API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 19th, 2016
123
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 4.33 KB | None | 0 0
raw download clone embed print report
  1. - name: Configure a full LEMP stack on an Ubuntu 14.04 server
  2.   hosts: webservers
  3.   sudo: True
  4.   vars:
  5.     MySQL_root_pass: freedomisntfree
  6.  
  7.   tasks:
  8.    # Adds necessary repos to install Nginx/PHP-FPM
  9.     - name: Update - Install Nginx Repository
  10.       apt_repository: repo='ppa:nginx/stable'
  11.  
  12.     # Ensures that all system packages are up to date
  13.     - name: Update - Full system package update
  14.       apt: update_cache=yes upgrade=dist
  15.  
  16.     # Installs Nginx, the "E" in LEMP?
  17.     - name: LEMP - Install Nginx
  18.       apt: name=nginx state=installed
  19.  
  20.     # Installs and configures MySQL
  21.     - name: LEMP - Set MySQL installation options - Set root password
  22.       debconf: name='mysql-server' question='mysql-server/root_password' value='{{MySQL_root_pass | quote}}' vtype='password'
  23.  
  24.     - name: LEMP - Set MySQL installation options - Set root password again
  25.       debconf: name='mysql-server' question='mysql-server/root_password_again' value='{{MySQL_root_pass | quote}}' vtype='password'
  26.  
  27.     - name: LEMP - Install MySQL
  28.       apt: name=mysql-server state=installed
  29.  
  30.     - name: LEMP - Install MySQL utilities
  31.       apt: name={{ item }} state=installed
  32.       with_items:
  33.        - mysql-utilities
  34.         - python-mysqldb
  35.  
  36.     - name: LEMP - Secure MySQL - Remove test user
  37.       mysql_user: user="" state="absent" login_password={{ MySQL_root_pass }} login_user=root
  38.  
  39.     - name: LEMP - Secure MySQL - Secure root user
  40.       mysql_user: user="root" password={{ MySQL_root_pass }} host={{ item }} login_password={{ MySQL_root_pass }} login_user=root
  41.       with_items:
  42.        - 127.0.0.1
  43.         - localhost
  44.         - ::1
  45.         - "{{ ansible_fqdn }}"
  46.  
  47.     - name: LEMP - Secure MySQL - Remove test database
  48.       mysql_db: db=test state=absent login_password={{ MySQL_root_pass }} login_user=root
  49.  
  50.     # Installs PHP and other miscellaneous packages to ensure
  51.     # proper communication between PHP, Apache, and MySQL
  52.     - name: LEMP - Install PHP and some modules for it
  53.       apt: name={{ item }} state=installed
  54.       with_items:
  55.        - php5
  56.         - php5-mysql
  57.         - php5-mcrypt
  58.         - php5-sqlite
  59.         - php5-curl
  60.         - php5-cli
  61.         - php5-cgi
  62.         - php5-gd
  63.         - php5-imagick
  64.         - php5-intl
  65.         - php5-xmlrpc
  66.  
  67.     # Installs PHP-FPM
  68.     - name: LEMP - Install PHP-FPM
  69.       apt: name=php5-fpm state=installed
  70.  
  71.     # Copies over necessary configuation files
  72.     - name: LEMP - Copy configuration files - php.ini
  73.       copy: src=lempstack/files/php.ini dest=/etc/php5/fpm/php.ini
  74.  
  75.     - name: LEMP - Copy configuration files - default
  76.       copy: src=lempstack/files/default dest=/etc/nginx/sites-available/default
  77.  
  78.     - name: LEMP - Copy configuration files - www.conf
  79.       copy: src=lempstack/files/www.conf dest=/etc/php5/fpm/pool.d/www.conf
  80.  
  81.     - name: LEMP - Copy configuration files - phpinfo.php
  82.       copy: src=lempstack/files/phpinfo.php dest=/usr/share/nginx/html/phpinfo.php
  83.  
  84.     # Restarts necessary services
  85.     - name: LEMP - Restarting LEMP services
  86.       service: name={{ item }} state=restarted
  87.       with_items:
  88.        - mysql
  89.         - nginx
  90.         - php5-fpm
  91.  
  92.     # Installs and configures Postfix
  93.     - name: Postfix - Set Postfix options - Set mail server type
  94.       debconf: name=postfix question="postfix/main_mailer_type" value="'Internet Site'" vtype="string"
  95.  
  96.     - name: Postfix - Set Postfix options - Set mail server domain name
  97.       debconf: name=postifx question="postfix/mailname" value={{ ansible_fqdn }} vtype="string"
  98.  
  99.     - name: Postfix - Install Postfix
  100.       apt: name=postfix state=installed
  101.  
  102.     # Configures UFW firewall
  103.     - name: Firewall - Install UFW
  104.       apt: name=ufw state=installed
  105.  
  106.     - name: Firewall - Allowing traffic over HTTP
  107.       ufw: rule=allow port=80 proto=tcp
  108.  
  109.     - name: Firewall - Allowing traffic over HTTPS
  110.       ufw: rule=allow port=443 proto=tcp
  111.  
  112.     - name: Firewall - Allowing traffic over SSH
  113.       ufw: rule=allow port=22 proto=tcp
  114.  
  115.     - name: Firewall - Enable and change policy to deny
  116.       ufw: state=enabled policy=deny
  117.  
  118.     # Installs any other packages we might need
  119.     - name: Misc - Install misc. packages
  120.       apt: name={{ item }} state=installed
  121.       with_items:
  122.        - sysstat
  123.         - htop
  124.         - iotop
  125.         - vim
  126.         - zsh
  127.         - cowsay
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!