FRITA-infra/roles/webserver/tasks/main.yml

73 lines
1.8 KiB
YAML
Raw Normal View History

- name: Install MariaDB Server
ansible.builtin.apt:
name: mariadb-server
state: present
- name: Change the bind-address to allow Docker
ansible.builtin.lineinfile:
path: /etc/mysql/mariadb.conf.d/50-server.cnf
regex: "^bind-address"
line: "bind-address = 0.0.0.0"
notify: restart_mariadb
- name: Install MySQL Support for Python 3
ansible.builtin.apt:
name: python3-pymysql
state: present
- name: Create MariaDB databases
community.mysql.mysql_db:
name: "{{ item.name }}"
state: present
login_unix_socket: /var/run/mysqld/mysqld.sock
loop: "{{ databases }}"
no_log: "{{ item.pass is defined }}"
- name: Create MariaDB users
community.mysql.mysql_user:
name: "{{ item.name }}"
password: "{{ item.pass }}"
host: '%'
state: present
priv: "{{ item.name }}.*:ALL"
login_unix_socket: /var/run/mysqld/mysqld.sock
loop: "{{ databases }}"
no_log: "{{ item.pass is defined }}"
- name: Create webserver docker-compose directory
ansible.builtin.file:
path: "{{ webserver_root }}"
state: directory
mode: 0600
- name: Install webserver docker-compose.yml
ansible.builtin.copy:
src: docker-compose.yml
dest: "{{ webserver_root }}/docker-compose.yml"
mode: 0600
notify: composeup_webserver
- name: Install docker-compose .env
ansible.builtin.template:
src: compose-env.j2
dest: "{{ webserver_root }}/.env"
mode: 0600
notify: composeup_webserver
- name: Allow MariaDB database connections
community.general.ufw:
rule: allow
port: 3306
proto: tcp
src: "{{ item }}"
loop: "{{ mariadb_trust }}"
- name: Add HTTP and HTTPS firewall rule
community.general.ufw:
rule: allow
port: "{{ item }}"
proto: tcp
loop:
- "80"
- "443"