forked from ISTI-ansible-roles/ansible-roles
library/roles/mysql: Ansible 2 compatibility. Manage a different data directory.
library/roles/php-fpm: Ansible 2 compatibility. library/roles/piwik: Install and configure a piwik instance. infrastructure-services: Install a piwik instance as analytics.d4science.org.
This commit is contained in:
parent
600b8eb864
commit
c84512a4f0
|
@ -9,8 +9,7 @@
|
|||
- ::1
|
||||
- localhost
|
||||
ignore_errors: True
|
||||
tags:
|
||||
- mysql
|
||||
tags: mysql
|
||||
|
||||
- name: Secure the mysql root user
|
||||
mysql_user: name=root host={{ item }} password=""
|
||||
|
@ -21,26 +20,21 @@
|
|||
- ::1
|
||||
- localhost
|
||||
ignore_errors: True
|
||||
tags:
|
||||
- mysql
|
||||
tags: mysql
|
||||
|
||||
- name: Install the .my.cnf file with root password credentials
|
||||
template: src=dot_my.cnf.j2 dest=/root/.my.cnf owner=root group=root mode=0400
|
||||
when: mysql_root_password is defined
|
||||
tags:
|
||||
- mysql
|
||||
tags: mysql
|
||||
|
||||
- name: delete anonymous MySQL server user for {{ server_hostname }}
|
||||
- name: delete anonymous MySQL server user for the server hostname
|
||||
mysql_user: user="" host="{{ ansible_hostname }}" state="absent"
|
||||
tags:
|
||||
- mysql
|
||||
tags: mysql
|
||||
|
||||
- name: delete anonymous MySQL server user for localhost
|
||||
mysql_user: user="" state="absent"
|
||||
tags:
|
||||
- mysql
|
||||
tags: mysql
|
||||
|
||||
- name: remove the MySQL test database
|
||||
mysql_db: db=test state=absent
|
||||
tags:
|
||||
- mysql
|
||||
tags: mysql
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
---
|
||||
- name: Stop and disable the mysql server if we do not want it running
|
||||
service: name=mysql state=stopped enabled=no
|
||||
when: not mysql_enabled
|
||||
tags:
|
||||
- mysql
|
||||
|
|
@ -2,8 +2,7 @@
|
|||
- include: packages.yml
|
||||
- include: mysql-conf.yml
|
||||
when: mysql_enabled
|
||||
- include: disable-mysql-service.yml
|
||||
when: not mysql_enabled
|
||||
- include: manage-mysql-service.yml
|
||||
- include: configure_root_access.yml
|
||||
when: mysql_enabled
|
||||
- include: manage_my_db.yml
|
||||
|
|
|
@ -0,0 +1,11 @@
|
|||
---
|
||||
- name: Ensure that the mysql server is enabled and running
|
||||
service: name=mysql state=started enabled=yes
|
||||
when: mysql_enabled
|
||||
tags: [ 'mysql', 'mariadb' ]
|
||||
|
||||
- name: Stop and disable the mysql server if we do not want it running
|
||||
service: name=mysql state=stopped enabled=no
|
||||
when: not mysql_enabled
|
||||
tags: [ 'mysql', 'mariadb' ]
|
||||
|
|
@ -1,18 +1,14 @@
|
|||
---
|
||||
- name: Add databases to mysql, if any
|
||||
mysql_db: name={{ item.name }} collation={{ item.collation }} encoding={{ item.encoding }} state=present
|
||||
with_items: mysql_db_data
|
||||
when:
|
||||
- mysql_db_data is defined
|
||||
- item.name is defined
|
||||
with_items: '{{ mysql_db_data | default([]) }}'
|
||||
when: item.name is defined
|
||||
tags: [ 'mysql', 'mysql_db' ]
|
||||
|
||||
- name: Add a user for the databases
|
||||
