This role sets up the AMP part of a LAMP stack using geerlingguy.* roles.
The role does not provide any defaults, tasks, or vars. All roles are
included as dependencies in meta/main.yml
. The reason for this is
Ansible's odd variable inheritance with included roles. In this kind of
setup:
- variables from
defaults/main.yml
are never seen by the dependent roles, - variables from
vars/main.yml
are not easily overriden from the parent role or playbooks that call it.
But with this setup, it is possible to provide variables:
- from the calling playbook (see
molecule/default/playbook.yml
), - using group and host variables (see
molecule/default/group_vars/
andmolecule/default/host_vars
).
The role itself only provides a single variable (see Role Variables
below) that are used to determine which roles to run (by default, we run
weareinteractive.apt
, ctorgalson.files
, ctorgalson.ssl
, geerlingguy.mysql
,
geerlingguy.apache
, geerlingguy.php
, and geerlingguy.composer
).
This role has no special requirements.
Variable name | Default value | Description |
---|---|---|
lamp_configure |
['apt', 'files', 'ssl', 'mysql', 'apache', 'php', 'composer'] |
A list 'AMP' items to configure. Possible values include apache , apt , files , ssl , fpm , mysql , php , and composer |
This role includes several Galaxy roles as dependencies. For details on how to configure them, see each role's specific documentation:
- weareinteractive.apt
- ctorgalson.files
- ctorgalson.ssl
- geerlingguy.mysql
- geerlingguy.apache
- geerlingguy.php
- geerlingguy.composer
- geerlingguy.apache-php-fpm
-
Many of the variables shown here could be stored in
group_vars/
and/orhost_vars/
--especially when provisioning multiple servers! (seemolecule/default
for a working example)--and are only included to provide an all-in-one-place look at what's needed to use the role in a playbook.If the variables were stored elsewhere, this playbook could be as simple as:
- hosts: all roles: - role: ansible-role-lamp
-
This playbook only handles setting up Apache, MySql and PHP. Other server configuration tasks such as security setup need to be handled by other tasks or roles in your playbooks.
-
To exclude certain dependencies from execution, see Role Variables, above.
-
Becuase the roles are declared as dependencies, they must all be installed/present. If you don't use many/most of the dependencies, this role may not be suitable for your use.
- hosts: all
vars:
# ctorgalson.files vars.
files_files:
- path: "/var/www/lamp/web"
state: directory
owner: "jenkins"
group: "www-data"
mode: "ug=rwx,o=rx"
# ctorgalson.lamp var.
lamp_configure:
- apt
- files
- mysql
- apache
- php
# ctorgalson.ssl vars.
ssl_directories:
- path: "/etc/ssl/certs"
owner: root
group: root
mode: "u=rwx,go=rx"
- path: "/etc/ssl/private"
owner: root
group: root
mode: "u=rwx,go=rx"
ssl_files:
- src: "{{ playbook_dir }}/files/certs/lamp.crt"
dest: "/etc/ssl/certs/lamp.crt"
owner: root
group: root
mode: "u=rw,go=r"
- src: "{{ playbook_dir }}/files/certs/lamp.key"
dest: "/etc/ssl/private/lamp.key"
owner: root
group: root
mode: "u=rw,go="
# geerlingguy.apache vars.
apache_remove_default_vhost: true
apache_mods_enabled:
- "expires.load"
- "headers.load"
- "rewrite.load"
apache_vhosts:
- servername: "lamp"
documentroot: "/var/www/lamp/web"
# geerlingguy.composer vars.
composer_home_path: "/home/jenkins/.composer"
composer_home_owner: "jenkins"
composer_home_group: "jenkins"
# geerlingguy.mysql vars.
mysql_packages:
- "mariadb-client"
- "mariadb-server"
- "python-mysqldb"
mysql_root_password: "lamp_root_password"
mysql_databases:
- name: "lamp_db"
encoding: "utf8"
collation: "utf8_general_ci"
mysql_users:
- name: "lamp_user"
host: "localhost"
password: "lamp_user_password"
priv: "lamp_db.*:ALL
# geerlingguy.php vars.
php_default_version_debian: "7.2"
php_install_recommends: "no"
php_date_timezone: "UTC"
php_post_max_size: "64M"
php_error_reporting: "E_ALL & ~E_DEPRECATED & ~E_STRICT"
php_display_errors: "Off"
php_display_startup_errors: "On"
php_packages:
- "libpcre3-dev"
- "php{{ php_default_version_debian }}-cli"
- "php{{ php_default_version_debian }}-common"
- "php{{ php_default_version_debian }}-curl"
- "php{{ php_default_version_debian }}-dev"
- "php{{ php_default_version_debian }}-gd"
- "php{{ php_default_version_debian }}-imap"
- "php{{ php_default_version_debian }}-json"
- "php{{ php_default_version_debian }}-mbstring"
- "php{{ php_default_version_debian }}-mysql"
- "php{{ php_default_version_debian }}-opcache"
- "php{{ php_default_version_debian }}-pdo"
- "php{{ php_default_version_debian }}-xml"
- "php{{ php_default_version_debian }}-zip"
- "php-sqlite3"
- "php-apcu"
- "php-redis"
- "libapache2-mod-php{{ php_default_version_debian }}"
# weareinteractive.apt vars.
apt_repositories:
- repo: "ppa:ondrej/php"
codename: xenial
update_cache: true
- repo: "ppa:ondrej/apache2"
codename: xenial
update_cache: true
roles:
- role: ansible-role-lamp
GPLv2