automation/deployer/README.md
2020-05-02 07:51:39 +02:00

73 lines
1.7 KiB
Markdown

# Deployer: deploy your shit and make it run
So lame to have to configure nginx, MySQL, and your filesystem to install a stupid Wordpress instance.
**Deployer** does my config for me like the slave it is.
All the configuration is defined in `group_vars/all/vars.yml`, go check.
Create a side `group_vars/all/vault.yml` for your secrets, and encrypt it with Ansible Vault:
```bash
ansible-vault encrypt group_vars/all/vault.yml
# other sub-commands: edit, decrypt...
```
I usually run the following command:
ansible-playbook --ask-vault-pass sites.yml -i inventory -v
## Required packages on remote
Python modules:
* docker
* docker-compose
* pymysql
TODO: Ansible task to install that before the rest
## Features
* Creating Wordpress instances (yoohoo, da best)
* That send mail!!11!1!
* Supports existing and new installs
* Creating Drupal instances
* Only existing ones (no new installs)
### Does not support
* Setting up the host
* SSL certificate creation (bro, do it yourself!). That is:
```bash
# Make an nginx file for certbot
cat << EOF > /etc/nginx/sites-enabled/yoursite.com
server {
listen 80;
server_name www.yoursite.com yoursite.com;
include snippets/letsencrypt.conf;
}
EOF
nginx -t # Is everything alright?
# If so, restart nginx
service nginx restart
# Create the certificate
certbot certonly --webroot -w /var/www/letsencrypt -d yoursite.com -d www.yoursite.com
# Remove the stupid file
rm /etc/nginx/sites-enabled/yoursite.com
service nginx restart
```
## Useful SQL commands
```sql
select host, user, password from mysql.user order by user;
create user 'arvuhez'@'172.26.0.2' identified by 'kjhs';
grant all on arvuhez.* to 'arvuhez'@'172.26.0.2';
show grants for 'arvuhez'@'172.26.0.2';
```