mysql_user: name={{ item.0.user }} password={{ item.0.pwd }} host={{ item.1 }} priv={{ item.0.name }}.*:"{{ item.0.user_grant }}" state=present
|
||||
mysql_user: name={{ item.0.user }} password={{ item.0.pwd }} host={{ item.1 }} priv="{{ item.0.name }}.*:{{ item.0.user_grant }}" state=present
|
||||
with_subelements:
|
||||
- mysql_db_data
|
||||
- '{{ mysql_db_data | default([]) }}'
|
||||
- allowed_hosts
|
||||
when:
|
||||
- mysql_db_data is defined
|
||||
- item.0.name is defined
|
||||
when: item.0.name is defined
|
||||
tags: [ 'mysql', 'mysql_db' ]
|
||||
|
|
|
@ -8,5 +8,5 @@
|
|||
tags: [ 'mysql', 'mysql_backup' ]
|
||||
|
||||
- name: Cron job that executes mysql nightly backups
|
||||
copy: src=mysql-backup.cron dest=/etc/cron.daily/mysql-backup owner=root group=root mode=0755
|
||||
template: src=mysql-backup.cron.j2 dest=/etc/cron.daily/mysql-backup owner=root group=root mode=0755
|
||||
tags: [ 'mysql', 'mysql_backup' ]
|
||||
|
|
|
@ -1,4 +1,12 @@
|
|||
---
|
||||
- name: Create the data directory
|
||||
file: dest={{ mysql_data_dir }} state=directory owner=mysql group=mysql mode=0700
|
||||
tags: [ 'mysql', 'mariadb', 'mysql-conf' ]
|
||||
|
||||
- name: Create the log directory
|
||||
file: dest={{ mysql_log_dir }} state=directory owner=mysql group=adm mode=1750
|
||||
tags: [ 'mysql', 'mariadb', 'mysql-conf' ]
|
||||
|
||||
- name: Install the main configuration files.
|
||||
template: src={{ item }}.cnf.j2 dest={{ mysql_conf_dir }}/{{ item }}.cnf owner=root group=root mode=0644
|
||||
with_items:
|
||||
|
@ -7,7 +15,4 @@
|
|||
- mysql-clients
|
||||
when: mysql_enabled
|
||||
notify: Restart mysql
|
||||
tags:
|
||||
- mysql
|
||||
- mariadb
|
||||
- mysql-conf
|
||||
tags: [ 'mysql', 'mariadb', 'mysql-conf' ]
|
||||
|
|
|
@ -1,14 +1,6 @@
|
|||
---
|
||||
- name: install the mysql packages
|
||||
apt: pkg={{ item }} state={{ mysql_pkg_state }}
|
||||
with_items: mysql_packages_list
|
||||
tags:
|
||||
- mysql
|
||||
|
||||
- name: Ensure that the mysql server is enabled and running
|
||||
service: name=mysql state=started enabled=yes
|
||||
when: mysql_enabled
|
||||
tags:
|
||||
- mysql
|
||||
- mariadb
|
||||
with_items: '{{ mysql_packages_list }}'
|
||||
tags: mysql
|
||||
|
||||
|
|
|
@ -5,6 +5,8 @@
|
|||
port = {{ mysql_db_port }}
|
||||
socket = {{ mysql_socket }}
|
||||
max_connections = {{ mysql_db_max_connections }}
|
||||
datadir = {{ mysql_data_dir }}
|
||||
log_error = {{ mysql_log_dir }}/error.log
|
||||
skip-external-locking
|
||||
key_buffer_size = 16M
|
||||
max_allowed_packet = 1M
|
||||
|
@ -35,9 +37,9 @@ log-bin=mysql-bin
|
|||
binlog_format=mixed
|
||||
|
||||
# Uncomment the following if you are using InnoDB tables
|
||||
innodb_data_home_dir = /var/lib/mysql
|
||||
innodb_data_home_dir = {{ mysql_data_dir }}
|
||||
innodb_data_file_path = {{ mysql_db_innodb_data_file_path }}
|
||||
innodb_log_group_home_dir = /var/lib/mysql
|
||||
innodb_log_group_home_dir = {{ mysql_data_dir }}
|
||||
# You can set .._buffer_pool_size up to 50 - 80 %
|
||||
# of RAM but beware of setting memory usage too high
|
||||
