Browse Source
+ debops: apache with pki, mariadb_server, php7.4 with extensions, mariadb client role with secret
master
+ debops: apache with pki, mariadb_server, php7.4 with extensions, mariadb client role with secret
master
dimti
2 years ago
25 changed files with 673 additions and 5 deletions
-
1.gitignore
-
69apache.yml
-
11manala.nginx.yml
-
22manala.php.yml
-
41mariadb.yml
-
48mariadb_server.yml
-
80php.yml
-
16phpmyadmin.yml
-
36pki.yml
-
3requirements.yml
-
3role/defaults/main.yml
-
0roles/php-from-source/files/docker-php-ext-configure
-
0roles/php-from-source/files/docker-php-ext-enable
-
0roles/php-from-source/files/docker-php-ext-install
-
0roles/php-from-source/files/docker-php-source
-
0roles/php-from-source/tasks/main.yml
-
19roles/phpmyadmin/COPYRIGHT
-
4roles/phpmyadmin/README.md
-
99roles/phpmyadmin/defaults/main.yml
-
34roles/phpmyadmin/meta/main.yml
-
44roles/phpmyadmin/tasks/main.yml
-
82roles/phpmyadmin/templates/etc/dbconfig-common/phpmyadmin.conf.j2
-
55roles/phpmyadmin/vars/main.yml
-
2secret/.gitignore
-
7site.yml
@ -1,2 +1,3 @@ |
|||
*.retry |
|||
.idea |
|||
/secret |
@ -0,0 +1,69 @@ |
|||
--- |
|||
|
|||
- name: Manage and configure the Apache HTTP Server |
|||
collections: [ 'debops.debops', 'debops.roles01', |
|||
'debops.roles02', 'debops.roles03' ] |
|||
hosts: [ 'debian10' ] |
|||
become: True |
|||
|
|||
environment: '{{ inventory__environment | d({}) |
|||
| combine(inventory__group_environment | d({})) |
|||
| combine(inventory__host_environment | d({})) }}' |
|||
|
|||
vars: |
|||
apache__base_packages: |
|||
- libapache2-mod-php7.4 |
|||
apache__role_modules: |
|||
'headers': True |
|||
'alias': True |
|||
'php7.4': True |
|||
'ssl': |
|||
enabled: '{{ True if (apache__https_listen and apache__https_enabled) else False }}' |
|||
'security2': |
|||
enabled: '{{ apache__security_module_enabled|bool }}' |
|||
'status': |
|||
enabled: '{{ apache__status_enabled|bool }}' |
|||
config: | |
|||
<Location /server-status> |
|||
# Revoke default permissions granted in `/etc/apache2/mods-available/status.conf`. |
|||
Require all denied |
|||
</Location> |
|||
'socache_shmcb': |
|||
enabled: '{{ True |
|||
if (apache__ocsp_stapling_enabled|bool |
|||
and "shmcb" in apache__ocsp_stapling_cache) |
|||
else omit }}' |
|||
'authz_host': |
|||
enabled: '{{ True |
|||
if (apache__status_enabled|bool |
|||
and apache__status_allow_localhost) |
|||
else omit }}' |
|||
'rewrite': |
|||
enabled: '{{ True |
|||
if (apache__register_mod_rewrite_used is defined and |
|||
apache__register_mod_rewrite_used.rc|d(1) == 0) |
|||
else omit }}' |
|||
apache__allow: |
|||
- 0.0.0.0 |
|||
# apache__default_vhost: |
|||
# name: '{{ apache__default_vhost_name }}' |
|||
# filename: '000-default' |
|||
# root: '/var/www/html' |
|||
|
|||
pre_tasks: |
|||
|
|||
- name: Prepare apache environment |
|||
import_role: |
|||
name: 'apache' |
|||
tasks_from: 'main_env' |
|||
tags: [ 'role::apache', 'role::apache:env' ] |
|||
|
|||
roles: |
|||
|
|||
# - role: ferm |
|||
# tags: [ 'role::ferm', 'skip::ferm' ] |
|||
# ferm__dependent_rules: |
|||
# - '{{ apache__ferm__dependent_rules }}' |
|||
|
|||
- role: apache |
|||
tags: [ 'role::apache', 'skip::apache' ] |
@ -0,0 +1,11 @@ |
|||
--- |
|||
- hosts: debian10 |
|||
collections: |
|||
- nginxinc.nginx_core |
|||
- manala.roles |
|||
tasks: |
|||
- name: Install NGINX |
|||
