pull/63/head
Ivan Grynenko
8 years ago
commit
811c16c55f
@ -1,2 +0,0 @@ |
||||
wordpress-nginx/hosts |
||||
.DS_Store |
||||
@ -1,76 +1,39 @@ |
||||
--- |
||||
sudo: required |
||||
language: python |
||||
python: "2.7" |
||||
|
||||
env: |
||||
- distribution: centos |
||||
version: 6 |
||||
init: /sbin/init |
||||
run_opts: "" |
||||
playbook: test.yml |
||||
- distribution: centos |
||||
version: 7 |
||||
init: /usr/lib/systemd/systemd |
||||
run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" |
||||
playbook: centos-7-test.yml |
||||
- distribution: ubuntu |
||||
version: 14.04 |
||||
init: /sbin/init |
||||
run_opts: "" |
||||
playbook: test.yml |
||||
# - distribution: ubuntu |
||||
# version: 12.04 |
||||
# init: /sbin/init |
||||
# run_opts: "" |
||||
# playbook: test.yml |
||||
|
||||
services: |
||||
- docker |
||||
- SITE=test.yml |
||||
|
||||
before_install: |
||||
# Pull container |
||||
- 'sudo docker pull ${distribution}:${version}' |
||||
# Customize container |
||||
- 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' |
||||
- sudo apt-get update -qq |
||||
- sudo apt-get install -y curl |
||||
|
||||
script: |
||||
- container_id=$(mktemp) |
||||
# Run container in detached state |
||||
- 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' |
||||
install: |
||||
# Install Ansible. |
||||
- pip install ansible |
||||
|
||||
# Ansible syntax check. |
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} --syntax-check' |
||||
# Add ansible.cfg to pick up roles path. |
||||
- "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" |
||||
|
||||
# Test role. |
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' |
||||
script: |
||||
# Check the role/playbook's syntax. |
||||
- "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" |
||||
|
||||
# Test role idempotence. |
||||
# Run the role/playbook with ansible-playbook. |
||||
- "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" |
||||
|
||||
# Run the role/playbook again, checking to make sure it's idempotent. |
||||
- > |
||||
sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} |
||||
ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo |
||||
| grep -q 'changed=0.*failed=0' |
||||
&& (echo 'Idempotence test: pass' && exit 0) |
||||
|| (echo 'Idempotence test: fail' && exit 1) |
||||
|
||||
# Some MySQL debugging (show all the logs). |
||||
- sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ls -lah /var/log |
||||
- sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm cat /var/log/mysql/error.log || true |
||||
- sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm cat /var/log/mysql.err || true |
||||
|
||||
# Check to make sure we can connect to MySQL via Unix socket. |
||||
- > |
||||
sudo docker exec "$(cat ${container_id})" mysql -u root -proot -e 'show databases;' |
||||
| grep -q 'information_schema' |
||||
&& (echo 'MySQL running normally' && exit 0) |
||||
|| (echo 'MySQL not running' && exit 1) |
||||
|
||||
# Check to make sure we can connect to MySQL via TCP. |
||||
- > |
||||
sudo docker exec "$(cat ${container_id})" mysql -u root -proot -h 127.0.0.1 -e 'show databases;' |
||||
| grep -q 'information_schema' |
||||
&& (echo 'MySQL running normally' && exit 0) |
||||
|| (echo 'MySQL not running' && exit 1) |
||||
|
||||
# Clean up |
||||
- sudo docker stop "$(cat ${container_id})" |
||||
# TODO - get the test working. Probably need to add a virtual host. |
||||
# Request a page via Nginx, to make sure Nginx is running and responds. |
||||
# - "curl http://localhost/" |
||||
|
||||
notifications: |
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/ |
||||
|
||||
@ -1,95 +1,68 @@ |
||||
--- |
||||
mysql_user_home: /root |
||||
mysql_root_username: root |
||||
mysql_root_password: root |
||||
|
||||
# Set this to `yes` to forcibly update the root password. |
||||
mysql_root_password_update: no |
||||
|
||||
mysql_enabled_on_startup: yes |
||||
|
||||
# update my.cnf. each time role is run? yes | no |
||||
overwrite_global_mycnf: yes |
||||
|
||||
# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only |
||||
# for RedHat systems (and derivatives). |
||||
mysql_enablerepo: "" |
||||
|
||||
# Define a custom list of packages to install; if none provided, the default |
||||
# package list from vars/[OS-family].yml will be used. |
||||
# mysql_packages: |
||||
# - mysql |
||||
# - mysql-server |
||||
# - MySQL-python |
||||
|
||||
# MySQL connection settings. |
||||
mysql_port: "3306" |
||||
mysql_bind_address: '0.0.0.0' |
||||
mysql_datadir: /var/lib/mysql |
||||
mysql_pid_file: /var/run/mysqld/mysqld.pid |
||||
mysql_skip_name_resolve: no |
||||
|
||||
# Slow query log settings. |
||||
mysql_slow_query_log_enabled: no |
||||
mysql_slow_query_log_file: /var/log/mysql-slow.log |
||||
mysql_slow_query_time: 2 |
||||
|
||||
# Memory settings (default values optimized ~512MB RAM). |
||||
mysql_key_buffer_size: "256M" |
||||
mysql_max_allowed_packet: "64M" |
||||
mysql_table_open_cache: "256" |
||||
mysql_sort_buffer_size: "1M" |
||||
mysql_read_buffer_size: "1M" |
||||
mysql_read_rnd_buffer_size: "4M" |
||||
mysql_myisam_sort_buffer_size: "64M" |
||||
mysql_thread_cache_size: "8" |
||||
mysql_query_cache_size: "16M" |
||||
mysql_max_connections: 151 |
||||
|
||||
# Other settings. |
||||
mysql_wait_timeout: 28800 |
||||
|
||||
# InnoDB settings. |
||||
# Set .._buffer_pool_size up to 80% of RAM but beware of setting too high. |
||||
mysql_innodb_file_per_table: "1" |
||||
mysql_innodb_buffer_pool_size: "256M" |
||||
# Set .._log_file_size to 25% of buffer pool size. |
||||
mysql_innodb_log_file_size: "64M" |
||||
mysql_innodb_log_buffer_size: "8M" |
||||
mysql_innodb_flush_log_at_trx_commit: "1" |
||||
mysql_innodb_lock_wait_timeout: 50 |
||||
|
||||
# mysqldump settings. |
||||
mysql_mysqldump_max_allowed_packet: "64M" |
||||
|
||||
# Logging settings. |
||||
mysql_log: "" |
||||
mysql_log_error: /var/log/mysql.err |
||||
mysql_syslog_tag: mysql |
||||
|
||||
mysql_config_include_files: [] |
||||
# - src: path/relative/to/playbook/file.cnf |
||||
# - { src: path/relative/to/playbook/anotherfile.cnf, force: yes } |
||||
|
||||
# Databases. |
||||
mysql_databases: [] |
||||
# - name: example |
||||
# collation: utf8_general_ci |
||||
# encoding: utf8 |
||||
# replicate: 1 |
||||
|
||||
# Users. |
||||
mysql_users: [] |
||||
# - name: example |
||||
# host: 127.0.0.1 |
||||
# password: secret |
||||
# priv: *.*:USAGE |
||||
|
||||
# Replication settings (replication is only enabled if master/user have values). |
||||
mysql_server_id: "1" |
||||
mysql_max_binlog_size: "100M" |
||||
mysql_expire_logs_days: "10" |
||||
mysql_replication_role: '' |
||||
mysql_replication_master: '' |
||||
# Same keys as `mysql_users` above. |
||||
mysql_replication_user: [] |
||||
# Used only for Debian/Ubuntu installation, as the -t option for apt. |
||||
nginx_default_release: "" |
||||
|
||||
# Use the official Nginx PPA for Ubuntu, and the version to use if so. |
||||
nginx_ppa_use: false |
||||
nginx_ppa_version: stable |
||||
|
||||
# The name of the nginx apt/yum package to install. |
||||
nginx_package_name: "nginx" |
||||
|
||||
nginx_worker_processes: "1" |
||||
nginx_worker_connections: "1024" |
||||
nginx_multi_accept: "off" |
||||
|
||||
nginx_error_log: "/var/log/nginx/error.log warn" |
||||
nginx_access_log: "/var/log/nginx/access.log main buffer=16k" |
||||
|
||||
nginx_sendfile: "on" |
||||
nginx_tcp_nopush: "on" |
||||
nginx_tcp_nodelay: "on" |
||||
|
||||
nginx_keepalive_timeout: "65" |
||||
nginx_keepalive_requests: "100" |
||||
|
||||
nginx_client_max_body_size: "64m" |
||||
|
||||
nginx_server_names_hash_bucket_size: "64" |
||||
|
||||
nginx_proxy_cache_path: "" |
||||
|
||||
nginx_extra_conf_options: "" |
||||
# Example extra main options, used within the main nginx's context: |
||||
# nginx_extra_conf_options: | |
||||
# env VARIABLE; |
||||
# include /etc/nginx/main.d/*.conf; |
||||
|
||||
nginx_extra_http_options: "" |
||||
# Example extra http options, printed inside the main server http config: |
||||
# nginx_extra_http_options: | |
||||
# proxy_buffering off; |
||||
# proxy_set_header X-Real-IP $remote_addr; |
||||
# proxy_set_header X-Scheme $scheme; |
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
# proxy_set_header Host $http_host; |
||||
|
||||
nginx_remove_default_vhost: false |
||||
nginx_vhosts: [] |
||||
# Example vhost below, showing all available options: |
||||
# - listen: "80 default_server" # default: "80 default_server" |
||||
# server_name: "example.com" # default: N/A |
||||
# root: "/var/www/example.com" # default: N/A |
||||
# index: "index.html index.htm" # default: "index.html index.htm" |
||||
# |
||||
# # Properties that are only added if defined: |
||||
# error_page: "" |
||||
# access_log: "" |
||||
# error_log: "" |
||||
# extra_parameters: "" # Can be used to add extra config blocks (multiline). |
||||
|
||||
nginx_upstreams: [] |
||||
# - name: myapp1 |
||||
# strategy: "ip_hash" # "least_conn", etc. |
||||
# servers: { |
||||
# "srv1.example.com", |
||||
# "srv2.example.com weight=3", |
||||
# "srv3.example.com" |
||||
# } |
||||
|
||||
@ -1,3 +1,10 @@ |
||||
--- |
||||
- name: restart mysql |
||||
service: "name={{ mysql_daemon }} state=restarted sleep=5" |
||||
- name: restart nginx |
||||
service: name=nginx state=restarted |
||||
|
||||
- name: validate nginx configuration |
||||
command: nginx -t -c /etc/nginx/nginx.conf |
||||
changed_when: False |
||||
|
||||
- name: reload nginx |
||||
service: name=nginx state=reloaded |
||||
|
||||
@ -1,5 +0,0 @@ |
||||
Modified by David Beck (techiscool@gmail.com) 2015 |
||||
Copyright (C) 2015 Eugene Varnavsky (varnavruz@gmail.com) |
||||
|
||||
This work is licensed under the Creative Commons Attribution 3.0 Unported License. |
||||
To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/deed.en_US. |
||||
@ -1,34 +0,0 @@ |
||||
## WordPress+Nginx+PHP-FPM+MariaDB Deployment |
||||
|
||||
- Requires Ansible 1.2 or newer |
||||
- Expects CentOS/RHEL 7.x host/s |
||||
|
||||
RHEL7 version reflects changes in Red Hat Enterprise Linux and CentOS 7: |
||||
1. Network device naming scheme has changed |
||||
2. iptables is replaced with firewalld |
||||
3. MySQL is replaced with MariaDB |
||||
|
||||
These playbooks deploy a simple all-in-one configuration of the popular |
||||
WordPress blogging platform and CMS, frontend by the Nginx web server and the |
||||
PHP-FPM process manager. To use, copy the `hosts.example` file to `hosts` and |
||||
edit the `hosts` inventory file to include the names or URLs of the servers |
||||
you want to deploy. |
||||
|
||||
Then run the playbook, like this: |
||||
|
||||
ansible-playbook -i hosts site.yml |
||||
|
||||
The playbooks will configure MariaDB, WordPress, Nginx, and PHP-FPM. When the run |
||||
is complete, you can hit access server to begin the WordPress configuration. |
||||
|
||||
### Ideas for Improvement |
||||
|
||||
Here are some ideas for ways that these playbooks could be extended: |
||||
|
||||
- Parameterize the WordPress deployment to handle multi-site configurations. |
||||
- Separate the components (PHP-FPM, MySQL, Nginx) onto separate hosts and |
||||
handle the configuration appropriately. |
||||
- Handle WordPress upgrades automatically. |
||||
|
||||
We would love to see contributions and improvements, so please fork this |
||||
repository on GitHub and send us your changes via pull requests. |
||||
@ -1,150 +0,0 @@ |
||||
--- |
||||
# Variables listed here are applicable to all host groups |
||||
wp_version: 4.3 |
||||
wp_sha256sum: 3b0db3abe8504f15a33cf64188a493ec0de01eaa8d20e37c3d6a1d9fa0a40fb4 |
||||
|
||||
# These are the WordPress database settings |
||||
wp_db_name: wordpress |
||||
wp_db_user: wordpress |
||||
wp_db_password: secret |
||||
|
||||
# MySQL settings |
||||
mysql_root_password: Ff!2KDSUOs10[tXR*M</_#mgvlJCkz5W |
||||
mysql_root_password_update: yes |
||||
mysql_bind_address: '127.0.0.1' |
||||
mysql_slow_query_log_enabled: yes |
||||
mysql_slow_query_log_file: /var/log/mysql-slow.log |
||||
mysql_pid_file: /var/lib/mysql/mysql.pid |
||||
mysql_slow_query_time: 2 |
||||
mysql_max_allowed_packet: "256M" |
||||
mysql_innodb_buffer_pool_size: "1G" |
||||
mysql_innodb_log_buffer_size: "1G" |
||||
mysql_innodb_log_file_size: "1G" |
||||
mysql_innodb_flush_log_at_trx_commit: "2" |
||||
mysql_innodb_file_per_table: 1 |
||||
mysql_innodb_log_buffer_size: "16M" |
||||
mysql_databases: |
||||
- name: drupal8db |
||||
encoding: utf8 |
||||
collation: utf8_general_ci |
||||
mysql_users: |
||||
- name: drupal8user |
||||
host: "127.0.0.1" |
||||
password: dcSEMWpH]O2P(?ubNjFmLYJ[xoVhXiCs |
||||
priv: "drupal8db.*:ALL" |
||||
|
||||
# This is used for the nginx server configuration, but access to the |
||||
# WordPress site is not restricted by a named host. |
||||
nginx_port: 80 |
||||
server_hostname: server.example.com |
||||
|
||||
# Disable All Updates |
||||
# By default automatic updates are enabled, set this value to true to disable all automatic updates |
||||
auto_up_disable: false |
||||
|
||||
#Define Core Update Level |
||||
# true = Development, minor, and major updates are all enabled |
||||
# false = Development, minor, and major updates are all disabled |
||||
# minor = Minor updates are enabled, development, and major updates are disabled |
||||
core_update_level: true |
||||
|
||||
# Defines PHP values |
||||
php_enablerepo: "remi-php70" |
||||
|
||||
# PHP-FPM configuration. |
||||
php_enable_php_fpm: true |
||||
|
||||
php_apc_shm_size: "128M" |
||||
php_date_timezone: "Australia/Melbourne" |
||||
|
||||
# Interaction with which web server |
||||
php_webserver_daemon: "nginx" |
||||
|
||||
php_error_reporting: "E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE & ~E_WARNING" |
||||
|
||||
php_packages: |
||||
- php |
||||
- php-cli |
||||
- php-common |
||||
- php-devel |
||||
- php-fpm |
||||
- php-gd |
||||
- php-imap |
||||
- php-ldap |
||||
- php-mbstring |
||||
- php-opcache |
||||
- php-pdo |
||||
- php-pear |
||||
- php-pecl-apcu |
||||
- php-xml |
||||
- php-xmlrpc |
||||
- php-mcrypt |
||||
- php-pecl-uploadprogress |
||||
|
||||
# Nginx vhosts configuration |
||||
nginx_vhosts: |
||||
- listen: "{{ nginx_port }} default_server" |
||||
server_name: "{{ server_hostname }} www.{{ server_hostname }}" |
||||
root: "/var/www/html/{{ server_hostname }}" |
||||
open_file_cache: "max=2000 inactive=120s" |
||||
open_file_cache_valid: "240s" |
||||
open_file_cache_min_uses: "5" |
||||
open_file_cache_errors: "off" |
||||
client_max_body_size: "5m" |
||||
client_body_timeout: "60" |
||||
index: "index.php index.html index.htm" |
||||
error_page: "403 =404" |
||||
access_log: "/var/log/nginx/{{ server_hostname }}_access.log" |
||||
error_log: "/var/log/nginx/{{ server_hostname }}_error.log" |
||||
extra_parameters: | |
||||
location ~ \.php$ { |
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$; |
||||
fastcgi_pass unix:/var/run/php5-fpm.sock; |
||||
fastcgi_index index.php; |
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
||||
include fastcgi_params; |
||||
} |
||||
location = /favicon.ico { |
||||
log_not_found off; |
||||
access_log off; |
||||
} |
||||
location = /robots.txt { |
||||
allow all; |
||||
log_not_found off; |
||||
access_log off; |
||||
} |
||||
location = /backup { |
||||
deny all; |
||||
} |
||||
location ~* \.(txt|log)$ { |
||||
allow 127.0.0.1; |
||||
deny all; |
||||
} |
||||
location ~ \..*/.*\.php$ { |
||||
return 403; |
||||
} |
||||
location ~ ^/sites/.*/files/styles/ { |
||||
try_files $uri @rewrite; |
||||
} |
||||
location ~ ^/sites/default/files/ { |
||||
try_files $uri @rewrite; |
||||
} |
||||
location ~* \.(gif|jpg|jpeg|png|ico|bmp|js|css|pdf|doc|webp|woff|ico|js|css)(\?[a-zA-Z0-9\.\-_,])?$ { |
||||
expires max; |
||||
log_not_found off; |
||||
add_header Cache-Control "public"; |
||||
add_header X-Cache $upstream_cache_status; |
||||
} |
||||
location ~ /\. { |
||||
access_log off; |
||||
log_not_found off; |
||||
deny all; |
||||
} |
||||
location ~ ~$ { |
||||
access_log off; |
||||
log_not_found off; |
||||
deny all; |
||||
} |
||||
location ~ /\.ht { |
||||
deny all; |
||||
} |
||||
@ -1,2 +0,0 @@ |
||||
[lemp-server] |
||||
122.129.219.67:221 |
||||
@ -1,76 +0,0 @@ |
||||
--- |
||||
sudo: required |
||||
|
||||
env: |
||||
- distribution: centos |
||||
version: 6 |
||||
init: /sbin/init |
||||
run_opts: "" |
||||
playbook: test.yml |
||||
- distribution: centos |
||||
version: 7 |
||||
init: /usr/lib/systemd/systemd |
||||
run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" |
||||
playbook: centos-7-test.yml |
||||
- distribution: ubuntu |
||||
version: 14.04 |
||||
init: /sbin/init |
||||
run_opts: "" |
||||
playbook: test.yml |
||||
# - distribution: ubuntu |
||||
# version: 12.04 |
||||
# init: /sbin/init |
||||
# run_opts: "" |
||||
# playbook: test.yml |
||||
|
||||
services: |
||||
- docker |
||||
|
||||
before_install: |
||||
# Pull container |
||||
- 'sudo docker pull ${distribution}:${version}' |
||||
# Customize container |
||||
- 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' |
||||
|
||||
script: |
||||
- container_id=$(mktemp) |
||||
# Run container in detached state |
||||
- 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' |
||||
|
||||
# Ansible syntax check. |
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} --syntax-check' |
||||
|
||||
# Test role. |
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook}' |
