64 lines
1.6 KiB
YAML
64 lines
1.6 KiB
YAML
- name: Include Debian-specific tasks
|
|
ansible.builtin.include_tasks: debian.yml
|
|
when: ansible_os_family == "Debian"
|
|
|
|
- name: Include Rocky Linux-specific tasks
|
|
ansible.builtin.include_tasks: rocky.yml
|
|
when: ansible_os_family == "RedHat"
|
|
|
|
- name: Create MariaDB databases
|
|
community.mysql.mysql_db:
|
|
name: "{{ item.name }}"
|
|
state: present
|
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
|
loop: "{{ databases }}"
|
|
no_log: "{{ item.pass is defined }}"
|
|
|
|
- name: Create MariaDB users
|
|
community.mysql.mysql_user:
|
|
name: "{{ item.name }}"
|
|
password: "{{ item.pass }}"
|
|
host: "%"
|
|
state: present
|
|
priv: "{{ item.name }}.*:ALL"
|
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
|
loop: "{{ databases }}"
|
|
no_log: "{{ item.pass is defined }}"
|
|
|
|
- name: Create webserver docker-compose directory
|
|
ansible.builtin.file:
|
|
path: "{{ webserver_root }}"
|
|
state: directory
|
|
mode: 0600
|
|
|
|
- name: Install webserver docker-compose.yml
|
|
ansible.builtin.copy:
|
|
src: docker-compose.yml
|
|
dest: "{{ webserver_root }}/docker-compose.yml"
|
|
mode: 0600
|
|
notify: composeup_webserver
|
|
|
|
- name: Install docker-compose .env
|
|
ansible.builtin.template:
|
|
src: compose-env.j2
|
|
dest: "{{ webserver_root }}/.env"
|
|
mode: 0600
|
|
notify: composeup_webserver
|
|
|
|
- name: Allow MariaDB database connections
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: 3306
|
|
proto: tcp
|
|
src: "{{ item }}"
|
|
loop: "{{ mariadb_trust }}"
|
|
|
|
- name: Add HTTP and HTTPS firewall rule
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "{{ item }}"
|
|
proto: tcp
|
|
loop:
|
|
- "80"
|
|
- "443"
|