Semi-installation

MediaWiki web GUI installer comes up
2020-02-02 03:41:26 -05:00 · 2020-01-30 20:10:42 -05:00
18 changed files with 293 additions and 143 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,8 @@
-environments
+# Vagrant files
 .playbook
 .vagrant
-.vscode
+
 # Unneeded ansible file
 *.retry
 # Custom environments
 /environments/
--- a/README.md
+++ b/README.md
@@ -1,26 +1,22 @@
-# Free I.T. Athen's Infrastructure
+# Free I.T. Athen’s Infrastructure
-This project is used to develop Ansible for deploying and maintaining websites
+Ansible code used to deploy and maintain websites and services used by Free I.T. Athens.
 and services operated by Free I.T. Athens.
- Requires Ansible and Vagrant on the host
+## Getting Started
 frita-infra is developed in Ansible 2.7.5 using Vagrant 2.2.2 + vagrant-libvirt as a test environment.
-## Quick Start
+Check it out by simply typing: `vagrant up`
-1. Clone this project
+
-2. Run `vagrant up` to provision a Debian 11 base box
+## Versioning
 We use [SemVer](http://semver.org/) for versioning. For the versions available, see the tags on this repository. 
 ## Authors
-* **Kris Lamoureux** - *Project Founder* - @[krislamo](https://github.com/krislamo)
+* **Kris Lamoureux** - *Project Founder* - [krislamo](https://github.com/krislamo)
 ## Copyrights and Licenses
-Copyright (C) 2019, 2020, 2022  Free I.T. Athens
+Copyright (C) 2019  Free I.T. Athens
-This program is free software: you can redistribute it and/or modify it under
+This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 3 of the License.
 the terms of the GNU General Public License as published by the Free Software
 Foundation, version 3 of the License.
-This program is distributed in the hope that it will be useful, but WITHOUT
+This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-You should have received a copy of the GNU General Public License along with
+You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
 this program. If not, see <https://www.gnu.org/licenses/>.
--- a/42
+++ b/42
@@ -1,24 +1,28 @@
 # Copyright (C) 2019  Free I.T. Athens
 # 
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, version 3 of the License.
 # 
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 # 
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 # vi: set ft=ruby :
 # Set PLAYBOOK shell var for ./dev/playbook.yml
 PLAYBOOK=ENV["PLAYBOOK"]
 if !PLAYBOOK
  if File.exist?('.playbook')
    PLAYBOOK = IO.read('.playbook').split("\n")[0]
  end
  if !PLAYBOOK || PLAYBOOK.empty?
    PLAYBOOK = "webserver"
  end
 else
  File.write(".playbook", PLAYBOOK)
 end
 # Debian 11
 Vagrant.configure("2") do |config|
-  config.vm.box = "debian/bullseye64"
+
  # Debian Stable box
  config.vm.box = "debian/stretch64"
  config.vm.synced_folder ".", "/vagrant", disabled: true
-  config.vm.network "private_network", type: "dhcp"
+
  # Set static IP
  config.vm.network "private_network", ip: "192.168.121.2"
  # Machine Name
  config.vm.define :frita do |frita| #
@@ -31,9 +35,9 @@ Vagrant.configure("2") do |config|
  # Provision with Ansible
  config.vm.provision "ansible" do |ansible|
    ENV['ANSIBLE_ROLES_PATH'] = File.dirname(__FILE__) + "/roles"
    ansible.compatibility_mode = "2.0"
-    ansible.playbook = "dev/" + PLAYBOOK + ".yml"
+    ansible.playbook = "site.yml"
  end
 end
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -1,6 +1,7 @@