ansible.builtin.include_role: |
|||
name: nginx |
|||
vars: |
|||
nginx_type: opensource |
@ -0,0 +1,22 @@ |
|||
--- |
|||
- hosts: debian10 |
|||
collections: |
|||
- nginxinc.nginx_core |
|||
- manala.roles |
|||
vars: |
|||
manala_apt_repositories: |
|||
- contrib |
|||
manala_apt_preferences: |
|||
- git@backports |
|||
- sury_php:100 |
|||
- php@sury_php:300 |
|||
- nginx@nginx |
|||
tasks: |
|||
- name: Install Manala APT |
|||
ansible.builtin.include_role: |
|||
name: manala.roles.apt |
|||
- name: Install PHP |
|||
ansible.builtin.include_role: |
|||
name: manala.roles.php |
|||
vars: |
|||
manala_php_version: 7.4 |
@ -0,0 +1,41 @@ |
|||
--- |
|||
|
|||
- name: Manage MariaDB client |
|||
collections: [ 'debops.debops', 'debops.roles01', |
|||
'debops.roles02', 'debops.roles03' ] |
|||
hosts: [ 'debian10' ] |
|||
become: True |
|||
|
|||
environment: '{{ inventory__environment | d({}) |
|||
| combine(inventory__group_environment | d({})) |
|||
| combine(inventory__host_environment | d({})) }}' |
|||
|
|||
vars: |
|||
mariadb__flavor: '{{ ansible_local.mariadb.flavor|d(mariadb__flavor_map[ansible_distribution_release] | d("mariadb")) }}' |
|||
mariadb__upstream_version: '10.5' |
|||
mariadb__databases: |
|||
- name: 'intermetiz' |
|||
- name: 'intermetiz-products' |
|||
mariadb__users: |
|||
- name: 'intermetiz' |
|||
host: '%' |
|||
database: 'intermetiz%' |
|||
|
|||
roles: |
|||
|
|||
- role: secret |
|||
|
|||
- role: keyring |
|||
tags: [ 'role::keyring', 'skip::keyring', 'role::mariadb' ] |
|||
keyring__dependent_apt_keys: |
|||
- '{{ mariadb__keyring__dependent_apt_keys }}' |
|||
|
|||
- role: python |
|||
tags: [ 'role::python', 'skip::python', 'role::mariadb' ] |
|||
python__dependent_packages3: |
|||
- '{{ mariadb__python__dependent_packages3 }}' |
|||
python__dependent_packages2: |
|||
- '{{ mariadb__python__dependent_packages2 }}' |
|||
|
|||
- role: mariadb |
|||
tags: [ 'role::mariadb', 'skip::mariadb' ] |
@ -0,0 +1,48 @@ |
|||
--- |
|||
|
|||
- name: Manage MariaDB server |
|||
collections: [ 'debops.debops', 'debops.roles01', |
|||
'debops.roles02', 'debops.roles03' ] |
|||
hosts: [ 'debian10' ] |
|||
become: True |
|||
|
|||
environment: '{{ inventory__environment | d({}) |
|||
| combine(inventory__group_environment | d({})) |
|||
| combine(inventory__host_environment | d({})) }}' |
|||
|
|||
vars: |
|||
mariadb_server__flavor: '{{ ansible_local.mariadb.flavor |
|||
|d(mariadb_server__flavor_map[ansible_distribution_release] | d("mariadb_upstream")) }}' |
|||
mariadb_server__upstream_version: '10.5' |
|||
mariadb_server__bind_address: '0.0.0.0' |
|||
|
|||
roles: |
|||
- role: keyring |
|||
tags: [ 'role::keyring', 'skip::keyring', 'role::mariadb_server' ] |
|||
keyring__dependent_apt_keys: |
|||
- '{{ mariadb_server__keyring__dependent_apt_keys }}' |
|||
|
|||
- role: etc_services |
|||
tags: [ 'role::etc_services' ] |
|||
etc_services__dependent_list: |
|||
- '{{ mariadb_server__etc_services__dependent_rules }}' |
|||
# |
|||
# - role: ferm |
|||
# tags: [ 'role::ferm', 'skip::ferm' ] |
|||
# ferm__dependent_rules: |
|||
# - '{{ mariadb_server__ferm__dependent_rules }}' |
|||
|
|||
# - role: tcpwrappers |
|||
# tags: [ 'role::tcpwrappers', 'skip::tcpwrappers' ] |
|||
# tcpwrappers__dependent_allow: |
|||
# - '{{ mariadb_server__tcpwrappers__dependent_allow }}' |
|||
|
|||
- role: python |
|||
