Role to install and configure a wordpress instance.

2018-04-11 18:04:16 +02:00 · 2018-04-11 18:04:16 +02:00 · 00b96d485e
parent 8f830bc61b
commit 00b96d485e
10 changed files with 298 additions and 0 deletions
--- a/wordpress/defaults/main.yml
+++ b/wordpress/defaults/main.yml
@ -0,0 +1,47 @@
+---
+wordpress_dist_name: wordpress
+wordpress_major: 4
+wordpress_minor: 9
+wordpress_fix: 5
+wordpress_version: '{{ wordpress_major }}.{{ wordpress_minor }}.{{ wordpress_fix }} '
+wordpress_cli_url: 'https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar'
+wordpress_cli_bin: /usr/local/bin/wp
+wordpress_system_user: wp
+
+wordpress_servername: '{{ ansible_fqdn }}'
+wordpress_url: 'https://{{ wordpress_servername }}'
+wordpress_title: 'Wordpress {{ wordpress_servername }} site'
+wordpress_admin_user: wp_admin
+# wordpress_admin_pwd: 'use a vault file'
+wordpress_admin_email: 'wordpress@example.org'
+wordpress_lang: 'en_US'
+wordpress_debug: 'false'
+
+# wordpress_plugins_install_list:
+
+# wordpress_plugins_delete_list:
+  
+wordpress_php_prereq:
+  - 'php{{ php_version }}-json'
+  - 'php{{ php_version }}-intl'
+  - 'php{{ php_version }}-cli'
+  - 'php{{ php_version }}-gd'
+  - 'php{{ php_version }}-memcached'
+  - 'php{{ php_version }}-zip'
+  - 'php{{ php_version }}-curl'
+  - php-pear
+  - php-date
+  - php-xml-serializer
+  - imagemagick
+  - 'php{{ php_version }}-mysqlnd'
+
+wordpress_local_mysql: True
+
+wordpress_db_name: wp_db
+wordpress_db_user: wp_user
+wordpress_db_table_prefix: 'mywp_'
+# wordpress_db_pwd: 'use a vault file'
+
+wordpress_local_nginx: True
+wordpress_local_nginx_virtualhost: '{{ wordpress_local_nginx }}'
+wordpress_doc_root: /var/www/html/wordpress
--- a/wordpress/meta/main.yml
+++ b/wordpress/meta/main.yml
@ -0,0 +1,5 @@
+---
+dependencies:
+  - { role: '../../library/roles/mysql', when: wordpress_local_mysql }
+  - role: '../../library/roles/php-fpm'
+  - { role: '../../library/roles/nginx', when: wordpress_local_nginx }
--- a/wordpress/tasks/main.yml
+++ b/wordpress/tasks/main.yml
@ -0,0 +1,6 @@
+---
+- import_tasks: wp_prerequisites.yml
+- import_tasks: wp_install.yml
+- import_tasks: wp_plugins.yml
+- import_tasks: wp_nginx.yml
+
--- a/wordpress/tasks/wp_install.yml
+++ b/wordpress/tasks/wp_install.yml
@ -0,0 +1,34 @@
+---
+- block:
+  - name: Download and install the WordPress distribution 
+    command: wp core download --path={{ wordpress_doc_root }} --locale={{ wordpress_lang }} --version={{ wordpress_version }}
+    args:
+      creates: '{{ wordpress_doc_root }}/index.php'
+
+  - name: Get the WordPress salt keys
+    command: curl http://api.wordpress.org/secret-key/1.1/salt/
+    register: wordpress_salt
+
+  - name: Install the initial WordPress configuration file
+    template: src=wp-config.php dest={{ wordpress_doc_root }}/wp-config.php mode=0640 force=no
+
+  - name: Install the WP DB tables 
+    command: wp core install --url={{ wordpress_servername }} --title="{{ wordpress_title }}" --admin_user={{ wordpress_admin_user }} --admin_password='{{ wordpress_admin_pwd }}' --admin_email={{ wordpress_admin_email }}
+    args:
+      chdir: '{{ wordpress_doc_root }}'
+
+  - name: Check if we have to remove all the DB data 
+    stat: path={{ wordpress_doc_root }}/.htemptied
+    register: wp_wipe
+
+  - name: Remove the example data from the database
+    shell: wp site empty --yes ; touch {{ wordpress_doc_root }}/.htemptied
+    args:
+      chdir: '{{ wordpress_doc_root }}'
+    when: not wp_wipe.stat.exists
+
+  become: True
+  become_user: '{{ wordpress_system_user }}'
+  tags: wordpress
+  
+  
--- a/wordpress/tasks/wp_nginx.yml
+++ b/wordpress/tasks/wp_nginx.yml
@ -0,0 +1,14 @@
+---
+- block:
+  - name: Install the nginx virtualhost
+    template: src=nginx_wordpress.conf dest=/etc/nginx/sites-available/wordpress mode=0444
+    with_items: '{{ phpfpm_pools }}'
+    notify: Reload nginx
+
+  - name: Enable the nginx virtualhost
+    file: src=/etc/nginx/sites-available/wordpress dest=/etc/nginx/sites-enabled/wordpress state=link
+    notify: Reload nginx
+  
+  when: wordpress_local_nginx_virtualhost
+  tags: [ 'wordpress', 'nginx', 'virtualhost' ]
