first commit
This commit is contained in:
commit
b34f00fbb8
8 changed files with 118 additions and 0 deletions
11
README.md
Normal file
11
README.md
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
phpMyAdmin
|
||||||
|
==========
|
||||||
|
|
||||||
|
This role installs phpMyAdmin.
|
||||||
|
|
||||||
|
# Running the role
|
||||||
|
|
||||||
|
Run the playbook with:
|
||||||
|
```Shell
|
||||||
|
ansible-playbook playbooks/phpmyadmin.yml
|
||||||
|
```
|
2
defaults/main.yml
Normal file
2
defaults/main.yml
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
---
|
||||||
|
phpmyadmin_htpasswd_file: /etc/nginx/snippets/.htpasswd
|
9
handlers/main.yml
Normal file
9
handlers/main.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
---
|
||||||
|
- name: reload nginx
|
||||||
|
ansible.builtin.service:
|
||||||
|
name: nginx
|
||||||
|
state: reloaded
|
||||||
|
|
||||||
|
- name: Get certificate
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: dehydrated --cron -g
|
9
meta/main.yml
Normal file
9
meta/main.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
galaxy_info:
|
||||||
|
author: foodcoops.net admins
|
||||||
|
description: Role to setup phpMyAdmin
|
||||||
|
license: GPLv3
|
||||||
|
min_ansible_version: "2.9"
|
||||||
|
platforms:
|
||||||
|
- name: Debian
|
||||||
|
versions:
|
||||||
|
- bullseye
|
14
tasks/main.yml
Normal file
14
tasks/main.yml
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
---
|
||||||
|
- name: Get PHP version
|
||||||
|
ansible.builtin.shell:
|
||||||
|
cmd: php -v | grep -Po '(?<=PHP )([0-9.]{3})'
|
||||||
|
register: php_version
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
|
- name: Install packages
|
||||||
|
ansible.builtin.import_tasks: packages.yml
|
||||||
|
tags: packages
|
||||||
|
|
||||||
|
- name: Configure webserver
|
||||||
|
ansible.builtin.import_tasks: webserver.yml
|
||||||
|
tags: webserver
|
12
tasks/packages.yml
Normal file
12
tasks/packages.yml
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
- name: "Packages | Get installed packages"
|
||||||
|
ansible.builtin.package_facts:
|
||||||
|
manager: apt
|
||||||
|
|
||||||
|
- name: "Packages | Install packages"
|
||||||
|
ansible.builtin.apt:
|
||||||
|
pkg:
|
||||||
|
- python3-passlib
|
||||||
|
- phpmyadmin
|
||||||
|
- php-fpm
|
||||||
|
cache_valid_time: 3600
|
29
tasks/webserver.yml
Normal file
29
tasks/webserver.yml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
- name: "Webserver | Add domain to certificate list"
|
||||||
|
ansible.builtin.lineinfile:
|
||||||
|
path: /etc/dehydrated/domains.txt
|
||||||
|
line: "{{ phpmyadmin_domain }}"
|
||||||
|
when: "'dehydrated' in ansible_facts.packages"
|
||||||
|
notify: Get certificate
|
||||||
|
|
||||||
|
- name: "Webserver | Create htpasswd file"
|
||||||
|
community.general.htpasswd:
|
||||||
|
path: "{{ phpmyadmin_htpasswd_file }}"
|
||||||
|
name: "foodcoops.net"
|
||||||
|
password: "{{ vault_phpmyadmin_password }}"
|
||||||
|
owner: root
|
||||||
|
group: www-data
|
||||||
|
mode: 0640
|
||||||
|
|
||||||
|
- name: "Webserver | Copy Nginx configuration"
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: nginx.conf
|
||||||
|
dest: "/etc/nginx/sites-available/{{ phpmyadmin_domain }}"
|
||||||
|
mode: 0644
|
||||||
|
|
||||||
|
- name: "Webserver | Enable Nginx configuration"
|
||||||
|
ansible.builtin.file:
|
||||||
|
src: "/etc/nginx/sites-available/{{ phpmyadmin_domain }}"
|
||||||
|
dest: "/etc/nginx/sites-enabled/{{ phpmyadmin_domain }}"
|
||||||
|
state: link
|
||||||
|
notify: reload nginx
|
32
templates/nginx.conf
Normal file
32
templates/nginx.conf
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
server_name {{ phpmyadmin_domain }};
|
||||||
|
include snippets/letsencrypt.conf;
|
||||||
|
location / { return 301 https://$http_host$request_uri; }
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443 ssl http2;
|
||||||
|
server_name {{ phpmyadmin_domain }};
|
||||||
|
ssl_certificate /var/lib/dehydrated/certs/{{ phpmyadmin_domain }}/fullchain.pem;
|
||||||
|
ssl_certificate_key /var/lib/dehydrated/certs/{{ phpmyadmin_domain }}/privkey.pem;
|
||||||
|
include /etc/nginx/snippets/add_headers.conf;
|
||||||
|
|
||||||
|
auth_basic "Restricted Access Only";
|
||||||
|
auth_basic_user_file {{ phpmyadmin_htpasswd_file }};
|
||||||
|
|
||||||
|
root /usr/share/phpmyadmin;
|
||||||
|
index index.php index.html index.htm;
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
try_files $uri =404;
|
||||||
|
fastcgi_pass unix:/run/php/php{{ php_version.stdout }}-fpm.sock;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
|
include /etc/nginx/fastcgi_params;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ \.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt)$ {
|
||||||
|
root /usr/share/phpmyadmin;
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue