Browse Source
+ debops: apache with pki, mariadb_server, php7.4 with extensions, mariadb client role with secret
master
+ debops: apache with pki, mariadb_server, php7.4 with extensions, mariadb client role with secret
master
dimti
2 years ago
25 changed files with 673 additions and 5 deletions
-
1.gitignore
-
69apache.yml
-
11manala.nginx.yml
-
22manala.php.yml
-
41mariadb.yml
-
48mariadb_server.yml
-
80php.yml
-
16phpmyadmin.yml
-
36pki.yml
-
3requirements.yml
-
3role/defaults/main.yml
-
0roles/php-from-source/files/docker-php-ext-configure
-
0roles/php-from-source/files/docker-php-ext-enable
-
0roles/php-from-source/files/docker-php-ext-install
-
0roles/php-from-source/files/docker-php-source
-
0roles/php-from-source/tasks/main.yml
-
19roles/phpmyadmin/COPYRIGHT
-
4roles/phpmyadmin/README.md
-
99roles/phpmyadmin/defaults/main.yml
-
34roles/phpmyadmin/meta/main.yml
-
44roles/phpmyadmin/tasks/main.yml
-
82roles/phpmyadmin/templates/etc/dbconfig-common/phpmyadmin.conf.j2
-
55roles/phpmyadmin/vars/main.yml
-
2secret/.gitignore
-
7site.yml
@ -1,2 +1,3 @@ |
|||||
*.retry |
*.retry |
||||
.idea |
.idea |
||||
|
/secret |
@ -0,0 +1,69 @@ |
|||||
|
--- |
||||
|
|
||||
|
- name: Manage and configure the Apache HTTP Server |
||||
|
collections: [ 'debops.debops', 'debops.roles01', |
||||
|
'debops.roles02', 'debops.roles03' ] |
||||
|
hosts: [ 'debian10' ] |
||||
|
become: True |
||||
|
|
||||
|
environment: '{{ inventory__environment | d({}) |
||||
|
| combine(inventory__group_environment | d({})) |
||||
|
| combine(inventory__host_environment | d({})) }}' |
||||
|
|
||||
|
vars: |
||||
|
apache__base_packages: |
||||
|
- libapache2-mod-php7.4 |
||||
|
apache__role_modules: |
||||
|
'headers': True |
||||
|
'alias': True |
||||
|
'php7.4': True |
||||
|
'ssl': |
||||
|
enabled: '{{ True if (apache__https_listen and apache__https_enabled) else False }}' |
||||
|
'security2': |
||||
|
enabled: '{{ apache__security_module_enabled|bool }}' |
||||
|
'status': |
||||
|
enabled: '{{ apache__status_enabled|bool }}' |
||||
|
config: | |
||||
|
<Location /server-status> |
||||
|
# Revoke default permissions granted in `/etc/apache2/mods-available/status.conf`. |
||||
|
Require all denied |
||||
|
</Location> |
||||
|
'socache_shmcb': |
||||
|
enabled: '{{ True |
||||
|
if (apache__ocsp_stapling_enabled|bool |
||||
|
and "shmcb" in apache__ocsp_stapling_cache) |
||||
|
else omit }}' |
||||
|
'authz_host': |
||||
|
enabled: '{{ True |
||||
|
if (apache__status_enabled|bool |
||||
|
and apache__status_allow_localhost) |
||||
|
else omit }}' |
||||
|
'rewrite': |
||||
|
enabled: '{{ True |
||||
|
if (apache__register_mod_rewrite_used is defined and |
||||
|
apache__register_mod_rewrite_used.rc|d(1) == 0) |
||||
|
else omit }}' |
||||
|
apache__allow: |
||||
|
- 0.0.0.0 |
||||
|
# apache__default_vhost: |
||||
|
# name: '{{ apache__default_vhost_name }}' |
||||
|
# filename: '000-default' |
||||
|
# root: '/var/www/html' |
||||
|
|
||||
|
pre_tasks: |
||||
|
|
||||
|
- name: Prepare apache environment |
||||
|
import_role: |
||||
|
name: 'apache' |
||||
|
tasks_from: 'main_env' |
||||
|
tags: [ 'role::apache', 'role::apache:env' ] |
||||
|
|
||||
|
roles: |
||||
|
|
||||
|
# - role: ferm |
||||