 [defaults]
 inventory = ./environments/development
-interpreter_python = /usr/bin/python3
+interpreter_python = /usr/bin/python
 [ssh_connection]
 pipelining=True
--- a/dev/vars/webserver.yml
+++ b/dev/vars/webserver.yml
@@ -1,5 +0,0 @@
 docker_users:
  - vagrant
 webserver_env:
  TRAEFIK_DOMAIN: traefik.example.org
--- a/dev/webserver.yml
+++ b/dev/webserver.yml
@@ -1,8 +0,0 @@
 - name: Install FRITA Web Server
  hosts: all
  become: true
  vars_files:
    - vars/webserver.yml
  roles:
    - docker
    - webserver
--- a/group_vars/all
+++ b/group_vars/all
@@ -0,0 +1,46 @@
 ### WordPress Configuration ###
 # Domain
 wp_domain: www.freeitathens.org
 wp_admin_email: contact@freeitathens.org
 # Version of WordPress to deploy
 wp_version: 5.1.1
 wp_sha1_hash: f1bff89cc360bf5ef7086594e8a9b68b4cbf2192
 # WordPress Home Directory
 # Note: value is a directory without trailing '/'
 wp_dir: /var/www/wordpress
 # WordPress Database Settings
 wp_db_host: localhost
 wp_db_name: wordpress
 wp_db_user: wordpress_user
 wp_db_pass: Password1
 wp_db_table_prefix: wp_
 ### Nextcloud Configuration ###
 # Domain
 nc_domain: cloud.freeitathens.org
 nc_admin_email: contact@freeitathens.org
 # Version of Nextcloud to deploy
 nc_version: 15.0.2
 nc_sha256_hash: c1f4cc33e39994ddbe6777370b62c30b7ae52136a0530c0b9922770803ca0fea
 # Nextcloud Home Directory
 # Note: value is a directory without trailing '/'
 nc_dir: /var/www/nextcloud
 # Nextcloud Database Settings
 nc_db_host: localhost
 nc_db_name: nextcloud
 nc_db_user: nextcloud_user
 nc_db_pass: Password1
 # Nextcloud Admin
 nc_admin: admin
 nc_admin_pass: Password1
--- a/roles/ansible/tasks/main.yml
+++ b/roles/ansible/tasks/main.yml
@@ -0,0 +1,22 @@
 - name: 'Install Ansible dependency: python-apt'
  shell: 'apt-get update && apt-get install python-apt -y'
  args:
    creates: /usr/lib/python2.7/dist-packages/apt
    warn: false
 - name: 'Install Ansible dependency: aptitude'
  apt:
    name: 'aptitude'
    state: present
    force_apt_get: true
 - name: 'Install Ansible dependency: python-docker'
  apt:
    name: python-docker
    state: present
 - name: Create Ansible's temporary directory
  file:
    path: /root/.ansible/tmp
    state: directory
    mode: '0700'
--- a/roles/docker/defaults/main.yml
+++ b/roles/docker/defaults/main.yml
@@ -1,3 +0,0 @@
 docker_compose_root: /var/lib/compose
 docker_compose: /usr/bin/docker-compose
 docker_compose_service: compose
--- a/roles/docker/tasks/main.yml
+++ b/roles/docker/tasks/main.yml
@@ -1,25 +0,0 @@
 - name: Install Docker
  ansible.builtin.apt:
    name: ['docker.io', 'docker-compose']
    state: present
    update_cache: true
 - name: Create docker-compose root
  ansible.builtin.file:
    path: "{{ docker_compose_root }}"
    state: directory
    mode: 0600
 - name: Add users to docker group
  ansible.builtin.user:
    name: "{{ item }}"
    groups: docker
    append: true
  loop: "{{ docker_users }}"
  when: docker_users is defined
 - name: Start Docker and enable on boot
  ansible.builtin.service:
    name: docker
    state: started
    enabled: true
--- a/roles/mediawiki/tasks/main.yml
+++ b/roles/mediawiki/tasks/main.yml
@@ -0,0 +1,90 @@
 - name: Install MySQL Support for Python
  apt:
    name: python-pymysql
    state: present
 - name: Create Database
  mysql_db:
    name: "{{ mw_db_name }}"
