public/wordpress_setup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: public:8a744f408c78e8e128b737e575feee8b944c1206
Branches Tags
public:master public:part#4 public:oslo public:part#3 public:part#2
public:part#3
...
compare: public:6aa4301f856640933d5f71611adc135eef01101c
Branches Tags
public:master public:part#4 public:oslo public:part#3 public:part#2
public:part#3

2 Commits
8a744f408c ... 6aa4301f85

Author SHA1 Message Date
Erik Gustafson
6aa4301f85 merge part3 2022-01-04 18:43:21 +01:00
Erik Gustafson
a32a665890 MariaDB on a separate host 2022-01-04 17:55:37 +01:00
2 changed files with 166 additions and 126 deletions
Expand all files Collapse all files

112
site.yml
View File

@ -4,96 +4,136 @@
hosts: localhost hosts: localhost
become: true become: true
vars: vars:
jail: jails:
name: pwordpress webserver:
fbsd_version: 13.0-RELEASE name: pwordpress
ip: 192.168.0.65 fbsd_version: 13.0-RELEASE
host_interface: em0 ip: 192.168.0.65
host_interface: em0
database:
name: pmariadb
fbsd_version: 13.0-RELEASE
ip: 192.168.0.35
host_interface: em0
database:
port: 3007
dbname: wordpress
username: wordpress
password: mypassword
website: website:
name: wordpress name: wordpress
port: 82 port: 82
database:
host: "localhost:/var/run/mysql/mysql.sock"
dbname: wordpress
username: wordpress
password: mypassword
skip_create_jail: false skip_create_jail: false
tasks: tasks:
- name: Create Jail - name: Find existing jails
command: "bastille create {{jail.name}} {{jail.fbsd_version}} {{jail.ip}} {{jail.host_interface}}" become: true
when: skip_create_jail==0 shell: |
bastille list | cut -f2 -d ' ' |tail -n +2
register: existing_jails
- name: Install packages - name: Find started jails
command: "bastille pkg {{jail.name}} install -y nginx wordpress mariadb105-server \ become: true
shell: |
jls| tr -s ' ' |cut -d ' ' -f4|tail -n +2
register: started_jails
- block:
- name: Stop existing jails
command: "bastille stop {{ item.value.name }}"
when: skip_create_jail==0 and item.value.name in started_jails.stdout_lines
loop: "{{jails|dict2items}}"
ignore_errors: true
- name: delete existing jails
command: "bastille destroy {{ item.value.name }}"
when: skip_create_jail==0 and item.value.name in existing_jails.stdout_lines
loop: "{{jails|dict2items}}"
- name: Create Jail
command: "bastille create {{item.value.name}} {{item.value.fbsd_version}} {{item.value.ip}} {{item.value.host_interface}}"
when: skip_create_jail==0
loop: "{{jails|dict2items}}"
- name: Install packages on webserver
command: "bastille pkg {{jails['webserver'].name}} install -y nginx wordpress \
php74-mbstring php74-dom php74-openssl php74-filter php74-iconv" php74-mbstring php74-dom php74-openssl php74-filter php74-iconv"
- name: Install packages database server
command: "bastille pkg {{jails['database'].name}} install -y mariadb105-server"
- name: Set bind port for mariadb
lineinfile:
regex: "^port"
line: "port = {{database.port}}"
path: "/usr/local/bastille/jails/{{jails['database'].name}}/root/usr/local/etc/mysql/my.cnf"
- name: sysrc enable mariadb - name: sysrc enable mariadb
command: "bastille sysrc {{jail.name}} mysql_enable='YES'" command: "bastille sysrc {{jails['database'].name}} mysql_enable='YES'"
- name: start mariadb server - name: start mariadb server
command: "bastille service {{jail.name}} mysql-server start" command: "bastille service {{jails['database'].name}} mysql-server restart"
- name: "mariadb: remove anonymous users" - name: "mariadb: remove anonymous users"
command: "bastille cmd {{jail.name}} mysql -e \"DELETE FROM mysql.user WHERE user=''\"" command: "bastille cmd {{jails['database'].name}} mysql -e \"DELETE FROM mysql.user WHERE user=''\""
- name: "mariadb: Disallow root login remotely" - name: "mariadb: Disallow root login remotely"
command: "bastille cmd {{jail.name}} mysql -e \"DELETE FROM mysql.global_priv WHERE user='root' AND host NOT IN ('localhost', '127.0.0.1', '::1')\"" command: "bastille cmd {{jails['database'].name}} mysql -e \"DELETE FROM mysql.global_priv WHERE user='root' AND host NOT IN ('localhost', '127.0.0.1', '::1')\""
- name: "mariadb: Drop database test" - name: "mariadb: Drop database test"
command: "bastille cmd {{jail.name}} mysql -e \"DROP DATABASE IF EXISTS test\"" command: "bastille cmd {{jails['database'].name}} mysql -e \"DROP DATABASE IF EXISTS test\""