tags: [ 'role::python', 'skip::python', 'role::mariadb_server' ] |
|||
python__dependent_packages3: |
|||
- '{{ mariadb_server__python__dependent_packages3 }}' |
|||
python__dependent_packages2: |
|||
- '{{ mariadb_server__python__dependent_packages2 }}' |
|||
|
|||
- role: mariadb_server |
|||
tags: [ 'role::mariadb_server', 'skip::mariadb_server' ] |
@ -0,0 +1,80 @@ |
|||
--- |
|||
|
|||
- name: Install and manage PHP environment |
|||
collections: [ 'debops.debops', 'debops.roles01', |
|||
'debops.roles02', 'debops.roles03' ] |
|||
hosts: [ 'debian10' ] |
|||
become: True |
|||
|
|||
environment: '{{ inventory__environment | d({}) |
|||
| combine(inventory__group_environment | d({})) |
|||
| combine(inventory__host_environment | d({})) }}' |
|||
|
|||
vars: |
|||
php__version_preference: [ 'php7.4' ] |
|||
php__sury: '{{ ansible_local.php.sury |
|||
|d(ansible_distribution_release in [ "buster" ]) | bool }}' |
|||
php__sury_apt_key_id: '{{ php__sury_apt_key_id_map[ansible_distribution] }}' |
|||
php__sury_apt_repo: '{{ php__sury_apt_repo_map[ansible_distribution] }}' |
|||
php__sury_apt_key_id_map: |
|||
'Debian': |
|||
- id: '1505 8500 A023 5D97 F5D1 0063 B188 E2B6 95BD 4743' |
|||
repo: 'deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main' |
|||
state: '{{ "present" if php__sury|bool else "absent" }}' |
|||
|
|||
# Key replaced due to security concerns |
|||
# Ref: https://www.patreon.com/posts/dpa-new-signing-25451165 |
|||
- id: 'DF3D 585D B8F0 EB65 8690 A554 AC0E 4758 4A7A 714D' |
|||
state: 'absent' |
|||
php__sury_apt_repo_map: |
|||
'Debian': 'deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main' |
|||
'Ubuntu': 'ppa:ondrej/php' |
|||
php__base_packages: |
|||
- unzip |
|||
- git |
|||
# mysql - это нужно только для WordPress |
|||
# mbstring требует только некоторые пакеты в laravel |
|||
# bcmath - нужно для работы парсера Excel файлов на одном из проектов |
|||
php__packages: [ 'curl', 'xml', 'gd', 'zip', 'mbstring', 'mysql', 'bcmath'' ] |
|||
php__composer_upstream_enabled: '{{ True |
|||
if (ansible_distribution_release in |
|||
[ "buster" ]) |
|||
else False }}' |
|||
php__php_included_packages: '{{ php__common_included_packages |
|||
+ [ "sysvsem", "sysvshm" ] }}' |
|||
|
|||
pre_tasks: |
|||
|
|||
- name: Apply keyring configuration for php environment |
|||
import_role: |
|||
name: 'keyring' |
|||
vars: |
|||
keyring__dependent_apt_keys: |
|||
- '{{ php__keyring__dependent_apt_keys }}' |
|||
tags: [ 'role::keyring', 'skip::keyring', 'role::php' ] |
|||
|
|||
- name: Prepare php environment |
|||
import_role: |
|||
name: 'php' |
|||
tasks_from: 'main_env' |
|||
tags: [ 'role::php', 'role::php:env', 'role::logrotate' ] |
|||
|
|||
roles: |
|||
|
|||
- role: apt_preferences |
|||
tags: [ 'role::apt_preferences', 'skip::apt_preferences' ] |
|||
apt_preferences__dependent_list: |
|||
- '{{ php__apt_preferences__dependent_list }}' |
|||
|
|||
- role: cron |
|||
tags: [ 'role::cron', 'skip::cron' ] |
|||
|
|||
- role: logrotate |
|||
tags: [ 'role::logrotate', 'skip::logrotate' ] |
|||
logrotate__dependent_config: |
|||
- '{{ php__logrotate__dependent_config }}' |
|||
|
|||
- role: apt_install |
|||
|
|||
- role: php |
|||
tags: [ 'role::php', 'skip::php' ] |
@ -0,0 +1,16 @@ |
|||
--- |
|||
|
|||
- name: Manage MariaDB server |
|||
collections: [ 'debops.debops', 'debops.roles01', |
|||
'debops.roles02', 'debops.roles03' ] |
|||