    state: present
    login_unix_socket: /var/run/mysqld/mysqld.sock
 - name: Create Database User
  mysql_user:
    name: "{{ mw_db_user }}"
    password: "{{ mw_db_pass }}"
    priv: "{{ mw_db_name }}.*:ALL,GRANT"
    state: present
    login_unix_socket: /var/run/mysqld/mysqld.sock
 - name: Install PHP Modules
  apt:
    name: ['php-xml', 'php-mbstring']
    state: present
  notify: Reload Apache2
 - name: Create Public HTML Directory
  file:
    path: "{{ mw_dir }}/public_html"
    state: directory
 # https://www.mediawiki.org/wiki/Manual:Short_URL#Moving_a_wiki_from_/wiki_to_/w
 - name: Create Directory /w for Short URLs
  file:
    path: "{{ mw_dir }}/public_html/w"
    state: directory
 - name: Create Logs Directory
  file:
    path: "{{ mw_dir }}/logs"
    state: directory
 - name: Download MediaWiki
  get_url:
    url: "https://releases.wikimedia.org/mediawiki/\
          {{ mw_version | regex_replace('\\.\\d+$', '') }}/\
          mediawiki-{{ mw_version }}.tar.gz"
    dest: /tmp/mediawiki-{{ mw_version }}.tar.gz
 - name: Extract MediaWiki
  unarchive:
    src: /tmp/mediawiki-{{ mw_version }}.tar.gz
    dest: "{{ mw_dir }}/public_html/w"
    owner: www-data
    group: www-data
    extra_opts: [--strip-components=1]
    remote_src: yes
 - name: Install MediaWiki
  command: |
    php maintenance/install.php --server="http://{{ mw_domain }}/" \
    --dbname="{{ mw_db_name }}" --dbuser="{{ mw_db_user }}" \
    --dbpass="{{ mw_db_pass }}" --pass="{{ mw_admin_pass }}" \
    --scriptpath="/w" "{{ mw_namespace }}" "{{ mw_admin }}"
  args:
    chdir: "{{ mw_dir }}/public_html/w"
    creates: "{{ mw_dir }}/public_html/w/LocalSettings.php"
 - name: Set MediaWiki Article Path
  lineinfile:
    path: "{{ mw_dir }}/public_html/w/LocalSettings.php"
    regexp: '^\$wgArticlePath'
    insertafter: '^\$wgScriptPath'
    line: '$wgArticlePath = "/wiki/$1";'
 - name: "Enable Apache Module: rewrite"
  apache2_module:
    name: rewrite
    state: present
 - name: Apply Apache Configuration
  template:
    src: mediawiki.conf.j2
    dest: /etc/apache2/sites-available/{{ mw_domain }}.conf
  notify: Reload Apache2
 - name: Enable Apache Website
  shell: a2ensite {{ mw_domain }}
  args:
    creates: /etc/apache2/sites-enabled/{{ mw_domain }}.conf
  notify: Reload Apache2
--- a/roles/mediawiki/templates/mediawiki.conf.j2
+++ b/roles/mediawiki/templates/mediawiki.conf.j2
@@ -0,0 +1,15 @@
 <VirtualHost *:80>
  ServerName {{ mw_domain }}
  ServerAdmin {{ mw_admin_email }}
  DocumentRoot {{ mw_dir }}/public_html
  RewriteEngine On
  RewriteRule ^/?wiki(/.*)?$ %{DOCUMENT_ROOT}/w/index.php [L]
  RewriteRule ^/?$ %{DOCUMENT_ROOT}/w/index.php [L]
  ErrorLog {{ mw_dir }}/logs/error.log
  CustomLog {{ mw_dir }}/logs/access.log combined
 </VirtualHost>
 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
--- a/roles/webserver/defaults/main.yml
+++ b/roles/webserver/defaults/main.yml
@@ -1 +0,0 @@
 webserver_root: "{{ docker_compose_root }}/webserver"
--- a/roles/webserver/files/docker-compose.yml
+++ b/roles/webserver/files/docker-compose.yml
@@ -1,30 +0,0 @@
 version: '3.5'
 networks:
  traefik:
    name: traefik
 services:
  traefik:
    image: traefik:2.2
    command:
      - --api.dashboard=true
      - --api.debug=true
      - --providers.docker=true
      - --entrypoints.web.address=:80
      - --entrypoints.web.http.redirections.entrypoint.to=websecure
