move 'add configurations' in apache2 and nginx roles

blogs.yaml

@@ -6,3 +6,5 @@
 - hosts: blogs
   roles:
       - role: wordpress
+        site_names:
+          - kaos

destroy_container.yaml

@@ -5,10 +5,10 @@
         prompt: 'what container should be destroyed?'
         private: no
       - name: confirm1
-        prompt: 'are you sure you want to delete the container?'
+        prompt: 'are you sure you want to delete the container (NO/yes)?'
         private: no
       - name: confirm2
-        prompt: 'if you really are sure, enter "cthulhu" backwards'
+        prompt: 'if you really are sure, enter the container name again'
         private: no
   tasks:
       - block:
@@ -22,4 +22,4 @@
             lxc_container:
                 name: "{{ container_name }}"
                 state: absent
-        when: "confirm1 == 'yes' and confirm2 == 'uhluhtc'"
+        when: "confirm1 == 'yes' and confirm2 == '{{ container_name }}'"

prepare_host.yaml

@@ -2,13 +2,23 @@
 - hosts: vm_hosts
   tasks:
     - name: install lxc related packages
-      apt: name={{ item }} state=latest
+      apt:
+        name: "{{ item }}"
+        state: present
+        update_cache: yes
+        cache_valid_time: 3600
       with_items:
           - lxc
           - python
           - python-lxc
     - name: install bridge utilities
-      apt: name=bridge-utils state=latest
+      apt:
+        name: "{{ item }}"
+        state: present
+        update_cache: yes
+        cache_valid_time: 3600
+      with_items:
+        - bridge-utils
       notify: restart networking
     # We should fix this bug. We really should. It's a bug.
     # Bridge-utils requires a complete system reboot to enable the new bridge.
@@ -18,7 +28,11 @@
           dest: /etc/network/interfaces
       notify: restart networking
     - name: install utilities
-      apt: name={{ item }} state=latest
+      apt:
+        name: "{{ item }}"
+        state: present
+        update_cache: yes
+        cache_valid_time: 3600
       with_items:
           - vim
           - htop
@@ -37,4 +51,3 @@
         service: name=networking state=reloaded
       - name: restart sshd
         service: name=networking state=reloaded
-

projects_server.yaml

@@ -1,10 +0,0 @@
----
-- hosts: biff
-  roles:
-      - role: lxc_guest
-        vm_name: projects
-        distro: sid
-- hosts: projects
-  roles:
-      - role: gitlab
-        gitlab_fqdn: "{{ inventory_hostname }}.lilik.it"

roles/apache2/handlers/main.yaml

@@ -3,11 +3,3 @@
   # static: yes # see static include issue: https://github.com/ansible/ansible/issues/13485
   vars:
     service_name: apache2
-
-- name: enable apache2 configuration
-  file:
-      src: "/etc/apache2/sites-available/{{ config_name }}"
-      dest: "/etc/apache2/sites-enabled/{{ config_name }}"
-      state: link
-  when: config_name is defined
-  notify: restart apache2

roles/apache2/tasks/main.yaml

@@ -11,9 +11,29 @@
   notify: restart apache2
 
 - name: install apache2 libapache2-mod-php5
-  apt: name="{{ item }}" state=present
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
   with_items:
     - libapache2-mod-php5
   when: php | bool
   notify:
       - restart apache2
+
+- name: add apache2 configurations
+  template:
+      src: ../../{{ parent_role_path }}/templates/{{ item }}.apache2.j2
+      dest: /etc/apache2/sites-available/{{ item }}
+  when: config_names is defined
+  with_items: "{{ config_names }}"
+
+- name: enable apache2 configurations
+  file:
+      src: "/etc/apache2/sites-available/{{ item }}"
+      dest: "/etc/apache2/sites-enabled/{{ item }}"
+      state: link
+  with_items: "{{ config_names }}"
+  when: config_names is defined
+  notify: restart apache2

roles/dokuwiki/meta/main.yaml

@@ -2,3 +2,4 @@
 dependencies:
   - role: nginx
     php: true
+    parent_role_path: "dokuwiki"

roles/dokuwiki/tasks/main.yaml

@@ -1,12 +1,11 @@
 ---
 - name: install dokuwiki and associated packages
-  apt: name={{ item }} state=latest
+  apt:
+      name: "{{ item }}"
+      state: present
+      update_cache: yes
+      cache_valid_time: 3600
   with_items:
       - dokuwiki
-- name: add nginx config for docukiwi
-  template:
-      src: docuwiki_nginx.j2
-      dest: "/etc/nginx/sites-available/{{ config_name }}"
   notify:
-      - enable nginx configuration
       - restart nginx

roles/dokuwiki/vars/main.yml

@@ -1 +1,2 @@
-config_name: docuwiki.conf
+config_names:
+  - dokuwiki

roles/mattermost/tasks/main.yaml

@@ -1,5 +1,9 @@
 - name: install postgresql
-  apt: name={{ item }} state=latest
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
   with_items:
       - postgresql
       - postgresql-contrib

roles/mysql/tasks/main.yaml

@@ -3,4 +3,4 @@
   vars:
     service_name: mysql
     service_packages:
-        - mysql
+        - mysql-server

roles/nginx/handlers/main.yaml

@@ -3,14 +3,9 @@
   # static: yes # see static include issue: https://github.com/ansible/ansible/issues/13485
   vars:
     service_name: nginx
+    service_packages:
+      - nginx
 