innodb_buffer_pool_size = {{ mysql_db_innodb_buffer_pool_size }}
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
---
|
||||
- name: Reload php-fpm
|
||||
service: name=php5-fpm state=reloaded
|
||||
when: phpfpm_service_enabled
|
||||
|
||||
- name: Restart php-fpm
|
||||
service: name=php5-fpm state=restarted
|
||||
when: phpfpm_service_enabled
|
||||
|
|
|
@ -2,84 +2,68 @@
|
|||
# php as a standalone service
|
||||
- name: Install the php-fpm package
|
||||
apt: pkg={{ item }} state=present
|
||||
with_items: php_fpm_packages
|
||||
tags:
|
||||
- php
|
||||
with_items: '{{ php_fpm_packages }}'
|
||||
tags: php
|
||||
|
||||
- name: Set the timezone if we have one
|
||||
ini_file: dest={{ phpfpm_base_dir }}/php.ini section=Date option=date.timezone value={{ timezone }} backup=yes
|
||||
when: timezone is defined
|
||||
notify: Reload php-fpm
|
||||
tags:
|
||||
- php
|
||||
- php_ini
|
||||
tags: [ 'php', 'php_ini' ]
|
||||
|
||||
- name: Activate the memcache sessions support and redundancy if needed
|
||||
action: configfile path={{ phpfpm_base_dir }}/conf.d/20-memcache.ini key={{ item.prop }} value='{{ item.value }}'
|
||||
when: phpfpm_use_memcache_redundancy_sessions
|
||||
with_items: memcache_session
|
||||
with_items: '{{ memcache_session }}'
|
||||
notify: Reload php-fpm
|
||||
tags:
|
||||
- php
|
||||
- php_ini
|
||||
tags: [ 'php', 'php_ini' ]
|
||||
|
||||
- name: remove php-fpm default pool
|
||||
file: dest={{ phpfpm_base_dir }}/pool.d/www.conf state=absent
|
||||
when: phpfpm_remove_default_pool
|
||||
notify: Restart php-fpm
|
||||
tags:
|
||||
- php
|
||||
tags: php
|
||||
|
||||
- name: Create the users under the php-fpm processes will run
|
||||
user: name={{ item.user }} comment="{{ item.user }}" home=/dev/null createhome=no shell=/sbin/nologin
|
||||
with_items: phpfpm_pools
|
||||
with_items: '{{ phpfpm_pools }}'
|
||||
when: phpfpm_create_users
|
||||
notify: Restart php-fpm
|
||||
tags:
|
||||
- php
|
||||
- fpm_pool
|
||||
tags: [ 'php', 'fpm_pool' ]
|
||||
|
||||
- name: Create the directories where to store the sessions files. One for each pool
|
||||
file: dest={{ phpfpm_session_prefix }}/{{ item.pool_name }} owner={{ item.user }} group=root mode=0750 state=directory
|
||||
with_items: phpfpm_pools
|
||||
with_items: '{{ phpfpm_pools }}'
|
||||
when: phpfpm_use_default_template
|
||||
tags:
|
||||
- php
|
||||
- fpm_pool
|
||||
tags: [ 'php', 'fpm_pool' ]
|
||||
|
||||
- name: Create the directories where to store the log files
|
||||
file: dest={{ phpfpm_logdir }} owner=root group=root mode=0750 state=directory
|
||||
tags:
|
||||
- php
|
||||
- fpm_pool
|
||||
tags: [ 'php', 'fpm_pool' ]
|
||||
|
||||
- name: Install the php-fpm logrotate file
|
||||
template: src=php-fpm.logrotate.j2 dest=/etc/logrotate.d/php-fpm owner=root group=root mode=0444
|
||||
tags:
|
||||
- php
|
||||
- fpm_conf
|
||||
tags: [ 'php', 'fpm_conf' ]
|
||||
|
||||
- name: Install the php-fpm main config file
|
||||
template: src=php-fpm.conf.j2 dest={{ phpfpm_base_dir }}/php-fpm.conf owner=root group=root mode=0444
|
||||
notify: Restart php-fpm
|
||||
tags:
|
||||
- php
|
||||
- fpm_pool
|
||||
- fpm_conf
|
||||
tags: [ 'php', 'fpm_conf', 'fpm_pool' ]
|
||||
|
||||
- name: Install the php-fpm pools
|
||||
template: src=php-fpm-pool.conf.j2 dest={{ phpfpm_base_dir }}/pool.d/{{ item.pool_name }}.conf owner=root group=root mode=0444
|
||||
with_items: phpfpm_pools
|
||||
with_items: '{{ phpfpm_pools }}'
|
||||
when: phpfpm_use_default_template
|
||||
notify: Restart php-fpm
|
||||
tags:
|
||||
- php
|
||||
- fpm_conf
|
||||
- fpm_pool
|
||||
- fpm_pool_conf
|
||||
tags: [ 'php', 'fpm_conf', 'fpm_pool', 'fpm_pool_conf' ]
|
||||
|
||||
- name: Ensure that the php-fpm service is started and enabled
|
||||
service: name=php5-fpm state=started enabled=yes
|
||||
tags:
|
||||
- php
|
||||
when: phpfpm_service_enabled
|
||||
tags: php
|
||||
|
||||
- name: Ensure that the php-fpm service is stopped and disabled
|
||||
service: name=php5-fpm state=stopped enabled=no
|
||||
when: not phpfpm_service_enabled
|
||||
tags: php
|
||||
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
piwik_repo_key: 'https://debian.piwik.org/repository.gpg'
|
||||
piwik_repo: 'deb https://debian.piwik.org/ piwik main'
|
||||
|
||||
piwik_under_nginx: True
|
||||
piwik_under_phpfpm: True
|
||||
piwik_user: piwik
|
||||
piwik_http_doc_root: '/usr/share/piwik'
|
||||
piwik_owned_data:
|
||||
- /etc/piwik/
|
||||
- /var/lib/piwik/data/tmp
|
||||
- /var/log/piwik/
|
||||
- /usr/share/piwik/misc
|
||||
- /usr/share/piwik/plugins
|
||||
|
||||
piwik_url: 'http://{{ ansible_fqdn }}/'
|
||||
piwik_pkgs:
|
||||
- piwik
|
||||
- php5-mysql
|
||||
- php5-json
|
||||
- php5-ldap
|
||||
- php5-gd
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
- name: Install the piwik repo key
|
||||
apt_key: url={{ piwik_repo_key }} state=present
|
||||
tags: [ 'piwik', 'analytics' ]
|
||||
|
||||
- name: Install the piwik debian repo
|
||||
apt_repository: repo='{{ piwik_repo }}' state=present
|
||||
tags: [ 'piwik', 'analytics' ]
|
||||
|
||||
- name: Install piwik and some dependencies
|
||||
apt: name={{ item }}
|
||||
with_items: '{{ piwik_pkgs }}'
|
||||
tags: [ 'piwik', 'analytics' ]
|
||||
|
||||
- name: Restore the piwik permissions so that they match the fpm config
|
||||
shell: find {{ item }} -user www-data -exec chown {{ piwik_user }} {} \; ; find {{ item }} -group www-data -exec chgrp {{ piwik_user }} {} \;
|
||||
with_items: '{{ piwik_owned_data }}'
|
||||
when: piwik_under_phpfpm
|
||||
tags: [ 'piwik', 'analytics' ]
|
||||
|
||||
- name: Install a cron job to archive the old logs data
|
||||
cron: minute="5" user={{ piwik_user }} name="Archive Piwik Log Data" job='[ -e /usr/share/piwik/console ] && [ -x /usr/bin/php ] && nice /usr/bin/php /usr/share/piwik/console core:archive --url="{{ piwik_url }}" >> /var/log/piwik/piwik-archive.log 2>&1' cron_file=piwik-archive
|
||||
tags: [ 'piwik', 'analytics' ]
|
||||
|
||||
- name: Create a directory for the fcgi cache
|
||||
file: dest=/var/cache/nginx/fcgicache type=directory owner=piwik
|
||||
when: piwik_under_nginx
|
||||
tags: [ 'piwik', 'analytics' ]
|
Loading…
Reference in New Issue