- name: "mariadb: Remove privileges on database test" - name: "mariadb: Remove privileges on database test"
command: "bastille cmd {{jail.name}} mysql -e \"DELETE FROM mysql.db WHERE SUBSTR(db, 4) == 'test' and user=''\"" command: "bastille cmd {{jails['database'].name}} mysql -e \"DELETE FROM mysql.db WHERE SUBSTR(db, 4) == 'test' and user=''\""
- name: "mariadb: create database for wordpress" - name: "mariadb: create database for wordpress"
command: "bastille cmd {{jail.name}} mysqladmin create {{database.dbname}}" command: "bastille cmd {{jails['database'].name}} mysqladmin create {{database.dbname}}"
- name: "mariadb: Create a database user for wordpress" - name: "mariadb: Create a database user for wordpress"
command: "bastille cmd {{jail.name}} mysql -e \"GRANT ALL PRIVILEGES ON {{database.dbname}}.* TO '{{database.username}}'@'localhost' IDENTIFIED BY '{{database.password}}'\"" command: "bastille cmd {{jails['database'].name}} mysql -e \"GRANT ALL PRIVILEGES ON {{database.dbname}}.* TO '{{database.username}}'@'{{jails['webserver'].ip}}' IDENTIFIED BY '{{database.password}}'\""
- name: "mariadb: Flush privileges" - name: "mariadb: Flush privileges"
command: "bastille cmd {{jail.name}} mysqladmin flush-privileges" command: "bastille cmd {{jails['database'].name}} mysqladmin flush-privileges"
- name: "php: create php.ini" - name: "php: create php.ini"
command: "bastille cmd {{jail.name}} cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini" command: "bastille cmd {{jails['webserver'].name}} cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini"
- name: "php enable php-fpm service" - name: "php enable php-fpm service"
command: "bastille sysrc {{jail.name}} php_fpm_enable='YES'" command: "bastille sysrc {{jails['webserver'].name}} php_fpm_enable='YES'"
- name: "php start php-fpm service" - name: "php start php-fpm service"
command: "bastille service {{jail.name}} php-fpm start" command: "bastille service {{jails['webserver'].name}} php-fpm start"
- name: "nginx: create sites-enabled directory" - name: "nginx: create sites-enabled directory"
command: "bastille cmd {{jail.name}} mkdir /usr/local/etc/nginx/sites-enabled" command: "bastille cmd {{jails['webserver'].name}} mkdir /usr/local/etc/nginx/sites-enabled"
- name: "nginx: configure website" - name: "nginx: configure website"
template: template:
src: wordpress.conf.j2 src: wordpress.conf.j2
dest: "/usr/local/bastille/jails/{{jail.name}}/root/usr/local/etc/nginx/sites-enabled/{{website.name}}.conf" dest: "/usr/local/bastille/jails/{{jails['webserver'].name}}/root/usr/local/etc/nginx/sites-enabled/{{website.name}}.conf"
- name: "nginx: configure nginx.conf to include sites-enabled directory" - name: "nginx: configure nginx.conf to include sites-enabled directory"
lineinfile: lineinfile:
insertbefore: "}" insertbefore: "}"
line: " include sites-enabled/*.conf;" line: " include sites-enabled/*.conf;"
path: "/usr/local/bastille/jails/{{jail.name}}/root/usr/local/etc/nginx/nginx.conf" path: "/usr/local/bastille/jails/{{jails['webserver'].name}}/root/usr/local/etc/nginx/nginx.conf"
- name: "nginx: enable nginx service" - name: "nginx: enable nginx service"
command: "bastille sysrc {{jail.name}} nginx_enable='YES'" command: "bastille sysrc {{jails['webserver'].name}} nginx_enable='YES'"
- name: "nginx: start nginx service" - name: "nginx: start nginx service"
command: "bastille service {{jail.name}} nginx restart" command: "bastille service {{jails['webserver'].name}} nginx restart"
- name: "copy wordpress folder for new website" - name: "copy wordpress folder for new website"
command: "bastille cmd {{jail.name}} cp -R /usr/local/www/wordpress /usr/local/www/{{website.name}}" command: "bastille cmd {{jails['webserver'].name}} cp -R /usr/local/www/wordpress /usr/local/www/{{website.name}}"
- name: "wordpress: create wp-config.php" - name: "wordpress: create wp-config.php"
template: template:
src: wp-config.php.j2 src: wp-config.php.j2
dest: "/usr/local/bastille/jails/{{jail.name}}/root/usr/local/www/{{website.name}}/wp-config.php" dest: "/usr/local/bastille/jails/{{jails['webserver'].name}}/root/usr/local/www/{{website.name}}/wp-config.php"

