├── README.md ├── inventory └── hosts_production └── playbooks ├── roles ├── base │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── load-tester │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── nginx │ ├── files │ │ ├── nginx.conf │ │ └── nginx.repo │ └── tasks │ │ └── main.yml ├── php │ ├── files │ │ └── www.conf │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── repo-epel │ ├── files │ │ ├── RPM-GPG-KEY-EPEL-7 │ │ └── epel.repo │ └── tasks │ │ └── main.yml ├── repo-remi │ ├── files │ │ ├── RPM-GPG-KEY-remi │ │ └── remi.repo │ ├── meta │ │ └── main.yml │ └── tasks │ │ └── main.yml ├── sysctl │ ├── files │ │ └── limits.conf │ └── tasks │ │ └── main.yml └── zf2 │ ├── files │ └── default.conf │ └── tasks │ └── main.yml └── site.yml /README.md: -------------------------------------------------------------------------------- 1 | # Sample Playbook For Nginx / PHP-FPM Tuning 2 | 3 | - Built for CentOS 7.x 4 | - Nginx 1.6.2 from official Nginx repo 5 | - PHP 5.6 from Remi's repo 6 | 7 | # Performance tweaks: 8 | 9 | - PHP opcode cache enabled 10 | 11 | Note: This playbook does not necessarily follow best practices or make any attempt at reusable roles. It is merely a simple way of demonstrating some of my performance and scalability tips. 12 | 13 | # How to use it 14 | 15 | * Clone this repository locally 16 | * Spin up the machines you want to test (use CentOS 7) 17 | * Edit `inventory/hosts_production with the IP's of your machines 18 | 19 | ```bash 20 | ansible-playbook -u root -i inventory/hosts_production playbooks/site.yml 21 | ``` 22 | -------------------------------------------------------------------------------- /inventory/hosts_production: -------------------------------------------------------------------------------- 1 | [nginx] 2 | 3 | [php] 4 | 5 | [load-tester] 6 | -------------------------------------------------------------------------------- /playbooks/roles/base/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: repo-epel } 4 | -------------------------------------------------------------------------------- /playbooks/roles/base/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install some base packages 3 | yum: name={{item}} state=installed 4 | with_items: 5 | - vim 6 | - htop 7 | -------------------------------------------------------------------------------- /playbooks/roles/load-tester/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: repo-epel } 4 | - { role: sysctl } 5 | -------------------------------------------------------------------------------- /playbooks/roles/load-tester/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install load testing tool(s) 3 | yum: name={{item}} state=installed 4 | with_items: 5 | - siege 6 | - httpd-tools 7 | -------------------------------------------------------------------------------- /playbooks/roles/nginx/files/nginx.conf: -------------------------------------------------------------------------------- 1 | user nginx; 2 | 3 | # Set to the number of CPUs (cores) or "auto" to let nginx figure it out 4 | worker_processes auto; 5 | 6 | # This should be less than the Kernel's fs-max. 7 | worker_rlimit_nofile 100000; 8 | 9 | error_log /var/log/nginx/error.log warn; 10 | pid /var/run/nginx.pid; 11 | 12 | events { 13 | # Use if you're using Kernel >= 2.6 14 | use epoll; 15 | 16 | # worker_connections * worker_processes should be less than half worker_rlimit_nofile 17 | # This example is for a single core box 18 | worker_connections 