hosts: [ 'debian10' ] |
|||
become: True |
|||
|
|||
environment: '{{ inventory__environment | d({}) |
|||
| combine(inventory__group_environment | d({})) |
|||
| combine(inventory__host_environment | d({})) }}' |
|||
|
|||
roles: |
|||
|
|||
- role: phpmyadmin |
|||
tags: [ 'role::phpmyadmin', 'skip::phpmyadmin' ] |
@ -0,0 +1,36 @@ |
|||
--- |
|||
|
|||
- name: Manage Public Key Infrastructure |
|||
collections: [ 'debops.debops', 'debops.roles01', |
|||
'debops.roles02', 'debops.roles03' ] |
|||
hosts: [ 'debian10' ] |
|||
become: True |
|||
|
|||
environment: '{{ inventory__environment | d({}) |
|||
| combine(inventory__group_environment | d({})) |
|||
| combine(inventory__host_environment | d({})) }}' |
|||
|
|||
vars: |
|||
pki_internal: True |
|||
pki_acme: False |
|||
|
|||
pre_tasks: |
|||
|
|||
- name: Prepare pki environment |
|||
import_role: |
|||
name: 'pki' |
|||
tasks_from: 'main_env' |
|||
tags: [ 'role::pki', 'role::pki:secret', 'role::secret' ] |
|||
|
|||
roles: |
|||
|
|||
- role: secret |
|||
tags: [ 'role::secret', 'role::pki', 'role::pki:secret' ] |
|||
secret_directories: |
|||
- '{{ pki_env_secret_directories }}' |
|||
|
|||
- role: cron |
|||
tags: [ 'role::cron', 'skip::cron' ] |
|||
|
|||
- role: pki |
|||
tags: [ 'role::pki', 'skip::pki' ] |
@ -0,0 +1,3 @@ |
|||
--- |
|||
mariadb__root_password: '{{ lookup("password", secret + "/credentials/" + |
|||
ansible_fqdn + "/mariadb/root/password length=20") }}' |
@ -0,0 +1,19 @@ |
|||
debops.phpmyadmin - Manage phpMyAdmin service using Ansible |
|||
|
|||
Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
|||
Copyright (C) 2015-2019 DebOps <https://debops.org/> |
|||
SPDX-License-Identifier: GPL-3.0-only |
|||
|
|||
This Ansible role is part of DebOps. |
|||
|
|||
DebOps is free software; you can redistribute it and/or modify |
|||
it under the terms of the GNU General Public License version 3, as |
|||
published by the Free Software Foundation. |
|||
|
|||
DebOps is distributed in the hope that it will be useful, |
|||
but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
GNU General Public License for more details. |
|||
|
|||
You should have received a copy of the GNU General Public License |
|||
along with DebOps. If not, see https://www.gnu.org/licenses/. |
@ -0,0 +1,4 @@ |
|||
### phpmyadmin |
|||
|
|||
This role does not have official documentation. |
|||
See [DebOps documentation](https://docs.debops.org/en/tags/v3.0.3^0/) instead. |
@ -0,0 +1,99 @@ |
|||
--- |
|||
# .. vim: foldmarker=[[[,]]]:foldmethod=marker |
|||
|
|||
# .. Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
|||
# .. Copyright (C) 2015-2019 DebOps <https://debops.org/> |
|||
# .. SPDX-License-Identifier: GPL-3.0-only |
|||
|
|||
# .. _phpmyadmin__ref_defaults: |
|||
|
|||
# debops.phpmyadmin default variables |
|||
# =================================== |
|||
|
|||
# .. contents:: Sections |
|||
# :local: |
|||
# |
|||
# .. include:: ../../../../includes/global.rst |
|||
|
|||
|
|||
# .. envvar:: phpmyadmin_dependencies [[[ |
|||
# |
|||
# Should PHPMyAdmin role manage its own dependencies? |
|||
phpmyadmin_dependencies: True |
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin_domain [[[ |
|||
# |
|||
# What subdomain should be used for PHPMyAdmin in nginx configuration |
|||
phpmyadmin_domain: [ 'mysql.{{ ansible_domain }}' ] |
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin_password_length [[[ |
