-- name: Etckeeper commit if necessary
- ansible.builtin.command: etckeeper commit "commit by ansible because installing {{ DOMAIN }}/{{ SITE }}"
- ignore_errors: true
-
-- name: Install required packages
- ansible.builtin.apt:
- name:
-# - php-ctype
- - php-curl
-# - php-dom
-# - php-fileinfo
- - php-gd
- - php-json
- - "php{{ php_version }}-xml"
- - php-mbstring
-# - php-openssl
-# - php-posix
-# - php-session
-# - php-simplexml
-# - php-xmlreader
-# - php-xmlwriter
- - php-zip
-# - php-zlib
-# - php-pdo_pgsql
- - "php{{ php_version }}-pgsql"
- - php-pgsql
- - php-intl
- - php-bz2
-# - php-sodium
- - php-gmp
-# - php-exif
- - php-redis
- - php-imagick
- - python3-psycopg2 # module ansible psql
- state: present
-
- name: Boucle d'ajout du user php dans plusieurs groupe
ansible.builtin.user:
name: "php_{{ SIGLE }}_{{ SITE }}"
groups: "{{ item }}"
append: true
loop:
- - nextcloud
- - postgres-data
- - redis
+ - mysql
- "site_{{ SIGLE }}_{{ SITE }}"
-- name: Bloc nouvelle version nextcloud
- when: nouvelle_version is undefined
- block:
- - name: Demande la version de nextcloud à installer
- ansible.builtin.pause:
- prompt: "Quelle version de nextcloud doit être utilisée"
- echo: true
- register: nextcloud_version_prompt
-
- - name: Definir nouvelle_version
- ansible.builtin.set_fact:
- nouvelle_version: "{{ nextcloud_version_prompt.user_input }}"
-
-- name: Bloc ancienne version nextcloud
- when: ancienne_version is undefined
- block:
- - name: Demande la version de nextcloud déjà installée
- ansible.builtin.pause:
- prompt: "Quelle version de nextcloud déjà installée"
- echo: true
- register: ancienne_version_prompt
-
- - name: Definir ancienne_version
- ansible.builtin.set_fact:
- ancienne_version: "{{ ancienne_version_prompt.user_input }}"
-
-- name: Inclure la verif de l'install nextcloud
- ansible.builtin.include_tasks: tasks/verif_installation_nextcloud.yml
-
-- name: PostgreSQL - nextcloud_php_user role is created
- become_user: postgres
- become: true
- community.postgresql.postgresql_user:
- name: "{{ nextcloud_php_user }}"
+- name: Création de la nouvelle bdd Mariadb
+ community.mysql.mysql_db:
+ name: "php_{{ SIGLE }}_{{ SITE }}"
state: present
- role_attr_flags: CREATEDB
-
-- name: PostgreSQL - nextcloud_db_name database is created
- become_user: postgres
- become: true
- community.postgresql.postgresql_db:
- name: "{{ nextcloud_db_name }}"
- state: "{{ item }}"
- owner: "{{ nextcloud_php_user }}"
- loop:
- - absent
- - present
-
-- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
- become_user: postgres
- become: true
- community.postgresql.postgresql_privs:
- db: "{{ item.db }}"
- privs: "{{ item.privs }}"
- type: "{{ item.type |default(omit) }}"
- objs: "{{ item.objs }}"
- role: "{{ item.role }}"
- grant_option: "{{ item.grant_option |default(omit) }}"
- loop_control:
- label: "{{ item.name }}"
- loop:
- - db: "{{ nextcloud_db_name }}"
- privs: "ALL"
- type: "schema"
- objs: "public"
- role: "{{ nextcloud_php_user }}"
- grant_option: true
- name: "GRANT ALL ON SCHEMA public TO php_{{ SIGLE }}_nuage WITH GRANT OPTION;"
-
-- name: Autoriser l'utilisateur php à se connecter à la bdd nextcloud
- community.postgresql.postgresql_pg_hba:
- dest: "/etc/postgresql/{{ postgres_version }}/main/pg_hba.conf"
- contype: local
- users: "php_{{ SIGLE }}_{{ SITE }}"
- databases: "php_{{ SIGLE }}_{{ SITE }}"
- method: peer
- keep_comments_at_rules: true
- comment: "autoriser le user php_{{ SIGLE }}_{{ SITE }} à se connecter à la bdd du meme nom"
-
-- name: Boucle création des répertoires app, config et data nextcloud
- ansible.builtin.file:
- path: "{{ item.path }}"
- state: "{{ item.state }}"
- owner: "{{ item.owner }}"
- group: "{{ item.group }}"
- mode: "{{ item.mode }}"
- loop_control:
- label: "{{ item.path }}"
- loop:
- - path: "{{ nextcloud_webroot }}/apps"
- state: directory
- owner: "{{ nextcloud_php_user }}"
- group: "{{ nextcloud_websrv_user }}"
- mode: '2750'
- - path: "{{ nextcloud_webroot }}/config"
- state: directory
- owner: "{{ nextcloud_php_user }}"
- group: "{{ nextcloud_websrv_user }}"
- mode: '2750'
- - path: "{{ nextcloud_webroot }}/data"
- state: directory
- owner: "{{ nextcloud_php_user }}"
- group: "{{ nextcloud_websrv_user }}"
- mode: '2750'
-
-- name: Create nextcloud root dir symbolic link
- ansible.builtin.file:
- src: "{{ nextcloud_symbolic_source }}"
- dest: "{{ nextcloud_webroot }}/nextcloud"
- owner: nextcloud
- group: nextcloud
- state: link
- follow: false
+ login_unix_socket: /run/mysqld/mysqld.sock
+ encoding: utf8mb4 # pour WP
-- name: Create nextcloud common app dir symbolic link
- ansible.builtin.file:
- src: "{{ nextcloud_symbolic_common }}"
- dest: "{{ nextcloud_webroot }}/common"
- owner: nextcloud
- group: nextcloud
- state: link
- follow: false
-
-- name: Créer les fichiers spécifiques nextcloud
- ansible.builtin.template:
- src: "templates/{{ item.src }}"
- dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
- owner: "{{ item.owner }}"
- group: "{{ item.group }}"
- mode: "{{ item.mode }}"
- loop:
- - src: "nextcloud_cron.j2"
- dest: "cron"
- owner: "{{ nextcloud_php_user }}"
- group: "{{ nextcloud_websrv_user }}"
- mode: '750'
- - src: "nextcloud_console.j2"
- dest: "console"
- owner: "{{ nextcloud_websrv_user }}"
- group: "{{ nextcloud_websrv_user }}"
- mode: '750'
- - src: "nextcloud_install_config.j2"
- dest: "config/config.php"
- owner: "{{ nextcloud_php_user }}"
- group: "{{ nextcloud_websrv_user }}"
- mode: '640'
-
-- name: Recharger plusieurs services
- ansible.builtin.service:
- name: "{{ item }}"
- state: reloaded
- loop:
- - "postgresql"
- - "php{{ php_version }}-fpm"
-
-- name: Lancement du script d'installation nextcloud # noqa : command-instead-of-module
- become_user: "{{ nextcloud_php_user }}"
- become: true
- ansible.builtin.command: >
- ./console maintenance:install
- --database='pgsql'
- --database-name="php_{{ SIGLE }}_{{ SITE }}"
- --database-user="php_{{ SIGLE }}_{{ SITE }}"
- --database-host="/var/run/postgresql/"
- --database-pass=""
- --admin-user='admin'
- --admin-pass='ckoideja'
- --data-dir="/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/data/"
- args:
- chdir: "{{ nextcloud_webroot }}"
- register: install_result
- ignore_errors: true
-
-- name: Afficher les logs du script d'install
- ansible.builtin.debug:
- var: install_result
- when: install_result is defined
-
-- name: Afficher les logs du script d'install
- ansible.builtin.fail:
- msg: "Le script d'install a échoué: Voir les logs ci-dessus"
- when: install_result.failed
-
-- name: Créer les fichiers spécifiques nextcloud
- ansible.builtin.template:
- src: "templates/{{ item.src }}"
- dest: "{{ nextcloud_webroot }}/{{ item.dest }}"
- owner: "{{ item.owner }}"
- group: "{{ item.group }}"
- mode: "{{ item.mode }}"
- loop:
- - src: "nextcloud_sigle_config.j2"
- dest: "config/{{ SIGLE }}.config.php"
- owner: "{{ nextcloud_php_user }}"
- group: "{{ nextcloud_websrv_user }}"
- mode: '640'
-
-- name: Creation d'un lien symbolique vers le configuration nextcloud commun
- ansible.builtin.file:
- src: "../../../../nextcloud/common.config.php"
- path: "{{ nextcloud_webroot }}/config/common.config.php"
- owner: nextcloud
- group: nextcloud
- state: link
- follow: false
-
-- name: Pour chaque base, ajouter les droits suivants à l'utilisateur php
- become_user: postgres
- become: true
- community.postgresql.postgresql_privs:
- db: "{{ item.db }}"
- privs: "{{ item.privs }}"
- type: "{{ item.type | default(omit) }}"
- objs: "{{ item.objs }}"
- role: "{{ item.role }}"
- grant_option: "{{ item.grant_option | default(omit) }}"
- loop_control:
- label: "{{ item.name }}"
- loop:
- - db: "{{ nextcloud_db_name }}"
- privs: "USAGE,CREATE"
- type: "schema"
- objs: "public"
- role: "{{ nextcloud_php_user }}"
- name: "GRANT USAGE,CREATE ON SCHEMA public TO php_{{ SIGLE }}_nuage;"
- # - db: "{{ nextcloud_db_name }}"
- # privs: "SELECT"
- # type: "table"
- # objs: "pg_namespace"
- # role: "{{ nextcloud_php_user }}"
- # name: "GRANT SELECT ON TABLE pg_namespace TO php_{{ SIGLE }}_nuage;"
- # - db: "{{ nextcloud_db_name }}"
- # privs: "SELECT"
- # type: "table"