40000; 19 | 20 | multi_accept on; 21 | } 22 | 23 | http { 24 | include /etc/nginx/mime.types; 25 | default_type application/octet-stream; 26 | 27 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 28 | '$status $body_bytes_sent "$http_referer" ' 29 | '"$http_user_agent" "$http_x_forwarded_for"'; 30 | 31 | access_log /dev/shm/nginx-access.log main; 32 | 33 | sendfile on; 34 | tcp_nopush on; 35 | 36 | include /etc/nginx/conf.d/*.conf; 37 | } 38 | -------------------------------------------------------------------------------- /playbooks/roles/nginx/files/nginx.repo: -------------------------------------------------------------------------------- 1 | [nginx] 2 | name=nginx repo 3 | baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ 4 | gpgcheck=0 5 | enabled=1 6 | -------------------------------------------------------------------------------- /playbooks/roles/nginx/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Enable Nginx Repository 3 | copy: src=nginx.repo dest=/etc/yum.repos.d/ owner=root group=root mode=0644 4 | 5 | - name: Install Nginx 6 | yum: name=nginx state=installed 7 | 8 | - name: Configure Nginx 9 | copy: src=nginx.conf dest=/etc/nginx/ owner=root group=root mode=0644 10 | 11 | - name: Enable/Start Nginx 12 | service: name=nginx state=started enabled=yes 13 | -------------------------------------------------------------------------------- /playbooks/roles/php/files/www.conf: -------------------------------------------------------------------------------- 1 | [www] 2 | listen = 0.0.0.0:9000 3 | user = apache 4 | group = apache 5 | pm = static 6 | pm.max_children = 64 7 | slowlog = /var/log/php-fpm/www-slow.log 8 | rlimit_files = 40000 9 | php_admin_value[error_log] = /var/log/php-fpm/www-error.log 10 | php_admin_flag[log_errors] = on 11 | php_value[session.save_handler] = files 12 | php_value[session.save_path] = /var/lib/php/session 13 | php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache 14 | -------------------------------------------------------------------------------- /playbooks/roles/php/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: sysctl } 4 | - { role: repo-remi } 5 | -------------------------------------------------------------------------------- /playbooks/roles/php/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install epel-release package 3 | yum: name={{item}} state=installed 4 | with_items: 5 | - php 6 | - php-fpm 7 | - php-intl 8 | - php-opcache 9 | 10 | - name: Configure PHP-FPM Pool 11 | copy: src=www.conf dest=/etc/php-fpm.d/ owner=root group=root mode=0644 12 | 13 | - name: Enable/Start PHP-FPM 14 | service: name=php-fpm state=started enabled=yes 15 | -------------------------------------------------------------------------------- /playbooks/roles/repo-epel/files/RPM-GPG-KEY-EPEL-7: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG v1.4.11 (GNU/Linux) 3 | 4 | mQINBFKuaIQBEAC1UphXwMqCAarPUH/ZsOFslabeTVO2pDk5YnO96f+rgZB7xArB 5 | OSeQk7B90iqSJ85/c72OAn4OXYvT63gfCeXpJs5M7emXkPsNQWWSju99lW+AqSNm 6 | jYWhmRlLRGl0OO7gIwj776dIXvcMNFlzSPj00N2xAqjMbjlnV2n2abAE5gq6VpqP 7 | vFXVyfrVa/ualogDVmf6h2t4Rdpifq8qTHsHFU3xpCz+T6/dGWKGQ42ZQfTaLnDM 8 | jToAsmY0AyevkIbX6iZVtzGvanYpPcWW4X0RDPcpqfFNZk643xI4lsZ+Y2Er9Yu5 9 | S/8x0ly+tmmIokaE0wwbdUu740YTZjCesroYWiRg5zuQ2xfKxJoV5E+Eh+tYwGDJ 10 | n6HfWhRgnudRRwvuJ45ztYVtKulKw8QQpd2STWrcQQDJaRWmnMooX/PATTjCBExB 11 | 9dkz38Druvk7IkHMtsIqlkAOQMdsX1d3Tov6BE2XDjIG0zFxLduJGbVwc/6rIc95 12 | T055j36Ez0HrjxdpTGOOHxRqMK5m9flFbaxxtDnS7w77WqzW7HjFrD0VeTx2vnjj 