 - name: validate nginx configuration
   command: nginx -t -c /etc/nginx/nginx.conf
   changed_when: False
-
-- name: enable nginx configuration
-  file:
-      src: "/etc/nginx/sites-available/{{ config_name }}"
-      dest: "/etc/nginx/sites-enabled/{{ config_name }}"
-      state: link
-  notify: restart nginx

roles/nginx/tasks/main.yaml

@@ -11,7 +11,11 @@
   notify: restart nginx
 
 - name: install php5-fpm
-  apt: name={{ item }} state=latest
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
   with_items:
       - php5-fpm
   when: php | bool
@@ -26,3 +30,19 @@
   notify:
       - enable nginx configuration
       - restart nginx
+
+- name: add nginx configurations
+  template:
+      src: "roles/{{ parent_role_path }}/templates/{{ item }}.conf.nginx.j2"
+      dest: /etc/nginx/sites-available/{{ item }}.conf
+  with_items: "{{ config_names }}"
+  when: config_names is defined
+
+- name: enable nginx configurations
+  file:
+      src: "/etc/nginx/sites-available/{{ item }}.conf"
+      dest: "/etc/nginx/sites-enabled/{{ item }}.conf"
+      state: link
+  with_items: "{{ config_names }}"
+  when: config_names is defined
+  notify: restart nginx

roles/postgres/main.yaml

@@ -1,15 +0,0 @@
----
-- include: service.yaml
-  vars:
-    service_name: nginx
-
-- name: validate nginx configuration
-  command: nginx -t -c /etc/nginx/nginx.conf
-  changed_when: False
-
-- name: enable nginx configuration
-  file:
-      src: "/etc/nginx/sites-available/{{ config_name }}"
-      dest: "/etc/nginx/sites-enabled/{{ config_name }}"
-      state: link
-  notify: restart nginx

roles/postgres/tasks/main.yaml

@@ -1,17 +0,0 @@
----
-- include: service.yaml
-  vars:
-    service_name: nginx
-    service_packages:
-        - nginx
-- name: disable nginx default configuration
-  file: path=/etc/nginx/sites-enabled/default state=absent
-  notify: restart nginx
-- name: upload nginx proxy configuration
-  template:
-      src: proxy_config.j2
-      dest: "/etc/nginx/sites-available/{{ config_name }}"
-  when: is_proxy | bool
-  notify:
-      - enable nginx configuration
-      - restart nginx

roles/roundcube/meta/main.yaml

@@ -1,3 +1,5 @@
 ---
 dependencies:
   - role: nginx
+    php: true
+    parent_role_path: "roundcube"

roles/roundcube/tasks/main.yaml

@@ -3,17 +3,30 @@
 
 - name: install roundcube packages
   apt:
-      name: '{{ item }}'
-      state: latest
-      update_cache: yes
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
   with_items:
       - roundcube-sqlite3
       - roundcube
       - roundcube-plugins
-- name: add nginx config for roundcube
-  template:
-      src: roundcube_nginx.j2
-      dest: "/etc/nginx/sites-available/{{ config_name }}"
   notify:
-      - enable nginx configuration
       - restart nginx
+
+- name: copy lilik-150x54.png
+  copy:
+    src: lilik-150x54.png
+    dest: /usr/share/roundcube/skins/classic/images/
+
+- name: copy my-roundcube.php
+  template:
+      src: "my-roundcube.php.j2"
+      dest: "/etc/roundcube/my-roundcube.php"
+      mode: 0600
+
+- name: include my-roundcube.php
+  lineinfile:
+    dest: /etc/roundcube/config.inc.php
+    insertafter: '\?>'
+    line: include_once("/etc/roundcube/my-roundcube.php");

roles/roundcube/templates/my-roundcube.php.j2

@@ -0,0 +1,21 @@
+<?php
+$config['default_host'] = 'ssl://mail.lilik.it';
+$config['default_port'] = 993;
+$config['imap_auth_type'] = 'login';
+$config['smtp_server'] = 'mail.lilik.it';
+$config['smtp_helo_host'] = 'webmail.lilik.it';
+$config['skin_logo'] = '/images/lilik-150x54.png';
+$config['username_domain'] = 'lilik.it';
+$config['product_name'] = 'LiLIK Webmail';
+$config['plugins'] = array('password','carddav');
+$config['language'] = 'it_IT';
+$config['skin'] = 'classic';
+#$config['create_default_folders'] = true;
+
+# TODO remove when dovecot will use a valid ssl certificate
+$config['imap_conn_options'] = array(
+  'ssl'         => array(
+	 'verify_peer'  => false,
+	 'verfify_peer_name' => false,
+   ),
+);