||||
|
||||
# Test role idempotence. |
||||
- > |
||||
sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/${playbook} |
||||
| grep -q 'changed=0.*failed=0' |
||||
&& (echo 'Idempotence test: pass' && exit 0) |
||||
|| (echo 'Idempotence test: fail' && exit 1) |
||||
|
||||
# Some MySQL debugging (show all the logs). |
||||
- sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ls -lah /var/log |
||||
- sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm cat /var/log/mysql/error.log || true |
||||
- sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm cat /var/log/mysql.err || true |
||||
|
||||
# Check to make sure we can connect to MySQL via Unix socket. |
||||
- > |
||||
sudo docker exec "$(cat ${container_id})" mysql -u root -proot -e 'show databases;' |
||||
| grep -q 'information_schema' |
||||
&& (echo 'MySQL running normally' && exit 0) |
||||
|| (echo 'MySQL not running' && exit 1) |
||||
|
||||
# Check to make sure we can connect to MySQL via TCP. |
||||
- > |
||||
sudo docker exec "$(cat ${container_id})" mysql -u root -proot -h 127.0.0.1 -e 'show databases;' |
||||
| grep -q 'information_schema' |
||||
&& (echo 'MySQL running normally' && exit 0) |
||||
|| (echo 'MySQL not running' && exit 1) |
||||
|
||||
# Clean up |
||||
- sudo docker stop "$(cat ${container_id})" |
||||
|
||||
notifications: |
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/ |
||||
@ -1,143 +0,0 @@ |
||||
# Ansible Role: MySQL |
||||
|
||||
[](https://travis-ci.org/geerlingguy/ansible-role-mysql) |
||||
|
||||
Installs and configures MySQL or MariaDB server on RHEL/CentOS or Debian/Ubuntu servers. |
||||
|
||||
## Requirements |
||||
|
||||
No special requirements; note that this role requires root access, so either run it in a playbook with a global `become: yes`, or invoke the role in your playbook like: |
||||
|
||||
- hosts: database |
||||
roles: |
||||
- role: geerlingguy.mysql |
||||
become: yes |
||||
|
||||
## Role Variables |
||||
|
||||
Available variables are listed below, along with default values (see `defaults/main.yml`): |
||||
|
||||
mysql_user_home: /root |
||||
|
||||
The home directory inside which Python MySQL settings will be stored, which Ansible will use when connecting to MySQL. This should be the home directory of the user which runs this Ansible role. |
||||
|
||||
mysql_root_password: root |
||||
|
||||
The MySQL root user account password. |
||||
|
||||
mysql_root_password_update: no |
||||
|
||||
Whether to force update the MySQL root user's password. By default, this role will only change the root user's password when MySQL is first configured. You can force an update by setting this to `yes`. |
||||
|
||||
> Note: If you get an error like `ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)` after a failed or interrupted playbook run, this usually means the root password wasn't originally updated to begin with. Try either removing the `.my.cnf` file inside the configured `mysql_user_home` or updating it and setting `password=''` (the insecure default password). Run the playbook again, with `mysql_root_password_update` set to `yes`, and the setup should complete. |
||||
|
||||
mysql_enabled_on_startup: yes |
||||
|
||||
Whether MySQL should be enabled on startup. |
||||
|
||||
overwrite_global_mycnf: yes |
||||
|
||||
Whether the global my.cnf should be overwritten each time this role is run. Setting this to `no` tells Ansible to only create the `my.cnf` file if it doesn't exist. This should be left at its default value (`yes`) if you'd like to use this role's variables to configure MySQL. |
||||
|
||||
mysql_config_include_files: [] |
||||
|
||||
A list of files that should override the default global my.cnf. Each item in the array requires a "src" parameter which is a path to a file. An optional "force" parameter can force the file to be updated each time ansible runs. |
||||
|
||||
mysql_databases: [] |
||||
|
||||
The MySQL databases to create. A database has the values `name`, `encoding` (defaults to `utf8`), `collation` (defaults to `utf8_general_ci`) and `replicate` (defaults to `1`, only used if replication is configured). The formats of these are the same as in the `mysql_db` module. |
||||
|
||||
mysql_users: [] |
||||
|
||||
The MySQL users and their privileges. A user has the values `name`, `host` (defaults to `localhost`), `password`, `priv` (defaults to `*.*:USAGE`), `append_privs` (defaults to `no`), `state` (defaults to `present`). The formats of these are the same as in the `mysql_user` module. |
||||
|
||||
mysql_packages: |
||||
- mysql |
||||
- mysql-server |
||||
|
||||
(OS-specific, RedHat/CentOS defaults listed here) Packages to be installed. In some situations, you may need to add additional packages, like `mysql-devel`. |
||||
|
||||
mysql_enablerepo: "" |
||||
|
||||
(RedHat/CentOS only) If you have enabled any additional repositories (might I suggest geerlingguy.repo-epel or geerlingguy.repo-remi), those repositories can be listed under this variable (e.g. `remi,epel`). This can be handy, as an example, if you want to install later versions of MySQL. |
||||
|
||||
mysql_port: "3306" |
||||
mysql_bind_address: '0.0.0.0' |
||||
mysql_datadir: /var/lib/mysql |
||||
|
||||
Default MySQL connection configuration. |
||||
|
||||
mysql_log: "" |
||||
mysql_log_error: /var/log/mysqld.log |
||||
mysql_syslog_tag: mysqld |
||||
|
||||
MySQL logging configuration. Setting `mysql_log` (the general query log) or `mysql_log_error` to `syslog` will make MySQL log to syslog using the `mysql_syslog_tag`. |
||||
|
||||
mysql_slow_query_log_enabled: no |
||||
mysql_slow_query_log_file: /var/log/mysql-slow.log |
||||
mysql_slow_query_time: 2 |
||||
|
||||
Slow query log settings. Note that the log file will be created by this role, but if you're running on a server with SELinux or AppArmor, you may need to add this path to the allowed paths for MySQL, or disable the mysql profile. For example, on Debian/Ubuntu, you can run `sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/usr.sbin.mysqld && sudo service apparmor restart`. |
||||
|
||||
mysql_key_buffer_size: "256M" |
||||
mysql_max_allowed_packet: "64M" |
||||
mysql_table_open_cache: "256" |
||||
[...] |
||||
|
||||
The rest of the settings in `defaults/main.yml` control MySQL's memory usage. The default values are tuned for a server where MySQL can consume ~512 MB RAM, so you should consider adjusting them to suit your particular server better. |
||||
|
||||
mysql_server_id: "1" |
||||
mysql_max_binlog_size: "100M" |
||||
mysql_expire_logs_days: "10" |
||||
mysql_replication_role: '' |
||||
mysql_replication_master: '' |
||||
mysql_replication_user: [] |
||||
|
||||
Replication settings. Set `mysql_server_id` and `mysql_replication_role` by server (e.g. the master would be ID `1`, with the `mysql_replication_role` of `master`, and the slave would be ID `2`, with the `mysql_replication_role` of `slave`). The `mysql_replication_user` uses the same keys as `mysql_users`, and is created on master servers, and used to replicate on all the slaves. |
||||
|
||||
### MariaDB usage |
||||
|
||||
This role works with either MySQL or a compatible version of MariaDB. On RHEL/CentOS 7+, the mariadb database engine was substituted as the default MySQL replacement package. No modifications are necessary though all of the variables still reference 'mysql' instead of mariadb. |
||||
|
||||
#### Ubuntu 14.04 and 16.04 MariaDB configuration |
||||
|
||||
On Ubuntu, the package names are named differently, so the `mysql_package` variable needs to be altered. Set the following variables (at a minimum): |
||||
|
||||
mysql_packages: |
||||
- mariadb-client |
||||
- mariadb-server |
||||
- python-mysqldb |
||||
|
||||
## Dependencies |
||||
|
||||
None. |
||||
|
||||
## Example Playbook |
||||
|
||||
- hosts: db-servers |
||||
become: yes |
||||
vars_files: |
||||
- vars/main.yml |
||||
roles: |
||||
- { role: geerlingguy.mysql } |
||||
|
||||
*Inside `vars/main.yml`*: |
||||
|
||||
mysql_root_password: super-secure-password |
||||
mysql_databases: |
||||
- name: example_db |
||||
encoding: latin1 |
||||
collation: latin1_general_ci |
||||
mysql_users: |
||||
- name: example_user |
||||
host: "%" |
||||
password: similarly-secure-password |
||||
priv: "example_db.*:ALL" |
||||
|
||||
## License |
||||
|
||||
MIT / BSD |
||||
|
||||
## Author Information |
||||
|
||||
This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). |
||||
@ -1,95 +0,0 @@ |
||||
--- |
||||
mysql_user_home: /root |
||||
mysql_root_username: root |
||||
mysql_root_password: root |
||||
|
||||
# Set this to `yes` to forcibly update the root password. |
||||
mysql_root_password_update: no |
||||
|
||||
mysql_enabled_on_startup: yes |
||||
|
||||
# update my.cnf. each time role is run? yes | no |
||||
overwrite_global_mycnf: yes |
||||
|
||||
# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). Used only |
||||
# for RedHat systems (and derivatives). |
||||
mysql_enablerepo: "" |
||||
|
||||
# Define a custom list of packages to install; if none provided, the default |
||||
# package list from vars/[OS-family].yml will be used. |
||||
# mysql_packages: |
||||
# - mysql |
||||
# - mysql-server |
||||
# - MySQL-python |
||||
|
||||
# MySQL connection settings. |
||||
mysql_port: "3306" |
||||
mysql_bind_address: '0.0.0.0' |
||||
mysql_datadir: /var/lib/mysql |
||||
mysql_pid_file: /var/run/mysqld/mysqld.pid |
||||
mysql_skip_name_resolve: no |
||||
|
||||
# Slow query log settings. |
||||
mysql_slow_query_log_enabled: no |
||||
mysql_slow_query_log_file: /var/log/mysql-slow.log |
||||
mysql_slow_query_time: 2 |
||||
|
||||
# Memory settings (default values optimized ~512MB RAM). |
||||
mysql_key_buffer_size: "256M" |
||||
mysql_max_allowed_packet: "64M" |
||||
mysql_table_open_cache: "256" |
||||
mysql_sort_buffer_size: "1M" |
||||
mysql_read_buffer_size: "1M" |
||||
mysql_read_rnd_buffer_size: "4M" |
||||
mysql_myisam_sort_buffer_size: "64M" |
||||
mysql_thread_cache_size: "8" |
||||
mysql_query_cache_size: "16M" |
||||
mysql_max_connections: 151 |
||||
|
||||
# Other settings. |
||||
mysql_wait_timeout: 28800 |
||||
|
||||
# InnoDB settings. |
||||
# Set .._buffer_pool_size up to 80% of RAM but beware of setting too high. |
||||
mysql_innodb_file_per_table: "1" |
||||
mysql_innodb_buffer_pool_size: "256M" |
||||
# Set .._log_file_size to 25% of buffer pool size. |
||||
mysql_innodb_log_file_size: "64M" |
||||
mysql_innodb_log_buffer_size: "8M" |
||||
mysql_innodb_flush_log_at_trx_commit: "1" |
||||
mysql_innodb_lock_wait_timeout: 50 |
||||
|
||||
# mysqldump settings. |
||||
mysql_mysqldump_max_allowed_packet: "64M" |
||||
|
||||
# Logging settings. |
||||
mysql_log: "" |
||||
mysql_log_error: /var/log/mysql.err |
||||
mysql_syslog_tag: mysql |
||||
|
||||
mysql_config_include_files: [] |
||||
# - src: path/relative/to/playbook/file.cnf |
||||
# - { src: path/relative/to/playbook/anotherfile.cnf, force: yes } |
||||
|
||||
# Databases. |
||||
mysql_databases: [] |
||||
# - name: example |
||||
# collation: utf8_general_ci |
||||
# encoding: utf8 |
||||
# replicate: 1 |
||||
|
||||
# Users. |
||||
mysql_users: [] |
||||
# - name: example |
||||
# host: 127.0.0.1 |
||||
# password: secret |
||||
# priv: *.*:USAGE |
||||
|
||||
# Replication settings (replication is only enabled if master/user have values). |
||||
mysql_server_id: "1" |
||||
mysql_max_binlog_size: "100M" |
||||
mysql_expire_logs_days: "10" |
||||
mysql_replication_role: '' |
||||
mysql_replication_master: '' |
||||
# Same keys as `mysql_users` above. |
||||
mysql_replication_user: [] |
||||
@ -1,3 +0,0 @@ |
||||
--- |
||||
- name: restart mysql |
||||
service: "name={{ mysql_daemon }} state=restarted sleep=5" |
||||
@ -1,22 +0,0 @@ |
||||
--- |
||||
dependencies: [] |
||||
|
||||
galaxy_info: |
||||
author: geerlingguy |
||||
description: MySQL server for RHEL/CentOS and Debian/Ubuntu. |
||||
company: "Midwestern Mac, LLC" |
||||
license: "license (BSD, MIT)" |
||||
min_ansible_version: 1.9 |
||||
platforms: |
||||
- name: EL |
||||
versions: |
||||
- 6 |
||||
- 7 |
||||
- name: Ubuntu |
||||
versions: |
||||
- all |
||||
- name: Debian |
||||
versions: |
||||
- all |
||||
galaxy_tags: |
||||
- database |
||||
@ -1,69 +0,0 @@ |
||||
--- |
||||
- name: Copy my.cnf global MySQL configuration. |
||||
template: |
||||
src: my.cnf.j2 |
||||
dest: "{{ mysql_config_file }}" |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
force: "{{ overwrite_global_mycnf }}" |
||||
notify: restart mysql |
||||
|
||||
- name: Verify mysql include directory exists. |
||||
file: |
||||
path: "{{ mysql_config_include_dir }}" |
||||
state: directory |
||||
owner: root |
||||
group: root |
||||
mode: 0755 |
||||
when: mysql_config_include_files | length |
||||
|
||||
- name: Copy my.cnf override files into include directory. |
||||
template: |
||||
src: "{{ item.src }}" |
||||
dest: "{{ mysql_config_include_dir }}/{{ item.src | basename }}" |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
force: "{{ item.force | default(False) }}" |
||||
with_items: "{{ mysql_config_include_files }}" |
||||
notify: restart mysql |
||||
|
||||
- name: Create slow query log file (if configured). |
||||
shell: "touch {{ mysql_slow_query_log_file }} creates={{ mysql_slow_query_log_file }}" |
||||
when: mysql_slow_query_log_enabled |
||||
|
||||
- name: Create datadir if it does not exist |
||||
file: |
||||
path: "{{ mysql_datadir }}" |
||||
state: directory |
||||
owner: mysql |
||||
group: mysql |
||||
mode: 0755 |
||||
setype: mysqld_db_t |
||||
|
||||
- name: Set ownership on slow query log file (if configured). |
||||
file: |
||||
path: "{{ mysql_slow_query_log_file }}" |
||||
state: file |
||||
owner: mysql |
||||
group: mysql |
||||
mode: 0640 |
||||
when: mysql_slow_query_log_enabled |
||||
|
||||
- name: Create error log file (if configured). |
||||
shell: "touch {{ mysql_log_error }} creates={{ mysql_log_error }}" |
||||
when: mysql_log == "" and mysql_log_error != "" |
||||
|
||||
- name: Set ownership on error log file (if configured). |
||||
file: |
||||
path: "{{ mysql_log_error }}" |
||||
state: file |
||||
owner: mysql |
||||
group: mysql |
||||
mode: 0640 |
||||
when: mysql_log == "" and mysql_log_error != "" |
||||
|
||||
- name: Ensure MySQL is started and enabled on boot. |
||||
service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" |
||||
register: mysql_service_configuration |
||||
@ -1,8 +0,0 @@ |
||||
--- |
||||
- name: Ensure MySQL databases are present. |
||||
mysql_db: |
||||
name: "{{ item.name }}" |
||||
collation: "{{ item.collation | default('utf8_general_ci') }}" |
||||
encoding: "{{ item.encoding | default('utf8') }}" |
||||
state: present |
||||
with_items: "{{ mysql_databases }}" |
||||
@ -1,42 +0,0 @@ |
||||
--- |
||||
# Variable configuration. |
||||
- name: Include OS-specific variables. |
||||
include_vars: "{{ ansible_os_family }}.yml" |
||||
when: ansible_os_family != "RedHat" |
||||
|
||||
- name: Include OS-specific variables (RedHat). |
||||
include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" |
||||
when: ansible_os_family == "RedHat" |
||||
|
||||
- name: Define mysql_packages. |
||||
set_fact: |
||||
mysql_packages: "{{ __mysql_packages | list }}" |
||||
when: mysql_packages is not defined |
||||
|
||||
- name: Define mysql_daemon. |
||||
set_fact: |
||||
mysql_daemon: "{{ __mysql_daemon }}" |
||||
when: mysql_daemon is not defined |
||||
|
||||
- name: Define mysql_slow_query_log_file. |
||||
set_fact: |
||||
mysql_slow_query_log_file: "{{ __mysql_slow_query_log_file }}" |
||||
when: mysql_slow_query_log_file is not defined |
||||
|
||||
# Setup/install tasks. |
||||
- include: setup-RedHat.yml |
||||
when: ansible_os_family == 'RedHat' |
||||
|
||||
- include: setup-Debian.yml |
||||
when: ansible_os_family == 'Debian' |
||||
|
||||
- name: Check if MySQL packages were installed. |
||||
set_fact: |
||||
mysql_install_packages: "{{ (rh_mysql_install_packages is defined and rh_mysql_install_packages.changed) or (deb_mysql_install_packages is defined and deb_mysql_install_packages.changed) }}" |
||||
|
||||
# Configure MySQL. |
||||
- include: configure.yml |
||||
- include: secure-installation.yml |
||||
- include: databases.yml |
||||
- include: users.yml |
||||
- include: replication.yml |
||||
@ -1,51 +0,0 @@ |
||||
--- |
||||
- name: Ensure replication user exists on master. |
||||
mysql_user: |
||||
name: "{{ mysql_replication_user.name }}" |
||||
host: "{{ mysql_replication_user.host | default('%') }}" |
||||
password: "{{ mysql_replication_user.password }}" |
||||
priv: "{{ mysql_replication_user.priv | default('*.*:REPLICATION SLAVE') }}" |
||||
state: present |
||||
when: > |
||||
(mysql_replication_role == 'master') |
||||
and mysql_replication_user |
||||
and (mysql_replication_master != '') |
||||
|
||||
- name: Check slave replication status. |
||||
mysql_replication: mode=getslave |
||||
ignore_errors: true |
||||
register: slave |
||||
when: > |
||||
mysql_replication_role == 'slave' |
||||
and (mysql_replication_master != '') |
||||
|
||||
- name: Check master replication status. |
||||
mysql_replication: mode=getmaster |
||||
delegate_to: "{{ mysql_replication_master }}" |
||||
register: master |
||||
when: > |
||||
slave|failed |
||||
and (mysql_replication_role == 'slave') |
||||
and (mysql_replication_master != '') |
||||
|
||||
- name: Configure replication on the slave. |