|
# tags: [ 'role::ferm', 'skip::ferm' ] |
||||
|
# ferm__dependent_rules: |
||||
|
# - '{{ apache__ferm__dependent_rules }}' |
||||
|
|
||||
|
- role: apache |
||||
|
tags: [ 'role::apache', 'skip::apache' ] |
@ -0,0 +1,11 @@ |
|||||
|
--- |
||||
|
- hosts: debian10 |
||||
|
collections: |
||||
|
- nginxinc.nginx_core |
||||
|
- manala.roles |
||||
|
tasks: |
||||
|
- name: Install NGINX |
||||
|
ansible.builtin.include_role: |
||||
|
name: nginx |
||||
|
vars: |
||||
|
nginx_type: opensource |
@ -0,0 +1,22 @@ |
|||||
|
--- |
||||
|
- hosts: debian10 |
||||
|
collections: |
||||
|
- nginxinc.nginx_core |
||||
|
- manala.roles |
||||
|
vars: |
||||
|
manala_apt_repositories: |
||||
|
- contrib |
||||
|
manala_apt_preferences: |
||||
|
- git@backports |
||||
|
- sury_php:100 |
||||
|
- php@sury_php:300 |
||||
|
- nginx@nginx |
||||
|
tasks: |
||||
|
- name: Install Manala APT |
||||
|
ansible.builtin.include_role: |
||||
|
name: manala.roles.apt |
||||
|
- name: Install PHP |
||||
|
ansible.builtin.include_role: |
||||
|
name: manala.roles.php |
||||
|
vars: |
||||
|
manala_php_version: 7.4 |
@ -0,0 +1,41 @@ |
|||||
|
--- |
||||
|
|
||||
|
- name: Manage MariaDB client |
||||
|
collections: [ 'debops.debops', 'debops.roles01', |
||||
|
'debops.roles02', 'debops.roles03' ] |
||||
|
hosts: [ 'debian10' ] |
||||
|
become: True |
||||
|
|
||||
|
environment: '{{ inventory__environment | d({}) |
||||
|
| combine(inventory__group_environment | d({})) |
||||
|
| combine(inventory__host_environment | d({})) }}' |
||||
|
|
||||
|
vars: |
||||
|
mariadb__flavor: '{{ ansible_local.mariadb.flavor|d(mariadb__flavor_map[ansible_distribution_release] | d("mariadb")) }}' |
||||
|
mariadb__upstream_version: '10.5' |
||||
|
mariadb__databases: |
||||
|
- name: 'intermetiz' |
||||
|
- name: 'intermetiz-products' |
||||
|
mariadb__users: |
||||
|
- name: 'intermetiz' |
||||
|
host: '%' |
||||
|
database: 'intermetiz%' |
||||
|
|
||||
|
roles: |
||||
|
|
||||
|
- role: secret |
||||
|
|
||||
|
- role: keyring |
||||
|
tags: [ 'role::keyring', 'skip::keyring', 'role::mariadb' ] |
||||
|
keyring__dependent_apt_keys: |
||||
|
- '{{ mariadb__keyring__dependent_apt_keys }}' |
||||
|
|
||||
|
- role: python |
||||
|
tags: [ 'role::python', 'skip::python', 'role::mariadb' ] |
||||
|
python__dependent_packages3: |
||||
|
- '{{ mariadb__python__dependent_packages3 }}' |
||||
|
python__dependent_packages2: |
||||
|
- '{{ mariadb__python__dependent_packages2 }}' |
||||
|
|
||||
|
- role: mariadb |
||||
|
tags: [ 'role::mariadb', 'skip::mariadb' ] |
@ -0,0 +1,48 @@ |
|||||
|
--- |
||||
|
|
||||
|
- name: Manage MariaDB server |
||||
|
collections: [ 'debops.debops', 'debops.roles01', |
||||
|
'debops.roles02', 'debops.roles03' ] |
||||
|
hosts: [ 'debian10' ] |
||||
|
become: True |
||||
|
|
||||
|
environment: '{{ inventory__environment | d({}) |
||||
|
| combine(inventory__group_environment | d({})) |
||||
|
| combine(inventory__host_environment | d({})) }}' |
||||
|
|
||||
|
vars: |
||||
|
mariadb_server__flavor: '{{ ansible_local.mariadb.flavor |
||||
|
|d(mariadb_server__flavor_map[ansible_distribution_release] | d("mariadb_upstream")) }}' |
||||
|
mariadb_server__upstream_version: '10.5' |
