diff --git a/wordpress-nginx/LICENSE.md b/wordpress-nginx_rhel6/LICENSE.md similarity index 100% rename from wordpress-nginx/LICENSE.md rename to wordpress-nginx_rhel6/LICENSE.md diff --git a/wordpress-nginx/README.md b/wordpress-nginx_rhel6/README.md similarity index 100% rename from wordpress-nginx/README.md rename to wordpress-nginx_rhel6/README.md diff --git a/wordpress-nginx/group_vars/all b/wordpress-nginx_rhel6/group_vars/all similarity index 100% rename from wordpress-nginx/group_vars/all rename to wordpress-nginx_rhel6/group_vars/all diff --git a/wordpress-nginx/hosts.example b/wordpress-nginx_rhel6/hosts.example similarity index 100% rename from wordpress-nginx/hosts.example rename to wordpress-nginx_rhel6/hosts.example diff --git a/wordpress-nginx/roles/common/files/RPM-GPG-KEY-EPEL-6 b/wordpress-nginx_rhel6/roles/common/files/RPM-GPG-KEY-EPEL-6 similarity index 100% rename from wordpress-nginx/roles/common/files/RPM-GPG-KEY-EPEL-6 rename to wordpress-nginx_rhel6/roles/common/files/RPM-GPG-KEY-EPEL-6 diff --git a/wordpress-nginx/roles/common/files/epel.repo b/wordpress-nginx_rhel6/roles/common/files/epel.repo similarity index 100% rename from wordpress-nginx/roles/common/files/epel.repo rename to wordpress-nginx_rhel6/roles/common/files/epel.repo diff --git a/wordpress-nginx/roles/common/files/iptables-save b/wordpress-nginx_rhel6/roles/common/files/iptables-save similarity index 100% rename from wordpress-nginx/roles/common/files/iptables-save rename to wordpress-nginx_rhel6/roles/common/files/iptables-save diff --git a/wordpress-nginx/roles/common/handlers/main.yml b/wordpress-nginx_rhel6/roles/common/handlers/main.yml similarity index 100% rename from wordpress-nginx/roles/common/handlers/main.yml rename to wordpress-nginx_rhel6/roles/common/handlers/main.yml diff --git a/wordpress-nginx/roles/common/tasks/main.yml b/wordpress-nginx_rhel6/roles/common/tasks/main.yml similarity index 100% rename from wordpress-nginx/roles/common/tasks/main.yml rename to wordpress-nginx_rhel6/roles/common/tasks/main.yml diff --git a/wordpress-nginx/roles/mysql/handlers/main.yml b/wordpress-nginx_rhel6/roles/mysql/handlers/main.yml similarity index 100% rename from wordpress-nginx/roles/mysql/handlers/main.yml rename to wordpress-nginx_rhel6/roles/mysql/handlers/main.yml diff --git a/wordpress-nginx/roles/mysql/tasks/main.yml b/wordpress-nginx_rhel6/roles/mysql/tasks/main.yml similarity index 79% rename from wordpress-nginx/roles/mysql/tasks/main.yml rename to wordpress-nginx_rhel6/roles/mysql/tasks/main.yml index 4236c52eb..ce0043e99 100644 --- a/wordpress-nginx/roles/mysql/tasks/main.yml +++ b/wordpress-nginx_rhel6/roles/mysql/tasks/main.yml @@ -2,10 +2,10 @@ - name: Install Mysql package yum: name={{ item }} state=present with_items: - - mysql-server - - MySQL-python - - libselinux-python - - libsemanage-python + - mysql-server + - MySQL-python + - libselinux-python + - libsemanage-python - name: Configure SELinux to start mysql on any port seboolean: name=mysql_connect_any state=true persistent=yes @@ -14,7 +14,7 @@ - name: Create Mysql configuration file template: src=my.cnf.j2 dest=/etc/my.cnf notify: - - restart mysql + - restart mysql - name: Start Mysql Service service: name=mysqld state=started enabled=yes diff --git a/wordpress-nginx/roles/mysql/templates/my.cnf.j2 b/wordpress-nginx_rhel6/roles/mysql/templates/my.cnf.j2 similarity index 100% rename from wordpress-nginx/roles/mysql/templates/my.cnf.j2 rename to wordpress-nginx_rhel6/roles/mysql/templates/my.cnf.j2 diff --git a/wordpress-nginx/roles/nginx/handlers/main.yml b/wordpress-nginx_rhel6/roles/nginx/handlers/main.yml similarity index 100% rename from wordpress-nginx/roles/nginx/handlers/main.yml rename to wordpress-nginx_rhel6/roles/nginx/handlers/main.yml diff --git a/wordpress-nginx/roles/nginx/tasks/main.yml b/wordpress-nginx_rhel6/roles/nginx/tasks/main.yml