---
- name: Download WordPress
  get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz
           sha256sum="{{ wp_sha256sum }}"

- name: Extract archive
  command: chdir=/srv/ /bin/tar xvf wordpress-{{ wp_version }}.tar.gz creates=/srv/wordpress

- name: Add group "wordpress"
  group: name=wordpress

- name: Add user "wordpress"
  user: name=wordpress group=wordpress home=/srv/wordpress/

- name: Fetch random salts for WordPress config
  local_action: command curl https://api.wordpress.org/secret-key/1.1/salt/
  register: "wp_salt"
  sudo: no

- name: Create WordPress database
  mysql_db: name={{ wp_db_name }} state=present

- name: Create WordPress database user
  mysql_user: name={{ wp_db_user }} password={{ wp_db_password }} priv={{ wp_db_name }}.*:ALL host='localhost' state=present

- name: Copy WordPress config file
  template: src=wp-config.php dest=/srv/wordpress/

- name: Change ownership of WordPress installation
  file: path=/srv/wordpress/ owner=wordpress group=wordpress state=directory recurse=yes

- name: install SEManage
  yum: pkg=policycoreutils-python state=present

- name: set the SELinux policy for the Wordpress directory
  command: semanage fcontext -a -t httpd_sys_content_t "/srv/wordpress(/.*)?"
  
- name: set the SELinux policy for wp-config.php
  command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-config\.php"

- name: set the SELinux policy for wp-content directory
  command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content(/.*)?"

- name: set the SELinux policy for the *.php files
  command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/.*\.php"

- name: set the SELinux policy for the Upgrade directory
  command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/upgrade(/.*)?"

- name: set the SELinux policy for the Uploads directory
  command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/uploads(/.*)?"

- name: set the SELinux policy for the wp-includes php files
  command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-includes/.*\.php"

- name: set the SELinux on all the Files
  command: restorecon -Rv /srv/wordpress

- name: Start php-fpm Service
  service: name=php-fpm state=started enabled=yes