Skip to content
Snippets Groups Projects
Commit 0c5bcc24 authored by Robin Sonnabend's avatar Robin Sonnabend
Browse files

Create common role for the generic phpwebapp

It does:
- create a directory, user and group
- install required packages
- create a mysql database
- download and unpack the program (if source is given)
- check for updates (daily, if configured)

It doesn't:
- create a configuration file. There's no common format.
  Would need a template and destination per software
- create db schema
- configure fpm or nginx
parent f70fdec5
No related branches found
No related tags found
No related merge requests found
---
framadate_name: "framadate"
---
- name: install packages
apt:
name:
- php
- php-mbstring
- php-mysql
- php-intl
- composer
- name: ensure a group for framadate exist
group:
name: "{{framadate_name}}"
state: present
system: true
- name: ensure a user for framadate exist
user:
name: "{{framadate_name}}"
group: "{{framadate_name}}"
state: present
system: true
shell: /usr/bin/nologin
home: "/var/www/{{framadate_name}}"
createhome: false
- name: ensure the directory for framadate exist
file:
path: "/var/www/{{framadate_name}}"
state: directory
owner: "{{framadate_name}}"
group: "{{framadate_name}}"
mode: '0755'
- name: create the mysql database
mysql_db:
name: "{{framadate_name}}"
state: present
login_user: root
login_password: "{{lookup('passwordstore', 'db/{{ansible_hostname}}-mysql')}}"
no_log: true
- name: create mysql db user
mysql_user:
name: "{{framadate_name}}"
password: "{{lookup('passwordstore', 'db/{{ansible_hostname}}-mysql-{{framadate_name}} create=true length=20')}}"
state: present
login_user: root
login_password: "{{lookup('passwordstore', 'db/{{ansible_hostname}}-mysql')}}"
priv: "{{framadate_name}}.*:ALL"
no_log: true
---
phpwebapps: []
# phpwebapps:
# - name: termine
# directory: /var/www/termine (default)
# packages: ["php-mbstring", "php-intl"]
# url: "https://example.com/download/genericphpsoftware.zip
# checksum: "sha256:abc123…"
#!/bin/bash
if [ "$#" -ne 4 ]; then
echo "Usage: $0 Name URL pattern version" >&2
exit 1
fi
software=$1
url=$2
pattern=$3
version=$4
page=$(curl "$url" 2>/dev/null)
if [[ $? -ne 0 ]]; then
echo "Querying ${url} (for ${software}) failed."
exit 1
fi
match=$(echo $page | grep -Po "${pattern}")
if [[ $? -ne 0 ]]; then
echo "Version pattern '${pattern}' not found in ${url} (for ${software})."
exit 1
fi
echo $match | grep -qF $version
if [[ $? -ne 0 ]]; then
echo "${software} requires update: \"${version}\" does not match \"${match}\"."
exit 0
fi
exit 0
---
- name: install packages
apt:
name:
- php
- php-mbstring
- php-mysql
- php-intl
- composer
- name: install additional packages for the php sites
apt:
name: "{{item.packages}}"
loop: "{{phpwebapps}}"
when: item.packages is defined
loop_control:
label: "{{item.name}}"
- name: ensure groups for the php sites exist
group:
name: "{{item.name}}"
state: present
system: true
loop: "{{phpwebapps}}"
loop_control:
label: "{{item.name}}"
- name: ensure groups for the php sites exist
user:
name: "{{item.name}}"
group: "{{item.name}}"
state: present
system: true
shell: /usr/bin/nologin
home: "{{item.directory|default('/var/www/' + item.name)}}"
createhome: false
loop: "{{phpwebapps}}"
- name: ensure directories for the php sites exist
file:
path: "{{item.directory|default('/var/www/' + item.name)}}"
state: directory
owner: "{{item.name}}"
group: "{{item.name}}"
mode: '0755'
loop: "{{phpwebapps}}"
loop_control:
label: "{{item.name}}"
- name: create the mysql database
mysql_db:
name: "{{item.name}}"
state: present
login_user: root
login_password: "{{lookup('passwordstore', 'db/{{ansible_hostname}}-mysql')}}"
no_log: true
loop: "{{phpwebapps}}"
loop_control:
label: "{{item.name}}"
- name: create mysql db user
mysql_user:
name: "{{item.name}}"
password: "{{lookup('passwordstore', 'db/{{ansible_hostname}}-mysql-{{item.name}} create=true length=20')}}"
state: present
login_user: root
login_password: "{{lookup('passwordstore', 'db/{{ansible_hostname}}-mysql')}}"
priv: "{{item.name}}.*:ALL"
no_log: true
loop: "{{phpwebapps}}"
loop_control:
label: "{{item.name}}"
- name: download the software
get_url:
url: "{{item.url}}"
dest: "/tmp/{{item.name}}{{item.url|splitext|last}}"
checksum: "{{item.checksum}}"
loop: "{{phpwebapps}}"
when: item.url is defined and item.checksum is defined
loop_control:
label: "{{item.name}}"
- name: unpack the software
unarchive:
src: "/tmp/{{item.name}}{{item.url|splitext|last}}"
dest: "{{item.directory|default('/var/www/' + item.name)}}"
remote_src: true
owner: "{{item.name}}"
group: "www-data"
mode: '0755'
loop: "{{phpwebapps}}"
when: item.url is defined and item.checksum is defined
loop_control:
label: "{{item.name}}"
- name: install update-check-script
copy:
src: check-phpwebapp-update.sh
dest: /usr/local/bin/
owner: root
group: root
mode: '0755'
loop: "{{phpwebapps}}"
when: item.update_check is defined
loop_control:
label: "{{item.name}}"
- name: regularly check for updates
template:
src: crontab.j2
dest: "/etc/cron.daily/phpwebapp-{{item.name}}"
owner: root
group: root
mode: '0755'
loop: "{{phpwebapps}}"
when: item.update_check is defined
loop_control:
label: "{{item.name}}"
#!/bin/sh
/usr/local/bin/check-phpwebapp-update.sh '{{item.name}}' '{{item.update_check.url}}' '{{item.update_check.pattern}}' '{{item.update_check.current_version}}'
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment