Initial commit

tasks/tenant.yml

@@ -0,0 +1,42 @@
+- name: 'Create group www-{{ tenant.name }}'
+  ansible.builtin.group:
+    name: 'www-{{ tenant.name }}'
+
+- name: 'Create user www-{{ tenant.name }}'
+  ansible.builtin.user:
+    name: 'www-{{ tenant.name }}'
+    group: 'www-{{ tenant.name }}'
+    home: '/srv/www/{{ tenant.name }}'
+    shell: /bin/bash
+
+- name: 'Add user www-data to group www-{{ tenant.name }}'
+  ansible.builtin.user:
+    name: 'www-data'
+    system: true
+    append: true
+    groups: 'www-{{ tenant.name }}'
+
+# php_version and "restart php-fpm" handler from nginx role
+- name: 'Create php pool www-{{ tenant.name }}'
+  ansible.builtin.template:
+    dest: "/etc/php/{{ php_version }}/fpm/pool.d/www-{{ tenant.name }}.conf"
+    src: php-fpm-pool.conf.j2
+    owner: root
+    group: root
+    mode: 0644
+  notify:
+  - restart php-fpm
+
+- name: 'Create MariaDB DBs for {{ tenant.name }}'
+  loop: '{{ tenant.options.mariadb_databases|d({})|dict2items }}'
+  community.mysql.mysql_db:
+    login_unix_socket: /var/run/mysqld/mysqld.sock
+    name: 'www-{{ tenant.name }}-{{ item.key }}'
+    collation: "{{ item.value.collation | default('utf8mb4_unicode_ci') }}"
+    encoding: "{{ item.value.encoding | default('utf8mb4') }}"
+
+- name: 'Create MariaDB user www-{{ tenant.name }}'
+  community.mysql.mysql_user:
+    name: 'www-{{ tenant.name }}'
+    priv: 'www-{{ tenant.name }}-%.*:ALL PRIVILEGES'
+    plugin: unix_socket