||||
|
mariadb_server__bind_address: '0.0.0.0' |
||||
|
|
||||
|
roles: |
||||
|
- role: keyring |
||||
|
tags: [ 'role::keyring', 'skip::keyring', 'role::mariadb_server' ] |
||||
|
keyring__dependent_apt_keys: |
||||
|
- '{{ mariadb_server__keyring__dependent_apt_keys }}' |
||||
|
|
||||
|
- role: etc_services |
||||
|
tags: [ 'role::etc_services' ] |
||||
|
etc_services__dependent_list: |
||||
|
- '{{ mariadb_server__etc_services__dependent_rules }}' |
||||
|
# |
||||
|
# - role: ferm |
||||
|
# tags: [ 'role::ferm', 'skip::ferm' ] |
||||
|
# ferm__dependent_rules: |
||||
|
# - '{{ mariadb_server__ferm__dependent_rules }}' |
||||
|
|
||||
|
# - role: tcpwrappers |
||||
|
# tags: [ 'role::tcpwrappers', 'skip::tcpwrappers' ] |
||||
|
# tcpwrappers__dependent_allow: |
||||
|
# - '{{ mariadb_server__tcpwrappers__dependent_allow }}' |
||||
|
|
||||
|
- role: python |
||||
|
tags: [ 'role::python', 'skip::python', 'role::mariadb_server' ] |
||||
|
python__dependent_packages3: |
||||
|
- '{{ mariadb_server__python__dependent_packages3 }}' |
||||
|
python__dependent_packages2: |
||||
|
- '{{ mariadb_server__python__dependent_packages2 }}' |
||||
|
|
||||
|
- role: mariadb_server |
||||
|
tags: [ 'role::mariadb_server', 'skip::mariadb_server' ] |
@ -0,0 +1,80 @@ |
|||||
|
--- |
||||
|
|
||||
|
- name: Install and manage PHP environment |
||||
|
collections: [ 'debops.debops', 'debops.roles01', |
||||
|
'debops.roles02', 'debops.roles03' ] |
||||
|
hosts: [ 'debian10' ] |
||||
|
become: True |
||||
|
|
||||
|
environment: '{{ inventory__environment | d({}) |
||||
|
| combine(inventory__group_environment | d({})) |
||||
|
| combine(inventory__host_environment | d({})) }}' |
||||
|
|
||||
|
vars: |
||||
|
php__version_preference: [ 'php7.4' ] |
||||
|
php__sury: '{{ ansible_local.php.sury |
||||
|
|d(ansible_distribution_release in [ "buster" ]) | bool }}' |
||||
|
php__sury_apt_key_id: '{{ php__sury_apt_key_id_map[ansible_distribution] }}' |
||||
|
php__sury_apt_repo: '{{ php__sury_apt_repo_map[ansible_distribution] }}' |
||||
|
php__sury_apt_key_id_map: |
||||
|
'Debian': |
||||
|
- id: '1505 8500 A023 5D97 F5D1 0063 B188 E2B6 95BD 4743' |
||||
|
repo: 'deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main' |
||||
|
state: '{{ "present" if php__sury|bool else "absent" }}' |
||||
|
|
||||
|
# Key replaced due to security concerns |
||||
|
# Ref: https://www.patreon.com/posts/dpa-new-signing-25451165 |
||||
|
- id: 'DF3D 585D B8F0 EB65 8690 A554 AC0E 4758 4A7A 714D' |
||||
|
state: 'absent' |
||||
|
php__sury_apt_repo_map: |
||||
|
'Debian': 'deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main' |
||||
|
'Ubuntu': 'ppa:ondrej/php' |
||||
|
php__base_packages: |
||||
|
- unzip |
||||
|
- git |
||||
|
# mysql - это нужно только для WordPress |
||||
|
# mbstring требует только некоторые пакеты в laravel |
||||
|
# bcmath - нужно для работы парсера Excel файлов на одном из проектов |
||||
|
php__packages: [ 'curl', 'xml', 'gd', 'zip', 'mbstring', 'mysql', 'bcmath'' ] |
||||
|
php__composer_upstream_enabled: '{{ True |
||||
|
if (ansible_distribution_release in |
||||
|
[ "buster" ]) |
||||
|
else False }}' |
||||
|
php__php_included_packages: '{{ php__common_included_packages |
||||
|
+ [ "sysvsem", "sysvshm" ] }}' |
||||
|
|
||||
|
pre_tasks: |
||||
|
|
||||
|
- name: Apply keyring configuration for php environment |
||||
|
import_role: |
||||
|
name: 'keyring' |
||||
|
vars: |
||||
|
keyring__dependent_apt_keys: |
||||
|
- '{{ php__keyring__dependent_apt_keys }}' |
||||
|
tags: [ 'role::keyring', 'skip::keyring', 'role::php' ] |
||||
|
|
||||
|
- name: Prepare php environment |
||||
|
import_role: |
||||
|
name: 'php' |
||||
|
tasks_from: 'main_env' |
||||
|
tags: [ 'role::php', 'role::php:env', 'role::logrotate' ] |
||||
|
|
||||
|
roles: |
||||
|
|
||||
|
- role: apt_preferences |
||||
|
tags: [ 'role::apt_preferences', 'skip::apt_preferences' ] |
||||
|
apt_preferences__dependent_list: |
||||
|
- '{{ php__apt_preferences__dependent_list }}' |
||||
|
|
||||
|
- role: cron |
||||
|
tags: [ 'role::cron', 'skip::cron' ] |
||||
|
|
||||
|
- role: logrotate |
||||
|
tags: [ 'role::logrotate', 'skip::logrotate' ] |
||||
|
logrotate__dependent_config: |
||||
|
- '{{ php__logrotate__dependent_config }}' |
||||
|
|
||||
|
- role: apt_install |
||||
|
|
||||
|
- role: php |
||||
|
tags: [ 'role::php', 'skip::php' ] |
@ -0,0 +1,16 @@ |
|||||
|
--- |
||||
|
|
||||
|
- name: Manage MariaDB server |
||||
|
collections: [ 'debops.debops', 'debops.roles01', |
||||
|
'debops.roles02', 'debops.roles03' ] |
||||
|
hosts: [ 'debian10' ] |
||||
|
become: True |
||||
|
|
||||
|
environment: '{{ inventory__environment | d({}) |
||||
|
| combine(inventory__group_environment | d({})) |
||||
|
| combine(inventory__host_environment | d({})) }}' |
||||
|
|
||||
|
roles: |
||||
|
|
||||
|
- role: phpmyadmin |
||||
|
tags: [ 'role::phpmyadmin', 'skip::phpmyadmin' ] |
@ -0,0 +1,36 @@ |
|||||
|
--- |
||||
|
|
||||
|
- name: Manage Public Key Infrastructure |
||||
|
collections: [ 'debops.debops', 'debops.roles01', |
||||
|
'debops.roles02', 'debops.roles03' ] |
||||
|
hosts: [ 'debian10' ] |
||||
|
become: True |
||||
|
|
||||
|
environment: '{{ inventory__environment | d({}) |
||||
|
| combine(inventory__group_environment | d({})) |
||||
|
| combine(inventory__host_environment | d({})) }}' |
||||
|
|
||||
|
vars: |
||||
|
pki_internal: True |
||||
|
pki_acme: False |
||||
|
|
||||
|
pre_tasks: |
||||
|
|
||||
|
- name: Prepare pki environment |
||||
|
import_role: |
||||
|
name: 'pki' |
||||
|
tasks_from: 'main_env' |
||||
|
tags: [ 'role::pki', 'role::pki:secret', 'role::secret' ] |
||||
|
|
||||
|
roles: |
||||
|
|
||||
|
- role: secret |
||||
|
tags: [ 'role::secret', 'role::pki', 'role::pki:secret' ] |
||||
|
secret_directories: |
||||
|
- '{{ pki_env_secret_directories }}' |
||||
|
|
||||
|
- role: cron |
||||
|
tags: [ 'role::cron', 'skip::cron' ] |
||||
|
|
||||
|
- role: pki |
||||
|
tags: [ 'role::pki', 'skip::pki' ] |
@ -0,0 +1,3 @@ |
|||||
|
--- |
||||
|
mariadb__root_password: '{{ lookup("password", secret + "/credentials/" + |
||||
|
ansible_fqdn + "/mariadb/root/password length=20") }}' |
@ -0,0 +1,19 @@ |
|||||
|
debops.phpmyadmin - Manage phpMyAdmin service using Ansible |
||||
|
|
||||
|
Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
||||
|
Copyright (C) 2015-2019 DebOps <https://debops.org/> |
||||
|
