* Creates a base directory where the website-specific code and data should be

  stored at.

* Adds nginx to website's group, so nginx could read the necessary files.

* Adds website administrator to website's group, so administrator could manage

  the code and data.

* Installs additional packages required for running the role (as configured).

* Configures PHP FPM and nginx to serve the website.

The role is implemented with the following layout/logic in mind:

* Website users are named after the ``FQDN`` (fully qualified domain name) of

  website, in format of ``web-ESCAPEDFQDN``, where ``ESCAPEDFQDN`` is equal to

**index** (string, optional)

  Space-separated list of files which should be treated as index files by the

  web server. The web server will attempt opening these index files, in

  succession, until the first match, or until it runs out of matches, when a

  client requests an URI pointing to directory. Default is ``index.php``.

**php_file_regex** (string, optional)

  Regular expression used for determining which file should be interepted via

  PHP. Default is ``\.php$``.

**php_rewrite_urls** (list, optional)

  A list of rewrite rules that are applied to incoming requests. These rewrite

      packages:

        # For ownCloud

        - php5-gd

        - php5-json

        - php5-mysql

        - php5-curl

    - role: php_website

      admin: admin

      deny_files_regex:

        - ^\..*

      php_rewrite_urls:

        - ^(.*) /index.php?url=$1

      fqdn: tbg.example.com

      uid: 2007

WSGI Website

------------

The ``wsgi_website`` role can be used for setting-up a website powered by Python

* Installs additional packages required for running the role (as configured).

* Sets-up a dedicated Python virtual environment for website.

* Install Gunicorn in Python virtual environment.

* Installs additional packages required for running the role in Python virtual

  environment (as configured).

* Configures systemd to run the website code (using Gunicorn)

* Configures nginx to serve the website (static files served directly, requests

  passed on to Gunicorn).

The role is implemented with the following layout/logic in mind:

* Website users are named after the ``FQDN`` (fully qualified domain name) of

**fqdn** (string, mandatory)

  Fully-qualified domain name where the website is reachable. This value is used

  for calculating the user/group name for dedicated website user, as well as

  home directory of the website user (where data/code should be stored at).

**packages** (list, optional)

  A list of additional packages to install for this particular WSGI

  website. This is usually going to be development libraries for building Python

  packages.

**rewrites** (list, optional)

Here is an example configuration for setting-up a (base) WSGI website (for

running a bare Django project):

.. code-block:: yaml

    - role: wsgi_website

      admin: admin

      fqdn: django.example.com

      static_locations:

        - /static

        - /media

      uid: 2004

      virtualenv_packages:

        - django

      wsgi_application: django_example_com.wsgi:application

- name: Deploy PHP FPM configuration file for website

  template: src="fpm_site.conf.j2" dest="/etc/php5/fpm/pool.d/{{ fqdn }}.conf" validate="php5-fpm -t -y %s"

  notify:

    - Restart php5-fpm

- name: Deploy nginx configuration file for website

  template: src="nginx_site.j2" dest="/etc/nginx/sites-available/{{ fqdn }}"

            owner=root group=root mode=640 validate="/usr/local/bin/nginx_verify_site.sh -n '{{ fqdn }}' %s"

  notify:

    - Restart nginx

server {

    # Base settings.

    root {{ home }}/htdocs/;

    index {{ index }};

    server_name {{ fqdn }};

    {% if rewrites -%}

    # Generic URL rewrites.

    {% for rewrite in rewrites -%}

    rewrite {{ rewrite }};

    {% endfor -%}

    {% endif %}

  service: name="{{ fqdn }}" enabled=yes state=started

- name: Create directory where static files can be served from

  file: path="{{ home }}/htdocs/" state=directory

        owner="{{ admin }}" group="{{ user }}" mode="2750"

- name: Deploy nginx configuration file for website

  template: src="nginx_site.j2" dest="/etc/nginx/sites-available/{{ fqdn }}"

            owner=root group=root mode=640 validate="/usr/local/bin/nginx_verify_site.sh -n '{{ fqdn }}' %s"

  notify:

    - Restart nginx

server {

    root {{ home }}/htdocs/;

    server_name {{ fqdn }};

    {% if rewrites -%}

    # Site rewrites.

    {% for rewrite in rewrites -%}

    rewrite {{ rewrite }};

    {% endfor -%}

    {% endif %}