180
templates/wp-config.php.j2
View File

@ -1,90 +1,90 @@
<?php <?php
/** /**
* The base configuration for WordPress * The base configuration for WordPress
* *
* The wp-config.php creation script uses this file during the * The wp-config.php creation script uses this file during the
* installation. You don't have to use the web site, you can * installation. You don't have to use the web site, you can
* copy this file to "wp-config.php" and fill in the values. * copy this file to "wp-config.php" and fill in the values.
* *
* This file contains the following configurations: * This file contains the following configurations:
* *
* * MySQL settings * * MySQL settings
* * Secret keys * * Secret keys
* * Database table prefix * * Database table prefix
* * ABSPATH * * ABSPATH
* *
* @link https://wordpress.org/support/article/editing-wp-config-php/ * @link https://wordpress.org/support/article/editing-wp-config-php/
* *
* @package WordPress * @package WordPress
*/ */
// ** MySQL settings - You can get this info from your web host ** // // ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */ /** The name of the database for WordPress */
define( 'DB_NAME', '{{database.dbname}}' ); define( 'DB_NAME', '{{database.dbname}}' );
/** MySQL database username */ /** MySQL database username */
define( 'DB_USER', '{{database.username}}' ); define( 'DB_USER', '{{database.username}}' );
/** MySQL database password */ /** MySQL database password */
define( 'DB_PASSWORD', '{{database.password}}' ); define( 'DB_PASSWORD', '{{database.password}}' );
/** MySQL hostname */ /** MySQL hostname */
define( 'DB_HOST', '{{database.host}}' ); define( 'DB_HOST', '{{jails['database'].ip}}:{{database.port}}' );
/** Database Charset to use in creating database tables. */ /** Database Charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' ); define( 'DB_CHARSET', 'utf8' );
/** The Database Collate type. Don't change this if in doubt. */ /** The Database Collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' ); define( 'DB_COLLATE', '' );
/**#@+ /**#@+
* Authentication Unique Keys and Salts. * Authentication Unique Keys and Salts.
* *
* Change these to different unique phrases! * Change these to different unique phrases!
* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service} * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again. * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
* *
* @since 2.6.0 * @since 2.6.0
*/ */
define( 'AUTH_KEY', 'put your unique phrase here' ); define( 'AUTH_KEY', 'put your unique phrase here' );
define( 'SECURE_AUTH_KEY', 'put your unique phrase here' ); define( 'SECURE_AUTH_KEY', 'put your unique phrase here' );
define( 'LOGGED_IN_KEY', 'put your unique phrase here' ); define( 'LOGGED_IN_KEY', 'put your unique phrase here' );
define( 'NONCE_KEY', 'put your unique phrase here' ); define( 'NONCE_KEY', 'put your unique phrase here' );
define( 'AUTH_SALT', 'put your unique phrase here' ); define( 'AUTH_SALT', 'put your unique phrase here' );
define( 'SECURE_AUTH_SALT', 'put your unique phrase here' ); define( 'SECURE_AUTH_SALT', 'put your unique phrase here' );
define( 'LOGGED_IN_SALT', 'put your unique phrase here' ); define( 'LOGGED_IN_SALT', 'put your unique phrase here' );
define( 'NONCE_SALT', 'put your unique phrase here' ); define( 'NONCE_SALT', 'put your unique phrase here' );
/**#@-*/ /**#@-*/
/** /**
* WordPress Database Table prefix. * WordPress Database Table prefix.
* *
* You can have multiple installations in one database if you give each * You can have multiple installations in one database if you give each
* a unique prefix. Only numbers, letters, and underscores please! * a unique prefix. Only numbers, letters, and underscores please!
*/ */
$table_prefix = 'wp_'; $table_prefix = 'wp_';
/** /**
* For developers: WordPress debugging mode. * For developers: WordPress debugging mode.
* *
* Change this to true to enable the display of notices during development. * Change this to true to enable the display of notices during development.
* It is strongly recommended that plugin and theme developers use WP_DEBUG * It is strongly recommended that plugin and theme developers use WP_DEBUG
* in their development environments. * in their development environments.
* *
* For information on other constants that can be used for debugging, * For information on other constants that can be used for debugging,
* visit the documentation. * visit the documentation.
* *
* @link https://wordpress.org/support/article/debugging-in-wordpress/ * @link https://wordpress.org/support/article/debugging-in-wordpress/
*/ */
define( 'WP_DEBUG', false ); define( 'WP_DEBUG', false );
/* That's all, stop editing! Happy publishing. */ /* That's all, stop editing! Happy publishing. */
/** Absolute path to the WordPress directory. */ /** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) { if ( ! defined( 'ABSPATH' ) ) {
define( 'ABSPATH', __DIR__ . '/' ); define( 'ABSPATH', __DIR__ . '/' );
} }
/** Sets up WordPress vars and included files. */ /** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php'; require_once ABSPATH . 'wp-settings.php';