SPDX-License-Identifier: GPL-3.0-only |
||||
|
|
||||
|
This Ansible role is part of DebOps. |
||||
|
|
||||
|
DebOps is free software; you can redistribute it and/or modify |
||||
|
it under the terms of the GNU General Public License version 3, as |
||||
|
published by the Free Software Foundation. |
||||
|
|
||||
|
DebOps is distributed in the hope that it will be useful, |
||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
|
GNU General Public License for more details. |
||||
|
|
||||
|
You should have received a copy of the GNU General Public License |
||||
|
along with DebOps. If not, see https://www.gnu.org/licenses/. |
@ -0,0 +1,4 @@ |
|||||
|
### phpmyadmin |
||||
|
|
||||
|
This role does not have official documentation. |
||||
|
See [DebOps documentation](https://docs.debops.org/en/tags/v3.0.3^0/) instead. |
@ -0,0 +1,99 @@ |
|||||
|
--- |
||||
|
# .. vim: foldmarker=[[[,]]]:foldmethod=marker |
||||
|
|
||||
|
# .. Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
||||
|
# .. Copyright (C) 2015-2019 DebOps <https://debops.org/> |
||||
|
# .. SPDX-License-Identifier: GPL-3.0-only |
||||
|
|
||||
|
# .. _phpmyadmin__ref_defaults: |
||||
|
|
||||
|
# debops.phpmyadmin default variables |
||||
|
# =================================== |
||||
|
|
||||
|
# .. contents:: Sections |
||||
|
# :local: |
||||
|
# |
||||
|
# .. include:: ../../../../includes/global.rst |
||||
|
|
||||
|
|
||||
|
# .. envvar:: phpmyadmin_dependencies [[[ |
||||
|
# |
||||
|
# Should PHPMyAdmin role manage its own dependencies? |
||||
|
phpmyadmin_dependencies: True |
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin_domain [[[ |
||||
|
# |
||||
|
# What subdomain should be used for PHPMyAdmin in nginx configuration |
||||
|
phpmyadmin_domain: [ 'mysql.{{ ansible_domain }}' ] |
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin_password_length [[[ |
||||
|
# |
||||
|
# Default length of generated passwords |
||||
|
phpmyadmin_password_length: '20' |
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin_control_password [[[ |
||||
|
# |
||||
|
# Default PHPMyAdmin control password |
||||
|
phpmyadmin_control_password: "{{ lookup('password', secret + '/mariadb/' + ansible_local['mariadb'].delegate_to + '/credentials/' + phpmyadmin_control_user + '/password length=' + phpmyadmin_password_length) }}" |
||||
|
|
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin_allow [[[ |
||||
|
# |
||||
|
# List of IP addresses or network ranges in CIDR format, allowed to access |
||||
|
# PHPMyAdmin. Leave empty to allow access from all IP addresses/networks |
||||
|
phpmyadmin_allow: [] |
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin_upload_size [[[ |
||||
|
# |
||||
|
# Max upload size for nginx and php5 |
||||
|
phpmyadmin_upload_size: '64M' |
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin_php5_max_children [[[ |
||||
|
# |
||||
|
# Maximum number of PHP5 processes for PHPMyAdmin |
||||
|
phpmyadmin_php5_max_children: '20' |
||||
|
|
||||
|
# ]]] |
||||
|
# Configuration for other Ansible roles [[[ |
||||
|
# ----------------------------------------- |
||||
|
|
||||
|
# .. envvar:: phpmyadmin__php__dependent_packages [[[ |
||||
|
# |
||||
|