||||
mysql_replication: |
||||
mode: changemaster |
||||
master_host: "{{ mysql_replication_master }}" |
||||
master_user: "{{ mysql_replication_user.name }}" |
||||
master_password: "{{ mysql_replication_user.password }}" |
||||
master_log_file: "{{ master.File }}" |
||||
master_log_pos: "{{ master.Position }}" |
||||
ignore_errors: True |
||||
when: > |
||||
slave|failed |
||||
and (mysql_replication_role == 'slave') |
||||
and (mysql_replication_master != '') |
||||
and mysql_replication_user |
||||
|
||||
- name: Start replication. |
||||
mysql_replication: mode=startslave |
||||
when: > |
||||
slave|failed |
||||
and (mysql_replication_role == 'slave') |
||||
and (mysql_replication_master != '') |
||||
@ -1,44 +0,0 @@ |
||||
--- |
||||
- name: Disallow root login remotely |
||||
command: 'mysql -NBe "{{ item }}"' |
||||
with_items: |
||||
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1') |
||||
changed_when: False |
||||
|
||||
- name: Get list of hosts for the root user. |
||||
command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = "root" ORDER BY (Host="localhost") ASC' |
||||
register: mysql_root_hosts |
||||
changed_when: false |
||||
|
||||
# Note: We do not use mysql_user for this operation, as it doesn't always update |
||||
# the root password correctly. See: https://goo.gl/MSOejW |
||||
- name: Update MySQL root password for localhost root account. |
||||
shell: > |
||||
mysql -u root -NBe |
||||
'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' |
||||
with_items: "{{ mysql_root_hosts.stdout_lines }}" |
||||
when: mysql_install_packages | bool or mysql_root_password_update |
||||
|
||||
# Has to be after the root password assignment, for idempotency. |
||||
- name: Copy .my.cnf file with root password credentials. |
||||
template: |
||||
src: "user-my.cnf.j2" |
||||
dest: "{{ mysql_user_home }}/.my.cnf" |
||||
owner: root |
||||
group: root |
||||
mode: 0600 |
||||
|
||||
- name: Get list of hosts for the anonymous user. |
||||
command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""' |
||||
register: mysql_anonymous_hosts |
||||
changed_when: false |
||||
|
||||
- name: Remove anonymous MySQL users. |
||||
mysql_user: |
||||
name: "" |
||||
host: "{{ item }}" |
||||
state: absent |
||||
with_items: "{{ mysql_anonymous_hosts.stdout_lines }}" |
||||
|
||||
- name: Remove MySQL test database. |
||||
mysql_db: "name='test' state=absent" |
||||
@ -1,26 +0,0 @@ |
||||
--- |
||||
- name: Check if MySQL is already installed. |
||||
stat: path=/etc/init.d/mysql |
||||
register: mysql_installed |
||||
|
||||
- name: Update apt cache if MySQL is not yet installed. |
||||
apt: update_cache=yes |
||||
when: mysql_installed.stat.exists == false |
||||
|
||||
- name: Ensure MySQL Python libraries are installed. |
||||
apt: "name=python-mysqldb state=installed" |
||||
|
||||
- name: Ensure MySQL packages are installed. |
||||
apt: "name={{ item }} state=installed" |
||||
with_items: "{{ mysql_packages }}" |
||||
register: deb_mysql_install_packages |
||||
|
||||
# Because Ubuntu starts MySQL as part of the install process, we need to stop |
||||
# mysql and remove the logfiles in case the user set a custom log file size. |
||||
- name: Ensure MySQL is stopped after initial install. |
||||
service: "name={{ mysql_daemon }} state=stopped" |
||||
when: mysql_installed.stat.exists == false |
||||
|
||||
- name: Delete innodb log files created by apt package after initial install. |
||||
shell: "rm -f {{ mysql_datadir }}/ib_logfile[01]" |
||||
when: mysql_installed.stat.exists == false |
||||
@ -1,8 +0,0 @@ |
||||
--- |
||||
- name: Ensure MySQL packages are installed. |
||||
yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" |
||||
with_items: "{{ mysql_packages }}" |
||||
register: rh_mysql_install_packages |
||||
|
||||
- name: Ensure MySQL Python libraries are installed. |
||||
yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" |
||||
@ -1,11 +0,0 @@ |
||||
--- |
||||
- name: Ensure MySQL users are present. |
||||
mysql_user: |
||||
name: "{{ item.name }}" |
||||
host: "{{ item.host | default('localhost') }}" |
||||
password: "{{ item.password }}" |
||||
priv: "{{ item.priv | default('*.*:USAGE') }}" |
||||
state: "{{ item.state | default('present') }}" |
||||
append_privs: "{{ item.append_privs | default('no') }}" |
||||
with_items: "{{ mysql_users }}" |
||||
no_log: true |
||||
@ -1,110 +0,0 @@ |
||||
[client] |
||||
#password = your_password |
||||
port = {{ mysql_port }} |
||||
socket = {{ mysql_socket }} |
||||
|
||||
[mysqld] |
||||
port = {{ mysql_port }} |
||||
bind-address = {{ mysql_bind_address }} |
||||
datadir = {{ mysql_datadir }} |
||||
socket = {{ mysql_socket }} |
||||
pid-file = {{ mysql_pid_file }} |
||||
{% if mysql_skip_name_resolve %} |
||||
skip-name-resolve |
||||
{% endif %} |
||||
|
||||
# Logging configuration. |
||||
{% if mysql_log_error == 'syslog' or mysql_log == 'syslog' %} |
||||
syslog |
||||
syslog-tag = {{ mysql_syslog_tag }} |
||||
{% else %} |
||||
{% if mysql_log %} |
||||
log = {{ mysql_log }} |
||||
{% endif %} |
||||
log-error = {{ mysql_log_error }} |
||||
{% endif %} |
||||
|
||||
{% if mysql_slow_query_log_enabled %} |
||||
# Slow query log configuration. |
||||
slow_query_log = 1 |
||||
slow_query_log_file = {{ mysql_slow_query_log_file }} |
||||
long_query_time = {{ mysql_slow_query_time }} |
||||
{% endif %} |
||||
|
||||
{% if mysql_replication_master %} |
||||
# Replication |
||||
server-id = {{ mysql_server_id }} |
||||
|
||||
{% if mysql_replication_role == 'master' %} |
||||
log_bin = mysql-bin |
||||
log-bin-index = mysql-bin.index |
||||
expire_logs_days = {{ mysql_expire_logs_days }} |
||||
max_binlog_size = {{ mysql_max_binlog_size }} |
||||
|
||||
{% for db in mysql_databases %} |
||||
{% if db.replicate|default(1) %} |
||||
binlog_do_db = {{ db.name }} |
||||
{% else %} |
||||
binlog_ignore_db = {{ db.name }} |
||||
{% endif %} |
||||
{% endfor %} |
||||
{% endif %} |
||||
|
||||
{% if mysql_replication_role == 'slave' %} |
||||
read_only |
||||
relay-log = relay-bin |
||||
relay-log-index = relay-bin.index |
||||
{% endif %} |
||||
{% endif %} |
||||
|
||||
# Disabling symbolic-links is recommended to prevent assorted security risks |
||||
symbolic-links = 0 |
||||
|
||||
# User is ignored when systemd is used (fedora >= 15). |
||||
user = mysql |
||||
|
||||
# http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html |
||||
;performance_schema |
||||
|
||||
# Memory settings. |
||||
key_buffer_size = {{ mysql_key_buffer_size }} |
||||
max_allowed_packet = {{ mysql_max_allowed_packet }} |
||||
table_open_cache = {{ mysql_table_open_cache }} |
||||
sort_buffer_size = {{ mysql_sort_buffer_size }} |
||||
read_buffer_size = {{ mysql_read_buffer_size }} |
||||
read_rnd_buffer_size = {{ mysql_read_rnd_buffer_size }} |
||||
myisam_sort_buffer_size = {{ mysql_myisam_sort_buffer_size }} |
||||
thread_cache_size = {{ mysql_thread_cache_size }} |
||||
query_cache_size = {{ mysql_query_cache_size }} |
||||
max_connections = {{ mysql_max_connections }} |
||||
|
||||
# Other settings. |
||||
wait_timeout = {{ mysql_wait_timeout }} |
||||
|
||||
# InnoDB settings. |
||||
default-storage-engine = innodb |
||||
innodb_file_per_table = {{ mysql_innodb_file_per_table }} |
||||
innodb_buffer_pool_size = {{ mysql_innodb_buffer_pool_size }} |
||||
innodb_log_file_size = {{ mysql_innodb_log_file_size }} |
||||
innodb_log_buffer_size = {{ mysql_innodb_log_buffer_size }} |
||||
innodb_flush_log_at_trx_commit = {{ mysql_innodb_flush_log_at_trx_commit }} |
||||
innodb_lock_wait_timeout = {{ mysql_innodb_lock_wait_timeout }} |
||||
innodb_flush_method = O_DIRECT |
||||
innodb_open_files = 600 |
||||
innodb_additional_mem_pool_size = 8M |
||||
innodb_thread_concurrency = 0 |
||||
|
||||
[mysqldump] |
||||
quick |
||||
max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} |
||||
|
||||
[mysqld_safe] |
||||
pid-file = {{ mysql_pid_file }} |
||||
|
||||
{% if mysql_config_include_files | length %} |
||||
# * IMPORTANT: Additional settings that can override those from this file! |
||||
# The files must end with '.cnf', otherwise they'll be ignored. |
||||
# |
||||
!includedir {{ mysql_config_include_dir }} |
||||
{% endif %} |
||||
|
||||
@ -1,3 +0,0 @@ |
||||
[client] |
||||
user={{ mysql_root_username }} |
||||
password="{{ mysql_root_password }}" |
||||
@ -1,15 +0,0 @@ |
||||
FROM centos:6 |
||||
|
||||
# Install Ansible |
||||
RUN yum -y update; yum clean all; |
||||
RUN yum -y install epel-release |
||||
RUN yum -y install git ansible sudo |
||||
RUN yum clean all |
||||
|
||||
# Disable requiretty |
||||
RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers |
||||
|
||||
# Install Ansible inventory file |
||||
RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts |
||||
|
||||
CMD ["/usr/sbin/init"] |
||||
@ -1,27 +0,0 @@ |
||||
FROM centos:7 |
||||
|
||||
# Install systemd -- See https://hub.docker.com/_/centos/ |
||||
RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs |
||||
RUN yum -y update; yum clean all; \ |
||||
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ |
||||
rm -f /lib/systemd/system/multi-user.target.wants/*; \ |
||||
rm -f /etc/systemd/system/*.wants/*; \ |
||||
rm -f /lib/systemd/system/local-fs.target.wants/*; \ |
||||
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ |
||||
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ |
||||
rm -f /lib/systemd/system/basic.target.wants/*; \ |
||||
rm -f /lib/systemd/system/anaconda.target.wants/*; |
||||
|
||||
# Install Ansible |
||||
RUN yum -y install epel-release |
||||
RUN yum -y install git ansible sudo |
||||
RUN yum clean all |
||||
|
||||
# Disable requiretty |
||||
RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers |
||||
|
||||
# Install Ansible inventory file |
||||
RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts |
||||
|
||||
VOLUME ["/sys/fs/cgroup"] |
||||
CMD ["/usr/sbin/init"] |
||||
@ -1,14 +0,0 @@ |
||||
FROM ubuntu:12.04 |
||||
RUN apt-get update |
||||
|
||||
# Install Ansible |
||||
RUN apt-get install -y software-properties-common python-software-properties git |
||||
RUN apt-add-repository -y ppa:ansible/ansible |
||||
RUN apt-get update |
||||
RUN apt-get install -y ansible |
||||
|
||||
COPY initctl_faker . |
||||
RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl |
||||
|
||||
# Install Ansible inventory file |
||||
RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts |
||||
@ -1,14 +0,0 @@ |
||||
FROM ubuntu:14.04 |
||||
RUN apt-get update |
||||
|
||||
# Install Ansible |
||||
RUN apt-get install -y software-properties-common git |
||||
RUN apt-add-repository -y ppa:ansible/ansible |
||||
RUN apt-get update |
||||
RUN apt-get install -y ansible |
||||
|
||||
COPY initctl_faker . |
||||
RUN chmod +x initctl_faker && rm -fr /sbin/initctl && ln -s /initctl_faker /sbin/initctl |
||||
|
||||
# Install Ansible inventory file |
||||
RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts |
||||
@ -1,15 +0,0 @@ |
||||
--- |
||||
- hosts: all |
||||
vars: |
||||
mysql_packages: |
||||
- mariadb |
||||
- mariadb-server |
||||
- mariadb-libs |
||||
- MySQL-python |
||||
- perl-DBD-MySQL |
||||
mysql_daemon: mariadb |
||||
mysql_log_error: /var/log/mariadb/mariadb.log |
||||
mysql_syslog_tag: mariadb |
||||
mysql_pid_file: /var/run/mariadb/mariadb.pid |
||||
roles: |
||||
- role_under_test |
||||
@ -1,23 +0,0 @@ |
||||
#!/bin/sh |
||||
ALIAS_CMD="$(echo ""$0"" | sed -e 's?/sbin/??')" |
||||
|
||||
case "$ALIAS_CMD" in |
||||
start|stop|restart|reload|status) |
||||
exec service $1 $ALIAS_CMD |
||||
;; |
||||
esac |
||||
|
||||
case "$1" in |
||||
list ) |
||||
exec service --status-all |
||||
;; |
||||
reload-configuration ) |
||||
exec service $2 restart |
||||
;; |
||||
start|stop|restart|reload|status) |
||||
exec service $2 $1 |
||||
;; |
||||
\?) |
||||
exit 0 |
||||
;; |
||||
esac |
||||
@ -1 +0,0 @@ |
||||
localhost |
||||
@ -1,4 +0,0 @@ |
||||
--- |
||||
- hosts: all |
||||
roles: |
||||
- role_under_test |
||||
@ -1,9 +0,0 @@ |
||||
--- |
||||
__mysql_daemon: mysql |
||||
__mysql_packages: |
||||
- mysql-common |
||||
- mysql-server |
||||
__mysql_slow_query_log_file: /var/log/mysql/mysql-slow.log |
||||
mysql_config_file: /etc/mysql/my.cnf |
||||
mysql_config_include_dir: /etc/mysql/conf.d |
||||
mysql_socket: /var/run/mysqld/mysqld.sock |
||||
@ -1,9 +0,0 @@ |
||||
--- |
||||
__mysql_daemon: mysqld |
||||
__mysql_packages: |
||||
- mysql |
||||
- mysql-server |
||||
__mysql_slow_query_log_file: /var/log/mysql-slow.log |
||||
mysql_config_file: /etc/my.cnf |
||||
mysql_config_include_dir: /etc/my.cnf.d |
||||
mysql_socket: /var/lib/mysql/mysql.sock |
||||
@ -1,15 +0,0 @@ |
||||
--- |
||||
__mysql_daemon: mariadb |
||||
__mysql_packages: |
||||
- mariadb |
||||
- mariadb-server |
||||
- mariadb-libs |
||||
- MySQL-python |
||||
- perl-DBD-MySQL |
||||
__mysql_slow_query_log_file: /var/log/mysql-slow.log |
||||
mysql_log_error: /var/log/mariadb/mariadb.log |
||||
mysql_syslog_tag: mariadb |
||||
mysql_pid_file: /var/lib/mysql/mariadb.pid |
||||
mysql_config_file: /etc/my.cnf |
||||
mysql_config_include_dir: /etc/my.cnf.d |
||||
mysql_socket: /var/lib/mysql/mysql.sock |
||||
@ -1,39 +0,0 @@ |
||||
--- |
||||
sudo: required |
||||
language: python |
||||
python: "2.7" |
||||
|
||||
env: |
||||
- SITE=test.yml |
||||
|
||||
before_install: |
||||
- sudo apt-get update -qq |
||||
- sudo apt-get install -y curl |
||||
|
||||
install: |
||||
# Install Ansible. |
||||
- pip install ansible |
||||
|
||||
# Add ansible.cfg to pick up roles path. |
||||
- "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg" |
||||
|
||||
script: |
||||
# Check the role/playbook's syntax. |
||||
- "ansible-playbook -i tests/inventory tests/$SITE --syntax-check" |
||||
|
||||
# Run the role/playbook with ansible-playbook. |
||||
- "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo" |
||||
|
||||
# Run the role/playbook again, checking to make sure it's idempotent. |
||||
- > |
||||
ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo |
||||
| grep -q 'changed=0.*failed=0' |
||||
&& (echo 'Idempotence test: pass' && exit 0) |
||||
|| (echo 'Idempotence test: fail' && exit 1) |
||||
|
||||
# TODO - get the test working. Probably need to add a virtual host. |
||||
# Request a page via Nginx, to make sure Nginx is running and responds. |
||||
# - "curl http://localhost/" |
||||
|
||||
notifications: |
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/ |
||||
@ -1,122 +0,0 @@ |
||||
# Ansible Role: Nginx |
||||
|
||||
[](https://travis-ci.org/geerlingguy/ansible-role-nginx) |
||||
|
||||
Installs Nginx on RedHat/CentOS or Debian/Ubuntu Linux, or FreeBSD servers. |
||||
|
||||
This role installs and configures the latest version of Nginx from the Nginx yum repository (on RedHat-based systems) or via apt (on Debian-based systems) or pkgng (on FreeBSD systems). You will likely need to do extra setup work after this role has installed Nginx, like adding your own [virtualhost].conf file inside `/etc/nginx/conf.d/`, describing the location and options to use for your particular website. |
||||
|
||||
## Requirements |
||||
|
||||
None. |
||||
|
||||
## Role Variables |
||||
|
||||
Available variables are listed below, along with default values (see `defaults/main.yml`): |
||||
|
||||
nginx_vhosts: [] |
||||
|
||||
A list of vhost definitions (server blocks) for Nginx virtual hosts. If left empty, you will need to supply your own virtual host configuration. See the commented example in `defaults/main.yml` for available server options. If you have a large number of customizations required for your server definition(s), you're likely better off managing the vhost configuration file yourself, leaving this variable set to `[]`. |
||||
|
||||
nginx_vhosts: |
||||
- listen: "80 default_server" |
||||
server_name: "example.com" |
||||
root: "/var/www/example.com" |
||||
index: "index.php index.html index.htm" |
||||
error_page: "" |
||||
access_log: "" |
||||
error_log: "" |
||||
extra_parameters: | |
||||
location ~ \.php$ { |
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$; |
||||
fastcgi_pass unix:/var/run/php5-fpm.sock; |
||||
fastcgi_index index.php; |
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
||||
include fastcgi_params; |
||||
} |
||||
|
||||
An example of a fully-populated nginx_vhosts entry, using a `|` to declare a block of syntax for the `extra_parameters`. |
||||
|
||||
nginx_remove_default_vhost: false |
||||
|
||||
Whether to remove the 'default' virtualhost configuration supplied by Nginx. Useful if you want the base `/` URL to be directed at one of your own virtual hosts configured in a separate .conf file. |
||||
|
||||
nginx_upstreams: [] |
||||
|
||||
If you are configuring Nginx as a load balancer, you can define one or more upstream sets using this variable. In addition to defining at least one upstream, you would need to configure one of your server blocks to proxy requests through the defined upstream (e.g. `proxy_pass http://myapp1;`). See the commented example in `defaults/main.yml` for more information. |
||||
|
||||
nginx_user: "nginx" |
||||
|
||||
The user under which Nginx will run. Defaults to `nginx` for RedHat, and `www-data` for Debian. |
||||
|
||||
nginx_worker_processes: "1" |
||||
nginx_worker_connections: "1024" |
||||
nginx_multi_accept: "off" |
||||
|
||||