      - --entrypoints.web.http.redirections.entrypoint.scheme=https
      - --entrypoints.web.http.redirections.entrypoint.permanent=true
      - --entrypoints.websecure.address=:443
    ports:
      - 80:80
      - 443:443
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      traefik.http.routers.api.rule: Host(`${TRAEFIK_DOMAIN}`)
      traefik.http.routers.api.entrypoints: local
      traefik.http.routers.api.service: api@internal
      traefik.http.routers.api.tls: true
    networks:
      - traefik
--- a/roles/webserver/handlers/main.yml
+++ b/roles/webserver/handlers/main.yml
@@ -1,5 +1,18 @@
- name: Compose up on webserver stack
+# Copyright (C) 2019  Free I.T. Athens
-  ansible.builtin.command: "docker-compose up -d"
+#
-  args:
+# This program is free software: you can redistribute it and/or modify
-    chdir: "{{ webserver_root }}"
+# it under the terms of the GNU General Public License as published by
-  listen: composeup_webserver
+# the Free Software Foundation, version 3 of the License.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 - name: Reload Apache2
  service: name=apache2 state=reloaded
--- a/roles/webserver/tasks/main.yml
+++ b/roles/webserver/tasks/main.yml
@@ -1,24 +1,40 @@
- name: Install MariaDB Server
+# Copyright (C) 2019  Free I.T. Athens
-  ansible.builtin.apt:
+#
-    name: mariadb-server
+# This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, version 3 of the License.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 - name: Install Apache2 Web Server
  apt:
    name: apache2
    state: present
- name: Create webserver docker-compose directory
+- name: Start Apache2 Web Server
-  ansible.builtin.file:
+  service:
-    path: "{{ webserver_root }}"
+    name: apache2
-    state: directory
+    state: started
    mode: 0600
- name: Install webserver docker-compose.yml
+- name: Install PHP
-  ansible.builtin.copy:
+  apt:
-    src: docker-compose.yml
+    name: php
-    dest: "{{ webserver_root }}/docker-compose.yml"
+    state: present
    mode: 0600
  notify: composeup_webserver
- name: Install docker-compose .env
+- name: Install PHP MySQL Extension
-  ansible.builtin.template:
+  apt:
-    src: compose-env.j2
+    name: php-mysql
-    dest: "{{ webserver_root }}/.env"
+    state: present
-    mode: 0600
+  notify: Reload Apache2
-  notify: composeup_webserver
+
 - name: Install MariaDB Server
  apt:
    name: mariadb-server
    state: present
--- a/roles/webserver/templates/compose-env.j2
+++ b/roles/webserver/templates/compose-env.j2
@@ -1,4 +0,0 @@
 # {{ ansible_managed }}
 {% for key, value in webserver_env.items() %}
 {{ key }}={{ value }}
 {% endfor %}
--- a/webserver.yml
+++ b/webserver.yml
@@ -1,6 +1,25 @@
 # Copyright (C) 2019  Free I.T. Athens
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, version 3 of the License.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 - name: Install FRITA Web Server
  hosts: all
-  become: true
+  become: yes
  roles:
-    - docker
+    - ansible
    - webserver
    #- wordpress
    #- nextcloud
    #- timetrex
    - mediawiki
Author	SHA1	Message	Date
Kris Lamoureux	7d3bfea2ca	Semi-installation	2020-02-02 03:41:26 -05:00
Kris Lamoureux	9a6e6a0d43	MediaWiki web GUI installer comes up	2020-01-30 20:10:42 -05:00
		`@@ -1 +0,0 @@`
			`webserver_root: "{{ docker_compose_root }}/webserver"`