# Package configuration for the :ref:`debops.php` Ansible role. |
||||
|
phpmyadmin__php__dependent_packages: |
||||
|
|
||||
|
- 'mysql' |
||||
|
- 'mcrypt' |
||||
|
- 'gd' |
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin__php__dependent_pools [[[ |
||||
|
# |
||||
|
# Pool configuration for the :ref:`debops.php` Ansible role. |
||||
|
phpmyadmin__php__dependent_pools: |
||||
|
|
||||
|
- '{{ phpmyadmin_php5_pool }}' |
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin__nginx__dependent_servers [[[ |
||||
|
# |
||||
|
# Server configuration for the :ref:`debops.nginx` Ansible role. |
||||
|
phpmyadmin__nginx__dependent_servers: |
||||
|
|
||||
|
- '{{ phpmyadmin_nginx_server }}' |
||||
|
|
||||
|
# ]]] |
||||
|
# .. envvar:: phpmyadmin__nginx__dependent_upstreams [[[ |
||||
|
# |
||||
|
# Upstream configuration for the :ref:`debops.nginx` Ansible role. |
||||
|
phpmyadmin__nginx__dependent_upstreams: |
||||
|
|
||||
|
- '{{ phpmyadmin_nginx_upstream_php5 }}' |
||||
|
# ]]] |
||||
|
# ]]] |
@ -0,0 +1,34 @@ |
|||||
|
--- |
||||
|
# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
||||
|
# Copyright (C) 2015-2019 DebOps <https://debops.org/> |
||||
|
# SPDX-License-Identifier: GPL-3.0-only |
||||
|
|
||||
|
# Ensure that custom Ansible plugins and modules included in the main DebOps |
||||
|
# collection are available to roles in other collections. |
||||
|
collections: [ 'debops.debops' ] |
||||
|
|
||||
|
dependencies: [] |
||||
|
|
||||
|
galaxy_info: |
||||
|
|
||||
|
author: 'Maciej Delmanowski' |
||||
|
description: 'Install and configure PHPMyAdmin on a MySQL database server' |
||||
|
company: 'DebOps' |
||||
|
license: 'GPL-3.0-only' |
||||
|
min_ansible_version: '1.7.0' |
||||
|
platforms: |
||||
|
- name: Ubuntu |
||||
|
versions: |
||||
|
- precise |
||||
|
- quantal |
||||
|
- raring |
||||
|
- saucy |
||||
|
- trusty |
||||
|
- name: Debian |
||||
|
versions: |
||||
|
- wheezy |
||||
|
- jessie |
||||
|
galaxy_tags: |
||||
|
- mysql |
||||
|
- database |
||||
|
- php |
@ -0,0 +1,44 @@ |
|||||
|
--- |
||||
|
# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
||||
|
# Copyright (C) 2015-2019 DebOps <https://debops.org/> |
||||
|
# SPDX-License-Identifier: GPL-3.0-only |
||||
|
|
||||
|
- name: Import DebOps secret role |
||||
|
import_role: |
||||
|
name: 'secret' |
||||
|
|
||||
|
- name: Install dbconfig-common |
||||
|
apt: pkg=dbconfig-common state=present install_recommends=no |
||||
|
register: phpmyadmin__register_dbconfig_packages |
||||
|
until: phpmyadmin__register_dbconfig_packages is succeeded |
||||
|
|
||||
|
- name: Pre-configure PHPMyAdmin database |
||||
|
template: src=etc/dbconfig-common/phpmyadmin.conf.j2 |
||||
|
dest=/etc/dbconfig-common/phpmyadmin.conf |
||||
|
owner=root group=root mode=0600 |
||||
|
|
||||
|
- name: Install PHPMyAdmin packages |
||||
|
apt: pkg=phpmyadmin state=present install_recommends=no |
||||
|
register: phpmyadmin__register_packages |
||||
|
until: phpmyadmin__register_packages is succeeded |
||||
|
|
||||
|
- name: Create database for PHPMyAdmin |
||||
|
mysql_db: name={{ phpmyadmin_control_database | default('phpmyadmin') }} state=present |
||||
|
register: phpmyadmin_database |
||||
|
|
||||
|
