-
Notifications
You must be signed in to change notification settings - Fork 1
/
ojs-3.3.0.6.yml
150 lines (128 loc) · 4.03 KB
/
ojs-3.3.0.6.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
- name: OJS version-specific configuration
remote_user: ulsprovision
hosts: ojs_3_3_0_6
become: yes
tasks:
- name: Include host vars
include_vars:
file: hostvars/{{inventory_hostname}}.ojs-config.yml
name: ojshostvar
- name: Identify OJS root
set_fact:
ojsdir: "{{ 'ojs/' if ojshostvar.use_ojs_subdir|default(false) == true else '' }}"
slashojsdir: "{{ '/ojs' if ojshostvar.use_ojs_subdir|default(false) == true else '' }}"
- name: host directory
file:
path: /var/www/vhosts/{{inventory_hostname}}/
state: directory
mode: '2775'
owner: root
group: ulssysdev
- name: html directory
file:
path: /var/www/vhosts/{{inventory_hostname}}/html/
state: directory
mode: '2775'
owner: root
group: ulssysdev
- name: ojs directory
file:
path: /var/www/vhosts/{{inventory_hostname}}/html/{{ojsdir}}
state: directory
mode: '2775'
owner: root
group: ulssysdev
when: ojsdir == 'ojs/'
- name: deploy OJS source
unarchive:
src: resources/ojs/releases/ojs-3.3.0-6.tar.gz
extra_opts: [--strip-components=1]
dest: /var/www/vhosts/{{inventory_hostname}}/html/{{ojsdir}}
- name: deploy config.inc.php
copy:
src: /var/www/vhosts/{{inventory_hostname}}/html/{{ojsdir}}config.TEMPLATE.inc.php
dest: /var/www/vhosts/{{inventory_hostname}}/html/{{ojsdir}}config.inc.php
remote_src: yes
owner: root
group: ulssysdev
mode: preserve
force: no
- name: files_dir
file:
path: /var/www/vhosts/{{inventory_hostname}}/files/
state: directory
mode: '0775'
owner: apache
group: apache
- name: deploy vhost
copy:
src: /etc/httpd/conf.d/vhosts/vhost.conf.template
dest: /etc/httpd/conf.d/vhosts/{{inventory_hostname}}.conf
remote_src: yes
owner: root
group: ulssysdev
mode: preserve
force: no
- name: set hostname in vhost
replace:
path: /etc/httpd/conf.d/vhosts/{{inventory_hostname}}.conf
regexp: 'SERVERNAME'
replace: '{{inventory_hostname}}'
- name: change vhost to use ojs subdir for global options
replace:
path: /etc/httpd/conf.d/vhosts/{{inventory_hostname}}.conf
regexp: 'apache-global-options'
replace: 'apache-legacy-global-options'
when: ojsdir == 'ojs/'
- name: change vhost to use ojs subdir for PHP exclusion
replace:
path: /etc/httpd/conf.d/vhosts/{{inventory_hostname}}.conf
regexp: 'html[/]public'
replace: 'html/ojs/public'
when: ojsdir == 'ojs/'
- name: create database
mysql_db:
name: '{{ojshostvar.database.name}}'
collation: utf8_unicode_ci
encoding: utf8
- name: grant database permissions
mysql_user:
name: '{{ojshostvar.database.username}}'
password: '{{ojshostvar.database.password}}'
priv: '{{ojshostvar.database.name}}.*:ALL'
state: present
- import_tasks: ojs-config.tasks.yml
- name: create certificate directory
file:
path: /etc/pki/tls/certs/{{inventory_hostname}}/
state: directory
- name: create certificate private directory
file:
path: /etc/pki/tls/private/{{inventory_hostname}}/
state: directory
- name: copy temporary certificate
copy:
src: /etc/pki/tls/certs/localhost.crt
dest: /etc/pki/tls/certs/{{inventory_hostname}}/cert.pem
remote_src: yes
owner: root
group: ulssysdev
mode: preserve
force: no
- name: copy temporary private key
copy:
src: /etc/pki/tls/private/localhost.key
dest: /etc/pki/tls/private/{{inventory_hostname}}/privkey.pem
remote_src: yes
owner: root
group: ulssysdev
mode: preserve
force: no
- name: disable certificate chain in vhost
lineinfile:
path: /etc/httpd/conf.d/vhosts/{{inventory_hostname}}.conf
regexp: '^(\s*SSLCertificateChainFile.*$)'
line: '#\1'
backrefs: yes
- name: restore selinux contexts
command: restorecon -r /var/www/vhosts/{{inventory_hostname}}