+  
--- a/wordpress/tasks/wp_plugins.yml
+++ b/wordpress/tasks/wp_plugins.yml
@ -0,0 +1,25 @@
+---
+- block:
+  - name: Remove the default dummy plugin
+    command: wp plugin delete hello
+    args:
+      chdir: '{{ wordpress_doc_root }}'
+
+  - name: Install the wanted plugins
+    command: wp plugin install {{ item }} --force --activate
+    args:
+      chdir: '{{ wordpress_doc_root }}'
+    with_items: '{{ wordpress_plugins_install_list }}'
+    when: wordpress_plugins_install_list is defined
+        
+  - name: Remove the default dummy plugin
+    command: wp plugin delete {{ item }}
+    args:
+      chdir: '{{ wordpress_doc_root }}'
+    with_items: '{{ wordpress_plugins_delete_list }}'
+    when: wordpress_plugins_delete_list is defined
+    
+  become: True
+  become_user: '{{ wordpress_system_user }}'
+  tags: wordpress
+
--- a/wordpress/tasks/wp_prerequisites.yml
+++ b/wordpress/tasks/wp_prerequisites.yml
@ -0,0 +1,16 @@
+---
+- block:
+  - name: Install the wordpress php prerequisites
+    apt: name={{ item }} state=present
+    with_items: '{{ wordpress_php_prereq }}'
+
+  - name: Get the wordpress CLI tool
+    get_url: url={{ wordpress_cli_url }} dest={{ wordpress_cli_bin }} mode=0755
+  
+  - name: Create the wordpress document root
+    file: dest={{ wordpress_doc_root }} state=directory owner={{ item.user }} group={{ item.group }}
+    with_items: '{{ phpfpm_pools }}'
+  
+  tags: wordpress
+  
+  
--- a/wordpress/templates/nginx_wordpress.conf
+++ b/wordpress/templates/nginx_wordpress.conf
@ -0,0 +1,110 @@
+upstream php {
+        server {{ item.listen }};
+}
+
+server {
+        listen {{ http_port }};
+        ## Your website name goes here.
+        server_name {{ item.virthost }};
+        ## Your only path reference.
+        root {{ item.doc_root }};
+
+        {% if letsencrypt_acme_install %}
+        include /etc/nginx/snippets/letsencrypt-proxy.conf;
+        {% endif %}
+
+        ## This should be in your http block and if it is, it's not needed here.
+        index index.php;
+
+
+        # redirect server error pages to the static page /50x.html
+        #
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+                root   /usr/share/nginx/html;
+        }
+
+        location = /favicon.ico {
+                log_not_found off;
+                access_log off;
+        }
+
+        location = /robots.txt {
+                allow all;
+                log_not_found off;
+                access_log off;
+        }
+
+        # don't send the nginx version number in error pages and Server header
+        server_tokens off;
+
+        {% if nginx_client_body_temp_dir is defined %}
+        client_body_temp_path {{ nginx_client_body_temp_dir }} 1 2;
+        {% endif %}
+
+        location / {
+                return 301 https://{{ item.virthost }}$request_uri;
+        }
+
+}
+
+server {
+        listen {{ https_port }} ssl;
+        ## Your website name goes here.
+        server_name {{ item.virthost }};
+        ## Your only path reference.
+        root {{ item.doc_root }};
+
+        {% if letsencrypt_acme_install %}
+        include /etc/nginx/snippets/nginx-server-ssl.conf;
+        {% endif %}
+
+        ## This should be in your http block and if it is, it's not needed here.
+        index index.php;
+
+
+        # redirect server error pages to the static page /50x.html
+        #
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+                root   /usr/share/nginx/html;
+        }
+
+        location = /favicon.ico {
+                log_not_found off;
+                access_log off;
+        }
+
+        location = /robots.txt {
+                allow all;
+                log_not_found off;
+                access_log off;
+        }
+
+        # don't send the nginx version number in error pages and Server header
+        server_tokens off;
+
+        {% if nginx_client_body_temp_dir is defined %}
+        client_body_temp_path {{ nginx_client_body_temp_dir }} 1 2;
+        {% endif %}
+
+        location / {
+                # This is cool because no php is touched for static content.
