78 lines
No EOL
2.1 KiB
YAML
78 lines
No EOL
2.1 KiB
YAML
- name: "Set site_data_path to {{ www_path }}/{{ item.slug }}"
|
|
set_fact: site_data_path="{{ www_path }}/{{ item.slug }}"
|
|
tags: always
|
|
|
|
|
|
####################
|
|
# Render templates #
|
|
####################
|
|
|
|
- name: "Create folder {{ sites_path }}/{{ item.slug }}"
|
|
file:
|
|
path: "{{ sites_path }}/{{ item.slug }}"
|
|
state: directory
|
|
mode: '750'
|
|
tags: [docker, nginx, mysql]
|
|
|
|
- name: Render sexy Dockerfile
|
|
template:
|
|
src: drupal/Dockerfile.j2
|
|
dest: "{{ sites_path }}/{{ item.slug }}/Dockerfile"
|
|
tags: docker
|
|
|
|
- name: Render marvelous docker-compose.yml
|
|
template:
|
|
src: drupal/docker-compose.yml.j2
|
|
dest: "{{ sites_path }}/{{ item.slug }}/docker-compose.yml"
|
|
tags: docker
|
|
|
|
- name: Render swell nginx site config
|
|
template:
|
|
src: drupal/nginx.j2
|
|
dest: "/etc/nginx/sites-available/{{ item.url }}"
|
|
become: yes
|
|
tags: nginx
|
|
|
|
|
|
#######################
|
|
# MySQL configuration #
|
|
#######################
|
|
|
|
# MySQL equivalent:
|
|
# create user <user>@<ip> identified by <pass>;
|
|
# grant all on <db>.* to <user>@<ip>;
|
|
- name: "Add database user {{ item.mysql_username }}@{{ item.subnet_site_ip }} and grant all privileges on {{ item.mysql_database }}"
|
|
mysql_user:
|
|
# Credentials to log in MySQL
|
|
login_host: localhost
|
|
login_user: root
|
|
login_password: "{{ mysql_root_password }}"
|
|
# Credentials of the new db user
|
|
host: "{{ item.subnet_site_ip }}"
|
|
name: "{{ item.mysql_username }}"
|
|
password: "{{ item.mysql_password }}"
|
|
# Grants
|
|
priv: "{{ item.mysql_database }}.*:all"
|
|
state: present
|
|
tags: mysql
|
|
|
|
|
|
#################
|
|
# Setup backups #
|
|
#################
|
|
|
|
- name: "Setup backups"
|
|
import_tasks: backup.yml
|
|
tags: backup
|
|
|
|
|
|
###################
|
|
# SSL certificate #
|
|
###################
|
|
|
|
# - name: Create Let's Encrypt certificate
|
|
# This seems hard, see:
|
|
# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module
|
|
# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04
|
|
# Maybe using shell directly? e.g.
|
|
# certbot certonly --webroot -w /var/www/letsencrypt -d <url> |