similarity index 100% rename from wordpress-nginx/roles/nginx/tasks/main.yml rename to wordpress-nginx_rhel6/roles/nginx/tasks/main.yml diff --git a/wordpress-nginx/roles/nginx/templates/default.conf b/wordpress-nginx_rhel6/roles/nginx/templates/default.conf similarity index 100% rename from wordpress-nginx/roles/nginx/templates/default.conf rename to wordpress-nginx_rhel6/roles/nginx/templates/default.conf diff --git a/wordpress-nginx/roles/php-fpm/handlers/main.yml b/wordpress-nginx_rhel6/roles/php-fpm/handlers/main.yml similarity index 100% rename from wordpress-nginx/roles/php-fpm/handlers/main.yml rename to wordpress-nginx_rhel6/roles/php-fpm/handlers/main.yml diff --git a/wordpress-nginx/roles/php-fpm/tasks/main.yml b/wordpress-nginx_rhel6/roles/php-fpm/tasks/main.yml similarity index 100% rename from wordpress-nginx/roles/php-fpm/tasks/main.yml rename to wordpress-nginx_rhel6/roles/php-fpm/tasks/main.yml diff --git a/wordpress-nginx/roles/php-fpm/templates/wordpress.conf b/wordpress-nginx_rhel6/roles/php-fpm/templates/wordpress.conf similarity index 100% rename from wordpress-nginx/roles/php-fpm/templates/wordpress.conf rename to wordpress-nginx_rhel6/roles/php-fpm/templates/wordpress.conf diff --git a/wordpress-nginx/roles/wordpress/tasks/main.yml b/wordpress-nginx_rhel6/roles/wordpress/tasks/main.yml similarity index 90% rename from wordpress-nginx/roles/wordpress/tasks/main.yml rename to wordpress-nginx_rhel6/roles/wordpress/tasks/main.yml index 9028a89ed..001531c06 100644 --- a/wordpress-nginx/roles/wordpress/tasks/main.yml +++ b/wordpress-nginx_rhel6/roles/wordpress/tasks/main.yml @@ -1,7 +1,6 @@ --- - name: Download WordPress - get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz - sha256sum="{{ wp_sha256sum }}" + get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz sha256sum="{{ wp_sha256sum }}" - name: Extract archive unarchive: @@ -18,8 +17,8 @@ - name: Fetch random salts for WordPress config get_url: url: https://api.wordpress.org/secret-key/1.1/salt/ - register: "wp_salt" - become: no + register: wp_salt + become: false become_method: sudo changed_when: true delegate_to: localhost diff --git a/wordpress-nginx/roles/wordpress/templates/wp-config.php b/wordpress-nginx_rhel6/roles/wordpress/templates/wp-config.php similarity index 100% rename from wordpress-nginx/roles/wordpress/templates/wp-config.php rename to wordpress-nginx_rhel6/roles/wordpress/templates/wp-config.php diff --git a/wordpress-nginx/site.yml b/wordpress-nginx_rhel6/site.yml similarity index 100% rename from wordpress-nginx/site.yml rename to wordpress-nginx_rhel6/site.yml diff --git a/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-EPEL-7 b/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-EPEL-7 deleted file mode 100644 index a1d6f2583..000000000 --- a/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-EPEL-7 +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.11 (GNU/Linux) - -mQINBFKuaIQBEAC1UphXwMqCAarPUH/ZsOFslabeTVO2pDk5YnO96f+rgZB7xArB -OSeQk7B90iqSJ85/c72OAn4OXYvT63gfCeXpJs5M7emXkPsNQWWSju99lW+AqSNm -jYWhmRlLRGl0OO7gIwj776dIXvcMNFlzSPj00N2xAqjMbjlnV2n2abAE5gq6VpqP -vFXVyfrVa/ualogDVmf6h2t4Rdpifq8qTHsHFU3xpCz+T6/dGWKGQ42ZQfTaLnDM -jToAsmY0AyevkIbX6iZVtzGvanYpPcWW4X0RDPcpqfFNZk643xI4lsZ+Y2Er9Yu5 -S/8x0ly+tmmIokaE0wwbdUu740YTZjCesroYWiRg5zuQ2xfKxJoV5E+Eh+tYwGDJ -n6HfWhRgnudRRwvuJ45ztYVtKulKw8QQpd2STWrcQQDJaRWmnMooX/PATTjCBExB -9dkz38Druvk7IkHMtsIqlkAOQMdsX1d3Tov6BE2XDjIG0zFxLduJGbVwc/6rIc95 -T055j36Ez0HrjxdpTGOOHxRqMK5m9flFbaxxtDnS7w77WqzW7HjFrD0VeTx2vnjj -GqchHEQpfDpFOzb8LTFhgYidyRNUflQY35WLOzLNV+pV3eQ3Jg11UFwelSNLqfQf -uFRGc+zcwkNjHh5yPvm9odR1BIfqJ6sKGPGbtPNXo7ERMRypWyRz0zi0twARAQAB -tChGZWRvcmEgRVBFTCAoNykgPGVwZWxAZmVkb3JhcHJvamVjdC5vcmc+iQI4BBMB -AgAiBQJSrmiEAhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBqL66iNSxk -5cfGD/4spqpsTjtDM7qpytKLHKruZtvuWiqt5RfvT9ww9GUUFMZ4ZZGX4nUXg49q -ixDLayWR8ddG/s5kyOi3C0uX/6inzaYyRg+Bh70brqKUK14F1BrrPi29eaKfG+Gu -MFtXdBG2a7OtPmw3yuKmq9Epv6B0mP6E5KSdvSRSqJWtGcA6wRS/wDzXJENHp5re -9Ism3CYydpy0GLRA5wo4fPB5uLdUhLEUDvh2KK//fMjja3o0L+SNz8N0aDZyn5Ax -CU9RB3EHcTecFgoy5umRj99BZrebR1NO+4gBrivIfdvD4fJNfNBHXwhSH9ACGCNv -HnXVjHQF9iHWApKkRIeh8Fr2n5dtfJEF7SEX8GbX7FbsWo29kXMrVgNqHNyDnfAB -VoPubgQdtJZJkVZAkaHrMu8AytwT62Q4eNqmJI1aWbZQNI5jWYqc6RKuCK6/F99q -thFT9gJO17+yRuL6Uv2/vgzVR1RGdwVLKwlUjGPAjYflpCQwWMAASxiv9uPyYPHc -ErSrbRG0wjIfAR3vus1OSOx3xZHZpXFfmQTsDP7zVROLzV98R3JwFAxJ4/xqeON4 -vCPFU6OsT3lWQ8w7il5ohY95wmujfr6lk89kEzJdOTzcn7DBbUru33CQMGKZ3Evt -RjsC7FDbL017qxS+ZVA/HGkyfiu4cpgV8VUnbql5eAZ+1Ll6Dw== -=hdPa ------END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-NGINX b/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-NGINX deleted file mode 100644 index 2528b45b7..000000000 --- a/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-NGINX +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.11 (FreeBSD) - -mQENBE5OMmIBCAD+FPYKGriGGf7NqwKfWC83cBV01gabgVWQmZbMcFzeW+hMsgxH -W6iimD0RsfZ9oEbfJCPG0CRSZ7ppq5pKamYs2+EJ8Q2ysOFHHwpGrA2C8zyNAs4I -QxnZZIbETgcSwFtDun0XiqPwPZgyuXVm9PAbLZRbfBzm8wR/3SWygqZBBLdQk5TE -fDR+Eny/M1RVR4xClECONF9UBB2ejFdI1LD45APbP2hsN/piFByU1t7yK2gpFyRt -97WzGHn9MV5/TL7AmRPM4pcr3JacmtCnxXeCZ8nLqedoSuHFuhwyDnlAbu8I16O5 -XRrfzhrHRJFM1JnIiGmzZi6zBvH0ItfyX6ttABEBAAG0KW5naW54IHNpZ25pbmcg -a2V5IDxzaWduaW5nLWtleUBuZ2lueC5jb20+iQE+BBMBAgAoBQJOTjJiAhsDBQkJ -ZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCr9b2Ce9m/YpvjB/98uV4t -94d0oEh5XlqEZzVMrcTgPQ3BZt05N5xVuYaglv7OQtdlErMXmRWaFZEqDaMHdniC -sF63jWMd29vC4xpzIfmsLK3ce9oYo4t9o4WWqBUdf0Ff1LMz1dfLG2HDtKPfYg3C -8NESud09zuP5NohaE8Qzj/4p6rWDiRpuZ++4fnL3Dt3N6jXILwr/TM/Ma7jvaXGP -DO3kzm4dNKp5b5bn2nT2QWLPnEKxvOg5Zoej8l9+KFsUnXoWoYCkMQ2QTpZQFNwF -xwJGoAz8K3PwVPUrIL6b1lsiNovDgcgP0eDgzvwLynWKBPkRRjtgmWLoeaS9FAZV -ccXJMmANXJFuCf26iQEcBBABAgAGBQJOTkelAAoJEKZP1bF62zmo79oH/1XDb29S -YtWp+MTJTPFEwlWRiyRuDXy3wBd/BpwBRIWfWzMs1gnCjNjk0EVBVGa2grvy9Jtx -JKMd6l/PWXVucSt+U/+GO8rBkw14SdhqxaS2l14v6gyMeUrSbY3XfToGfwHC4sa/ -Thn8X4jFaQ2XN5dAIzJGU1s5JA0tjEzUwCnmrKmyMlXZaoQVrmORGjCuH0I0aAFk -RS0UtnB9HPpxhGVbs24xXZQnZDNbUQeulFxS4uP3OLDBAeCHl+v4t/uotIad8v6J -SO93vc1evIje6lguE81HHmJn9noxPItvOvSMb2yPsE8mH4cJHRTFNSEhPW6ghmlf -Wa9ZwiVX5igxcvaIRgQQEQIABgUCTk5b0gAKCRDs8OkLLBcgg1G+AKCnacLb/+W6 -cflirUIExgZdUJqoogCeNPVwXiHEIVqithAM1pdY/gcaQZmIRgQQEQIABgUCTk5f -YQAKCRCpN2E5pSTFPnNWAJ9gUozyiS+9jf2rJvqmJSeWuCgVRwCcCUFhXRCpQO2Y -Va3l3WuB+rgKjsQ= -=A015 ------END PGP PUBLIC KEY BLOCK----- \ No newline at end of file diff --git a/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-remi b/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-remi deleted file mode 100644 index 328338606..000000000 --- a/wordpress-nginx_rhel7/roles/common/files/RPM-GPG-KEY-remi +++ /dev/null @@ -1,24 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.7 (GNU/Linux) - -mQGiBEJny1wRBACRnbQgZ6qLmJSuGvi/EwrRL6aW610BbdpLQRL3dnwy5wI5t9T3 -/JEiEJ7GTvAwfiisEHifMfk2sRlWRf2EDQFttHyrrYXfY5L6UAF2IxixK5FL7PWA -/2a7tkw1IbCbt4IGG0aZJ6/xgQejrOLi4ewniqWuXCc+tLuWBZrGpE2QfwCggZ+L -0e6KPTHMP97T4xV81e3Ba5MD/3NwOQh0pVvZlW66Em8IJnBgM+eQh7pl4xq7nVOh -dEMJwVU0wDRKkXqQVghOxALOSAMapj5mDppEDzGLZHZNSRcvGEs2iPwo9vmY+Qhp -AyEBzE4blNR8pwPtAwL0W3cBKUx7ZhqmHr2FbNGYNO/hP4tO2ochCn5CxSwAfN1B -Qs5pBACOkTZMNC7CLsSUT5P4+64t04x/STlAFczEBcJBLF1T16oItDITJmAsPxbY -iee6JRfXmZKqmDP04fRdboWMcRjfDfCciSdIeGqP7vMcO25bDZB6x6++fOcmQpyD -1Fag3ZUq2yojgXWqVrgFHs/HB3QE7UQkykNp1fjQGbKK+5mWTrQkUmVtaSBDb2xs -ZXQgPFJQTVNARmFtaWxsZUNvbGxldC5jb20+iGAEExECACAFAkZ+MYoCGwMGCwkI -BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAATm9HAPl/Vv/UAJ9EL8ioMTsz/2EPbNuQ -MP5Xx/qPLACeK5rk2hb8VFubnEsbVxnxfxatGZ25AQ0EQmfLXRAEANwGvY+mIZzj -C1L5Nm2LbSGZNTN3NMbPFoqlMfmym8XFDXbdqjAHutGYEZH/PxRI6GC8YW5YK4E0 -HoBAH0b0F97JQEkKquahCakj0P5mGuH6Q8gDOfi6pHimnsSAGf+D+6ZwAn8bHnAa -o+HVmEITYi6s+Csrs+saYUcjhu9zhyBfAAMFA/9Rmfj9/URdHfD1u0RXuvFCaeOw -CYfH2/nvkx+bAcSIcbVm+tShA66ybdZ/gNnkFQKyGD9O8unSXqiELGcP8pcHTHsv -JzdD1k8DhdFNhux/WPRwbo/es6QcpIPa2JPjBCzfOTn9GXVdT4pn5tLG2gHayudK -8Sj1OI2vqGLMQzhxw4hJBBgRAgAJBQJCZ8tdAhsMAAoJEABOb0cA+X9WcSAAn11i -gC5ns/82kSprzBOU0BNwUeXZAJ0cvNmY7rvbyiJydyLsSxh/la6HKw== -=6Rbg ------END PGP PUBLIC KEY BLOCK----- diff --git a/wordpress-nginx_rhel7/roles/common/files/epel.repo b/wordpress-nginx_rhel7/roles/common/files/epel.repo deleted file mode 100644 index 0301cc746..000000000 --- a/wordpress-nginx_rhel7/roles/common/files/epel.repo +++ /dev/null @@ -1,8 +0,0 @@ -[epel] -name=Extra Packages for Enterprise Linux 7 - $basearch -#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch -mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch -failovermethod=priority -enabled=1 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 \ No newline at end of file diff --git a/wordpress-nginx_rhel7/roles/common/files/nginx.repo b/wordpress-nginx_rhel7/roles/common/files/nginx.repo index 9060b8d7c..fd254d868 100644 --- a/wordpress-nginx_rhel7/roles/common/files/nginx.repo +++ b/wordpress-nginx_rhel7/roles/common/files/nginx.repo @@ -1,7 +1,15 @@ -[nginx] -name=Nginx repo - $basearch -baseurl=http://nginx.org/packages/centos/7/$basearch -failovermethod=priority +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NGINX +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true + +[nginx-mainline] +name=nginx mainline repo +baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true \ No newline at end of file diff --git a/wordpress-nginx_rhel7/roles/common/files/remi.repo b/wordpress-nginx_rhel7/roles/common/files/remi.repo deleted file mode 100644 index aaae795ec..000000000 --- a/wordpress-nginx_rhel7/roles/common/files/remi.repo +++ /dev/null @@ -1,67 +0,0 @@ -# Repository: http://rpms.remirepo.net/ -# Blog: http://blog.remirepo.net/ -# Forum: http://forum.remirepo.net/ - -[remi] -name=Remi's RPM repository for Enterprise Linux 7 - $basearch -baseurl=http://rpms.remirepo.net/enterprise/7/remi/$basearch/ -mirrorlist=http://rpms.remirepo.net/enterprise/7/remi/mirror -enabled=1 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi - -[remi-php55] -name=Remi's PHP 5.5 RPM repository for Enterprise Linux 7 - $basearch -#baseurl=http://rpms.remirepo.net/enterprise/7/php55/$basearch/ -mirrorlist=http://rpms.remirepo.net/enterprise/7/php55/mirror -# NOTICE: common dependencies are in "remi-safe" -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi - -[remi-php56] -name=Remi's PHP 5.6 RPM repository for Enterprise Linux 7 - $basearch -#baseurl=http://rpms.remirepo.net/enterprise/7/php56/$basearch/ -mirrorlist=http://rpms.remirepo.net/enterprise/7/php56/mirror -# NOTICE: common dependencies are in "remi-safe" -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi - -[remi-test] -name=Remi's test RPM repository for Enterprise Linux 7 - $basearch -#baseurl=http://rpms.remirepo.net/enterprise/7/test/$basearch/ -mirrorlist=http://rpms.remirepo.net/enterprise/7/test/mirror -# WARNING: If you enable this repository, you must also enable "remi" -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi - -[remi-debuginfo] -name=Remi's RPM repository for Enterprise Linux 7 - $basearch - debuginfo -baseurl=http://rpms.remirepo.net/enterprise/7/debug-remi/$basearch/ -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi - -[remi-php55-debuginfo] -name=Remi's PHP 5.5 RPM repository for Enterprise Linux 7 - $basearch - debuginfo -baseurl=http://rpms.remirepo.net/enterprise/7/debug-php55/$basearch/ -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi - -[remi-php56-debuginfo] -name=Remi's PHP 5.6 RPM repository for Enterprise Linux 7 - $basearch - debuginfo -baseurl=http://rpms.remirepo.net/enterprise/7/debug-php56/$basearch/ -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi - -[remi-test-debuginfo] -name=Remi's