`nginx_worker_processes` should be set to the number of cores present on your machine. Connections (find this number with `grep processor /proc/cpuinfo | wc -l`). `nginx_worker_connections` is the number of connections per process. Set this higher to handle more simultaneous connections (and remember that a connection will be used for as long as the keepalive timeout duration for every client!). You can set `nginx_multi_accept` to `on` if you want Nginx to accept all connections immediately. |
||||
|
||||
nginx_error_log: "/var/log/nginx/error.log warn" |
||||
nginx_access_log: "/var/log/nginx/access.log main buffer=16k" |
||||
|
||||
Configuration of the default error and access logs. Set to `off` to disable a log entirely. |
||||
|
||||
nginx_sendfile: "on" |
||||
nginx_tcp_nopush: "on" |
||||
nginx_tcp_nodelay: "on" |
||||
|
||||
TCP connection options. See [this blog post](https://t37.net/nginx-optimization-understanding-sendfile-tcp_nodelay-and-tcp_nopush.html) for more information on these directives. |
||||
|
||||
nginx_keepalive_timeout: "65" |
||||
nginx_keepalive_requests: "100" |
||||
|
||||
Nginx keepalive settings. Timeout should be set higher (10s+) if you have more polling-style traffic (AJAX-powered sites especially), or lower (<10s) if you have a site where most users visit a few pages and don't send any further requests. |
||||
|
||||
nginx_client_max_body_size: "64m" |
||||
|
||||
This value determines the largest file upload possible, as uploads are passed through Nginx before hitting a backend like `php-fpm`. If you get an error like `client intended to send too large body`, it means this value is set too low. |
||||
|
||||
nginx_server_names_hash_bucket_size: "64" |
||||
|
||||
If you have many server names, or have very long server names, you might get an Nginx error on startup requiring this value to be increased. |
||||
|
||||
nginx_proxy_cache_path: "" |
||||
|
||||
Set as the `proxy_cache_path` directive in the `nginx.conf` file. By default, this will not be configured (if left as an empty string), but if you wish to use Nginx as a reverse proxy, you can set this to a valid value (e.g. `"/var/cache/nginx keys_zone=cache:32m"`) to use Nginx's cache (further proxy configuration can be done in individual server configurations). |
||||
|
||||
nginx_extra_http_options: "" |
||||
|
||||
Extra lines to be inserted in the top-level `http` block in `nginx.conf`. The value should be defined literally (as you would insert it directly in the `nginx.conf`, adhering to the Nginx configuration syntax - such as `;` for line termination, etc.), for example: |
||||
|
||||
nginx_extra_http_options: | |
||||
proxy_buffering off; |
||||
proxy_set_header X-Real-IP $remote_addr; |
||||
proxy_set_header X-Scheme $scheme; |
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
proxy_set_header Host $http_host; |
||||
|
||||
nginx_default_release: "" |
||||
|
||||
(For Debian/Ubuntu only) Allows you to set a different repository for the installation of Nginx. As an example, if you are running Debian's wheezy release, and want to get a newer version of Nginx, you can install the `wheezy-backports` repository and set that value here, and Ansible will use that as the `-t` option while installing Nginx. |
||||
|
||||
nginx_ppa_use: false |
||||
nginx_ppa_version: stable |
||||
|
||||
(For Ubuntu only) Allows you to use the official Nginx PPA instead of the system's package. You can set the version to `stable` or `development`. |
||||
|
||||
## Dependencies |
||||
|
||||
None. |
||||
|
||||
## Example Playbook |
||||
|
||||
- hosts: server |
||||
roles: |
||||
- { role: geerlingguy.nginx } |
||||
|
||||
## License |
||||
|
||||
MIT / BSD |
||||
|
||||
## Author Information |
||||
|
||||
This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). |
||||
@ -1,68 +0,0 @@ |
||||
--- |
||||
# Used only for Debian/Ubuntu installation, as the -t option for apt. |
||||
nginx_default_release: "" |
||||
|
||||
# Use the official Nginx PPA for Ubuntu, and the version to use if so. |
||||
nginx_ppa_use: false |
||||
nginx_ppa_version: stable |
||||
|
||||
# The name of the nginx apt/yum package to install. |
||||
nginx_package_name: "nginx" |
||||
|
||||
nginx_worker_processes: "auto" |
||||
nginx_worker_connections: "1024" |
||||
nginx_multi_accept: "off" |
||||
|
||||
nginx_error_log: "/var/log/nginx/error.log warn" |
||||
nginx_access_log: "/var/log/nginx/access.log main buffer=16k" |
||||
|
||||
nginx_sendfile: "on" |
||||
nginx_tcp_nopush: "on" |
||||
nginx_tcp_nodelay: "on" |
||||
|
||||
nginx_keepalive_timeout: "65" |
||||
nginx_keepalive_requests: "100" |
||||
|
||||
nginx_client_max_body_size: "64m" |
||||
|
||||
nginx_server_names_hash_bucket_size: "64" |
||||
|
||||
nginx_proxy_cache_path: "" |
||||
|
||||
nginx_extra_conf_options: "" |
||||
# Example extra main options, used within the main nginx's context: |
||||
# nginx_extra_conf_options: | |
||||
# env VARIABLE; |
||||
# include /etc/nginx/main.d/*.conf; |
||||
|
||||
nginx_extra_http_options: "" |
||||
# Example extra http options, printed inside the main server http config: |
||||
# nginx_extra_http_options: | |
||||
# proxy_buffering off; |
||||
# proxy_set_header X-Real-IP $remote_addr; |
||||
# proxy_set_header X-Scheme $scheme; |
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
# proxy_set_header Host $http_host; |
||||
|
||||
nginx_remove_default_vhost: false |
||||
nginx_vhosts: [] |
||||
# Example vhost below, showing all available options: |
||||
# - listen: "80 default_server" # default: "80 default_server" |
||||
# server_name: "example.com" # default: N/A |
||||
# root: "/var/www/example.com" # default: N/A |
||||
# index: "index.html index.htm" # default: "index.html index.htm" |
||||
# |
||||
# # Properties that are only added if defined: |
||||
# error_page: "" |
||||
# access_log: "" |
||||
# error_log: "" |
||||
# extra_parameters: "" # Can be used to add extra config blocks (multiline). |
||||
|
||||
nginx_upstreams: [] |
||||
# - name: myapp1 |
||||
# strategy: "ip_hash" # "least_conn", etc. |
||||
# servers: { |
||||
# "srv1.example.com", |
||||
# "srv2.example.com weight=3", |
||||
# "srv3.example.com" |
||||
# } |
||||
@ -1,10 +0,0 @@ |
||||
--- |
||||
- name: restart nginx |
||||
service: name=nginx state=restarted |
||||
|
||||
- name: validate nginx configuration |
||||
command: nginx -t -c /etc/nginx/nginx.conf |
||||
changed_when: False |
||||
|
||||
- name: reload nginx |
||||
service: name=nginx state=reloaded |
||||
@ -1,30 +0,0 @@ |
||||
--- |
||||
dependencies: [] |
||||
|
||||
galaxy_info: |
||||
author: geerlingguy |
||||
description: Nginx installation for Linux and FreeBSD. |
||||
company: "Midwestern Mac, LLC" |
||||
license: "license (BSD, MIT)" |
||||
min_ansible_version: 1.8 |
||||
platforms: |
||||
- name: EL |
||||
versions: |
||||
- 6 |
||||
- 7 |
||||
- name: Debian |
||||
versions: |
||||
- all |
||||
- name: Ubuntu |
||||
versions: |
||||
- all |
||||
- name: FreeBSD |
||||
versions: |
||||
- 10.3 |
||||
- 10.2 |
||||
- 10.1 |
||||
- 10.0 |
||||
- 9.3 |
||||
galaxy_tags: |
||||
- development |
||||
- web |
||||
@ -1,39 +0,0 @@ |
||||
--- |
||||
# Variable setup. |
||||
- name: Include OS-specific variables. |
||||
include_vars: "{{ ansible_os_family }}.yml" |
||||
|
||||
- name: Define nginx_user. |
||||
set_fact: |
||||
nginx_user: "{{ __nginx_user }}" |
||||
when: nginx_user is not defined |
||||
|
||||
# Setup/install tasks. |
||||
- include: setup-RedHat.yml |
||||
when: ansible_os_family == 'RedHat' |
||||
|
||||
- include: setup-Ubuntu.yml |
||||
when: ansible_distribution == 'Ubuntu' |
||||
|
||||
- include: setup-Debian.yml |
||||
when: ansible_os_family == 'Debian' |
||||
|
||||
- include: setup-FreeBSD.yml |
||||
when: ansible_os_family == 'FreeBSD' |
||||
|
||||
# Vhost configuration. |
||||
- include: vhosts.yml |
||||
|
||||
# Nginx setup. |
||||
- name: Copy nginx configuration in place. |
||||
template: |
||||
src: nginx.conf.j2 |
||||
dest: "{{ nginx_conf_file_path }}" |
||||
owner: root |
||||
group: "{{ root_group }}" |
||||
mode: 0644 |
||||
notify: |
||||
- reload nginx |
||||
|
||||
- name: Ensure nginx is started and enabled to start at boot. |
||||
service: name=nginx state=started enabled=yes |
||||
@ -1,9 +0,0 @@ |
||||
--- |
||||
- name: Update apt cache. |
||||
apt: update_cache=yes cache_valid_time=86400 |
||||
|
||||
- name: Ensure nginx is installed. |
||||
apt: |
||||
name: "{{ nginx_package_name }}" |
||||
state: installed |
||||
default_release: "{{ nginx_default_release }}" |
||||
@ -1,14 +0,0 @@ |
||||
--- |
||||
- name: Enable nginx repo. |
||||
template: |
||||
src: nginx.repo.j2 |
||||
dest: /etc/yum.repos.d/nginx.repo |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
|
||||
- name: Ensure nginx is installed. |
||||
yum: |
||||
name: "{{ nginx_package_name }}" |
||||
state: installed |
||||
enablerepo: nginx |
||||
@ -1 +0,0 @@ |
||||
localhost |
||||
@ -1,6 +0,0 @@ |
||||
--- |
||||
- hosts: localhost |
||||
remote_user: root |
||||
roles: |
||||
- role: ansible-role-nginx |
||||
nginx_use_ppa: true |
||||
@ -1,9 +0,0 @@ |
||||
--- |
||||
root_group: root |
||||
nginx_conf_path: /etc/nginx/conf.d |
||||
nginx_conf_file_path: /etc/nginx/nginx.conf |
||||
nginx_mime_file_path: /etc/nginx/mime.types |
||||
nginx_pidfile: /run/nginx.pid |
||||
nginx_vhost_path: /etc/nginx/sites-enabled |
||||
nginx_default_vhost_path: /etc/nginx/sites-enabled/default |
||||
__nginx_user: "www-data" |
||||
@ -1,84 +0,0 @@ |
||||
--- |
||||
sudo: required |
||||
|
||||
env: |
||||
# Only test source install on latest supported OSes. |
||||
- distribution: centos |
||||
version: 7 |
||||
init: /usr/lib/systemd/systemd |
||||
run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" |
||||
SITE: source |
||||
PHP_VERSION: 7.0.5 |
||||
- distribution: ubuntu |
||||
version: 14.04 |
||||
init: /sbin/init |
||||
run_opts: "" |
||||
SITE: source |
||||
PHP_VERSION: 7.0.5 |
||||
|
||||
# Test package install on all supported OSes. |
||||
- distribution: centos |
||||
version: 7 |
||||
init: /usr/lib/systemd/systemd |
||||
run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" |
||||
SITE: package |
||||
PHP_VERSION: 7.0 |
||||
- distribution: ubuntu |
||||
version: 14.04 |
||||
init: /sbin/init |
||||
run_opts: "" |
||||
SITE: package |
||||
PHP_VERSION: 7.0 |
||||
- distribution: ubuntu |
||||
version: 12.04 |
||||
init: /sbin/init |
||||
run_opts: "" |
||||
SITE: package |
||||
PHP_VERSION: 5.6 |
||||
|
||||
services: |
||||
- docker |
||||
|
||||
before_install: |
||||
# - sudo apt-get update |
||||
# Pull container |
||||
- 'sudo docker pull ${distribution}:${version}' |
||||
# Customize container |
||||
- 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' |
||||
|
||||
script: |
||||
- container_id=$(mktemp) |
||||
# Run container in detached state |
||||
- 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' |
||||
|
||||
# Install dependencies. |
||||
- 'sudo docker exec "$(cat ${container_id})" ansible-galaxy install -r /etc/ansible/roles/role_under_test/tests/requirements.yml' |
||||
|
||||
# Ansible syntax check. |
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml --syntax-check' |
||||
|
||||
# Test role. |
||||
- 'travis_wait 30 sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml' |
||||
|
||||
# Test role idempotence. |
||||
- > |
||||
sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test-${SITE}.yml |
||||
| grep -q 'changed=0.*failed=0' |
||||
&& (echo 'Idempotence test: pass' && exit 0) |
||||
|| (echo 'Idempotence test: fail' && exit 1) |
||||
|
||||
# Ensure PHP is installed and at the right version. |
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm which php' |
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm test -x /usr/bin/php' |
||||
|
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm php --version' |
||||
- 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm /usr/bin/php --version | grep -qF "PHP $PHP_VERSION"' |
||||
|
||||
# Ensure PHP configurations have taken effect. |
||||
- sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm php -i | grep 'memory_limit.*192' |
||||
|
||||
# Clean up |
||||
- 'sudo docker stop "$(cat ${container_id})"' |
||||
|
||||
notifications: |
||||
webhooks: https://galaxy.ansible.com/api/v1/notifications/ |
||||
@ -1,204 +0,0 @@ |
||||
# Ansible Role: PHP |
||||
|
||||
[](https://travis-ci.org/geerlingguy/ansible-role-php) |
||||
|
||||
Installs PHP on RedHat/CentOS and Debian/Ubuntu servers. |
||||
|
||||
## Requirements |
||||
|
||||
If you're using an older LTS release of Ubuntu or RHEL, with an old/outdated version of PHP, you need to use a repo or PPA with a maintained PHP version, as this role only works with [PHP versions that are currently supported](http://php.net/supported-versions.php) by the PHP community. |
||||
|
||||
## Role Variables |
||||
|
||||
Available variables are listed below, along with default values (see `defaults/main.yml`): |
||||
|
||||
php_packages: [] |
||||
|
||||
A list of the PHP packages to install (OS-specific by default). You'll likely want to install common packages like `php`, `php-cli`, `php-devel` and `php-pdo`, and you can add in whatever other packages you'd like (for example, `php-gd` for image manipulation, or `php-ldap` if you need to connect to an LDAP server for authentication). |
||||
|
||||
_Note: If you're using Debian/Ubuntu, you also need to install `libapache2-mod-fastcgi` (for cgi/PHP-FPM) or `libapache2-mod-php7.0` (or a similar package depending on PHP version) if you want to use `mod_php` with Apache._ |
||||
|
||||
php_enable_webserver: true |
||||
|
||||
If your usage of PHP is tied to a web server (e.g. Apache or Nginx), leave this default value. If you are using PHP server-side or to run some small application, set this value to `false` so this role doesn't attempt to interact with a web server. |
||||
|
||||
php_webserver_daemon: "httpd" |
||||
|
||||
The default values for the HTTP server deamon are `httpd` (used by Apache) for RedHat/CentOS, or `apache2` (also used by Apache) for Debian/Ubuntu. If you are running another webserver (for example, `nginx`), change this value to the name of the daemon under which the webserver runs. |
||||
|
||||
php_enablerepo: "" |
||||
|
||||
(RedHat/CentOS only) If you have enabled any additional repositories (might I suggest [geerlingguy.repo-epel](https://github.com/geerlingguy/ansible-role-repo-epel) or [geerlingguy.repo-remi](https://github.com/geerlingguy/ansible-role-repo-remi)), those repositories can be listed under this variable (e.g. `remi-php70,epel`). This can be handy, as an example, if you want to install the latest version of PHP 7.0, which is in the Remi repository. |
||||
|
||||
php_packages_state: "installed" |
||||
|
||||
If you have enabled any additional repositories such as [geerlingguy.repo-epel](https://github.com/geerlingguy/ansible-role-repo-epel) or [geerlingguy.repo-remi](https://github.com/geerlingguy/ansible-role-repo-remi), you may want an easy way to swap PHP versions on the fly. By default, this is set to 'installed'. You can now override this variable to 'latest'. Combined with php_enablerepo, a user now doesn't need to manually uninstall the existing PHP packages before installing them from a different repository. |
||||
|
||||
php_executable: "php" |
||||
|
||||
The executable to run when calling PHP from the command line. You should only change this if running `php` on your server doesn't target the correct executable, or if you're using software collections on RHEL/CentOS and need to target a different version of PHP. |
||||
|
||||
### PHP-FPM |
||||
|
||||
PHP-FPM is a simple and robust FastCGI Process Manager for PHP. It can dramatically ease scaling of PHP apps and is the normal way of running PHP-based sites and apps when using a webserver like Nginx (though it can be used with other webservers just as easily). |
||||
|
||||
When using this role with PHP running as `php-fpm` instead of as a process inside a webserver (e.g. Apache's `mod_php`), you need to set the following variable to `true`: |
||||
|
||||
php_enable_php_fpm: false |
||||
|
||||
If you're using Apache, you can easily get it configured to work with PHP-FPM using the [geerlingguy.apache-php-fpm](https://github.com/geerlingguy/ansible-role-apache-php-fpm) role. |
||||
|
||||
php_fpm_listen: "127.0.0.1:9000" |
||||
php_fpm_listen_allowed_clients: "127.0.0.1" |
||||
php_fpm_pm_max_children: 50 |
||||
php_fpm_pm_start_servers: 5 |
||||
php_fpm_pm_min_spare_servers: 5 |
||||
php_fpm_pm_max_spare_servers: 5 |
||||
|
||||
Specific settings inside the default `www.conf` PHP-FPM pool. If you'd like to manage additional settings, you can do so either by replacing the file with your own template or using `lineinfile` like this role does inside `tasks/configure.yml`. |
||||
|
||||
### php.ini settings |
||||
|
||||
php_use_managed_ini: true |
||||
|
||||
By default, all the extra defaults below are applied through the php.ini included with this role. You can self-manage your php.ini file (if you need more flexility in its configuration) by setting this to `false` (in which case all the below variables will be ignored). |
||||
|
||||
php_memory_limit: "256M" |
||||
php_max_execution_time: "60" |
||||
php_max_input_time: "60" |
||||
php_max_input_vars: "1000" |
||||
php_realpath_cache_size: "32K" |
||||
php_upload_max_filesize: "64M" |
||||
php_post_max_size: "32M" |
||||
php_date_timezone: "America/Chicago" |
||||