- # objs: "pg_collation"
- # role: "{{ nextcloud_php_user }}"
- # name: "GRANT SELECT ON TABLE pg_collation TO php_{{ SIGLE }}_nuage;"
- # - db: "{{ nextcloud_db_name }}"
- # privs: "SELECT"
- # type: "table"
- # objs: "pg_index"
- # role: "{{ nextcloud_php_user }}"
- # name: "GRANT SELECT ON TABLE pg_index TO php_{{ SIGLE }}_nuage;"
- # - db: "{{ nextcloud_db_name }}"
- # privs: "SELECT"
- # type: "table"
- # objs: "pg_attrdef"
- # role: "{{ nextcloud_php_user }}"
- # name: "GRANT SELECT ON TABLE pg_attrdef TO php_{{ SIGLE }}_nuage;"
- # - db: "{{ nextcloud_db_name }}"
- # privs: "SELECT"
- # type: "table"
- # objs: "pg_description"
- # role: "{{ nextcloud_php_user }}"
- # name: "GRANT SELECT ON TABLE pg_description TO php_{{ SIGLE }}_nuage;"
- # - db: "{{ nextcloud_db_name }}"
- # privs: "SELECT"
- # type: "table"
- # objs: "pg_settings"
- # role: "{{ nextcloud_php_user }}"
- # name: "GRANT SELECT ON TABLE pg_settings TO php_{{ SIGLE }}_nuage;"
- # - db: "{{ nextcloud_db_name }}"
- # privs: "SELECT"
- # objs: "pg_database"
- # role: "{{ nextcloud_php_user }}"
- # name: "GRANT SELECT ON pg_database TO php_{{ SIGLE }}_nuage;"
-
-- name: Creation d'un fichier cron pour /etc/cron.d
- ansible.builtin.cron:
- name: "nextcloud {{ SIGLE }}_{{ SITE }} taches d'arriere plan toutes les 5 mins"
- minute: "*/5"
- user: "php_{{ SIGLE }}_{{ SITE }}"
- job: "{{ nextcloud_webroot }}/cron"
-
-- name: Recharger plusieurs services
- ansible.builtin.service:
- name: "{{ item }}"
- state: reloaded
- loop:
- - "php{{ php_version }}-fpm"
- - "nginx"
+- name: Créer le user mysql
+ mysql_user:
+ name: "php_{{ SIGLE }}_{{ SITE }}"
+ priv: "php_{{ SIGLE }}_{{ SITE }}.*:ALL"
+ state: present
+ login_unix_socket: /run/mysqld/mysqld.sock
\ No newline at end of file
--- /dev/null
+<?php
+/**
+ * The base configuration for WordPress
+ *
+ * The wp-config.php creation script uses this file during the
+ * installation. You don't have to use the web site, you can
+ * copy this file to "wp-config.php" and fill in the values.
+ *
+ * This file contains the following configurations:
+ *
+ * * MySQL settings
+ * * Secret keys
+ * * Database table prefix
+ * * ABSPATH
+ *
+ * @link https://codex.wordpress.org/Editing_wp-config.php
+ *
+ * @package WordPress
+ */
+
+// ** MySQL settings - You can get this info from your web host ** //
+/** The name of the database for WordPress */
+define('WP_CACHE', true);
+define('WPCACHEHOME', '/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}/wp-content/plugins/wp-super-cache/' );
+define('DB_NAME', 'php_{{ SIGLE }}_{{ SITE }}');
+
+/** MySQL database username */
+define('DB_USER', 'php_{{ SIGLE }}_{{ SITE }}');
+
+/** MySQL database password */
+define('DB_PASSWORD', '');
+
+/** MySQL hostname */
+define('DB_HOST', 'localhost:/run/mysqld/mysqld.sock');
+
+/** Database Charset to use in creating database tables. */
+define('DB_CHARSET', 'utf8mb4');
+
+/** The Database Collate type. Don't change this if in doubt. */
+define('DB_COLLATE', '');
+
+/**#@-*/
+
+/**
+ * WordPress Database Table prefix.
+ *
+ * You can have multiple installations in one database if you give each
+ * a unique prefix. Only numbers, letters, and underscores please!
+ */
+$table_prefix = 'wp_';
+
+/**
+ * For developers: WordPress debugging mode.
+ *
+ * Change this to true to enable the display of notices during development.
+ * It is strongly recommended that plugin and theme developers use WP_DEBUG
+ * in their development environments.
+ *
+ * For information on other constants that can be used for debugging,
+ * visit the Codex.
+ *
+ * @link https://codex.wordpress.org/Debugging_in_WordPress
+ */
+define('WP_DEBUG', false);
+
+/* That's all, stop editing! Happy blogging. */
+
+/** Absolute path to the WordPress directory. */
+if ( !defined('ABSPATH') )
+ define('ABSPATH', dirname(__FILE__) . '/');
+
+/** Sets up WordPress vars and included files. */
+require_once(ABSPATH . 'wp-settings.php');
+
+define('FS_METHOD', 'direct');
+
+/* Personnalisations hébergement LHC */
+define( 'WP_AUTO_UPDATE_CORE', true);