test RPM repository for Enterprise Linux 7 - $basearch - debuginfo -baseurl=http://rpms.remirepo.net/enterprise/7/debug-test/$basearch/ -enabled=0 -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi - diff --git a/wordpress-nginx_rhel7/roles/common/tasks/main.yml b/wordpress-nginx_rhel7/roles/common/tasks/main.yml index 7bf0738ea..2f7b737d3 100644 --- a/wordpress-nginx_rhel7/roles/common/tasks/main.yml +++ b/wordpress-nginx_rhel7/roles/common/tasks/main.yml @@ -1,24 +1,44 @@ --- - name: Copy the NGINX repository definition - copy: src=nginx.repo dest=/etc/yum.repos.d/ + ansible.builtin.copy: + src: nginx.repo + dest: /etc/yum.repos.d/ + owner: root + group: root + mode: u=rw,g=r,o=r -- name: Copy the EPEL repository definition - copy: src=epel.repo dest=/etc/yum.repos.d/ +- name: Install the EPEL repository definition + ansible.builtin.yum: + name: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm" + state: present -- name: Copy the REMI repository definition - copy: src=remi.repo dest=/etc/yum.repos.d/ +- name: Install the REMI repository definition + ansible.builtin.yum: + name: https://rpms.remirepo.net/enterprise/remi-release-7.rpm + state: present - name: Create the GPG key for NGINX - copy: src=RPM-GPG-KEY-NGINX dest=/etc/pki/rpm-gpg + ansible.builtin.rpm_key: + state: present + key: https://nginx.org/keys/nginx_signing.key -- name: Create the GPG key for EPEL - copy: src=RPM-GPG-KEY-EPEL-7 dest=/etc/pki/rpm-gpg +- name: Create the GPG key for EPEL 7 + ansible.builtin.rpm_key: + state: present + key: https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 + +- name: Create the GPG key for Remi Repo EL 7 + ansible.builtin.rpm_key: + state: present + key: https://rpms.remirepo.net/enterprise/7/RPM-GPG-KEY-remi -- name: Create the GPG key for REMI - copy: src=RPM-GPG-KEY-remi dest=/etc/pki/rpm-gpg - - name: Install Firewalld - yum: name=firewalld state=present + ansible.builtin.yum: + name: firewalld + state: present - name: Firewalld service state - service: name=firewalld state=started enabled=yes + ansible.builtin.service: + name: firewalld + state: started + enabled: true diff --git a/wordpress-nginx_rhel7/roles/mariadb/handlers/main.yml b/wordpress-nginx_rhel7/roles/mariadb/handlers/main.yml index 37c068354..2bd8e11f9 100644 --- a/wordpress-nginx_rhel7/roles/mariadb/handlers/main.yml +++ b/wordpress-nginx_rhel7/roles/mariadb/handlers/main.yml @@ -1,5 +1,8 @@ --- # Handler to handle DB tier notifications -- name: restart mariadb - service: name=mariadb state=restarted +- name: Restart mariadb + ansible.builtin.service: + name: mariadb + state: restarted + listen: restart mariadb diff --git a/wordpress-nginx_rhel7/roles/mariadb/tasks/main.yml b/wordpress-nginx_rhel7/roles/mariadb/tasks/main.yml index 5f930bf8c..80f49dafb 100644 --- a/wordpress-nginx_rhel7/roles/mariadb/tasks/main.yml +++ b/wordpress-nginx_rhel7/roles/mariadb/tasks/main.yml @@ -1,28 +1,49 @@ --- # This playbook will install MariaDB and create db user and give permissions. - - name: Install MariaDB package - yum: name={{ item }} state=installed - with_items: - - mariadb-server - - MySQL-python - - libselinux-python - - libsemanage-python + ansible.builtin.yum: + name: "{{ mariadb_packages }}" + state: installed + vars: + mariadb_packages: + - mariadb-server + - MySQL-python + - libselinux-python + - libsemanage-python - name: Configure SELinux to start mysql on any port - seboolean: name=mysql_connect_any state=true persistent=yes + ansible.posix.seboolean: + name: mysql_connect_any + state: true + persistent: true - name: Create Mysql configuration file - template: src=my.cnf.j2 dest=/etc/my.cnf + ansible.builtin.template: + src: my.cnf.j2 + dest: /etc/my.cnf + owner: root + group: mysql + mode: u=rw,g=r,o=r notify: - - restart mariadb + - restart mariadb - name: Create MariaDB log file - file: path=/var/log/mysqld.log state=touch owner=mysql group=mysql mode=0775 + ansible.builtin.file: + path: /var/log/mysqld.log + state: touch + owner: mysql + group: mysql + mode: u=rwx,g=rwx,o=rx - name: Start MariaDB Service - service: name=mariadb state=started enabled=yes + ansible.builtin.service: + name: mariadb + state: started + enabled: true -- name: insert firewalld rule - firewalld: port={{ mysql_port }}/tcp permanent=true state=enabled immediate=yes - ignore_errors: yes +- name: Insert firewalld rule + ansible.posix.firewalld: + port: "{{ mysql_port }}/tcp " + permanent: true + state: enabled + immediate: true diff --git a/wordpress-nginx_rhel7/roles/nginx/handlers/main.yml b/wordpress-nginx_rhel7/roles/nginx/handlers/main.yml index 16d819248..611a8721c 100644 --- a/wordpress-nginx_rhel7/roles/nginx/handlers/main.yml +++ b/wordpress-nginx_rhel7/roles/nginx/handlers/main.yml @@ -1,3 +1,7 @@ --- -- name: restart nginx - service: name=nginx state=restarted enabled=yes +- name: Restart nginx + ansible.builtin.service: + name: nginx + state: restarted + enabled: true + listen: restart nginx diff --git a/wordpress-nginx_rhel7/roles/nginx/tasks/main.yml b/wordpress-nginx_rhel7/roles/nginx/tasks/main.yml index 14fae22f7..d1a3ad194 100644 --- a/wordpress-nginx_rhel7/roles/nginx/tasks/main.yml +++ b/wordpress-nginx_rhel7/roles/nginx/tasks/main.yml @@ -1,14 +1,27 @@ --- - name: Install nginx - yum: name=nginx state=present + ansible.builtin.yum: + name: nginx + state: present - name: Copy nginx configuration for wordpress - template: src=default.conf dest=/etc/nginx/conf.d/default.conf + ansible.builtin.template: + src: default.conf + dest: /etc/nginx/conf.d/default.conf + owner: nginx + group: nginx + mode: u=rwX,g=rwX,o=rX notify: restart nginx -- name: insert firewalld rule for nginx - firewalld: port={{ nginx_port }}/tcp permanent=true state=enabled immediate=yes - ignore_errors: yes +- name: Insert firewalld rule for nginx + ansible.posix.firewalld: + port: "{{ nginx_port }}/tcp" + permanent: true + state: enabled + immediate: true -- name: http service state - service: name=nginx state=started enabled=yes +- name: Http service state + ansible.builtin.service: + name: nginx + state: started + enabled: true diff --git a/wordpress-nginx_rhel7/roles/nginx/templates/default.conf b/wordpress-nginx_rhel7/roles/nginx/templates/default.conf deleted file mode 100644 index bfa7a5105..000000000 --- a/wordpress-nginx_rhel7/roles/nginx/templates/default.conf +++ /dev/null @@ -1,31 +0,0 @@ -server { - listen {{ nginx_port }} default_server; - server_name {{ server_hostname }}; - root /srv/wordpress/ ; - - client_max_body_size 64M; - - # Deny access to any files with a .php extension in the uploads directory - location ~* /(?:uploads|files)/.*\.php$ { - deny all; - } - - location / { - index index.php index.html index.htm; - try_files $uri $uri/ /index.php?$args; - } - - location ~* \.(gif|jpg|jpeg|png|css|js)$ { - expires max; - } - - location ~ \.php$ { - try_files $uri =404; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_index index.php; - fastcgi_pass unix:/var/run/php-fpm/wordpress.sock; - fastcgi_param SCRIPT_FILENAME - $document_root$fastcgi_script_name; - include fastcgi_params; - } -} diff --git a/wordpress-nginx_rhel7/roles/nginx/templates/default.conf.j2 b/wordpress-nginx_rhel7/roles/nginx/templates/default.conf.j2 new file mode 100644 index 000000000..cb37f74e2 --- /dev/null +++ b/wordpress-nginx_rhel7/roles/nginx/templates/default.conf.j2 @@ -0,0 +1,30 @@ +server { + listen {{ nginx_port }} default_server; + server_name {{ server_hostname }}; + root /srv/wordpress/ ; + + client_max_body_size 64M; + + # Deny access to any files with a .php extension in the uploads directory + location ~* /(?:uploads|files)/.*\.php$ { + deny all; + } + + location / { + index index.php index.html index.htm; + try_files $uri $uri/ /index.php?