roles/roundcube/vars/main.yml

@@ -1 +1,2 @@
-config_name: roundcube.conf
+config_names:
+  - roundcube

roles/sympa/meta/main.yaml

@@ -1,3 +1,4 @@
 ---
 dependencies:
   - role: nginx
+    parent_role_path: "sympa"

roles/sympa/tasks/main.yaml

@@ -1,14 +1,13 @@
 ---
 - name: install sympa and associated packages
-  apt: name={{ item }} state=latest
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
   with_items:
     - sympa
     - wwsympa
     - fcgiwrap
-- name: add nginx config for sympa
-  template:
-      src: sympa_nginx.j2
-      dest: "/etc/nginx/sites-available/{{ config_name }}"
   notify:
-      - enable nginx configuration
       - restart nginx

roles/sympa/vars/main.yml

@@ -1 +1,2 @@
-config_name: sympa.conf
+config_names:
+  - sympa

roles/wordpress/meta/main.yaml

@@ -2,3 +2,5 @@
 dependencies:
     - role: apache2
       php: true
+      parent_role_path: "wordpress"
+    - role: mysql

roles/wordpress/tasks/main.yaml

@@ -1,5 +1,74 @@
 ---
 - name: install wordpress
-  apt: name={{ item }} state=latest
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
   with_items:
       - wordpress
+  notify: restart apache2
+
+- name: install inetutils-ping
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
+  with_items:
+      - inetutils-ping
+
+- name: unarchive setup-mysql.gz
+# unarchive dosn't support .gz file
+#   unarchive: src=/usr/share/doc/wordpress/examples/setup-mysql.gz dest=/usr/share/doc/wordpress/examples/ remote_src=yes copy=no
+# use shell command instead
+  shell: gunzip -d -k setup-mysql.gz
+  args:
+    chdir: /usr/share/doc/wordpress/examples/
+    creates: setup-mysql
+
+- name: make setup-mysql executable
+  file:
+    path: /usr/share/doc/wordpress/examples/setup-mysql
+    mode: u=rwx,g=rx,o=rx
+
+- name: add apache2 configurations for wordpress
+  template:
+      src: "wordpress.apache2.j2"
+      dest: "/etc/apache2/sites-available/{{ item }}.conf"
+  when: site_names is defined
+  with_items: "{{ site_names }}"
+
+- name: enable apache2 configuration
+  file:
+      src: "/etc/apache2/sites-available/{{ item }}.conf"
+      dest: "/etc/apache2/sites-enabled/{{ item }}.conf"
+      state: link
+  with_items: "{{ site_names }}"
+  when: site_names is defined
+  notify: restart apache2
+
+- name: add sites to hosts
+  lineinfile:
+    dest: /etc/hosts
+    line: "127.0.0.1  {{ item }}"
+  when: site_names is defined
+  with_items: "{{ site_names }}"
+
+- name: create wordpress databases
+  shell: "/usr/share/doc/wordpress/examples/setup-mysql -n {{ item }} {{ item }}.lilik.it"
+  args:
+    creates: /etc/wordpress/config-{{ item }}.lilik.it.php
+  when: site_names is defined
+  with_items: "{{ site_names }}"
+
+- name: edit wordpress configurations
+  blockinfile:
+    dest: /etc/wordpress/config-{{ item }}.lilik.it.php
+    block: |
+      define('DB_CHARSET', 'utf8');
+      define( 'FS_METHOD', 'direct');
+      define ('WPLANG','it_IT');
+    insertbefore: '\?>'
+  when: site_names is defined
+  with_items: "{{ site_names }}"

roles/wordpress/templates/wordpress.apache2.j2

@@ -0,0 +1,11 @@
+<VirtualHost *:80>
+  ServerName {{ item }}.lilik.it
+  DocumentRoot /usr/share/wordpress
+  DirectoryIndex index.php
+  Alias /wp-content/ "/srv/www/wp-content/{{ item }}.lilik.it/"
+  <Directory /usr/share/wordpress>
+    AllowOverride All
+    Order Deny,Allow
+    Allow from all
+  </Directory>
+</VirtualHost>

tasks/service.yaml

@@ -1,6 +1,10 @@
 ---
 - name: install {{ service_name }}
-  apt: name="{{ item }}" state=present
+  apt:
+    name: "{{ item }}"
+    state: present
+    update_cache: yes
+    cache_valid_time: 3600
   with_items: "{{ service_packages }}"
 - name: start {{ service_name }} at boot
   service: name="{{ service_name }}" enabled=yes

webmail.yaml

@@ -6,5 +6,5 @@
 - hosts: webmail
   roles:
       - role: roundcube
-        imap_server: "{{ hostvars['mail'].ansible_host }}"
-        fqdn_domain: "lilik.it"
+        # imap_server: "{{ hostvars['mail'].ansible_host }}"
+        # fqdn_domain: "lilik.it"