+                # include the "?$args" part so non-default permalinks doesn't break when using query string
+                try_files $uri $uri/ /index.php?$args;
+        }
+
+        location ~ \.php$ {
+                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
+                try_files $uri =404;
+                fastcgi_intercept_errors on;
+                fastcgi_pass php;
+                fastcgi_param REMOTE_ADDR $remote_addr;
+                include fastcgi_params;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
+                expires max;
+                log_not_found off;
+        }
+}
--- a/wordpress/templates/wp-config.php
+++ b/wordpress/templates/wp-config.php
@ -0,0 +1,21 @@
+<?php
+define("DB_NAME", "{{ wordpress_db_name }}");
+define("DB_USER", "{{ wordpress_db_user }}");
+define("DB_PASSWORD", "{{ wordpress_db_pwd }}");
+define("DB_HOST", "localhost");
+define("DB_CHARSET", "utf8");
+define("DB_COLLATE", "");
+
+{{ wordpress_salt.stdout }}
+
+$table_prefix  = "{{ wordpress_db_table_prefix }}";
+define("WPLANG", "{{ wordpress_lang }}");
+define("WP_DEBUG", {{ wordpress_debug }});
+{% if wordpress_env is defined %}
+define("WP_ENV", "{{ wordpress_env  }}");
+{% endif %}
+
+if (!defined("ABSPATH"))
+  define("ABSPATH", dirname(__FILE__) . "/");
+
+require_once(ABSPATH . "wp-settings.php");
--- a/wordpress/vars/main.yml
+++ b/wordpress/vars/main.yml
@ -0,0 +1,20 @@
+---
+http_port: 80
+https_port: 443
+
+letsencrypt_acme_dest_dir: '{{ wordpress_servername }}'
+
+php_from_ppa: True
+php_version: 5.6
+
+phpfpm_base_dir: '/etc/php/{{ php_version }}/fpm'
+phpfpm_cli_dir: '/etc/php{{ php_version }}/cli'
+
+mysql_db_data:
+  - { name: '{{ wordpress_db_name }}', user: '{{ wordpress_db_user }}', pwd: '{{ wordpress_db_pwd }}', collation: '{{ mysql_default_collation }}', encoding: '{{ mysql_default_encoding }}', user_grant: 'ALL', allowed_hosts: [ '{{ ansible_fqdn }}/32', '127.0.0.1/8', 'localhost' ] }
+
+phpfpm_default_pool_name: '{{ wordpress_system_user }}'
+phpfpm_default_user: '{{ wordpress_system_user }}'
+
+phpfpm_pools:
+  - { pool_name: '{{ phpfpm_default_pool_name }}', app_context: '{{ phpfpm_default_context }}', user: '{{ phpfpm_default_user }}', group: '{{ phpfpm_default_group }}', listen: '{{ phpfpm_default_listen }}', allowed_clients: '{{ phpfpm_default_allowed_clients }}', pm: '{{ phpfpm_default_pm }}', pm_max_children: '{{ phpfpm_default_pm_max_children }}', pm_start_servers: '{{ phpfpm_default_pm_start_servers }}', pm_min_spare: '{{ phpfpm_default_pm_min_spare_servers }}', pm_max_spare: '{{ phpfpm_default_pm_max_spare_servers }}', pm_max_requests: '{{ phpfpm_default_pm_max_requests }}', pm_status_enabled: '{{ phpfpm_default_pm_status_enabled }}', pm_status_path: '{{ phpfpm_default_pm_status_path }}', ping_enabled: '{{ phpfpm_default_ping_enabled }}', ping_path: '{{ phpfpm_default_ping_path }}', ping_response: '{{ phpfpm_default_ping_response }}', display_errors: '{{ phpfpm_default_display_errors }}', log_errors: '{{ phpfpm_default_log_errors }}', memory_limit: '{{ phpfpm_default_memory_limit }}', slowlog_timeout: '{{ phpfpm_default_slowlog_timeout }}', rlimit_files: '{{ phpfpm_default_rlimit_files }}', php_extensions: '{{ phpfpm_default_extensions }}', define_custom_variables: '{{ phpfpm_default_define_custom_variables }}', admin_write: True, doc_root: '{{ wordpress_doc_root }}', virthost: '{{ wordpress_servername }}' }