50 lines
1.6 KiB
YAML
50 lines
1.6 KiB
YAML
- name: 'Create group www-{{ tenant.name }}'
|
|
ansible.builtin.group:
|
|
name: 'www-{{ tenant.name }}'
|
|
|
|
- name: 'Create user www-{{ tenant.name }}'
|
|
ansible.builtin.user:
|
|
name: 'www-{{ tenant.name }}'
|
|
group: 'www-{{ tenant.name }}'
|
|
home: '/srv/www/{{ tenant.name }}'
|
|
shell: /bin/bash
|
|
|
|
- name: 'Add user www-data to group www-{{ tenant.name }}'
|
|
ansible.builtin.user:
|
|
name: 'www-data'
|
|
system: true
|
|
append: true
|
|
groups: 'www-{{ tenant.name }}'
|
|
|
|
# php_version and "restart php-fpm" handler from nginx role
|
|
- name: 'Create php pool www-{{ tenant.name }}'
|
|
ansible.builtin.template:
|
|
dest: "/etc/php/{{ php_version }}/fpm/pool.d/www-{{ tenant.name }}.conf"
|
|
src: php-fpm-pool.conf.j2
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify:
|
|
- restart php-fpm
|
|
|
|
- name: 'Create MariaDB DBs for {{ tenant.name }}'
|
|
loop: '{{ tenant.options.mariadb_databases|d({})|dict2items }}'
|
|
community.mysql.mysql_db:
|
|
login_unix_socket: /var/run/mysqld/mysqld.sock
|
|
name: 'www-{{ tenant.name }}-{{ item.key }}'
|
|
collation: "{{ item.value.collation | default('utf8mb4_unicode_ci') }}"
|
|
encoding: "{{ item.value.encoding | default('utf8mb4') }}"
|
|
|
|
- name: 'Create MariaDB user www-{{ tenant.name }}'
|
|
community.mysql.mysql_user:
|
|
name: 'www-{{ tenant.name }}'
|
|
priv: 'www-{{ tenant.name }}-%.*:ALL PRIVILEGES'
|
|
plugin: unix_socket
|
|
|
|
- name: 'Write ssh authorized_keys file for user www-{{ tenant.name }}'
|
|
ansible.builtin.template:
|
|
src: ssh_authorized_keys.j2
|
|
dest: "/etc/ssh/www_authorized_keys/www-{{ tenant.name }}"
|
|
owner: root
|
|
group: 'www-{{ tenant.name }}'
|
|
mode: 0640
|