~nka/ansible-role-wordpress

2f36d06fc346d8966110d18ffb9fc3461af7cc95 — Nicolas KAROLAK 2 months ago v1.0.0
init
4 files changed, 189 insertions(+), 0 deletions(-)

A defaults/main.yml
A handlers/main.yml
A meta/main.yml
A tasks/main.yml
A  => defaults/main.yml +65 -0
@@ 1,65 @@
---

wp_packages:
  - apache2
  - libapache2-mod-php
  - php-curl
  - php-gd
  - php-imagick
  - php-intl
  - php-mbstring
  - php-mysql
  - php-soap
  - php-xml
  - php-xmlrpc
  - php-zip
  - python3-pymysql

wp_version: 5.4.1
wp_url: https://fr.wordpress.org/wordpress-{{ wp_version }}-fr_FR.tar.gz

wp_path: /var/www/wordpress

# DATABASE

wp_db_host: localhost
wp_db_port: 3306
wp_db_name: wordpress
wp_db_admin: root
wp_db_admin_password:
wp_db_user: wordpress
wp_db_user_password:

# CONFIG

wp_domain: www.example.net

# APACHE

wp_trusted_proxies: []

wp_apache_vhost: |
  <VirtualHost *:80>
    ServerName {{ wp_domain }}

    DocumentRoot {{ wp_path }}

    <Directory {{ wp_path }}>
      Require all granted
      AllowOverride All
    </Directory>
  </VirtualHost>

wp_apache_remoteip: |
  RemoteIPHeader X-Real-IP
  {% for proxy in wp_trusted_proxies %}
  RemoteIPTrustedProxy {{ proxy }}
  {% endfor %}

wp_apache_mods:
  - expires
  - headers
  - remoteip
  - rewrite

...

A  => handlers/main.yml +8 -0
@@ 1,8 @@
---

- name: restart apache
  systemd:
    name: apache2.service
    state: restarted

...

A  => meta/main.yml +14 -0
@@ 1,14 @@
---

galaxy_info:
  author: Nicolas Karolak
  description: Install Wordpress with Apache2
  galaxy_tags: []
  license: WTFPL
  min_ansible_version: 2.9
  platforms:
    - name: 'Debian'
      versions:
        - 'buster'

dependencies: []

A  => tasks/main.yml +102 -0
@@ 1,102 @@
---

# SYSTEM

- name: install packages
  notify: restart apache
  apt:
    force_apt_get: true
    install_recommends: false
    name: "{{ wp_packages }}"

# DATABASE

- name: create database
  no_log: true
  register: wp_db_create
  mysql_db:
    login_host: "{{ wp_db_host }}"
    login_port: "{{ wp_db_port }}"
    login_user: "{{ wp_db_admin }}"
    login_password: "{{ wp_db_admin_password }}"
    name: "{{ wp_db_name }}"

- name: create database user
  no_log: true
  mysql_user:
    login_host: "{{ wp_db_host }}"
    login_port: "{{ wp_db_port }}"
    login_user: "{{ wp_db_admin }}"
    login_password: "{{ wp_db_admin_password }}"
    name: "{{ wp_db_user }}"
    password: "{{ wp_db_user_password }}"
    priv: '{{ wp_db_name }}.*:ALL'
    host: "%"

# APPLICATION

- name: download wordpress
  register: wp_download
  get_url:
    url: "{{ wp_url }}"
    dest: "{{ wp_path | dirname }}/wordpress-{{ wp_version }}-fr_FR.tar.gz"

- name: create wordpress directory
  file:
    path: "{{ wp_path }}"
    owner: www-data
    group: www-data
    state: directory

- name: extract wordpress archive
  when: wp_download is changed
  unarchive:
    remote_src: true
    src: "{{ wp_path | dirname }}/wordpress-{{ wp_version }}-fr_FR.tar.gz"
    dest: "{{ wp_path }}"
    group: www-data
    owner: www-data

# APACHE

- name: remove default vhost
  notify: restart apache
  file:
    path: /etc/apache2/sites-enabled/000-default.conf
    state: absent

- name: enable required apache modules
  notify: restart apache
  loop: "{{ wp_apache_mods }}"
  apache2_module:
    name: "{{ item }}"

- meta: flush_handlers

- name: configure vhost
  notify: restart apache
  copy:
    dest: /etc/apache2/sites-available/wordpress.conf
    content: "{{ wp_apache_vhost }}"

- name: enable vhost
  notify: restart apache
  command:
    cmd: a2ensite wordpress.conf
    creates: /etc/apache2/sites-enabled/wordpress.conf

- name: configure remoteip
  when: wp_trusted_proxies | length > 0
  notify: restart apache
  copy:
    dest: /etc/apache2/conf-available/remoteip.conf
    content: "{{ wp_apache_remoteip }}"

- name: enable remoteip
  when: wp_trusted_proxies | length > 0
  notify: restart apache
  command:
    cmd: a2enconf remoteip.conf
    creates: /etc/apache2/conf-enabled/remoteip.conf

...