php_allow_url_fopen: "On" |
||||
php_sendmail_path: "/usr/sbin/sendmail -t -i" |
||||
php_output_buffering: "4096" |
||||
php_short_open_tag: false |
||||
php_error_reporting: "E_ALL & ~E_DEPRECATED & ~E_STRICT" |
||||
php_display_errors: "Off" |
||||
php_display_startup_errors: "On" |
||||
php_expose_php: "On" |
||||
php_session_cookie_lifetime: 0 |
||||
php_session_gc_probability: 1 |
||||
php_session_gc_divisor: 1000 |
||||
php_session_gc_maxlifetime: 1440 |
||||
php_session_save_handler: files |
||||
php_session_save_path: '' |
||||
|
||||
Various defaults for PHP. Only used if `php_use_managed_ini` is set to `true`. |
||||
|
||||
### OpCache-related Variables |
||||
|
||||
The OpCache is included in PHP starting in version 5.5, and the following variables will only take effect if the version of PHP you have installed is 5.5 or greater. |
||||
|
||||
php_opcache_enable: "1" |
||||
php_opcache_enable_cli: "0" |
||||
php_opcache_memory_consumption: "96" |
||||
php_opcache_interned_strings_buffer: "16" |
||||
php_opcache_max_accelerated_files: "4096" |
||||
php_opcache_max_wasted_percentage: "5" |
||||
php_opcache_validate_timestamps: "1" |
||||
php_opcache_revalidate_path: "0" |
||||
php_opcache_revalidate_freq: "2" |
||||
php_opcache_max_file_size: "0" |
||||
|
||||
OpCache ini directives that are often customized on a system. Make sure you have enough memory and file slots allocated in the OpCache (`php_opcache_memory_consumption`, in MB, and `php_opcache_max_accelerated_files`) to contain all the PHP code you are running. If not, you may get less-than-optimal performance! |
||||
|
||||
php_opcache_conf_filename: [platform-specific] |
||||
|
||||
The platform-specific opcache configuration filename. Generally the default should work, but in some cases, you may need to override the filename. |
||||
|
||||
### APCu-related Variables |
||||
|
||||
php_enable_apc: true |
||||
|
||||
Whether to enable APCu. Other APCu variables will be ineffective if this is set to false. |
||||
|
||||
php_apc_shm_size: "96M" |
||||
php_apc_enable_cli: "0" |
||||
|
||||
APCu ini directives that are often customized on a system. Set the `php_apc_shm_size` so it will hold all cache entries in memory with a little overhead (fragmentation or APC running out of memory will slow down PHP *dramatically*). |
||||
|
||||
php_apc_conf_filename: [platform-specific] |
||||
|
||||
The platform-specific APC configuration filename. Generally the default should work, but in some cases, you may need to override the filename. |
||||
|
||||
#### Ensuring APC is installed |
||||
|
||||
If you use APC, you will need to make sure APC is installed (it is installed by default, but if you customize the `php_packages` list, you need to include APC in the list): |
||||
|
||||
- *On RHEL/CentOS systems*: Make sure `php-pecl-apcu` is in the list of `php_packages`. |
||||
- *On Debian/Ubuntu systems*: Make sure `php-apcu` is in the list of `php_packages`. |
||||
|
||||
### Installing from Source |
||||
|
||||
If you need a specific version of PHP, or would like to test the latest (e.g. master) version of PHP, there's a good chance there's no suitable package already available in your platform's package manager. In these cases, you may choose to install PHP from source by compiling it directly. |
||||
|
||||
Note that source compilation takes *much* longer than installing from packages (PHP HEAD takes 5+ minutes to compile on a modern quad-core computer, just as a point of reference). |
||||
|
||||
php_install_from_source: false |
||||
|
||||
Set this to `true` to install PHP from source instead of installing from packages. |
||||
|
||||
php_source_version: "master" |
||||
|
||||
The version of PHP to install from source (a git branch, tag, or commit hash). |
||||
|
||||
php_source_clone_dir: "~/php-src" |
||||
php_source_install_path: "/opt/php" |
||||
php_source_install_gmp_path: "/usr/include/x86_64-linux-gnu/gmp.h" |
||||
|
||||
Location where source will be cloned and installed, and the location of the GMP header file (which can be platform/distribution specific). |
||||
|
||||
php_source_make_command: "make" |
||||
|
||||
Set the `make` command to `make --jobs=X` where `X` is the number of cores present on the server where PHP is being compiled. Will speed up compilation times dramatically if you have multiple cores. |
||||
|
||||
php_source_configure_command: > |
||||
[...] |
||||
|
||||
The `./configure` command that will build the Makefile to be used for PHP compilation. Add in all the options you need for your particular environment. Using a folded scalar (`>`) allows you to define the variable over multiple lines, which is extremely helpful for legibility and source control! |
||||
|
||||
A few other notes/caveats for specific configurations: |
||||
|
||||
- **Apache with `mpm_prefork`**: If you're using Apache with prefork as a webserver for PHP, you will need to make sure `apxs2` is available on your system (e.g. by installing `apache2-prefork-dev` in Ubuntu), and you will need to make sure the option `--with-apxs2` is defined in `php_source_configure_command`. Finally, you will need to make sure the `mpm_prefork` module is loaded instead of `mpm_worker` or `mpm_event`, and likely add a `phpX.conf` (where `X` is the major version of PHP) configuration file to the Apache module config folder with contents like [`php7.conf`](https://gist.github.com/geerlingguy/5ae5445f28e71264e8c1). |
||||
- **Apache with `mpm_event` or `mpm_worker`**: If you're using Apache with event or worker as a webserver for PHP, you will need to compile PHP with FPM. Make sure the option `--enable-fpm` is defined in `php_source_configure_command`. You'll also need to make sure Apache's support for CGI and event is installed (e.g. by installing `apache2-mpm-event` and `libapache2-mod-fastcgi`) and the `mpm_event` module is loaded. |
||||
- **Nginx**: If you're using Nginx as a webserver for PHP, you will need to compile PHP with FPM. Make sure the option `--enable-fpm` is defined in `php_source_configure_command`. |
||||
|
||||
## Dependencies |
||||
|
||||
None. |
||||
|
||||
## Example Playbook |
||||
|
||||
- hosts: webservers |
||||
vars_files: |
||||
- vars/main.yml |
||||
roles: |
||||
- { role: geerlingguy.php } |
||||
|
||||
*Inside `vars/main.yml`*: |
||||
|
||||
php_memory_limit: "128M" |
||||
php_max_execution_time: "90" |
||||
php_upload_max_filesize: "256M" |
||||
php_packages: |
||||
- php |
||||
- php-cli |
||||
- php-common |
||||
- php-devel |
||||
- php-gd |
||||
- php-mbstring |
||||
- php-pdo |
||||
- php-pecl-apcu |
||||
- php-xml |
||||
... |
||||
|
||||
## License |
||||
|
||||
MIT / BSD |
||||
|
||||
## Author Information |
||||
|
||||
This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). |
||||
@ -1,115 +0,0 @@ |
||||
--- |
||||
# Pass in a comma-separated list of repos to use (e.g. "remi,epel"). |
||||
php_enablerepo: "" |
||||
|
||||
# State that the system package installer should use for PHP the enabled repo (e.g. "installed,latest") |
||||
php_packages_state: installed |
||||
|
||||
# Set this to false if you're not using PHP with Apache/Nginx/etc. |
||||
php_enable_webserver: true |
||||
|
||||
# PHP-FPM configuration. |
||||
php_enable_php_fpm: false |
||||
php_fpm_listen: "127.0.0.1:9000" |
||||
php_fpm_listen_allowed_clients: "127.0.0.1" |
||||
php_fpm_pm_max_children: 50 |
||||
php_fpm_pm_start_servers: 5 |
||||
php_fpm_pm_min_spare_servers: 5 |
||||
php_fpm_pm_max_spare_servers: 5 |
||||
|
||||
# The executable to run when calling PHP from the command line. |
||||
php_executable: "php" |
||||
|
||||
# OpCache settings (useful for PHP >=5.5). |
||||
php_opcache_enable: "1" |
||||
php_opcache_enable_cli: "0" |
||||
php_opcache_memory_consumption: "96" |
||||
php_opcache_interned_strings_buffer: "16" |
||||
php_opcache_max_accelerated_files: "4096" |
||||
php_opcache_max_wasted_percentage: "5" |
||||
php_opcache_validate_timestamps: "1" |
||||
php_opcache_revalidate_path: "0" |
||||
php_opcache_revalidate_freq: "2" |
||||
php_opcache_max_file_size: "0" |
||||
php_opcache_blacklist_filename: "" |
||||
|
||||
# APCu settings. |
||||
php_enable_apc: true |
||||
php_apc_shm_size: "96M" |
||||
php_apc_enable_cli: "0" |
||||
|
||||
# If this is set to false, none of the following options will have any effect. |
||||
# Any and all changes to /etc/php.ini will be your responsibility. |
||||
php_use_managed_ini: true |
||||
|
||||
php_expose_php: "On" |
||||
php_memory_limit: "256M" |
||||
php_max_execution_time: "60" |
||||
php_max_input_time: "60" |
||||
php_max_input_vars: "1000" |
||||
php_realpath_cache_size: "32K" |
||||
php_upload_max_filesize: "64M" |
||||
php_post_max_size: "32M" |
||||
php_date_timezone: "America/Chicago" |
||||
php_allow_url_fopen: "On" |
||||
|
||||
php_sendmail_path: "/usr/sbin/sendmail -t -i" |
||||
php_output_buffering: "4096" |
||||
php_short_open_tag: false |
||||
|
||||
php_session_cookie_lifetime: 0 |
||||
php_session_gc_probability: 1 |
||||
php_session_gc_divisor: 1000 |
||||
php_session_gc_maxlifetime: 1440 |
||||
php_session_save_handler: files |
||||
php_session_save_path: '' |
||||
|
||||
php_error_reporting: "E_ALL & ~E_DEPRECATED & ~E_STRICT" |
||||
php_display_errors: "Off" |
||||
php_display_startup_errors: "Off" |
||||
|
||||
# Install PHP from source (instead of using a package manager) with these vars. |
||||
php_install_from_source: false |
||||
php_source_version: "master" |
||||
php_source_clone_dir: "~/php-src" |
||||
php_source_install_path: "/opt/php" |
||||
php_source_install_gmp_path: "/usr/include/x86_64-linux-gnu/gmp.h" |
||||
# For faster compile time: "make --jobs=X" where X is # of cores present. |
||||
php_source_make_command: "make" |
||||
php_source_configure_command: > |
||||
./configure |
||||
--prefix={{ php_source_install_path }} |
||||
--with-config-file-path={{ php_conf_paths | first }} |
||||
--enable-mbstring |
||||
--enable-zip |
||||
--enable-bcmath |
||||
--enable-pcntl |
||||
--enable-ftp |
||||
--enable-exif |
||||
--enable-calendar |
||||
--enable-opcache |
||||
--enable-pdo |
||||
--enable-sysvmsg |
||||
--enable-sysvsem |
||||
--enable-sysvshm |
||||
--enable-wddx |
||||
--with-curl |
||||
--with-mcrypt |
||||
--with-iconv |
||||
--with-gmp |
||||
--with-pspell |
||||
--with-gd |
||||
--with-jpeg-dir=/usr |
||||
--with-png-dir=/usr |
||||
--with-zlib-dir=/usr |
||||
--with-xpm-dir=/usr |
||||
--with-freetype-dir=/usr |
||||
--enable-gd-native-ttf |
||||
--enable-gd-jis-conv |
||||
--with-openssl |
||||
--with-pdo-mysql=/usr |
||||
--with-gettext=/usr |
||||
--with-zlib=/usr |
||||
--with-bz2=/usr |
||||
--with-recode=/usr |
||||
--with-mysqli=/usr/bin/mysql_config |
||||
@ -1,13 +0,0 @@ |
||||
--- |
||||
- name: restart webserver |
||||
service: |
||||
name: "{{ php_webserver_daemon }}" |
||||
state: restarted |
||||
notify: restart php-fpm |
||||
when: php_enable_webserver |
||||
|
||||
- name: restart php-fpm |
||||
service: |
||||
name: "{{ php_fpm_daemon }}" |
||||
state: restarted |
||||
when: php_enable_php_fpm |
||||
@ -1,23 +0,0 @@ |
||||
--- |
||||
dependencies: [] |
||||
|
||||
galaxy_info: |
||||
author: geerlingguy |
||||
description: PHP for RedHat/CentOS/Debian/Ubuntu. |
||||
company: "Midwestern Mac, LLC" |
||||
license: "license (BSD, MIT)" |
||||
min_ansible_version: 1.9 |
||||
platforms: |
||||
- name: EL |
||||
versions: |
||||
- 6 |
||||
- 7 |
||||
- name: Debian |
||||
versions: |
||||
- all |
||||
- name: Ubuntu |
||||
versions: |
||||
- all |
||||
galaxy_tags: |
||||
- development |
||||
- web |
||||
@ -1,37 +0,0 @@ |
||||
--- |
||||
- name: Check for existing APCu config files. |
||||
find: |
||||
paths: "{{ item }}" |
||||
contains: 'extension(\s+)?=(\s+)?apc[u]?\.so' |
||||
register: php_installed_apc_confs |
||||
with_items: "{{ php_extension_conf_paths }}" |
||||
|
||||
- name: Remove any non-role-supplied APCu config files. |
||||
file: |
||||
path: "{{ item.1.path }}" |
||||
state: absent |
||||
when: php_apc_conf_filename != (item.1.path.split('/') | last) |
||||
with_subelements: |
||||
- "{{ php_installed_apc_confs.results }}" |
||||
- files |
||||
notify: restart webserver |
||||
|
||||
- name: Ensure APCu config file is present. |
||||
template: |
||||
src: apc.ini.j2 |
||||
dest: "{{ item }}/{{ php_apc_conf_filename }}" |
||||
owner: root |
||||
group: root |
||||
force: yes |
||||
mode: 0644 |
||||
with_items: "{{ php_extension_conf_paths }}" |
||||
when: php_enable_apc |
||||
notify: restart webserver |
||||
|
||||
- name: Remove APCu config file if APC is disabled. |
||||
file: |
||||
path: "{{ item }}/{{ php_apc_conf_filename }}" |
||||
state: absent |
||||
with_items: "{{ php_extension_conf_paths }}" |
||||
when: not php_enable_apc |
||||
notify: restart webserver |
||||
@ -1,72 +0,0 @@ |
||||
--- |
||||
- name: Define php_fpm_daemon. |
||||
set_fact: |
||||
php_fpm_daemon: "{{ __php_fpm_daemon }}" |
||||
when: php_fpm_daemon is not defined |
||||
|
||||
- name: Define php_fpm_pool_conf_path. |
||||
set_fact: |
||||
php_fpm_pool_conf_path: "{{ __php_fpm_pool_conf_path }}" |
||||
when: php_fpm_pool_conf_path is not defined |
||||
|
||||
- name: Define php_fpm_pool_user. |
||||
set_fact: |
||||
php_fpm_pool_user: "{{ __php_fpm_pool_user }}" |
||||
when: php_fpm_pool_user is not defined |
||||
|
||||
- name: Define php_fpm_pool_group. |
||||
set_fact: |
||||
php_fpm_pool_group: "{{ __php_fpm_pool_group }}" |
||||
when: php_fpm_pool_group is not defined |
||||
|
||||
- name: Stat php_fpm_pool_conf_path |
||||
stat: |
||||
path: "{{ php_fpm_pool_conf_path | dirname }}" |
||||
register: php_fpm_pool_conf_path_dir_stat |
||||
|
||||
- name: Ensure the default pool directory exists. |
||||
file: |
||||
path: "{{ php_fpm_pool_conf_path | dirname }}" |
||||
state: directory |
||||
owner: root |
||||
group: root |
||||
mode: 0755 |
||||
when: php_fpm_pool_conf_path_dir_stat.stat.islnk is not defined |
||||
|
||||
- name: Ensure the default pool exists. |
||||
template: |
||||
src: www.conf.j2 |
||||
dest: "{{ php_fpm_pool_conf_path }}" |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
force: no |
||||
|
||||
- name: Configure php-fpm pool (if enabled). |
||||
lineinfile: |
||||
dest: "{{ php_fpm_pool_conf_path }}" |
||||
regexp: "{{ item.regexp }}" |
||||
line: "{{ item.line }}" |
||||
state: present |
||||
with_items: |
||||
- regexp: "^listen.?=.+$" |
||||
line: "listen = {{ php_fpm_listen }}" |
||||
- regexp: '^listen\.allowed_clients.?=.+$' |
||||
line: "listen.allowed_clients = {{ php_fpm_listen_allowed_clients }}" |
||||
- regexp: '^pm\.max_children.?=.+$' |
||||
line: "pm.max_children = {{ php_fpm_pm_max_children }}" |
||||
- regexp: '^pm\.start_servers.?=.+$' |
||||
line: "pm.start_servers = {{ php_fpm_pm_start_servers }}" |
||||
- regexp: '^pm\.min_spare_servers.?=.+$' |
||||
line: "pm.min_spare_servers = {{ php_fpm_pm_min_spare_servers }}" |
||||
- regexp: '^pm\.max_spare_servers.?=.+$' |
||||
line: "pm.max_spare_servers = {{ php_fpm_pm_max_spare_servers }}" |
||||
when: php_enable_php_fpm |
||||
notify: restart php-fpm |
||||
|
||||
- name: Ensure php-fpm is started and enabled at boot (if configured). |
||||
service: |
||||
name: "{{ php_fpm_daemon }}" |
||||
state: started |
||||
enabled: yes |
||||
when: php_enable_php_fpm |
||||
@ -1,37 +0,0 @@ |
||||
--- |
||||
- name: Check for existing OpCache config files. |
||||
find: |
||||
paths: "{{ item }}" |
||||
contains: 'zend_extension(\s+)?=(\s+)?opcache\.so' |
||||
register: php_installed_opcache_confs |
||||
with_items: "{{ php_extension_conf_paths }}" |
||||
|
||||
- name: Remove any non-role-supplied OpCache config files. |
||||
file: |
||||
path: "{{ item.1.path }}" |
||||
state: absent |
||||
when: php_opcache_conf_filename != (item.1.path.split('/') | last) |
||||
with_subelements: |
||||
- "{{ php_installed_opcache_confs.results }}" |
||||
- files |
||||
notify: restart webserver |
||||
|
||||
- name: Ensure OpCache config file is present. |
||||
template: |
||||
src: opcache.ini.j2 |
||||
dest: "{{ item }}/{{ php_opcache_conf_filename }}" |
||||
owner: root |
||||
group: root |
||||
force: yes |
||||
mode: 0644 |
||||
with_items: "{{ php_extension_conf_paths }}" |
||||
when: php_opcache_enable |
||||
notify: restart webserver |
||||
|
||||
- name: Remove OpCache config file if OpCache is disabled. |
||||
file: |
||||
path: "{{ item }}/{{ php_opcache_conf_filename }}" |
||||
state: absent |
||||
with_items: "{{ php_extension_conf_paths }}" |
||||
when: not php_opcache_enable |
||||
notify: restart webserver |
||||
@ -1,20 +0,0 @@ |
||||
--- |
||||
- name: Ensure configuration directories exist. |
||||
file: |
||||
path: "{{ item }}" |
||||
state: directory |
||||
follow: true |
||||
with_flattened: |
||||
- "{{ php_conf_paths }}" |
||||
- "{{ php_extension_conf_paths }}" |
||||
|
||||
- name: Place PHP configuration file in place. |
||||
template: |
||||
src: php.ini.j2 |
||||
dest: "{{ item }}/php.ini" |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
with_items: "{{ php_conf_paths }}" |
||||
notify: restart webserver |
||||
when: php_use_managed_ini |
||||
@ -1,150 +0,0 @@ |
||||
--- |
||||
- name: Ensure dependencies for building from source are installed (RedHat). |
||||
yum: "pkg={{ item }} state=installed" |
||||
with_items: |
||||
- autoconf |
||||
- automake |
||||
- libtool |
||||
- bison |
||||
- make |
||||
- curl-devel |
||||
- recode-devel |
||||
- aspell-devel |
||||
- libxml2-devel |
||||