|||
# |
|||
# Default length of generated passwords |
|||
phpmyadmin_password_length: '20' |
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin_control_password [[[ |
|||
# |
|||
# Default PHPMyAdmin control password |
|||
phpmyadmin_control_password: "{{ lookup('password', secret + '/mariadb/' + ansible_local['mariadb'].delegate_to + '/credentials/' + phpmyadmin_control_user + '/password length=' + phpmyadmin_password_length) }}" |
|||
|
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin_allow [[[ |
|||
# |
|||
# List of IP addresses or network ranges in CIDR format, allowed to access |
|||
# PHPMyAdmin. Leave empty to allow access from all IP addresses/networks |
|||
phpmyadmin_allow: [] |
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin_upload_size [[[ |
|||
# |
|||
# Max upload size for nginx and php5 |
|||
phpmyadmin_upload_size: '64M' |
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin_php5_max_children [[[ |
|||
# |
|||
# Maximum number of PHP5 processes for PHPMyAdmin |
|||
phpmyadmin_php5_max_children: '20' |
|||
|
|||
# ]]] |
|||
# Configuration for other Ansible roles [[[ |
|||
# ----------------------------------------- |
|||
|
|||
# .. envvar:: phpmyadmin__php__dependent_packages [[[ |
|||
# |
|||
# Package configuration for the :ref:`debops.php` Ansible role. |
|||
phpmyadmin__php__dependent_packages: |
|||
|
|||
- 'mysql' |
|||
- 'mcrypt' |
|||
- 'gd' |
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin__php__dependent_pools [[[ |
|||
# |
|||
# Pool configuration for the :ref:`debops.php` Ansible role. |
|||
phpmyadmin__php__dependent_pools: |
|||
|
|||
- '{{ phpmyadmin_php5_pool }}' |
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin__nginx__dependent_servers [[[ |
|||
# |
|||
# Server configuration for the :ref:`debops.nginx` Ansible role. |
|||
phpmyadmin__nginx__dependent_servers: |
|||
|
|||
- '{{ phpmyadmin_nginx_server }}' |
|||
|
|||
# ]]] |
|||
# .. envvar:: phpmyadmin__nginx__dependent_upstreams [[[ |
|||
# |
|||
# Upstream configuration for the :ref:`debops.nginx` Ansible role. |
|||
phpmyadmin__nginx__dependent_upstreams: |
|||
|
|||
- '{{ phpmyadmin_nginx_upstream_php5 }}' |
|||
# ]]] |
|||
# ]]] |
@ -0,0 +1,34 @@ |
|||
--- |
|||
# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
|||
# Copyright (C) 2015-2019 DebOps <https://debops.org/> |
|||
# SPDX-License-Identifier: GPL-3.0-only |
|||
|
|||
# Ensure that custom Ansible plugins and modules included in the main DebOps |
|||
# collection are available to roles in other collections. |
|||
collections: [ 'debops.debops' ] |
|||
|
|||
dependencies: [] |
|||
|
|||
galaxy_info: |
|||
|
|||
author: 'Maciej Delmanowski' |
|||
description: 'Install and configure PHPMyAdmin on a MySQL database server' |
|||
company: 'DebOps' |
|||
license: 'GPL-3.0-only' |
|||
min_ansible_version: '1.7.0' |
|||
platforms: |
|||
- name: Ubuntu |
|||
versions: |
|||
- precise |
|||
- quantal |
|||
- raring |
|||
- saucy |
|||
- trusty |
|||
- name: Debian |
|||
versions: |
|||
- wheezy |
|||
- jessie |
|||
galaxy_tags: |
|||
- mysql |
|||
- database |
|||
- php |
@ -0,0 +1,44 @@ |
|||
--- |
|||
# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
|||
# Copyright (C) 2015-2019 DebOps <https://debops.org/> |
|||
# SPDX-License-Identifier: GPL-3.0-only |
|||
|
|||
- name: Import DebOps secret role |
|||
import_role: |
|||
name: 'secret' |
|||
|
|||
- name: Install dbconfig-common |
|||
apt: pkg=dbconfig-common state=present install_recommends=no |
|||
register: phpmyadmin__register_dbconfig_packages |
|||
until: phpmyadmin__register_dbconfig_packages is succeeded |
|||
|
|||
- name: Pre-configure PHPMyAdmin database |
|||
template: src=etc/dbconfig-common/phpmyadmin.conf.j2 |
|||
dest=/etc/dbconfig-common/phpmyadmin.conf |
|||
owner=root group=root mode=0600 |
|||
|
|||
- name: Install PHPMyAdmin packages |
|||
apt: pkg=phpmyadmin state=present install_recommends=no |
|||
register: phpmyadmin__register_packages |
|||
until: phpmyadmin__register_packages is succeeded |
|||
|
|||
- name: Create database for PHPMyAdmin |
|||
mysql_db: name={{ phpmyadmin_control_database | default('phpmyadmin') }} state=present |
|||
register: phpmyadmin_database |
|||
|
|||
- name: Import PHPMyAdmin schema |
|||
mysql_db: # noqa no-handler |
|||
name: '{{ phpmyadmin_control_database | default("phpmyadmin") }}' |
|||
state: 'import' |
|||
target: '/usr/share/dbconfig-common/data/phpmyadmin/install/mysql' |
|||
login_unix_socket: '/run/mysqld/mysqld.sock' |
|||
when: phpmyadmin_database is defined and phpmyadmin_database is changed |
|||
|
|||
- name: Create PHPMyAdmin control user |
|||
mysql_user: |
|||
name: "{{ phpmyadmin_control_user | default('phpmyadmin') }}" |
|||
state: 'present' |
|||
password: '{{ phpmyadmin_control_password }}' |
|||
priv: "{{ phpmyadmin_control_database | default('phpmyadmin') }}.*:ALL" |
|||
login_unix_socket: '/run/mysqld/mysqld.sock' |
|||
no_log: '{{ debops__no_log | d(True) }}' |
@ -0,0 +1,82 @@ |
|||
{# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
|||
# Copyright (C) 2015-2019 DebOps <https://debops.org/> |
|||
# SPDX-License-Identifier: GPL-3.0-only |
|||
#} |
|||
# This file is managed by Ansible, all changes will be lost |
|||
|
|||
# automatically generated by the maintainer scripts of phpmyadmin |
|||
# any changes you make will be preserved, though your comments |
|||
# will be lost! to change your settings you should edit this |
|||
# file and then run "dpkg-reconfigure phpmyadmin" |
|||
|
|||
# dbc_install: configure database with dbconfig-common? |
|||
# set to anything but "true" to opt out of assistance |
|||
dbc_install='false' |
|||
|
|||
# dbc_upgrade: upgrade database with dbconfig-common? |
|||
# set to anything but "true" to opt out of assistance |
|||
dbc_upgrade='false' |
|||
|
|||
# dbc_remove: deconfigure database with dbconfig-common? |
|||
# set to anything but "true" to opt out of assistance |
|||
dbc_remove='' |
|||
|
|||
# dbc_dbtype: type of underlying database to use |
|||
# this exists primarily to let dbconfig-common know what database |
|||
# type to use when a package supports multiple database types. |
|||
# don't change this value unless you know for certain that this |
|||
# package supports multiple database types |
|||
dbc_dbtype='mysql' |
|||
|
|||
# dbc_dbuser: database user |
|||
# the name of the user who we will use to connect to the database. |
|||
dbc_dbuser='{{ phpmyadmin_control_user }}' |
|||
|
|||
# dbc_dbpass: database user password |
|||
# the password to use with the above username when connecting |
|||
# to a database, if one is required |
|||
dbc_dbpass='{{ phpmyadmin_control_password }}' |
|||
|
|||
# dbc_dbserver: database host. |
|||
# leave unset to use localhost (or a more efficient local method |
|||
# if it exists). |
|||
dbc_dbserver='' |
|||
|
|||
# dbc_dbport: remote database port |
|||
# leave unset to use the default. only applicable if you are |
|||
# using a remote database. |
|||
dbc_dbport='' |
|||
|
|||
# dbc_dbname: name of database |
|||
# this is the name of your application's database. |
|||
dbc_dbname='{{ phpmyadmin_control_database }}' |
|||
|
|||
# dbc_dbadmin: name of the administrative user |
|||
# this is the administrative user that is used to create all of the above |
|||
dbc_dbadmin='root' |
|||
|
|||
# dbc_basepath: base directory to hold database files |
|||
# leave unset to use the default. only applicable if you are |
|||
# using a local (filesystem based) database. |
|||
dbc_basepath='' |
|||
|
|||
## |
|||
## postgresql specific settings. if you don't use postgresql, |
|||
## you can safely ignore all of these |
|||
## |
|||
|
|||
# dbc_ssl: should we require ssl? |
|||
# set to "true" to require that connections use ssl |
|||
dbc_ssl='' |
|||
|
|||
# dbc_authmethod_admin: authentication method for admin |
|||
# dbc_authmethod_user: authentication method for dbuser |
|||
# see the section titled "AUTHENTICATION METHODS" in |
|||
# /usr/share/doc/dbconfig-common/README.pgsql for more info |
|||
dbc_authmethod_admin='' |
|||
dbc_authmethod_user='' |
|||
|
|||
## |
|||
## end postgresql specific settings |
|||
## |
|||
|
@ -0,0 +1,55 @@ |
|||
--- |
|||
# Copyright (C) 2014-2019 Maciej Delmanowski <drybjed@gmail.com> |
|||
# Copyright (C) 2015-2019 DebOps <https://debops.org/> |
|||
# SPDX-License-Identifier: GPL-3.0-only |
|||
|
|||
phpmyadmin_control_user: 'phpmyadmin' |
|||
phpmyadmin_control_database: 'phpmyadmin' |
|||
|
|||
phpmyadmin_nginx_server: |
|||
by_role: 'debops.phpmyadmin' |
|||
enabled: True |
|||
default: False |
|||
type: 'php5' |
|||
name: '{{ phpmyadmin_domain }}' |
|||
root: '/usr/share/phpmyadmin' |
|||
webroot_create: False |
|||
|
|||
options: | |
|||
client_max_body_size {{ phpmyadmin_upload_size }}; |
|||
|
|||
location: |
|||
|
|||
# Required for location_allow to work |
|||
'/': 'try_files $uri $uri/ =404;' |
|||
|
|||
'~ ^/(setup|libraries)': 'deny all;' |
|||
|
|||
location_allow: |
|||
'/': '{{ phpmyadmin_allow }}' |
|||
|
|||
php5: 'php5_phpmyadmin' |
|||
|
|||
php5_options: | |
|||
{% if phpmyadmin_allow is defined and phpmyadmin_allow %} |
|||
{% for address in phpmyadmin_allow %} |
|||
allow {{ address }}; |
|||
{% endfor %} |
|||
deny all; |
|||
{% endif %} |
|||
|
|||
phpmyadmin_nginx_upstream_php5: |
|||
enabled: True |
|||
name: 'php5_phpmyadmin' |
|||
type: 'php5' |
|||
php5: 'phpmyadmin' |
|||
|
|||
phpmyadmin_php5_pool: |
|||
enabled: True |
|||
name: 'phpmyadmin' |
|||
user: 'www-data' |
|||
group: 'www-data' |
|||
pm_max_children: '{{ phpmyadmin_php5_max_children }}' |
|||
php_value: |
|||
post_max_size: '{{ phpmyadmin_upload_size }}' |
|||
upload_max_filesize: '{{ phpmyadmin_upload_size }}' |
@ -0,0 +1,2 @@ |
|||
* |
|||
!.gitignore |
@ -1,6 +1,9 @@ |
|||
--- |
|||
|
|||
- import_playbook: anygroup.yml |
|||
- import_playbook: pki.yml |
|||
- import_playbook: mariadb_server.yml |
|||
- import_playbook: mariadb.yml |
|||
- import_playbook: php.yml |
|||
- import_playbook: apache.yml |
|||
|
|||
# Import all other group playbooks in this file... |
|||
|
Write
Preview
Loading…
Cancel
Save
Reference in new issue