first commit

tasks/main.yml

@@ -0,0 +1,14 @@
+---
+- name: Get PHP version
+  ansible.builtin.shell:
+    cmd: php -v | grep -Po '(?<=PHP )([0-9.]{3})'
+  register: php_version
+  changed_when: false
+
+- name: Install packages
+  ansible.builtin.import_tasks: packages.yml
+  tags: packages
+
+- name: Configure webserver
+  ansible.builtin.import_tasks: webserver.yml
+  tags: webserver

tasks/packages.yml

@@ -0,0 +1,12 @@
+---
+- name: "Packages | Get installed packages"
+  ansible.builtin.package_facts:
+    manager: apt
+
+- name: "Packages | Install packages"
+  ansible.builtin.apt:
+    pkg:
+      - python3-passlib
+      - phpmyadmin
+      - php-fpm
+    cache_valid_time: 3600

tasks/webserver.yml

@@ -0,0 +1,29 @@
+---
+- name: "Webserver | Add domain to certificate list"
+  ansible.builtin.lineinfile:
+    path: /etc/dehydrated/domains.txt
+    line: "{{ phpmyadmin_domain }}"
+  when: "'dehydrated' in ansible_facts.packages"
+  notify: Get certificate
+
+- name: "Webserver | Create htpasswd file"
+  community.general.htpasswd:
+    path: "{{ phpmyadmin_htpasswd_file }}"
+    name: "foodcoops.net"
+    password: "{{ vault_phpmyadmin_password }}"
+    owner: root
+    group: www-data
+    mode: 0640
+
+- name: "Webserver | Copy Nginx configuration"
+  ansible.builtin.template:
+    src: nginx.conf
+    dest: "/etc/nginx/sites-available/{{ phpmyadmin_domain }}"
+    mode: 0644
+
+- name: "Webserver | Enable Nginx configuration"
+  ansible.builtin.file:
+    src: "/etc/nginx/sites-available/{{ phpmyadmin_domain }}"
+    dest: "/etc/nginx/sites-enabled/{{ phpmyadmin_domain }}"
+    state: link
+  notify: reload nginx