$args; + } + + location ~* \.(gif|jpg|jpeg|png|css|js)$ { + expires max; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_index index.php; + fastcgi_pass unix:/var/run/php-fpm/wordpress.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } +} diff --git a/wordpress-nginx_rhel7/roles/php-fpm/handlers/main.yml b/wordpress-nginx_rhel7/roles/php-fpm/handlers/main.yml index 6a975ad85..e65f8dc68 100644 --- a/wordpress-nginx_rhel7/roles/php-fpm/handlers/main.yml +++ b/wordpress-nginx_rhel7/roles/php-fpm/handlers/main.yml @@ -1,3 +1,6 @@ --- -- name: restart php-fpm - service: name=php-fpm state=restarted +- name: Restart php-fpm + ansible.builtin.service: + name: php-fpm + state: restarted + listen: restart php-fpm diff --git a/wordpress-nginx_rhel7/roles/php-fpm/tasks/main.yml b/wordpress-nginx_rhel7/roles/php-fpm/tasks/main.yml index 4778ce157..5d1a6e0c4 100644 --- a/wordpress-nginx_rhel7/roles/php-fpm/tasks/main.yml +++ b/wordpress-nginx_rhel7/roles/php-fpm/tasks/main.yml @@ -1,22 +1,36 @@ --- - name: Install php-fpm and deps - yum: name={{ item }} state=present - with_items: - - php - - php-fpm - - php-enchant - - php-IDNA_Convert - - php-mbstring - - php-mysql - - php-PHPMailer - - php-process - - php-simplepie - - php-xml + ansible.builtin.yum: + name: "{{ php_packages }}" + state: present + vars: + php_packages: + - php + - php-fpm + - php-enchant + - php-IDNA_Convert + - php-mbstring + - php-mysql + - php-PHPMailer + - php-process + - php-simplepie + - php-xml - name: Disable default pool - command: mv /etc/php-fpm.d/www.conf /etc/php-fpm.d/www.disabled creates=/etc/php-fpm.d/www.disabled + ansible.builtin.copy: + src: /etc/php-fpm.d/www.conf + dest: /etc/php-fpm.d/www.disabled + remote_src: true + owner: root + group: nginx + mode: u=rw,g=r,o=r notify: restart php-fpm - name: Copy php-fpm configuration - template: src=wordpress.conf dest=/etc/php-fpm.d/ + ansible.builtin.template: + src: wordpress.conf.j2 + dest: /etc/php-fpm.d/ + owner: root + group: nginx + mode: u=rw,g=r,o=r notify: restart php-fpm diff --git a/wordpress-nginx_rhel7/roles/php-fpm/templates/wordpress.conf b/wordpress-nginx_rhel7/roles/php-fpm/templates/wordpress.conf.j2 similarity index 100% rename from wordpress-nginx_rhel7/roles/php-fpm/templates/wordpress.conf rename to wordpress-nginx_rhel7/roles/php-fpm/templates/wordpress.conf.j2 diff --git a/wordpress-nginx_rhel7/roles/wordpress/tasks/main.yml b/wordpress-nginx_rhel7/roles/wordpress/tasks/main.yml index 811e69bd3..26c959c88 100644 --- a/wordpress-nginx_rhel7/roles/wordpress/tasks/main.yml +++ b/wordpress-nginx_rhel7/roles/wordpress/tasks/main.yml @@ -1,60 +1,111 @@ --- -- name: Download WordPress - get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz - sha256sum="{{ wp_sha256sum }}" - -- name: Extract archive - command: chdir=/srv/ /bin/tar xvf wordpress-{{ wp_version }}.tar.gz creates=/srv/wordpress - - name: Add group "wordpress" - group: name=wordpress + ansible.builtin.group: + name: wordpress - name: Add user "wordpress" - user: name=wordpress group=wordpress home=/srv/wordpress/ + ansible.builtin.user: + name: wordpress + group: wordpress + home: /srv/wordpress/ + +- name: Download & Extract WordPress + ansible.builtin.unarchive: + src: http://wordpress.org/wordpress-{{ wp_version }}.tar.gz + dest: /srv/wordpress + owner: wordpress + group: wordpress + mode: u=rwX,g=rwX,o=rX + remote_src: true - name: Fetch random salts for WordPress config - local_action: command curl https://api.wordpress.org/secret-key/1.1/salt/ - register: "wp_salt" - become: no + ansible.builtin.uri: + url: https://api.wordpress.org/secret-key/1.1/salt/ + delegate_to: localhost + register: wp_salt + become: false - name: Create WordPress database - mysql_db: name={{ wp_db_name }} state=present + community.mysql.mysql_db: + name: "{{ wp_db_name }}" + state: present - name: Create WordPress database user - mysql_user: name={{ wp_db_user }} password={{ wp_db_password }} priv={{ wp_db_name }}.