- pkgconfig |
||||
- libmcrypt-devel |
||||
- t1lib-devel |
||||
- libXpm-devel |
||||
- libpng-devel |
||||
- libjpeg-turbo-devel |
||||
- bzip2-devel |
||||
- openssl-devel |
||||
- freetype-devel |
||||
- libicu-devel |
||||
- mariadb-devel |
||||
- gmp-devel |
||||
when: ansible_os_family == 'RedHat' |
||||
|
||||
- name: Update apt cache (Debian). |
||||
apt: update_cache=yes cache_valid_time=86400 |
||||
when: ansible_os_family == 'Debian' |
||||
|
||||
- name: Ensure dependencies for building from source are installed (Debian). |
||||
apt: "pkg={{ item }} state=installed" |
||||
with_items: |
||||
- build-essential |
||||
- autoconf |
||||
- automake |
||||
- libtool |
||||
- bison |
||||
- pkg-config |
||||
- re2c |
||||
- libxml2-dev |
||||
- libcurl4-openssl-dev |
||||
- libbz2-dev |
||||
- libjpeg-dev |
||||
- libpng12-dev |
||||
- libxpm-dev |
||||
- libfreetype6-dev |
||||
- libgmp3-dev |
||||
- libmcrypt-dev |
||||
- libmysqlclient-dev |
||||
- libpspell-dev |
||||
- librecode-dev |
||||
- libssl-dev |
||||
when: ansible_os_family == 'Debian' |
||||
|
||||
- name: Define php_fpm_daemon (if not defined already). |
||||
set_fact: |
||||
php_fpm_daemon: "php-fpm" |
||||
when: php_fpm_daemon is not defined |
||||
|
||||
- name: Check if gmp.h is already in a location accessible to gcc. |
||||
stat: path=/usr/include/gmp.h |
||||
register: gmp_file |
||||
|
||||
- name: Ensure gmp.h is symlinked into a location accessible to gcc. |
||||
file: |
||||
src: "{{ php_source_install_gmp_path }}" |
||||
dest: /usr/include/gmp.h |
||||
state: link |
||||
when: gmp_file.stat.exists == false |
||||
|
||||
- name: Check if PHP is installed. |
||||
command: which php |
||||
changed_when: false |
||||
failed_when: false |
||||
register: php_installed |
||||
|
||||
- name: Clone the PHP repository. |
||||
git: |
||||
repo: https://git.php.net/repository/php-src.git |
||||
dest: "{{ php_source_clone_dir }}" |
||||
version: "{{ php_source_version }}" |
||||
accept_hostkey: yes |
||||
depth: 1 |
||||
when: php_installed|failed |
||||
|
||||
- name: Ensure PHP installation path exists. |
||||
file: |
||||
path: "{{ php_source_install_path }}" |
||||
state: directory |
||||
mode: 0755 |
||||
when: php_installed|failed |
||||
|
||||
- name: Build configure script. |
||||
shell: > |
||||
./buildconf --force |
||||
chdir={{ php_source_clone_dir }} |
||||
when: php_installed|failed |
||||
|
||||
- name: Run configure script. |
||||
shell: > |
||||
{{ php_source_configure_command }} |
||||
chdir={{ php_source_clone_dir }} |
||||
when: php_installed|failed |
||||
|
||||
- name: Make and install PHP. |
||||
shell: > |
||||
{{ item }} |
||||
chdir={{ php_source_clone_dir }} |
||||
with_items: |
||||
- "{{ php_source_make_command }}" |
||||
- make install |
||||
when: php_installed|failed |
||||
|
||||
- name: Ensure php executable is symlinked into a standard path. |
||||
file: |
||||
src: "{{ php_source_install_path }}/bin/php" |
||||
dest: /usr/bin/php |
||||
state: link |
||||
|
||||
# PHP FPM configuration. |
||||
- name: Ensure php-fpm executable is symlinked into a standard path. |
||||
file: |
||||
src: "{{ php_source_install_path }}/sbin/php-fpm" |
||||
dest: "/usr/sbin/{{ php_fpm_daemon }}" |
||||
state: link |
||||
when: "'--enable-fpm' in php_source_configure_command" |
||||
|
||||
- name: Ensure php-fpm init script is installed. |
||||
template: |
||||
src: fpm-init.j2 |
||||
dest: "/etc/init.d/{{ php_fpm_daemon }}" |
||||
mode: 0755 |
||||
when: "'--enable-fpm' in php_source_configure_command" |
||||
notify: restart php-fpm |
||||
|
||||
- name: Ensure php-fpm config directory exists. |
||||
file: |
||||
path: "{{ php_fpm_conf_path }}" |
||||
state: directory |
||||
when: "'--enable-fpm' in php_source_configure_command" |
||||
|
||||
- name: Ensure php-fpm config file is installed. |
||||
template: |
||||
src: php-fpm.conf.j2 |
||||
dest: "{{ php_fpm_conf_path }}/php-fpm.conf" |
||||
mode: 0644 |
||||
when: "'--enable-fpm' in php_source_configure_command" |
||||
notify: restart php-fpm |
||||
@ -1,61 +0,0 @@ |
||||
--- |
||||
# Variable setup. |
||||
- name: Include OS-specific variables. |
||||
include_vars: "{{ ansible_os_family }}.yml" |
||||
|
||||
- name: Define php_packages. |
||||
set_fact: |
||||
php_packages: "{{ __php_packages | list }}" |
||||
when: php_packages is not defined |
||||
|
||||
- name: Define php_webserver_daemon. |
||||
set_fact: |
||||
php_webserver_daemon: "{{ __php_webserver_daemon }}" |
||||
when: php_webserver_daemon is not defined |
||||
|
||||
- name: Define php_conf_paths. |
||||
set_fact: |
||||
php_conf_paths: "{{ __php_conf_paths }}" |
||||
when: php_conf_paths is not defined |
||||
|
||||
- name: Define php_extension_conf_paths. |
||||
set_fact: |
||||
php_extension_conf_paths: "{{ __php_extension_conf_paths }}" |
||||
when: php_extension_conf_paths is not defined |
||||
|
||||
- name: Define php_apc_conf_filename. |
||||
set_fact: |
||||
php_apc_conf_filename: "{{ __php_apc_conf_filename }}" |
||||
when: php_apc_conf_filename is not defined |
||||
|
||||
- name: Define php_opcache_conf_filename (Ubuntu 16.04). |
||||
set_fact: |
||||
php_opcache_conf_filename: "10-opcache.ini" |
||||
when: php_opcache_conf_filename is not defined and ansible_distribution_version == "16.04" |
||||
|
||||
- name: Define php_opcache_conf_filename. |
||||
set_fact: |
||||
php_opcache_conf_filename: "{{ __php_opcache_conf_filename }}" |
||||
when: php_opcache_conf_filename is not defined |
||||
|
||||
- name: Define php_fpm_conf_path. |
||||
set_fact: |
||||
php_fpm_conf_path: "{{ __php_fpm_conf_path }}" |
||||
when: php_fpm_conf_path is not defined |
||||
|
||||
# Setup/install tasks. |
||||
- include: setup-RedHat.yml |
||||
when: (php_install_from_source == false) and (ansible_os_family == 'RedHat') |
||||
|
||||
- include: setup-Debian.yml |
||||
when: (php_install_from_source == false) and (ansible_os_family == 'Debian') |
||||
|
||||
# Install PHP from source when php_install_from_source is true. |
||||
- include: install-from-source.yml |
||||
when: php_install_from_source == true |
||||
|
||||
# Configure PHP. |
||||
- include: configure.yml |
||||
- include: configure-apcu.yml |
||||
- include: configure-opcache.yml |
||||
- include: configure-fpm.yml |
||||
@ -1,27 +0,0 @@ |
||||
--- |
||||
- name: Update apt cache. |
||||
apt: update_cache=yes cache_valid_time=86400 |
||||
|
||||
- name: Ensure PHP packages are installed. |
||||
apt: |
||||
name: "{{ item }}" |
||||
state: "{{ php_packages_state }}" |
||||
with_items: "{{ php_packages }}" |
||||
register: php_package_install |
||||
notify: restart webserver |
||||
|
||||
- name: Delete APCu configuration file if this role will provide one. |
||||
file: |
||||
path: "{{ item }}/{{ php_apc_conf_filename }}" |
||||
state: absent |
||||
with_items: "{{ php_extension_conf_paths }}" |
||||
when: php_enable_apc and php_package_install.changed |
||||
notify: restart webserver |
||||
|
||||
- name: Delete OpCache configuration file if this role will provide one. |
||||
file: |
||||
path: "{{ item }}/{{ php_opcache_conf_filename }}" |
||||
state: absent |
||||
with_items: "{{ php_extension_conf_paths }}" |
||||
when: php_opcache_enable and php_package_install.changed |
||||
notify: restart webserver |
||||
@ -1,8 +0,0 @@ |
||||
--- |
||||
- name: Ensure PHP packages are installed. |
||||
yum: |
||||
name: "{{ item }}" |
||||
state: "{{ php_packages_state }}" |
||||
enablerepo: "{{ php_enablerepo }}" |
||||
with_items: "{{ php_packages }}" |
||||
notify: restart webserver |
||||
@ -1,4 +0,0 @@ |
||||
extension=apcu.so |
||||
apc.shm_size={{ php_apc_shm_size }} |
||||
apc.enable_cli={{ php_apc_enable_cli }} |
||||
apc.rfc1867=1 |
||||
@ -1,170 +0,0 @@ |
||||
#!/bin/sh |
||||
### BEGIN INIT INFO |
||||
# Provides: php-fpm {{ php_fpm_daemon }} |
||||
# Required-Start: $remote_fs $network |
||||
# Required-Stop: $remote_fs $network |
||||
# Default-Start: 2 3 4 5 |
||||
# Default-Stop: 0 1 6 |
||||
# Short-Description: starts {{ php_fpm_daemon }} |
||||
# Description: Starts The PHP FastCGI Process Manager Daemon |
||||
### END INIT INFO |
||||
|
||||
# Author: Ondrej Sury <ondrej@debian.org> |
||||
|
||||
PATH=/sbin:/usr/sbin:/bin:/usr/bin |
||||
DESC="PHP FastCGI Process Manager" |
||||
NAME={{ php_fpm_daemon }} |
||||
DAEMON=/usr/sbin/$NAME |
||||
DAEMON_ARGS="--daemonize --fpm-config {{ php_fpm_conf_path }}/php-fpm.conf" |
||||
PIDFILE=/var/run/{{ php_fpm_daemon }}.pid |
||||
TIMEOUT=2 |
||||
SCRIPTNAME=/etc/init.d/$NAME |
||||
|
||||
# Exit if the package is not installed |
||||
[ -x "$DAEMON" ] || exit 0 |
||||
|
||||
# Read configuration variable file if it is present |
||||
[ -r /etc/default/$NAME ] && . /etc/default/$NAME |
||||
|
||||
# Load the VERBOSE setting and other rcS variables |
||||
. /lib/init/vars.sh |
||||
|
||||
# Define LSB log_* functions. |
||||
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. |
||||
. /lib/lsb/init-functions |
||||
|
||||
# Don't run if we are running upstart |
||||
if init_is_upstart; then |
||||
exit 1 |
||||
fi |
||||
|
||||
# |
||||
# Function to check the correctness of the config file |
||||
# |
||||
do_check() |
||||
{ |
||||
/usr/lib/php5/php5-fpm-checkconf || return 1 |
||||
return 0 |
||||
} |
||||
|
||||
# |
||||
# Function that starts the daemon/service |
||||
# |
||||
do_start() |
||||
{ |
||||
# Return |
||||
# 0 if daemon has been started |
||||
# 1 if daemon was already running |
||||
# 2 if daemon could not be started |
||||
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ |
||||
|| return 1 |
||||
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ |
||||
$DAEMON_ARGS 2>/dev/null \ |
||||
|| return 2 |
||||
# Add code here, if necessary, that waits for the process to be ready |
||||
# to handle requests from services started subsequently which depend |
||||
# on this one. As a last resort, sleep for some time. |
||||
} |
||||
|
||||
# |
||||
# Function that stops the daemon/service |
||||
# |
||||
do_stop() |
||||
{ |
||||
# Return |
||||
# 0 if daemon has been stopped |
||||
# 1 if daemon was already stopped |
||||
# 2 if daemon could not be stopped |
||||
# other if a failure occurred |
||||
start-stop-daemon --stop --quiet --retry=QUIT/$TIMEOUT/TERM/5/KILL/5 --pidfile $PIDFILE --name $NAME |
||||
RETVAL="$?" |
||||
[ "$RETVAL" = 2 ] && return 2 |
||||
# Wait for children to finish too if this is a daemon that forks |
||||
# and if the daemon is only ever run from this initscript. |
||||
# If the above conditions are not satisfied then add some other code |
||||
# that waits for the process to drop all resources that could be |
||||
# needed by services started subsequently. A last resort is to |
||||
# sleep for some time. |
||||
start-stop-daemon --stop --quiet --oknodo --retry=0/$TIMEOUT/TERM/5/KILL/5 --exec $DAEMON |
||||
[ "$?" = 2 ] && return 2 |
||||
# Many daemons don't delete their pidfiles when they exit. |
||||
rm -f $PIDFILE |
||||
return "$RETVAL" |
||||
} |
||||
|
||||
# |
||||
# Function that sends a SIGHUP to the daemon/service |
||||
# |
||||
do_reload() { |
||||
# |
||||
# If the daemon can reload its configuration without |
||||
# restarting (for example, when it is sent a SIGHUP), |
||||
# then implement that here. |
||||
# |
||||
start-stop-daemon --stop --signal USR2 --quiet --pidfile $PIDFILE --name $NAME |
||||
return 0 |
||||
} |
||||
|
||||
case "$1" in |
||||
start) |
||||
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" |
||||
do_start |
||||
case "$?" in |
||||
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; |
||||
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; |
||||
esac |
||||
;; |
||||
stop) |
||||
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" |
||||
do_stop |
||||
case "$?" in |
||||
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; |
||||
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; |
||||
esac |
||||
;; |
||||
status) |
||||
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? |
||||
;; |
||||
check) |
||||
do_check yes |
||||
;; |
||||
reload|force-reload) |
||||
log_daemon_msg "Reloading $DESC" "$NAME" |
||||
do_reload |
||||
log_end_msg $? |
||||
;; |
||||
reopen-logs) |
||||
log_daemon_msg "Reopening $DESC logs" $NAME |
||||
if start-stop-daemon --stop --signal USR1 --oknodo --quiet \ |
||||
--pidfile $PIDFILE --exec $DAEMON |
||||
then |
||||
log_end_msg 0 |
||||
else |
||||
log_end_msg 1 |
||||
fi |
||||
;; |
||||
restart) |
||||
log_daemon_msg "Restarting $DESC" "$NAME" |
||||
do_stop |
||||
case "$?" in |
||||
0|1) |
||||
do_start |
||||
case "$?" in |
||||
0) log_end_msg 0 ;; |
||||
1) log_end_msg 1 ;; # Old process is still running |
||||
*) log_end_msg 1 ;; # Failed to start |
||||
esac |
||||
;; |
||||
*) |
||||
# Failed to stop |
||||
log_end_msg 1 |
||||
;; |
||||
esac |
||||
;; |
||||
*) |
||||
echo "Usage: $SCRIPTNAME {start|stop|status|restart|reload|force-reload}" >&2 |
||||
exit 1 |
||||
;; |
||||
esac |
||||
|
||||
: |
||||
@ -1,14 +0,0 @@ |
||||
zend_extension=opcache.so |
||||
opcache.enable={{ php_opcache_enable }} |
||||
opcache.enable_cli={{ php_opcache_enable_cli }} |
||||
opcache.memory_consumption={{ php_opcache_memory_consumption }} |
||||
opcache.interned_strings_buffer={{ php_opcache_interned_strings_buffer }} |
||||
opcache.max_accelerated_files={{ php_opcache_max_accelerated_files }} |
||||
opcache.max_wasted_percentage={{ php_opcache_max_wasted_percentage }} |
||||
opcache.validate_timestamps={{ php_opcache_validate_timestamps }} |
||||
opcache.revalidate_path={{ php_opcache_revalidate_path }} |
||||
opcache.revalidate_freq={{ php_opcache_revalidate_freq }} |
||||
opcache.max_file_size={{ php_opcache_max_file_size }} |
||||
{% if php_opcache_blacklist_filename != '' %} |
||||
opcache.blacklist_filename={{ php_opcache_blacklist_filename }} |
||||
{% endif %} |
||||
@ -1,12 +0,0 @@ |
||||
;;;;;;;;;;;;;;;;;;;;; |
||||
; FPM Configuration ; |
||||
;;;;;;;;;;;;;;;;;;;;; |
||||
|
||||
include={{ php_fpm_conf_path }}/pool.d/*.conf |
||||
|
||||
;;;;;;;;;;;;;;;;;; |
||||
; Global Options ; |
||||
;;;;;;;;;;;;;;;;;; |
||||
|
||||
[global] |
||||
error_log = /var/log/php-fpm.log |
||||
@ -1,225 +0,0 @@ |
||||
[PHP] |
||||
|
||||
;;;;;;;;;;;;;;;;;;;; |
||||
; Language Options ; |
||||
;;;;;;;;;;;;;;;;;;;; |
||||
|
||||
engine = On |
||||
short_open_tag = {{ php_short_open_tag }} |
||||
asp_tags = Off |
||||
precision = 14 |
||||
output_buffering = {{ php_output_buffering }} |
||||
|
||||
zlib.output_compression = Off |
||||
|
||||
implicit_flush = Off |
||||
unserialize_callback_func = |
||||
serialize_precision = 17 |
||||
disable_functions = |
||||
disable_classes = |
||||
|
||||
zend.enable_gc = On |
||||
|
||||
;;;;;;;;;;;;;;;;; |
||||
; Miscellaneous ; |
||||
;;;;;;;;;;;;;;;;; |
||||
|
||||
expose_php = {{ php_expose_php }} |
||||
|
||||
;;;;;;;;;;;;;;;;;;; |
||||
; Resource Limits ; |
||||
;;;;;;;;;;;;;;;;;;; |
||||
|
||||
max_execution_time = {{ php_max_execution_time }} |
||||
max_input_time = {{ php_max_input_time }} |
||||
max_input_vars = {{ php_max_input_vars }} |
||||
memory_limit = {{ php_memory_limit }} |
||||
|
||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; |
||||
; Error handling and logging ; |
||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; |
||||
|
||||
error_reporting = {{ php_error_reporting }} |
||||
display_errors = {{ php_display_errors }} |
||||
display_startup_errors = {{ php_display_startup_errors }} |
||||
log_errors = On |
||||
log_errors_max_len = 1024 |
||||
ignore_repeated_errors = Off |
||||
ignore_repeated_source = Off |
||||
report_memleaks = On |
||||
track_errors = Off |
||||
html_errors = On |
||||
|
||||
;;;;;;;;;;;;;;;;; |
||||
; Data Handling ; |
||||
;;;;;;;;;;;;;;;;; |
||||
|
||||
variables_order = "GPCS" |
||||
request_order = "GP" |
||||
register_argc_argv = Off |
||||
auto_globals_jit = On |
||||
|
||||
post_max_size = {{ php_post_max_size }} |
||||
auto_prepend_file = |
||||
auto_append_file = |
||||
|
||||
default_mimetype = "text/html" |
||||
always_populate_raw_post_data = -1 |
||||
|
||||
;;;;;;;;;;;;;;;;;;;;;;;;; |
||||
; Paths and Directories ; |
||||
;;;;;;;;;;;;;;;;;;;;;;;;; |
||||
|
||||
doc_root = |
||||
user_dir = |
||||
|
||||
enable_dl = Off |
||||
|
||||
realpath_cache_size = {{ php_realpath_cache_size }} |
||||
|
||||
;;;;;;;;;;;;;;;; |
||||
; File Uploads ; |
||||
;;;;;;;;;;;;;;;; |
||||
|
||||
file_uploads = On |
||||
upload_max_filesize = {{ php_upload_max_filesize }} |
||||
max_file_uploads = 20 |
||||
|
||||
;;;;;;;;;;;;;;;;;; |
||||
; Fopen wrappers ; |
||||
;;;;;;;;;;;;;;;;;; |
||||
|
||||
allow_url_fopen = {{ php_allow_url_fopen }} |
||||
allow_url_include = Off |
||||
|
||||
default_socket_timeout = 60 |
||||
|
||||
;;;;;;;;;;;;;;;;;;; |
||||
; Module Settings ; |
||||
;;;;;;;;;;;;;;;;;;; |
||||
|
||||
[CLI Server] |
||||
cli_server.color = On |
||||
|
||||
[Date] |
||||
date.timezone = {{ php_date_timezone }} |
||||
|
||||
[Pdo_mysql] |
||||
pdo_mysql.cache_size = 2000 |
||||
pdo_mysql.default_socket= |
||||
|
||||
[mail function] |
||||
; For Win32 only. |
||||
SMTP = localhost |
||||
smtp_port = 25 |
||||
|
||||
; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). |
||||
sendmail_path = {{ php_sendmail_path }} |
||||
|
||||
mail.add_x_header = On |
||||
|
||||
[SQL] |
||||
sql.safe_mode = Off |
||||
|
||||
[ODBC] |
||||
odbc.allow_persistent = On |
||||
odbc.check_persistent = On |
||||
odbc.max_persistent = -1 |
||||