- name: Import PHPMyAdmin schema |
||||
|
mysql_db: # noqa no-handler |
||||
|
name: '{{ phpmyadmin_control_database | default("phpmyadmin") }}' |
||||
|
state: 'import' |
||||
|
target: '/usr/share/dbconfig-common/data/phpmyadmin/install/mysql' |
||||
|
login_unix_socket: '/run/mysqld/mysqld.sock' |
||||
|
when: phpmyadmin_database is defined and phpmyadmin_database is changed |
||||
|
|
||||
|
- name: Create PHPMyAdmin control user |
||||
|
mysql_user: |
||||
|
name: "{{ phpmyadmin_control_user | default('phpmyadmin') }}" |
||||
|
state: 'present' |
||||
|
password: '{{ phpmyadmin_control_password }}' |
||||
|
priv: "{{ phpmyadmin_control_database | default('phpmyadmin') }}.*:ALL" |
||||
|
login_unix_socket: '/run/mysqld/mysqld.sock' |
||||
|
no_log: '{{ debops__no_log | d(True) }}' |
@ -0,0 +1,82 @@ |
|||||
|
{# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
||||
|
# Copyright (C) 2015-2019 DebOps <https://debops.org/> |
||||
|
# SPDX-License-Identifier: GPL-3.0-only |
||||
|
#} |
||||
|
# This file is managed by Ansible, all changes will be lost |
||||
|
|
||||
|
# automatically generated by the maintainer scripts of phpmyadmin |
||||
|
# any changes you make will be preserved, though your comments |
||||
|
# will be lost! to change your settings you should edit this |
||||
|
# file and then run "dpkg-reconfigure phpmyadmin" |
||||
|
|
||||
|
# dbc_install: configure database with dbconfig-common? |
||||
|
# set to anything but "true" to opt out of assistance |
||||
|
dbc_install='false' |
||||
|
|
||||
|
# dbc_upgrade: upgrade database with dbconfig-common? |
||||
|
# set to anything but "true" to opt out of assistance |
||||
|
dbc_upgrade='false' |
||||
|
|
||||
|
# dbc_remove: deconfigure database with dbconfig-common? |
||||
|
# set to anything but "true" to opt out of assistance |
||||
|
dbc_remove='' |
||||
|
|
||||
|
# dbc_dbtype: type of underlying database to use |
||||
|
# this exists primarily to let dbconfig-common know what database |
||||
|
# type to use when a package supports multiple database types. |
||||
|
# don't change this value unless you know for certain that this |
||||
|
# package supports multiple database types |
||||
|
dbc_dbtype='mysql' |
||||
|
|
||||
|
# dbc_dbuser: database user |
||||
|
# the name of the user who we will use to connect to the database. |
||||
|
dbc_dbuser='{{ phpmyadmin_control_user }}' |
||||
|
|
||||
|
# dbc_dbpass: database user password |
||||
|
# the password to use with the above username when connecting |
||||
|
# to a database, if one is required |
||||
|
dbc_dbpass='{{ phpmyadmin_control_password }}' |
||||
|
|
||||
|
# dbc_dbserver: database host. |
||||
|
# leave unset to use localhost (or a more efficient local method |
||||
|
# if it exists). |
||||
|
dbc_dbserver='' |
||||
|
|
||||
|
# dbc_dbport: remote database port |
||||
|
# leave unset to use the default. only applicable if you are |
||||
|
# using a remote database. |
||||
|
dbc_dbport='' |
||||
|
|
||||
|
# dbc_dbname: name of database |
||||
|
# this is the name of your application's database. |
||||
|
dbc_dbname='{{ phpmyadmin_control_database }}' |
||||
|
|
||||
|
# dbc_dbadmin: name of the administrative user |
||||
|