*:ALL host='localhost' state=present + community.mysql.mysql_user: + name: "{{ wp_db_user }}" + password: "{{ wp_db_password }}" + priv: "{{ wp_db_name }}.*:ALL" + host: localhost + state: present - name: Copy WordPress config file - template: src=wp-config.php dest=/srv/wordpress/ + ansible.builtin.template: + src: wp-config.php.j2 + dest: /srv/wordpress/ + owner: wordpress + group: wordpress + mode: u=r,g=r,o= - name: Change ownership of WordPress installation - file: path=/srv/wordpress/ owner=wordpress group=wordpress state=directory recurse=yes - -- name: install SEManage - yum: pkg=policycoreutils-python state=present - -- name: set the SELinux policy for the Wordpress directory - command: semanage fcontext -a -t httpd_sys_content_t "/srv/wordpress(/.*)?" - -- name: set the SELinux policy for wp-config.php - command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-config\.php" - -- name: set the SELinux policy for wp-content directory - command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content(/.*)?" - -- name: set the SELinux policy for the *.php files - command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/.*\.php" - -- name: set the SELinux policy for the Upgrade directory - command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/upgrade(/.*)?" - -- name: set the SELinux policy for the Uploads directory - command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/uploads(/.*)?" - -- name: set the SELinux policy for the wp-includes php files - command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-includes/.*\.php" - -- name: set the SELinux on all the Files - command: restorecon -Rv /srv/wordpress + ansible.builtin.file: + path: /srv/wordpress/ + owner: wordpress + group: wordpress + state: directory + recurse: true + +- name: Install SEManage + ansible.builtin.yum: + pkg: policycoreutils-python + state: present + +- name: Set the SELinux policy for the Wordpress directory + community.general.sefcontext: + target: /srv/wordpress(/.*)? + setype: httpd_sys_content_t + state: present + +- name: Set the SELinux policy for wp-config.php + community.general.sefcontext: + target: /srv/wordpress/wp-config\.php + setype: httpd_sys_script_exec_t + state: present + +- name: Set the SELinux policy for wp-content directory + community.general.sefcontext: + target: /srv/wordpress/wp-content(/.*)? + setype: httpd_sys_rw_content_t + state: present + +- name: Set the SELinux policy for the *.php files + community.general.sefcontext: + target: /srv/wordpress/.*\.php + setype: httpd_sys_script_exec_t + state: present + +- name: Set the SELinux policy for the Upgrade directory + community.general.sefcontext: + target: /srv/wordpress/wp-content/upgrade(/.*)? + setype: httpd_sys_rw_content_t + state: present + +- name: Set the SELinux policy for the Uploads directory + community.general.sefcontext: + target: /srv/wordpress/wp-content/uploads(/.*)? + setype: httpd_sys_rw_content_t + state: present + +- name: Set the SELinux policy for the wp-includes php files + community.general.sefcontext: + target: /srv/wordpress/wp-includes/.*\.php + setype: httpd_sys_script_exec_t + state: present + +- name: Set the SELinux on all the Files + ansible.builtin.command: restorecon -Rv /srv/wordpress # noqa no-changed-when - name: Start php-fpm Service - service: name=php-fpm state=started enabled=yes + ansible.builtin.service: + name: php-fpm + state: started + enabled: true diff --git a/wordpress-nginx_rhel7/roles/wordpress/templates/wp-config.php b/wordpress-nginx_rhel7/roles/wordpress/templates/wp-config.php.j2 similarity index 100% rename from wordpress-nginx_rhel7/roles/wordpress/templates/wp-config.php rename to wordpress-nginx_rhel7/roles/wordpress/templates/wp-config.php.j2