tasks/config_www.yml

   1 - name: Ajout de l'utilisateur site_SIGLE_SITE
   2   ansible.builtin.user:
   3     name: "site_{{ SIGLE }}_{{ SITE }}"
   4     home: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}"
   5     shell: /bin/false
   6     groups: www-data
   7     system: true
   8     append: true
   9     create_home: false
  10     password: '!'
  11
  12 - name: Boucle d'ajout d'user dans le groupe site_SIGLE_SITE
  13   ansible.builtin.user:
  14     name: "{{ item }}"
  15     groups: "site_{{ SIGLE }}_{{ SITE }}"
  16     append: true
  17   loop:
  18     - 'www-data'
  19     - 'backup' # pour borgmatic
  20
  21 - name: Boucle création ou modifications des répertoires home du site
  22   ansible.builtin.file:
  23     path: "{{ item.path }}"
  24     state: "{{ item.state }}"
  25     owner: "{{ item.owner }}"
  26     group: "{{ item.group }}"
  27     mode: "{{ item.mode }}"
  28   vars:
  29     concat: "site_{{ SIGLE }}_{{ SITE }}"
  30   loop_control:
  31     label: "{{ item.path }}"
  32   loop:
  33     - path: "/home/sites/data/{{ TLD }}"
  34       state: directory
  35       owner: 'root'
  36       group: 'www-data'
  37       mode: '3751'
  38     - path: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}"
  39       state: directory
  40       owner: 'root'
  41       group: 'www-data'
  42       mode: '2751'
  43     - path: "/home/sites/data/{{ TLD }}/{{ DOMAIN }}/{{ SITE }}"
  44       state: directory
  45       owner: "{{ ( SITE in ['www','WP'] ) | ternary ( concat , 'root' ) }}"
  46       group: "site_{{ SIGLE }}_{{ SITE }}"
  47       mode: '2750'