):
     """
     Tests if PHP timezone configuration has been set correctly.
     """
-    config = host.file('/etc/php5/cli/conf.d/30-timezone.ini')
+    config = host.file('%s/cli/conf.d/30-timezone.ini' % php_info.base_config_dir)
     assert config.is_file
     assert config.user == 'root'
     assert config.group == 'root'
     assert config.mode == 0o644
-    config = host.file('/etc/php5/fpm/conf.d/30-timezone.ini')
+    config = host.file('%s/fpm/conf.d/30-timezone.ini' % php_info.base_config_dir)
     assert config.is_file
     assert config.user == 'root'
     assert config.group == 'root'
     assert config.mode == 0o644
-    timezone = host.run("php --php-ini /etc/php5/cli/php.ini -r 'echo ini_get(\"date.timezone\");'")
+    timezone = host.run("php --php-ini %s -r %s", "%s/cli/php.ini" % php_info.base_config_dir, "echo ini_get('date.timezone');")
     assert timezone.rc == 0
     assert timezone.stdout == "GMT+0"
-    timezone = host.run("php --php-ini /etc/php5/fpm/php.ini -r 'echo ini_get(\"date.timezone\");'")
+    timezone = host.run("php --php-ini %s -r %s", "%s/fpm/php.ini" % php_info.base_config_dir, "echo ini_get('date.timezone');")
     assert timezone.rc == 0
     assert timezone.stdout == "GMT+0"

roles/web_server/tasks/main.yml

➞

Show inline comments

@@ @@ -144,7 +144,7 @@ @@
     mode: 0750
   with_items:
     - "/run/wsgi/"
-    - "/run/php5-fpm/"
+    - "/run/{{ php_fpm_service_name }}/"
 - name: Create directories for storing per-site socket files on boot
   copy:
@@ @@ -155,36 +155,36 @@ @@
     mode: 0644
   with_items:
     - wsgi
-    - php5-fpm
+    - "{{ php_fpm_service_name }}"
 - name: Install base packages for PHP web applications
   apt:
     name: "{{ item }}"
     state: present
   with_items:
-    - php5-fpm
+    - "{{ php_fpm_package_name }}"
-- name: Create directory for storing PHP FPM service configuration overrides
+- name: Create directory for storing PHP-FPM service configuration overrides
   file:
-    path: "/etc/systemd/system/php5-fpm.service.d/"
+    path: "/etc/systemd/system/{{ php_fpm_service_name }}.service.d/"
     state: directory
     owner: root
     group: root
     mode: 0755
-- name: Configure php5-fpm service to run with umask 0007
+- name: Configure PHP-FPM service to run with umask 0007
   copy:
     src: "php5_fpm_umask.conf"
     dest: "/etc/systemd/system/php5-fpm.service.d/umask.conf"
     src: "php_fpm_umask.conf"
     dest: "/etc/systemd/system/{{ php_fpm_service_name }}.service.d/umask.conf"
     owner: root
     group: root
     mode: 0644
   notify:
-    - Restart php5-fpm
+    - Restart PHP-FPM
 - name: Enable service used for running PHP web applications
   service:
-    name: "php5-fpm"
+    name: "{{ php_fpm_service_name }}"
     enabled: true
     state: started
@@ @@ -201,10 +201,10 @@ @@
     group: root
     mode: 0644
   with_items:
     - /etc/php5/cli/conf.d/
     - /etc/php5/fpm/conf.d/
     - "{{ php_base_config_dir }}/cli/conf.d/"
     - "{{ php_base_config_dir }}/fpm/conf.d/"
   notify:
-    - Restart php5-fpm
+    - Restart PHP-FPM
 - name: Explicitly run all handlers
   include: ../handlers/main.yml

0 comments (0 inline, 0 general)