odbc.max_links = -1 |
||||
odbc.defaultlrl = 4096 |
||||
odbc.defaultbinmode = 1 |
||||
|
||||
[MySQL] |
||||
mysql.allow_local_infile = On |
||||
mysql.allow_persistent = On |
||||
mysql.cache_size = 2000 |
||||
mysql.max_persistent = -1 |
||||
mysql.max_links = -1 |
||||
mysql.default_port = |
||||
mysql.default_socket = |
||||
mysql.default_host = |
||||
mysql.default_user = |
||||
mysql.default_password = |
||||
mysql.connect_timeout = 60 |
||||
mysql.trace_mode = Off |
||||
|
||||
[MySQLi] |
||||
mysqli.max_persistent = -1 |
||||
mysqli.allow_persistent = On |
||||
mysqli.max_links = -1 |
||||
mysqli.cache_size = 2000 |
||||
mysqli.default_port = 3306 |
||||
mysqli.default_socket = |
||||
mysqli.default_host = |
||||
mysqli.default_user = |
||||
mysqli.default_pw = |
||||
mysqli.reconnect = Off |
||||
|
||||
[mysqlnd] |
||||
mysqlnd.collect_statistics = On |
||||
mysqlnd.collect_memory_statistics = Off |
||||
|
||||
[PostgreSQL] |
||||
pgsql.allow_persistent = On |
||||
pgsql.auto_reset_persistent = Off |
||||
pgsql.max_persistent = -1 |
||||
pgsql.max_links = -1 |
||||
pgsql.ignore_notice = 0 |
||||
pgsql.log_notice = 0 |
||||
|
||||
[bcmath] |
||||
bcmath.scale = 0 |
||||
|
||||
[Session] |
||||
session.save_handler = {{ php_session_save_handler }} |
||||
session.save_path = {{ php_session_save_path }} |
||||
session.use_cookies = 1 |
||||
session.use_only_cookies = 1 |
||||
session.name = PHPSESSID |
||||
session.auto_start = 0 |
||||
|
||||
session.cookie_lifetime = {{ php_session_cookie_lifetime }} |
||||
session.cookie_path = / |
||||
session.cookie_domain = |
||||
session.cookie_httponly = |
||||
|
||||
session.serialize_handler = php |
||||
|
||||
session.gc_probability = {{ php_session_gc_probability }} |
||||
session.gc_divisor = {{ php_session_gc_divisor }} |
||||
session.gc_maxlifetime = {{ php_session_gc_maxlifetime }} |
||||
|
||||
session.bug_compat_42 = Off |
||||
session.bug_compat_warn = Off |
||||
session.referer_check = |
||||
|
||||
session.cache_limiter = nocache |
||||
session.cache_expire = 180 |
||||
|
||||
session.use_trans_sid = 0 |
||||
|
||||
session.hash_function = 0 |
||||
session.hash_bits_per_character = 5 |
||||
|
||||
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" |
||||
|
||||
[MSSQL] |
||||
mssql.allow_persistent = On |
||||
mssql.max_persistent = -1 |
||||
mssql.max_links = -1 |
||||
mssql.min_error_severity = 10 |
||||
mssql.min_message_severity = 10 |
||||
mssql.compatability_mode = Off |
||||
mssql.secure_connection = Off |
||||
|
||||
[Tidy] |
||||
tidy.clean_output = Off |
||||
|
||||
[soap] |
||||
soap.wsdl_cache_enabled=1 |
||||
soap.wsdl_cache_dir="/tmp" |
||||
soap.wsdl_cache_ttl=86400 |
||||
soap.wsdl_cache_limit = 5 |
||||
|
||||
[ldap] |
||||
ldap.max_links = -1 |
||||
@ -1,12 +0,0 @@ |
||||
[www] |
||||
listen = 127.0.0.1:9000 |
||||
listen.allowed_clients = 127.0.0.1 |
||||
user = {{ php_fpm_pool_user }} |
||||
group = {{ php_fpm_pool_group }} |
||||
|
||||
pm = dynamic |
||||
pm.max_children = 50 |
||||
pm.start_servers = 5 |
||||
pm.min_spare_servers = 5 |
||||
pm.max_spare_servers = 5 |
||||
pm.max_requests = 500 |
||||
@ -1,27 +0,0 @@ |
||||
FROM centos:7 |
||||
|
||||
# Install systemd -- See https://hub.docker.com/_/centos/ |
||||
RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs |
||||
RUN yum -y update; yum clean all; \ |
||||
(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ |
||||
rm -f /lib/systemd/system/multi-user.target.wants/*; \ |
||||
rm -f /etc/systemd/system/*.wants/*; \ |
||||
rm -f /lib/systemd/system/local-fs.target.wants/*; \ |
||||
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ |
||||
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ |
||||
rm -f /lib/systemd/system/basic.target.wants/*; \ |
||||
rm -f /lib/systemd/system/anaconda.target.wants/*; |
||||
|
||||
# Install Ansible |
||||
RUN yum -y install epel-release |
||||
RUN yum -y install git ansible sudo |
||||
RUN yum clean all |
||||
|
||||
# Disable requiretty |
||||
RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers |
||||
|
||||
# Install Ansible inventory file |
||||
RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts |
||||
|
||||
VOLUME ["/sys/fs/cgroup"] |
||||
CMD ["/usr/sbin/init"] |
||||
@ -1,11 +0,0 @@ |
||||
FROM ubuntu:12.04 |
||||
RUN apt-get update |
||||
|
||||
# Install Ansible |
||||
RUN apt-get install -y software-properties-common python-software-properties git |
||||
RUN apt-add-repository -y ppa:ansible/ansible |
||||
RUN apt-get update |
||||
RUN apt-get install -y ansible |
||||
|
||||
# Install Ansible inventory file |
||||
RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts |
||||
@ -1,11 +0,0 @@ |
||||
FROM ubuntu:14.04 |
||||
RUN apt-get update |
||||
|
||||
# Install Ansible |
||||
RUN apt-get install -y software-properties-common git |
||||
RUN apt-add-repository -y ppa:ansible/ansible |
||||
RUN apt-get update |
||||
RUN apt-get install -y ansible |
||||
|
||||
# Install Ansible inventory file |
||||
RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts |
||||
@ -1 +0,0 @@ |
||||
localhost |
||||
@ -1,2 +0,0 @@ |
||||
--- |
||||
- src: geerlingguy.repo-remi |
||||
@ -1,27 +0,0 @@ |
||||
--- |
||||
- hosts: all |
||||
|
||||
vars: |
||||
php_enable_webserver: false |
||||
php_memory_limit: "192M" |
||||
php_enablerepo: "remi,remi-php70" |
||||
|
||||
pre_tasks: |
||||
- include_vars: test-vars-ubuntu1204.yml |
||||
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '12.04' |
||||
|
||||
- name: Ensure build dependencies are installed (RedHat). |
||||
yum: name=which state=present |
||||
when: ansible_os_family == 'RedHat' |
||||
|
||||
- name: Add repository for PHP 7. |
||||
apt_repository: repo='ppa:ondrej/php' |
||||
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version != '12.04' |
||||
|
||||
- name: Add repository for PHP 5.6. |
||||
apt_repository: repo='ppa:ondrej/php5-5.6' |
||||
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version == '12.04' |
||||
|
||||
roles: |
||||
- { role: geerlingguy.repo-remi, when: ansible_os_family == 'RedHat' } |
||||
- role_under_test |
||||
@ -1,18 +0,0 @@ |
||||
--- |
||||
- hosts: all |
||||
|
||||
vars: |
||||
php_enable_webserver: false |
||||
php_install_from_source: true |
||||
php_source_clone_dir: /root/php-src |
||||
php_source_make_command: "make --jobs=2" |
||||
php_source_version: "php-7.0.5" |
||||
php_memory_limit: "192M" |
||||
|
||||
pre_tasks: |
||||
- name: Ensure build dependencies are installed (RedHat). |
||||
yum: name=which state=present |
||||
when: ansible_os_family == 'RedHat' |
||||
|
||||
roles: |
||||
- role_under_test |
||||
@ -1,23 +0,0 @@ |
||||
--- |
||||
php_version: "5.6" |
||||
php_packages: |
||||
- php5 |
||||
- php5-mcrypt |
||||
- php5-cli |
||||
- php5-common |
||||
- php5-curl |
||||
- php5-dev |
||||
- php5-fpm |
||||
- php5-gd |
||||
- php-pear |
||||
- libpcre3-dev |
||||
php_conf_paths: |
||||
- /etc/php5/fpm |
||||
- /etc/php5/apache2 |
||||
- /etc/php5/cli |
||||
php_extension_conf_paths: |
||||
- /etc/php5/fpm/conf.d |
||||
- /etc/php5/apache2/conf.d |
||||
- /etc/php5/cli/conf.d |
||||
php_fpm_daemon: php5-fpm |
||||
php_fpm_conf_path: "/etc/php5/fpm" |
||||
@ -1,37 +0,0 @@ |
||||
--- |
||||
__php_packages: |
||||
- php7.0-common |
||||
- php7.0-cli |
||||
- php7.0-dev |
||||
- php7.0-fpm |
||||
- libpcre3-dev |
||||
- php7.0-gd |
||||
- php7.0-curl |
||||
- php7.0-imap |
||||
- php7.0-json |
||||
- php7.0-opcache |
||||
- php7.0-xml |
||||
- php7.0-mbstring |
||||
- php-sqlite3 |
||||
- php-apcu |
||||
__php_webserver_daemon: "apache2" |
||||
|
||||
# Vendor-specific configuration paths on Debian/Ubuntu make my brain asplode. |
||||
__php_conf_paths: |
||||
- /etc/php/7.0/fpm |
||||
- /etc/php/7.0/apache2 |
||||
- /etc/php/7.0/cli |
||||
|
||||
__php_extension_conf_paths: |
||||
- /etc/php/7.0/fpm/conf.d |
||||
- /etc/php/7.0/apache2/conf.d |
||||
- /etc/php/7.0/cli/conf.d |
||||
|
||||
__php_apc_conf_filename: 20-apcu.ini |
||||
__php_opcache_conf_filename: 05-opcache.ini |
||||
__php_fpm_daemon: php7.0-fpm |
||||
__php_fpm_conf_path: "/etc/php/7.0/fpm" |
||||
__php_fpm_pool_conf_path: "{{ __php_fpm_conf_path }}/pool.d/www.conf" |
||||
|
||||
__php_fpm_pool_user: www-data |
||||
__php_fpm_pool_group: www-data |
||||
@ -1,33 +0,0 @@ |
||||
--- |
||||
__php_packages: |
||||
- php |
||||
- php-cli |
||||
- php-common |
||||
- php-devel |
||||
- php-fpm |
||||
- php-gd |
||||
- php-imap |
||||
- php-ldap |
||||
- php-mbstring |
||||
- php-opcache |
||||
- php-pdo |
||||
- php-pear |
||||
- php-pecl-apcu |
||||
- php-xml |
||||
- php-xmlrpc |
||||
__php_webserver_daemon: "httpd" |
||||
|
||||
__php_conf_paths: |
||||
- /etc |
||||
|
||||
__php_extension_conf_paths: |
||||
- /etc/php.d |
||||
|
||||
__php_apc_conf_filename: 50-apc.ini |
||||
__php_opcache_conf_filename: 10-opcache.ini |
||||
__php_fpm_daemon: php-fpm |
||||
__php_fpm_conf_path: "/etc/fpm" |
||||
__php_fpm_pool_conf_path: "/etc/php-fpm.d/www.conf" |
||||
|
||||
__php_fpm_pool_user: apache |
||||
__php_fpm_pool_group: apache |
||||
@ -1,29 +0,0 @@ |
||||
-----BEGIN PGP PUBLIC KEY BLOCK----- |
||||
Version: GnuPG v1.4.11 (GNU/Linux) |
||||
|
||||
mQINBFKuaIQBEAC1UphXwMqCAarPUH/ZsOFslabeTVO2pDk5YnO96f+rgZB7xArB |
||||
OSeQk7B90iqSJ85/c72OAn4OXYvT63gfCeXpJs5M7emXkPsNQWWSju99lW+AqSNm |
||||
jYWhmRlLRGl0OO7gIwj776dIXvcMNFlzSPj00N2xAqjMbjlnV2n2abAE5gq6VpqP |
||||
vFXVyfrVa/ualogDVmf6h2t4Rdpifq8qTHsHFU3xpCz+T6/dGWKGQ42ZQfTaLnDM |
||||
jToAsmY0AyevkIbX6iZVtzGvanYpPcWW4X0RDPcpqfFNZk643xI4lsZ+Y2Er9Yu5 |
||||
S/8x0ly+tmmIokaE0wwbdUu740YTZjCesroYWiRg5zuQ2xfKxJoV5E+Eh+tYwGDJ |
||||
n6HfWhRgnudRRwvuJ45ztYVtKulKw8QQpd2STWrcQQDJaRWmnMooX/PATTjCBExB |
||||
9dkz38Druvk7IkHMtsIqlkAOQMdsX1d3Tov6BE2XDjIG0zFxLduJGbVwc/6rIc95 |
||||
T055j36Ez0HrjxdpTGOOHxRqMK5m9flFbaxxtDnS7w77WqzW7HjFrD0VeTx2vnjj |
||||
GqchHEQpfDpFOzb8LTFhgYidyRNUflQY35WLOzLNV+pV3eQ3Jg11UFwelSNLqfQf |
||||
uFRGc+zcwkNjHh5yPvm9odR1BIfqJ6sKGPGbtPNXo7ERMRypWyRz0zi0twARAQAB |
||||
tChGZWRvcmEgRVBFTCAoNykgPGVwZWxAZmVkb3JhcHJvamVjdC5vcmc+iQI4BBMB |
||||
AgAiBQJSrmiEAhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBqL66iNSxk |
||||
5cfGD/4spqpsTjtDM7qpytKLHKruZtvuWiqt5RfvT9ww9GUUFMZ4ZZGX4nUXg49q |
||||
ixDLayWR8ddG/s5kyOi3C0uX/6inzaYyRg+Bh70brqKUK14F1BrrPi29eaKfG+Gu |
||||
MFtXdBG2a7OtPmw3yuKmq9Epv6B0mP6E5KSdvSRSqJWtGcA6wRS/wDzXJENHp5re |
||||
9Ism3CYydpy0GLRA5wo4fPB5uLdUhLEUDvh2KK//fMjja3o0L+SNz8N0aDZyn5Ax |
||||
CU9RB3EHcTecFgoy5umRj99BZrebR1NO+4gBrivIfdvD4fJNfNBHXwhSH9ACGCNv |
||||
HnXVjHQF9iHWApKkRIeh8Fr2n5dtfJEF7SEX8GbX7FbsWo29kXMrVgNqHNyDnfAB |
||||
VoPubgQdtJZJkVZAkaHrMu8AytwT62Q4eNqmJI1aWbZQNI5jWYqc6RKuCK6/F99q |
||||
thFT9gJO17+yRuL6Uv2/vgzVR1RGdwVLKwlUjGPAjYflpCQwWMAASxiv9uPyYPHc |
||||
ErSrbRG0wjIfAR3vus1OSOx3xZHZpXFfmQTsDP7zVROLzV98R3JwFAxJ4/xqeON4 |
||||
vCPFU6OsT3lWQ8w7il5ohY95wmujfr6lk89kEzJdOTzcn7DBbUru33CQMGKZ3Evt |
||||
RjsC7FDbL017qxS+ZVA/HGkyfiu4cpgV8VUnbql5eAZ+1Ll6Dw== |
||||
=hdPa |
||||
-----END PGP PUBLIC KEY BLOCK----- |
||||
@ -1,28 +0,0 @@ |
||||
-----BEGIN PGP PUBLIC KEY BLOCK----- |
||||
Version: GnuPG v1.4.11 (FreeBSD) |
||||
|
||||
mQENBE5OMmIBCAD+FPYKGriGGf7NqwKfWC83cBV01gabgVWQmZbMcFzeW+hMsgxH |
||||
W6iimD0RsfZ9oEbfJCPG0CRSZ7ppq5pKamYs2+EJ8Q2ysOFHHwpGrA2C8zyNAs4I |
||||
QxnZZIbETgcSwFtDun0XiqPwPZgyuXVm9PAbLZRbfBzm8wR/3SWygqZBBLdQk5TE |
||||
fDR+Eny/M1RVR4xClECONF9UBB2ejFdI1LD45APbP2hsN/piFByU1t7yK2gpFyRt |
||||
97WzGHn9MV5/TL7AmRPM4pcr3JacmtCnxXeCZ8nLqedoSuHFuhwyDnlAbu8I16O5 |
||||
XRrfzhrHRJFM1JnIiGmzZi6zBvH0ItfyX6ttABEBAAG0KW5naW54IHNpZ25pbmcg |
||||
a2V5IDxzaWduaW5nLWtleUBuZ2lueC5jb20+iQE+BBMBAgAoBQJOTjJiAhsDBQkJ |
||||
ZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCr9b2Ce9m/YpvjB/98uV4t |
||||
94d0oEh5XlqEZzVMrcTgPQ3BZt05N5xVuYaglv7OQtdlErMXmRWaFZEqDaMHdniC |
||||
sF63jWMd29vC4xpzIfmsLK3ce9oYo4t9o4WWqBUdf0Ff1LMz1dfLG2HDtKPfYg3C |
||||
8NESud09zuP5NohaE8Qzj/4p6rWDiRpuZ++4fnL3Dt3N6jXILwr/TM/Ma7jvaXGP |
||||
DO3kzm4dNKp5b5bn2nT2QWLPnEKxvOg5Zoej8l9+KFsUnXoWoYCkMQ2QTpZQFNwF |
||||
xwJGoAz8K3PwVPUrIL6b1lsiNovDgcgP0eDgzvwLynWKBPkRRjtgmWLoeaS9FAZV |
||||
ccXJMmANXJFuCf26iQEcBBABAgAGBQJOTkelAAoJEKZP1bF62zmo79oH/1XDb29S |
||||
YtWp+MTJTPFEwlWRiyRuDXy3wBd/BpwBRIWfWzMs1gnCjNjk0EVBVGa2grvy9Jtx |
||||
JKMd6l/PWXVucSt+U/+GO8rBkw14SdhqxaS2l14v6gyMeUrSbY3XfToGfwHC4sa/ |
||||
Thn8X4jFaQ2XN5dAIzJGU1s5JA0tjEzUwCnmrKmyMlXZaoQVrmORGjCuH0I0aAFk |
||||
RS0UtnB9HPpxhGVbs24xXZQnZDNbUQeulFxS4uP3OLDBAeCHl+v4t/uotIad8v6J |
||||
SO93vc1evIje6lguE81HHmJn9noxPItvOvSMb2yPsE8mH4cJHRTFNSEhPW6ghmlf |
||||
Wa9ZwiVX5igxcvaIRgQQEQIABgUCTk5b0gAKCRDs8OkLLBcgg1G+AKCnacLb/+W6 |
||||
cflirUIExgZdUJqoogCeNPVwXiHEIVqithAM1pdY/gcaQZmIRgQQEQIABgUCTk5f |
||||
YQAKCRCpN2E5pSTFPnNWAJ9gUozyiS+9jf2rJvqmJSeWuCgVRwCcCUFhXRCpQO2Y |
||||
Va3l3WuB+rgKjsQ= |
||||
=A015 |
||||
-----END PGP PUBLIC KEY BLOCK----- |
||||
@ -1,8 +0,0 @@ |
||||
[epel] |
||||
name=Extra Packages for Enterprise Linux 7 - $basearch |
||||
#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch |
||||
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch |
||||
failovermethod=priority |
||||
enabled=1 |
||||
gpgcheck=1 |
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 |
||||
@ -1,7 +0,0 @@ |
||||
[nginx] |
||||
name=Nginx repo - $basearch |
||||
baseurl=http://nginx.org/packages/centos/7/$basearch |
||||
failovermethod=priority |
||||
gpgcheck=1 |
||||
enabled=1 |
||||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NGINX |
||||
@ -1,12 +0,0 @@ |
||||
--- |
||||
- name: Copy the NGINX repository definition |
||||
copy: src=nginx.repo dest=/etc/yum.repos.d/ |
||||
|
||||
- name: Copy the EPEL repository definition |
||||
copy: src=epel.repo dest=/etc/yum.repos.d/ |
||||
|
||||
- name: Create the GPG key for NGINX |
||||
copy: src=RPM-GPG-KEY-NGINX dest=/etc/pki/rpm-gpg |
||||
|
||||
- name: Create the GPG key for EPEL |
||||
copy: src=RPM-GPG-KEY-EPEL-7 dest=/etc/pki/rpm-gpg |
||||
@ -1,60 +0,0 @@ |
||||
--- |
||||
- name: Download WordPress |
||||
get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz |
||||
sha256sum="{{ wp_sha256sum }}" |
||||
|
||||
- name: Extract archive |
||||
command: chdir=/srv/ /bin/tar xvf wordpress-{{ wp_version }}.tar.gz creates=/srv/wordpress |
||||
|
||||
- name: Add group "wordpress" |
||||
group: name=wordpress |
||||
|
||||
- name: Add user "wordpress" |
||||
user: name=wordpress group=wordpress home=/srv/wordpress/ |
||||
|
||||
- name: Fetch random salts for WordPress config |
||||
local_action: command curl https://api.wordpress.org/secret-key/1.1/salt/ |
||||
register: "wp_salt" |
||||
sudo: no |
||||
|
||||
- name: Create WordPress database |
||||
mysql_db: name={{ wp_db_name }} state=present |
||||
|
||||
- name: Create WordPress database user |
||||
mysql_user: name={{ wp_db_user }} password={{ wp_db_password }} priv={{ wp_db_name }}.*:ALL host='localhost' state=present |
||||
|
||||
- name: Copy WordPress config file |
||||
template: src=wp-config.php dest=/srv/wordpress/ |
||||
|
||||
- name: Change ownership of WordPress installation |
||||
file: path=/srv/wordpress/ owner=wordpress group=wordpress state=directory recurse=yes |
||||
|
||||
- name: install SEManage |
||||
yum: pkg=policycoreutils-python state=present |
||||
|
||||
- name: set the SELinux policy for the Wordpress directory |
||||
command: semanage fcontext -a -t httpd_sys_content_t "/srv/wordpress(/.*)?" |
||||
|
||||
- name: set the SELinux policy for wp-config.php |
||||
command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-config\.php" |
||||
|
||||
- name: set the SELinux policy for wp-content directory |
||||
command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content(/.*)?" |
||||
|
||||
- name: set the SELinux policy for the *.php files |
||||
command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/.*\.php" |
||||
|
||||
- name: set the SELinux policy for the Upgrade directory |
||||
command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/upgrade(/.*)?" |
||||
|
||||
- name: set the SELinux policy for the Uploads directory |
||||
command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/uploads(/.*)?" |
||||
|
||||
- name: set the SELinux policy for the wp-includes php files |
||||
command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-includes/.*\.php" |
||||
|
||||
- name: set the SELinux on all the Files |
||||
command: restorecon -Rv /srv/wordpress |
||||
|
||||
- name: Start php-fpm Service |
||||
service: name=php-fpm state=started enabled=yes |
||||
@ -1,90 +0,0 @@ |
||||
<?php |
||||
/** |
||||
* The base configurations of the WordPress. |
||||
* |
||||
* This file has the following configurations: MySQL settings, Table Prefix, |
||||
* Secret Keys, WordPress Language, and ABSPATH. You can find more information |
||||
* by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing |
||||
* wp-config.php} Codex page. You can get the MySQL settings from your web host. |
||||
* |
||||
* This file is used by the wp-config.php creation script during the |
||||
* installation. You don't have to use the web site, you can just copy this file |
||||
* to "wp-config.php" and fill in the values. |
||||
* |
||||
* @package WordPress |
||||
*/ |
||||
|
||||
// ** MySQL settings - You can get this info from your web host ** // |
||||
/** The name of the database for WordPress */ |
||||
define('DB_NAME', '{{ wp_db_name }}'); |
||||
|
||||
/** MySQL database username */ |
||||
define('DB_USER', '{{ wp_db_user }}'); |
||||
|
||||
/** MySQL database password */ |
||||
define('DB_PASSWORD', '{{ wp_db_password }}'); |
||||
|
||||