# this is the administrative user that is used to create all of the above |
||||
|
dbc_dbadmin='root' |
||||
|
|
||||
|
# dbc_basepath: base directory to hold database files |
||||
|
# leave unset to use the default. only applicable if you are |
||||
|
# using a local (filesystem based) database. |
||||
|
dbc_basepath='' |
||||
|
|
||||
|
## |
||||
|
## postgresql specific settings. if you don't use postgresql, |
||||
|
## you can safely ignore all of these |
||||
|
## |
||||
|
|
||||
|
# dbc_ssl: should we require ssl? |
||||
|
# set to "true" to require that connections use ssl |
||||
|
dbc_ssl='' |
||||
|
|
||||
|
# dbc_authmethod_admin: authentication method for admin |
||||
|
# dbc_authmethod_user: authentication method for dbuser |
||||
|
# see the section titled "AUTHENTICATION METHODS" in |
||||
|
# /usr/share/doc/dbconfig-common/README.pgsql for more info |
||||
|
dbc_authmethod_admin='' |
||||
|
dbc_authmethod_user='' |
||||
|
|
||||
|
## |
||||
|
## end postgresql specific settings |
||||
|
## |
||||
|
|
@ -0,0 +1,55 @@ |
|||||
|
--- |
||||
|
# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
||||
|
# Copyright (C) 2015-2019 DebOps <https://debops.org/> |
||||
|
# SPDX-License-Identifier: GPL-3.0-only |
||||
|
|
||||
|
phpmyadmin_control_user: 'phpmyadmin' |
||||
|
phpmyadmin_control_database: 'phpmyadmin' |
||||
|
|
||||
|
phpmyadmin_nginx_server: |
||||
|
by_role: 'debops.phpmyadmin' |
||||
|
enabled: True |
||||
|
default: False |
||||
|
type: 'php5' |
||||
|
name: '{{ phpmyadmin_domain }}' |
||||
|
root: '/usr/share/phpmyadmin' |
||||
|
webroot_create: False |
||||
|
|
||||
|
options: | |
||||
|
client_max_body_size {{ phpmyadmin_upload_size }}; |
||||
|
|
||||
|
location: |
||||
|
|
||||
|
# Required for location_allow to work |
||||
|
'/': 'try_files $uri $uri/ =404;' |
||||
|
|
||||
|
'~ ^/(setup|libraries)': 'deny all;' |
||||
|
|
||||
|
location_allow: |
||||
|
'/': '{{ phpmyadmin_allow }}' |
||||
|
|
||||
|
php5: 'php5_phpmyadmin' |
||||
|
|
||||
|
php5_options: | |
||||
|
{% if phpmyadmin_allow is defined and phpmyadmin_allow %} |
||||
|
{% for address in phpmyadmin_allow %} |
||||
|
allow {{ address }}; |
||||
|
{% endfor %} |
||||
|
deny all; |
||||
|
{% endif %} |
||||
|
|
||||
|
phpmyadmin_nginx_upstream_php5: |
||||
|
enabled: True |
||||
|
name: 'php5_phpmyadmin' |
||||
|
type: 'php5' |
||||
|
php5: 'phpmyadmin' |
||||
|
|
||||
|
phpmyadmin_php5_pool: |
||||
|
enabled: True |
||||
|
name: 'phpmyadmin' |
||||
|
user: 'www-data' |
||||
|
group: 'www-data' |
||||
|
pm_max_children: '{{ phpmyadmin_php5_max_children }}' |
||||
|
php_value: |
||||
|
post_max_size: '{{ phpmyadmin_upload_size }}' |
||||
|
upload_max_filesize: '{{ phpmyadmin_upload_size }}' |
@ -0,0 +1,2 @@ |
|||||
|
* |
||||
|
!.gitignore |
@ -1,6 +1,9 @@ |
|||||
--- |
--- |
||||
|
|
||||
- import_playbook: anygroup.yml |
|
||||
|
- import_playbook: pki.yml |
||||
|
- import_playbook: mariadb_server.yml |
||||
|
- import_playbook: mariadb.yml |
||||
|
- import_playbook: php.yml |
||||
|
- import_playbook: apache.yml |
||||
|
|
||||
# Import all other group playbooks in this file... |
# Import all other group playbooks in this file... |
||||
|
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue