---
- name: Install PhpMyAdmin
collections: [ 'debops.debops', 'debops.roles01',
'debops.roles02', 'debops.roles03' ]
hosts: [ 'debian10' ]
vars_files:
- ./../../vars/nginx.yml
- ./../../vars/php.yml
tasks:
- name: Import DebOps secret role
ansible.builtin.import_role:
name: 'secret'
- name: 'Adding pma nginx config'
copy:
dest: '/etc/nginx/sites-available/pma.conf'
content: |-
server {
listen 80;
listen 443 ssl;
ssl_certificate /etc/pki/realms/domain/default.crt;
ssl_certificate_key /etc/pki/realms/domain/default.key;
server_name pma.{{ domain_name }};
root /var/www/phpmyadmin;
index index.php;
include auth.d/pma-auth.conf;
location / {
try_files $uri $uri/ /index.php?$args;
}
set $upstream unix:/run/{{ php__version_preference[0] }}-fpm-www-data.sock;
location ~ \.php$ {
fastcgi_pass $upstream;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SERVER_NAME $host;
}
}
- name: 'Adding pma nginx auth config'
copy:
dest: '/etc/nginx/auth.d/pma-auth.conf'
content: |-
include auth.d/grant-access-certbot.conf;
auth_basic_user_file passwords.d/pma.passwords;
- name: 'Adding pma nginx auth passwords files'
shell: |-
echo "pma:$(openssl passwd -apr1 {{ lookup("password", secret + "/basic/" + site_name + "/pma " + "length=30")}} )" > /etc/nginx/passwords.d/pma.passwords
- name: 'Turning on pma web site nginx config'
shell: |-
cd /etc/nginx/sites-enabled
ln -s ../sites-available/pma.conf ./
- name: 'Restarting nginx'
shell: |-
nginx -t && systemctl restart nginx