Alexander Demidov
f5b9100bc3
Set to currently newest version of debops Use newest python version Native way for create pma nginx config symlink Correct disable local nginx host - appropriate dict item name field for preventing errors
64 lines
2.0 KiB
YAML
64 lines
2.0 KiB
YAML
---
|
|
|
|
- name: Install PhpMyAdmin
|
|
|
|
collections: [ 'debops.debops', 'debops.roles01',
|
|
'debops.roles02', 'debops.roles03' ]
|
|
|
|
hosts: [ 'debian10' ]
|
|
|
|
vars_files:
|
|
- ./../../vars/nginx.yml
|
|
- ./../../vars/php.yml
|
|
|
|
tasks:
|
|
- name: Import DebOps secret role
|
|
ansible.builtin.import_role:
|
|
name: 'secret'
|
|
|
|
- name: 'Adding pma nginx config'
|
|
copy:
|
|
dest: '/etc/nginx/sites-available/pma.conf'
|
|
content: |-
|
|
server {
|
|
listen 80;
|
|
listen 443 ssl;
|
|
ssl_certificate /etc/pki/realms/domain/default.crt;
|
|
ssl_certificate_key /etc/pki/realms/domain/default.key;
|
|
server_name pma.{{ domain_name }};
|
|
root /var/www/phpmyadmin;
|
|
index index.php;
|
|
include auth.d/pma-auth.conf;
|
|
location / {
|
|
try_files $uri $uri/ /index.php?$args;
|
|
}
|
|
set $upstream unix:/run/{{ php__version_preference[0] }}-fpm-www-data.sock;
|
|
location ~ \.php$ {
|
|
fastcgi_pass $upstream;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
fastcgi_param SERVER_NAME $host;
|
|
}
|
|
}
|
|
|
|
- name: 'Adding pma nginx auth config'
|
|
copy:
|
|
dest: '/etc/nginx/auth.d/pma-auth.conf'
|
|
content: |-
|
|
include auth.d/grant-access-certbot.conf;
|
|
auth_basic_user_file passwords.d/pma.passwords;
|
|
|
|
- name: 'Adding pma nginx auth passwords files'
|
|
shell: |-
|
|
echo "pma:$(openssl passwd -apr1 {{ lookup("password", secret + "/basic/" + site_name + "/pma " + "length=30")}} )" > /etc/nginx/passwords.d/pma.passwords
|
|
|
|
- name: Ensure pma nginx site is enabled (via symlink)
|
|
ansible.builtin.file:
|
|
src: /etc/nginx/sites-available/pma.conf
|
|
dest: /etc/nginx/sites-enabled/pma.conf
|
|
state: link
|
|
|
|
- name: 'Restarting nginx'
|
|
shell: |-
|
|
nginx -t && systemctl restart nginx
|