Updates

tasks/main.yml

@@ -1,14 +1,19 @@
 ---
-- name: Get PHP version
-  ansible.builtin.shell:
-    cmd: php -v | grep -Po '(?<=PHP )([0-9.]{3})'
-  register: php_version
-  changed_when: false
+- name: Configure PHP
+  ansible.builtin.import_tasks: phpfpm.yml
+  tags: phpfpm
 
 - name: Install packages
   ansible.builtin.import_tasks: packages.yml
   tags: packages
 
-- name: Configure webserver
-  ansible.builtin.import_tasks: webserver.yml
-  tags: webserver
+- name: Copy configuration
+  ansible.builtin.template:
+    src: pma.php.j2
+    dest: "/etc/phpmyadmin/conf.d/{{ inventory_hostname }}.php"
+    mode: "0644"
+  notify:
+    - stop php-fpm-socket
+    - stop php-fpm-service
+    - start php-fpm-socket
+    - start php-fpm-service

tasks/packages.yml

@@ -8,5 +8,4 @@
     pkg:
       - python3-passlib
       - phpmyadmin
-      - php-fpm
     cache_valid_time: 3600

tasks/phpfpm.yml

@@ -0,0 +1,50 @@
+---
+- name: "PHPFPM | Create user"
+  ansible.builtin.user:
+    name: "{{ phpmyadmin_user }}"
+    shell: /bin/false
+    create_home: false
+    password_lock: true
+
+- name: "PHPFPM | Add www-data to user group"
+  ansible.builtin.user:
+    name: www-data
+    groups: "{{ phpmyadmin_user }}"
+    append: true
+
+- name: "PHPFPM | Create log file"
+  ansible.builtin.file:
+    path: "{{ php_fpm_log_dir }}/{{ phpmyadmin_user }}.log"
+    state: touch
+    mode: "0644"
+    owner: "{{ phpmyadmin_user }}"
+    group: "{{ phpmyadmin_user }}"
+    access_time: preserve
+    modification_time: preserve
+
+- name: "PHPFPM | Create pool"
+  ansible.builtin.template:
+    src: fpmpool.j2
+    dest: "{{ php_fpm_pool_dir }}/{{ phpmyadmin_user }}.cfg"
+    mode: "0644"
+  notify:
+    - stop php-fpm-socket
+    - stop php-fpm-service
+    - start php-fpm-socket
+
+- name: "PHPFPM | Create override directory"
+  ansible.builtin.file:
+    path: "/etc/systemd/system/php-fpm@{{ phpmyadmin_user }}.service.d"
+    state: directory
+    mode: "0755"
+
+- name: "PHPFPM | Copy override file"
+  ansible.builtin.template:
+    src: override.conf.j2
+    dest: "/etc/systemd/system/php-fpm@{{ phpmyadmin_user }}.service.d/override.conf"
+    mode: "0644"
+  notify:
+    - stop php-fpm-socket
+    - stop php-fpm-service
+    - start php-fpm-socket
+    - start php-fpm-service

tasks/webserver.yml

@@ -1,29 +0,0 @@
----
-- name: "Webserver | Add domain to certificate list"
-  ansible.builtin.lineinfile:
-    path: /etc/dehydrated/domains.txt
-    line: "{{ phpmyadmin_domain }}"
-  when: "'dehydrated' in ansible_facts.packages"
-  notify: Get certificate
-
-- name: "Webserver | Create htpasswd file"
-  community.general.htpasswd:
-    path: "{{ phpmyadmin_htpasswd_file }}"
-    name: "foodcoops.net"
-    password: "{{ vault_phpmyadmin_password }}"
-    owner: root
-    group: www-data
-    mode: 0640
-
-- name: "Webserver | Copy Nginx configuration"
-  ansible.builtin.template:
-    src: nginx.conf
-    dest: "/etc/nginx/sites-available/{{ phpmyadmin_domain }}"
-    mode: 0644
-
-- name: "Webserver | Enable Nginx configuration"
-  ansible.builtin.file:
-    src: "/etc/nginx/sites-available/{{ phpmyadmin_domain }}"
-    dest: "/etc/nginx/sites-enabled/{{ phpmyadmin_domain }}"
-    state: link
-  notify: reload nginx