/** MySQL hostname */ |
||||
define('DB_HOST', 'localhost'); |
||||
|
||||
/** Database Charset to use in creating database tables. */ |
||||
define('DB_CHARSET', 'utf8'); |
||||
|
||||
/** The Database Collate type. Don't change this if in doubt. */ |
||||
define('DB_COLLATE', ''); |
||||
|
||||
/**#@+ |
||||
* Authentication Unique Keys and Salts. |
||||
* |
||||
* Change these to different unique phrases! |
||||
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service} |
||||
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again. |
||||
* |
||||
* @since 2.6.0 |
||||
*/ |
||||
|
||||
{{ wp_salt.stdout }} |
||||
|
||||
/**#@-*/ |
||||
|
||||
/** |
||||
* WordPress Database Table prefix. |
||||
* |
||||
* You can have multiple installations in one database if you give each a unique |
||||
* prefix. Only numbers, letters, and underscores please! |
||||
*/ |
||||
$table_prefix = 'wp_'; |
||||
|
||||
/** |
||||
* WordPress Localized Language, defaults to English. |
||||
* |
||||
* Change this to localize WordPress. A corresponding MO file for the chosen |
||||
* language must be installed to wp-content/languages. For example, install |
||||
* de_DE.mo to wp-content/languages and set WPLANG to 'de_DE' to enable German |
||||
* language support. |
||||
*/ |
||||
define('WPLANG', ''); |
||||
|
||||
/** |
||||
* For developers: WordPress debugging mode. |
||||
* |
||||
* Change this to true to enable the display of notices during development. |
||||
* It is strongly recommended that plugin and theme developers use WP_DEBUG |
||||
* in their development environments. |
||||
*/ |
||||
define('WP_DEBUG', false); |
||||
|
||||
/** Disable Automatic Updates Completely */ |
||||
define( 'AUTOMATIC_UPDATER_DISABLED', {{auto_up_disable}} ); |
||||
|
||||
/** Define AUTOMATIC Updates for Components. */ |
||||
define( 'WP_AUTO_UPDATE_CORE', {{core_update_level}} ); |
||||
|
||||
/* That's all, stop editing! Happy blogging. */ |
||||
|
||||
/** Absolute path to the WordPress directory. */ |
||||
if ( !defined('ABSPATH') ) |
||||
define('ABSPATH', dirname(__FILE__) . '/'); |
||||
|
||||
/** Sets up WordPress vars and included files. */ |
||||
require_once(ABSPATH . 'wp-settings.php'); |
||||
@ -1 +0,0 @@ |
||||
122.129.219.67 |
||||
@ -1,11 +0,0 @@ |
||||
--- |
||||
- name: MariaDB, Nginx, and PHP-FPM |
||||
hosts: lemp-server |
||||
remote_user: root |
||||
# sudo: yes |
||||
|
||||
roles: |
||||
- common |
||||
- ansible-role-mysql |
||||
- ansible-role-nginx |
||||
- ansible-role-php |
||||
@ -1,69 +0,0 @@ |
||||
--- |
||||
- name: Copy my.cnf global MySQL configuration. |
||||
template: |
||||
src: my.cnf.j2 |
||||
dest: "{{ mysql_config_file }}" |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
force: "{{ overwrite_global_mycnf }}" |
||||
notify: restart mysql |
||||
|
||||
- name: Verify mysql include directory exists. |
||||
file: |
||||
path: "{{ mysql_config_include_dir }}" |
||||
state: directory |
||||
owner: root |
||||
group: root |
||||
mode: 0755 |
||||
when: mysql_config_include_files | length |
||||
|
||||
- name: Copy my.cnf override files into include directory. |
||||
template: |
||||
src: "{{ item.src }}" |
||||
dest: "{{ mysql_config_include_dir }}/{{ item.src | basename }}" |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
force: "{{ item.force | default(False) }}" |
||||
with_items: "{{ mysql_config_include_files }}" |
||||
notify: restart mysql |
||||
|
||||
- name: Create slow query log file (if configured). |
||||
shell: "touch {{ mysql_slow_query_log_file }} creates={{ mysql_slow_query_log_file }}" |
||||
when: mysql_slow_query_log_enabled |
||||
|
||||
- name: Create datadir if it does not exist |
||||
file: |
||||
path: "{{ mysql_datadir }}" |
||||
state: directory |
||||
owner: mysql |
||||
group: mysql |
||||
mode: 0755 |
||||
setype: mysqld_db_t |
||||
|
||||
- name: Set ownership on slow query log file (if configured). |
||||
file: |
||||
path: "{{ mysql_slow_query_log_file }}" |
||||
state: file |
||||
owner: mysql |
||||
group: mysql |
||||
mode: 0640 |
||||
when: mysql_slow_query_log_enabled |
||||
|
||||
- name: Create error log file (if configured). |
||||
shell: "touch {{ mysql_log_error }} creates={{ mysql_log_error }}" |
||||
when: mysql_log == "" and mysql_log_error != "" |
||||
|
||||
- name: Set ownership on error log file (if configured). |
||||
file: |
||||
path: "{{ mysql_log_error }}" |
||||
state: file |
||||
owner: mysql |
||||
group: mysql |
||||
mode: 0640 |
||||
when: mysql_log == "" and mysql_log_error != "" |
||||
|
||||
- name: Ensure MySQL is started and enabled on boot. |
||||
service: "name={{ mysql_daemon }} state=started enabled={{ mysql_enabled_on_startup }}" |
||||
register: mysql_service_configuration |
||||
@ -1,8 +0,0 @@ |
||||
--- |
||||
- name: Ensure MySQL databases are present. |
||||
mysql_db: |
||||
name: "{{ item.name }}" |
||||
collation: "{{ item.collation | default('utf8_general_ci') }}" |
||||
encoding: "{{ item.encoding | default('utf8') }}" |
||||
state: present |
||||
with_items: "{{ mysql_databases }}" |
||||
@ -1,42 +1,39 @@ |
||||
--- |
||||
# Variable configuration. |
||||
# Variable setup. |
||||
- name: Include OS-specific variables. |
||||
include_vars: "{{ ansible_os_family }}.yml" |
||||
when: ansible_os_family != "RedHat" |
||||
|
||||
- name: Include OS-specific variables (RedHat). |
||||
include_vars: "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml" |
||||
when: ansible_os_family == "RedHat" |
||||
|
||||
- name: Define mysql_packages. |
||||
set_fact: |
||||
mysql_packages: "{{ __mysql_packages | list }}" |
||||
when: mysql_packages is not defined |
||||
|
||||
- name: Define mysql_daemon. |
||||
- name: Define nginx_user. |
||||
set_fact: |
||||
mysql_daemon: "{{ __mysql_daemon }}" |
||||
when: mysql_daemon is not defined |
||||
|
||||
- name: Define mysql_slow_query_log_file. |
||||
set_fact: |
||||
mysql_slow_query_log_file: "{{ __mysql_slow_query_log_file }}" |
||||
when: mysql_slow_query_log_file is not defined |
||||
nginx_user: "{{ __nginx_user }}" |
||||
when: nginx_user is not defined |
||||
|
||||
# Setup/install tasks. |
||||
- include: setup-RedHat.yml |
||||
when: ansible_os_family == 'RedHat' |
||||
|
||||
- include: setup-Ubuntu.yml |
||||
when: ansible_distribution == 'Ubuntu' |
||||
|
||||
- include: setup-Debian.yml |
||||
when: ansible_os_family == 'Debian' |
||||
|
||||
- name: Check if MySQL packages were installed. |
||||
set_fact: |
||||
mysql_install_packages: "{{ (rh_mysql_install_packages is defined and rh_mysql_install_packages.changed) or (deb_mysql_install_packages is defined and deb_mysql_install_packages.changed) }}" |
||||
|
||||
# Configure MySQL. |
||||
- include: configure.yml |
||||
- include: secure-installation.yml |
||||
- include: databases.yml |
||||
- include: users.yml |
||||
- include: replication.yml |
||||
- include: setup-FreeBSD.yml |
||||
when: ansible_os_family == 'FreeBSD' |
||||
|
||||
# Vhost configuration. |
||||
- include: vhosts.yml |
||||
|
||||
# Nginx setup. |
||||
- name: Copy nginx configuration in place. |
||||
template: |
||||
src: nginx.conf.j2 |
||||
dest: "{{ nginx_conf_file_path }}" |
||||
owner: root |
||||
group: "{{ root_group }}" |
||||
mode: 0644 |
||||
notify: |
||||
- reload nginx |
||||
|
||||
- name: Ensure nginx is started and enabled to start at boot. |
||||
service: name=nginx state=started enabled=yes |
||||
|
||||
@ -1,51 +0,0 @@ |
||||
--- |
||||
- name: Ensure replication user exists on master. |
||||
mysql_user: |
||||
name: "{{ mysql_replication_user.name }}" |
||||
host: "{{ mysql_replication_user.host | default('%') }}" |
||||
password: "{{ mysql_replication_user.password }}" |
||||
priv: "{{ mysql_replication_user.priv | default('*.*:REPLICATION SLAVE') }}" |
||||
state: present |
||||
when: > |
||||
(mysql_replication_role == 'master') |
||||
and mysql_replication_user |
||||
and (mysql_replication_master != '') |
||||
|
||||
- name: Check slave replication status. |
||||
mysql_replication: mode=getslave |
||||
ignore_errors: true |
||||
register: slave |
||||
when: > |
||||
mysql_replication_role == 'slave' |
||||
and (mysql_replication_master != '') |
||||
|
||||
- name: Check master replication status. |
||||
mysql_replication: mode=getmaster |
||||
delegate_to: "{{ mysql_replication_master }}" |
||||
register: master |
||||
when: > |
||||
slave|failed |
||||
and (mysql_replication_role == 'slave') |
||||
and (mysql_replication_master != '') |
||||
|
||||
- name: Configure replication on the slave. |
||||
mysql_replication: |
||||
mode: changemaster |
||||
master_host: "{{ mysql_replication_master }}" |
||||
master_user: "{{ mysql_replication_user.name }}" |
||||
master_password: "{{ mysql_replication_user.password }}" |
||||
master_log_file: "{{ master.File }}" |
||||
master_log_pos: "{{ master.Position }}" |
||||
ignore_errors: True |
||||
when: > |
||||
slave|failed |
||||
and (mysql_replication_role == 'slave') |
||||
and (mysql_replication_master != '') |
||||
and mysql_replication_user |
||||
|
||||
- name: Start replication. |
||||
mysql_replication: mode=startslave |
||||
when: > |
||||
slave|failed |
||||
and (mysql_replication_role == 'slave') |
||||
and (mysql_replication_master != '') |
||||
@ -1,44 +0,0 @@ |
||||
--- |
||||
- name: Disallow root login remotely |
||||
command: 'mysql -NBe "{{ item }}"' |
||||
with_items: |
||||
- DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1') |
||||
changed_when: False |
||||
|
||||
- name: Get list of hosts for the root user. |
||||
command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = "root" ORDER BY (Host="localhost") ASC' |
||||
register: mysql_root_hosts |
||||
changed_when: false |
||||
|
||||
# Note: We do not use mysql_user for this operation, as it doesn't always update |
||||
# the root password correctly. See: https://goo.gl/MSOejW |
||||
- name: Update MySQL root password for localhost root account. |
||||
shell: > |
||||
mysql -u root -NBe |
||||
'SET PASSWORD FOR "{{ mysql_root_username }}"@"{{ item }}" = PASSWORD("{{ mysql_root_password }}");' |
||||
with_items: "{{ mysql_root_hosts.stdout_lines }}" |
||||
when: mysql_install_packages | bool or mysql_root_password_update |
||||
|
||||
# Has to be after the root password assignment, for idempotency. |
||||
- name: Copy .my.cnf file with root password credentials. |
||||
template: |
||||
src: "user-my.cnf.j2" |
||||
dest: "{{ mysql_user_home }}/.my.cnf" |
||||
owner: root |
||||
group: root |
||||
mode: 0600 |
||||
|
||||
- name: Get list of hosts for the anonymous user. |
||||
command: mysql -NBe 'SELECT Host FROM mysql.user WHERE User = ""' |
||||
register: mysql_anonymous_hosts |
||||
changed_when: false |
||||
|
||||
- name: Remove anonymous MySQL users. |
||||
mysql_user: |
||||
name: "" |
||||
host: "{{ item }}" |
||||
state: absent |
||||
with_items: "{{ mysql_anonymous_hosts.stdout_lines }}" |
||||
|
||||
- name: Remove MySQL test database. |
||||
mysql_db: "name='test' state=absent" |
||||
@ -1,26 +1,9 @@ |
||||
--- |
||||
- name: Check if MySQL is already installed. |
||||
stat: path=/etc/init.d/mysql |
||||
register: mysql_installed |
||||
|
||||
- name: Update apt cache if MySQL is not yet installed. |
||||
apt: update_cache=yes |
||||
when: mysql_installed.stat.exists == false |
||||
|
||||
- name: Ensure MySQL Python libraries are installed. |
||||
apt: "name=python-mysqldb state=installed" |
||||
|
||||
- name: Ensure MySQL packages are installed. |
||||
apt: "name={{ item }} state=installed" |
||||
with_items: "{{ mysql_packages }}" |
||||
register: deb_mysql_install_packages |
||||
|
||||
# Because Ubuntu starts MySQL as part of the install process, we need to stop |
||||
# mysql and remove the logfiles in case the user set a custom log file size. |
||||
- name: Ensure MySQL is stopped after initial install. |
||||
service: "name={{ mysql_daemon }} state=stopped" |
||||
when: mysql_installed.stat.exists == false |
||||
|
||||
- name: Delete innodb log files created by apt package after initial install. |
||||
shell: "rm -f {{ mysql_datadir }}/ib_logfile[01]" |
||||
when: mysql_installed.stat.exists == false |
||||
- name: Update apt cache. |
||||
apt: update_cache=yes cache_valid_time=86400 |
||||
|
||||
- name: Ensure nginx is installed. |
||||
apt: |
||||
name: "{{ nginx_package_name }}" |
||||
state: installed |
||||
default_release: "{{ nginx_default_release }}" |
||||
|
||||
@ -1,8 +1,14 @@ |
||||
--- |
||||
- name: Ensure MySQL packages are installed. |
||||
yum: "name={{ item }} state=installed enablerepo={{ mysql_enablerepo }}" |
||||
with_items: "{{ mysql_packages }}" |
||||
register: rh_mysql_install_packages |
||||
- name: Enable nginx repo. |
||||
template: |
||||
src: nginx.repo.j2 |
||||
dest: /etc/yum.repos.d/nginx.repo |
||||
owner: root |
||||
group: root |
||||
mode: 0644 |
||||
|
||||
- name: Ensure MySQL Python libraries are installed. |
||||
yum: "name=MySQL-python state=installed enablerepo={{ mysql_enablerepo }}" |
||||
- name: Ensure nginx is installed. |
||||
yum: |
||||
name: "{{ nginx_package_name }}" |
||||
state: installed |
||||
enablerepo: nginx |
||||
|
||||
@ -1,11 +0,0 @@ |
||||
--- |
||||
- name: Ensure MySQL users are present. |
||||
mysql_user: |
||||
name: "{{ item.name }}" |
||||
host: "{{ item.host | default('localhost') }}" |
||||
password: "{{ item.password }}" |
||||
priv: "{{ item.priv | default('*.*:USAGE') }}" |
||||
state: "{{ item.state | default('present') }}" |
||||
append_privs: "{{ item.append_privs | default('no') }}" |
||||
with_items: "{{ mysql_users }}" |
||||
no_log: true |
||||
@ -1,105 +0,0 @@ |
||||
[client] |
||||
#password = your_password |
||||
port = {{ mysql_port }} |
||||
socket = {{ mysql_socket }} |
||||
|
||||
[mysqld] |
||||
port = {{ mysql_port }} |
||||
bind-address = {{ mysql_bind_address }} |
||||
datadir = {{ mysql_datadir }} |
||||
socket = {{ mysql_socket }} |
||||
pid-file = {{ mysql_pid_file }} |
||||
{% if mysql_skip_name_resolve %} |
||||
skip-name-resolve |
||||
{% endif %} |
||||
|
||||
# Logging configuration. |
||||
{% if mysql_log_error == 'syslog' or mysql_log == 'syslog' %} |
||||
syslog |
||||
syslog-tag = {{ mysql_syslog_tag }} |
||||
{% else %} |
||||
{% if mysql_log %} |
||||
log = {{ mysql_log }} |
||||
{% endif %} |
||||
log-error = {{ mysql_log_error }} |
||||
{% endif %} |
||||
|
||||
{% if mysql_slow_query_log_enabled %} |
||||
# Slow query log configuration. |
||||
slow_query_log = 1 |
||||
slow_query_log_file = {{ mysql_slow_query_log_file }} |
||||
long_query_time = {{ mysql_slow_query_time }} |
||||
{% endif %} |
||||
|
||||
{% if mysql_replication_master %} |
||||
# Replication |
||||
server-id = {{ mysql_server_id }} |
||||
|
||||
{% if mysql_replication_role == 'master' %} |
||||
log_bin = mysql-bin |
||||
log-bin-index = mysql-bin.index |
||||
expire_logs_days = {{ mysql_expire_logs_days }} |
||||
max_binlog_size = {{ mysql_max_binlog_size }} |
||||
|
||||
{% for db in mysql_databases %} |
||||
{% if db.replicate|default(1) %} |
||||
binlog_do_db = {{ db.name }} |
||||
{% else %} |
||||
binlog_ignore_db = {{ db.name }} |
||||
{% endif %} |
||||
{% endfor %} |
||||
{% endif %} |
||||
|
||||
{% if mysql_replication_role == 'slave' %} |
||||
read_only |
||||
relay-log = relay-bin |
||||
relay-log-index = relay-bin.index |
||||
{% endif %} |
||||
{% endif %} |
||||
|
||||
# Disabling symbolic-links is recommended to prevent assorted security risks |
||||
symbolic-links = 0 |
||||
|
||||
# User is ignored when systemd is used (fedora >= 15). |
||||
user = mysql |
||||
|
||||
# http://dev.mysql.com/doc/refman/5.5/en/performance-schema.html |
||||
;performance_schema |
||||
|
||||
# Memory settings. |
||||
key_buffer_size = {{ mysql_key_buffer_size }} |
||||
max_allowed_packet = {{ mysql_max_allowed_packet }} |
||||
table_open_cache = {{ mysql_table_open_cache }} |
||||
sort_buffer_size = {{ mysql_sort_buffer_size }} |
||||
read_buffer_size = {{ mysql_read_buffer_size }} |
||||
read_rnd_buffer_size = {{ mysql_read_rnd_buffer_size }} |
||||
myisam_sort_buffer_size = {{ mysql_myisam_sort_buffer_size }} |
||||
thread_cache_size = {{ mysql_thread_cache_size }} |
||||
query_cache_size = {{ mysql_query_cache_size }} |
||||
max_connections = {{ mysql_max_connections }} |
||||
|
||||
# Other settings. |
||||
wait_timeout = {{ mysql_wait_timeout }} |
||||
|
||||
# InnoDB settings. |
||||
innodb_file_per_table = {{ mysql_innodb_file_per_table }} |
||||
innodb_buffer_pool_size = {{ mysql_innodb_buffer_pool_size }} |
||||
innodb_log_file_size = {{ mysql_innodb_log_file_size }} |
||||
innodb_log_buffer_size = {{ mysql_innodb_log_buffer_size }} |
||||
innodb_flush_log_at_trx_commit = {{ mysql_innodb_flush_log_at_trx_commit }} |
||||
innodb_lock_wait_timeout = {{ mysql_innodb_lock_wait_timeout }} |
||||
|
||||
[mysqldump] |
||||
quick |
||||
max_allowed_packet = {{ mysql_mysqldump_max_allowed_packet }} |
||||
|
||||
[mysqld_safe] |
||||
pid-file = {{ mysql_pid_file }} |
||||
|
||||
{% if mysql_config_include_files | length %} |
||||
# * IMPORTANT: Additional settings that can override those from this file! |
||||
# The files must end with '.cnf', otherwise they'll be ignored. |
||||
# |
||||
!includedir {{ mysql_config_include_dir }} |
||||
{% endif %} |
||||
|
||||
@ -1,3 +0,0 @@ |
||||
[client] |
||||
user={{ mysql_root_username }} |
||||
password="{{ mysql_root_password }}" |
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in new issue