13 | GqchHEQpfDpFOzb8LTFhgYidyRNUflQY35WLOzLNV+pV3eQ3Jg11UFwelSNLqfQf 14 | uFRGc+zcwkNjHh5yPvm9odR1BIfqJ6sKGPGbtPNXo7ERMRypWyRz0zi0twARAQAB 15 | tChGZWRvcmEgRVBFTCAoNykgPGVwZWxAZmVkb3JhcHJvamVjdC5vcmc+iQI4BBMB 16 | AgAiBQJSrmiEAhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBqL66iNSxk 17 | 5cfGD/4spqpsTjtDM7qpytKLHKruZtvuWiqt5RfvT9ww9GUUFMZ4ZZGX4nUXg49q 18 | ixDLayWR8ddG/s5kyOi3C0uX/6inzaYyRg+Bh70brqKUK14F1BrrPi29eaKfG+Gu 19 | MFtXdBG2a7OtPmw3yuKmq9Epv6B0mP6E5KSdvSRSqJWtGcA6wRS/wDzXJENHp5re 20 | 9Ism3CYydpy0GLRA5wo4fPB5uLdUhLEUDvh2KK//fMjja3o0L+SNz8N0aDZyn5Ax 21 | CU9RB3EHcTecFgoy5umRj99BZrebR1NO+4gBrivIfdvD4fJNfNBHXwhSH9ACGCNv 22 | HnXVjHQF9iHWApKkRIeh8Fr2n5dtfJEF7SEX8GbX7FbsWo29kXMrVgNqHNyDnfAB 23 | VoPubgQdtJZJkVZAkaHrMu8AytwT62Q4eNqmJI1aWbZQNI5jWYqc6RKuCK6/F99q 24 | thFT9gJO17+yRuL6Uv2/vgzVR1RGdwVLKwlUjGPAjYflpCQwWMAASxiv9uPyYPHc 25 | ErSrbRG0wjIfAR3vus1OSOx3xZHZpXFfmQTsDP7zVROLzV98R3JwFAxJ4/xqeON4 26 | vCPFU6OsT3lWQ8w7il5ohY95wmujfr6lk89kEzJdOTzcn7DBbUru33CQMGKZ3Evt 27 | RjsC7FDbL017qxS+ZVA/HGkyfiu4cpgV8VUnbql5eAZ+1Ll6Dw== 28 | =hdPa 29 | -----END PGP PUBLIC KEY BLOCK----- 30 | -------------------------------------------------------------------------------- /playbooks/roles/repo-epel/files/epel.repo: -------------------------------------------------------------------------------- 1 | [epel] 2 | name=Extra Packages for Enterprise Linux 7 - $basearch 3 | #baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch 4 | mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch 5 | failovermethod=priority 6 | enabled=1 7 | gpgcheck=1 8 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 9 | 10 | [epel-debuginfo] 11 | name=Extra Packages for Enterprise Linux 7 - $basearch - Debug 12 | #baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch/debug 13 | mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch 14 | failovermethod=priority 15 | enabled=0 16 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 17 | gpgcheck=1 18 | 19 | [epel-source] 20 | name=Extra Packages for Enterprise Linux 7 - $basearch - Source 21 | #baseurl=http://download.fedoraproject.org/pub/epel/7/SRPMS 22 | mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch 23 | failovermethod=priority 24 | enabled=0 25 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 26 | gpgcheck=1 27 | -------------------------------------------------------------------------------- /playbooks/roles/repo-epel/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Copy EPEL's GPG key 3 | copy: src=RPM-GPG-KEY-EPEL-7 dest=/etc/pki/rpm-gpg owner=root group=root mode=0644 4 | 5 | - name: Copy EPEL's repo file 6 | copy: src=epel.repo dest=/etc/yum.repos.d/ owner=root group=root mode=0644 7 | 8 | - name: Install epel-release package 9 | yum: name=epel-release state=installed enablerepo=epel 10 | -------------------------------------------------------------------------------- /playbooks/roles/repo-remi/files/RPM-GPG-KEY-remi: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: GnuPG v1.4.7 (GNU/Linux) 3 | 4 | mQGiBEJny1wRBACRnbQgZ6qLmJSuGvi/EwrRL6aW610BbdpLQRL3dnwy5wI5t9T3 5 | /JEiEJ7GTvAwfiisEHifMfk2sRlWRf2EDQFttHyrrYXfY5L6UAF2IxixK5FL7PWA 6 | /2a7tkw1IbCbt4IGG0aZJ6/xgQejrOLi4ewniqWuXCc+tLuWBZrGpE2QfwCggZ+L 7 | 0e6KPTHMP97T4xV81e3Ba5MD/3NwOQh0pVvZlW66Em8IJnBgM+eQh7pl4xq7nVOh 8 | dEMJwVU0wDRKkXqQVghOxALOSAMapj5mDppEDzGLZHZNSRcvGEs2iPwo9vmY+Qhp 9 | AyEBzE4blNR8pwPtAwL0W3cBKUx7ZhqmHr2FbNGYNO/hP4tO2ochCn5CxSwAfN1B 10 | Qs5pBACOkTZMNC7CLsSUT5P4+64t04x/STlAFczEBcJBLF1T16oItDITJmAsPxbY 11 | iee6JRfXmZKqmDP04fRdboWMcRjfDfCciSdIeGqP7vMcO25bDZB6x6++fOcmQpyD 12 | 1Fag3ZUq2yojgXWqVrgFHs/HB3QE7UQkykNp1fjQGbKK+5mWTrQkUmVtaSBDb2xs 13 | ZXQgPFJQTVNARmFtaWxsZUNvbGxldC5jb20+iGAEExECACAFAkZ+MYoCGwMGCwkI 14 | BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAATm9HAPl/Vv/UAJ9EL8ioMTsz/2EPbNuQ 15 | MP5Xx/qPLACeK5rk2hb8VFubnEsbVxnxfxatGZ25AQ0EQmfLXRAEANwGvY+mIZzj 16 | C1L5Nm2LbSGZNTN3NMbPFoqlMfmym8XFDXbdqjAHutGYEZH/PxRI6GC8YW5YK4E0 17 | HoBAH0b0F97JQEkKquahCakj0P5mGuH6Q8gDOfi6pHimnsSAGf+D+6ZwAn8bHnAa 18 | o+HVmEITYi6s+Csrs+saYUcjhu9zhyBfAAMFA/9Rmfj9/URdHfD1u0RXuvFCaeOw 19 | CYfH2/nvkx+bAcSIcbVm+tShA66ybdZ/gNnkFQKyGD9O8unSXqiELGcP8pcHTHsv 20 | JzdD1k8DhdFNhux/WPRwbo/es6QcpIPa2JPjBCzfOTn9GXVdT4pn5tLG2gHayudK 21 | 8Sj1OI2vqGLMQzhxw4hJBBgRAgAJBQJCZ8tdAhsMAAoJEABOb0cA+X9WcSAAn11i 22 | gC5ns/82kSprzBOU0BNwUeXZAJ0cvNmY7rvbyiJydyLsSxh/la6HKw== 23 | =6Rbg 24 | -----END PGP PUBLIC KEY BLOCK----- 25 | -------------------------------------------------------------------------------- /playbooks/roles/repo-remi/files/remi.repo: -------------------------------------------------------------------------------- 1 | [remi] 2 | name=Les RPM de remi pour Enterprise Linux 7 - $basearch 3 | #baseurl=http://rpms.famillecollet.com/enterprise/7/remi/$basearch/ 4 | mirrorlist=http://rpms.famillecollet.com/enterprise/7/remi/mirror 5 | enabled=1 6 | gpgcheck=1 7 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi 8 | [remi-php55] 9 | name=Les RPM de remi de PHP 5.5 pour Enterprise Linux 7 - $basearch 10 | #baseurl=http://rpms.famillecollet.com/enterprise/7/php55/$basearch/ 11 | mirrorlist=http://rpms.famillecollet.com/enterprise/7/php55/mirror 12 | # WARNING: If you enable this repository, you must also enable "remi" 13 | enabled=0 14 | gpgcheck=1 15 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi 16 | [remi-php56] 17 | name=Les RPM de remi de PHP 5.6 pour Enterprise Linux 7 - $basearch 18 | #baseurl=http://rpms.famillecollet.com/enterprise/7/php56/$basearch/ 19 | mirrorlist=http://rpms.famillecollet.com/enterprise/7/php56/mirror 20 | # WARNING: If you enable this repository, you must also enable "remi" 21 | enabled=1 22 | gpgcheck=1 23 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi 24 | 25 | [remi-test] 26 | name=Les RPM de remi en test pour Enterprise Linux 7 - $basearch 27 | #baseurl=http://rpms.famillecollet.com/enterprise/7/test/$basearch/ 28 | mirrorlist=http://rpms.famillecollet.com/enterprise/7/test/mirror 29 | # WARNING: If you enable this repository, you must also enable "remi" 30 | enabled=0 31 | gpgcheck=1 32 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi 33 | 34 | [remi-debuginfo] 35 | name=Les RPM de remi pour Enterprise Linux 7 - $basearch - debuginfo 36 | baseurl=http://rpms.famillecollet.com/enterprise/7/debug-remi/$basearch/ 37 | enabled=0 38 | gpgcheck=1 39 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi 40 | 41 | [remi-php55-debuginfo] 42 | name=Les RPM de remi de PHP 5.5 pour Enterprise Linux 7 - $basearch - debuginfo 43 | baseurl=http://rpms.famillecollet.com/enterprise/7/debug-php55/$basearch/ 44 | enabled=0 45 | gpgcheck=1 46 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi 47 | 48 | [remi-php56-debuginfo] 49 | name=Les RPM de remi de PHP 5.6 pour Enterprise Linux 7 - $basearch - debuginfo 50 | baseurl=http://rpms.famillecollet.com/enterprise/7/debug-php56/$basearch/ 51 | enabled=0 52 | gpgcheck=1 53 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi 54 | 55 | [remi-test-debuginfo] 56 | name=Les RPM de remi en test pour Enterprise Linux 7 - $basearch - debuginfo 57 | baseurl=http://rpms.famillecollet.com/enterprise/7/debug-test/$basearch/ 58 | enabled=0 59 | gpgcheck=1 60 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi 61 | -------------------------------------------------------------------------------- /playbooks/roles/repo-remi/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: repo-epel } 4 | -------------------------------------------------------------------------------- /playbooks/roles/repo-remi/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Copy Remi's GPG key 3 | copy: src=RPM-GPG-KEY-remi dest=/etc/pki/rpm-gpg owner=root group=root mode=0644 4 | 5 | - name: Copy Remi's repo file 6 | copy: src=remi.repo dest=/etc/yum.repos.d/ owner=root group=root mode=0644 7 | 8 | - name: Install remi-release package 9 | yum: name=remi-release state=installed enablerepo=remi 10 | 11 | - name: Make sure remi repo is enabled 12 | ini_file: dest=/etc/yum.repos.d/remi.repo 13 | section=remi 14 | option=enabled 15 | value=1 16 | 17 | - name: Make sure remi-php56 repo is enabled 18 | ini_file: dest=/etc/yum.repos.d/remi.repo 19 | section=remi-php56 20 | option=enabled 21 | value=1 22 | -------------------------------------------------------------------------------- /playbooks/roles/sysctl/files/limits.conf: -------------------------------------------------------------------------------- 1 | # You want this to be lower than fs.file-max in /etc/sysctl.conf because you don't want nginx to be able to use up every available file descriptors 2 | nginx soft nofile 10240 3 | nginx hard nofile 10240 4 | -------------------------------------------------------------------------------- /playbooks/roles/sysctl/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Configure sysctl 3 | lineinfile: dest=/etc/sysctl.conf 4 | line="{{ item }}" 5 | state=present 6 | with_items: 7 | - "fs.file-max=131072" # 256 * MB of RAM 8 | - "net.ipv4.tcp_tw_recycle = 1" 9 | - "net.ipv4.tcp_tw_reuse = 1" 10 | - "net.core.somaxconn = 1024" 11 | - "net.ipv4.ip_local_port_range = 1024 65535" 12 | register: sysctl 13 | 14 | # We are using worker_rlimit_nofile in nginx.conf instead 15 | #- name: Copy /etc/security/limits.conf 16 | # copy: src=limits.conf dest=/etc/security owner=root group=root mode=0644 17 | 18 | - name: Reload sysctl settings 19 | command: sysctl -p 20 | when: sysctl.changed 21 | -------------------------------------------------------------------------------- /playbooks/roles/zf2/files/default.conf: -------------------------------------------------------------------------------- 1 | upstream php { 2 | least_conn; # instead of “perfect” 3 | server 104.131.148.158:9000; 4 | server 162.243.141.203:9000; 5 | server 107.170.230.48:9000; 6 | server 107.170.241.135:9000; 7 | } 8 | 9 | server { 10 | listen 80; 11 | root /var/www/vhosts/default/public; 12 | index index.php; 13 | try_files $uri $uri/ /index.php?$args; 14 | location ~ \.php$ { 15 | fastcgi_pass php; 16 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 17 | include fastcgi_params; 18 | } 19 | 20 | location ~ /\.ht { 21 | deny all; 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /playbooks/roles/zf2/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Copy default nginx vhost 3 | copy: src=default.conf dest=/etc/nginx/conf.d owner=root group=root mode=0644 4 | register: nginx_vhost 5 | 6 | - name: Ensure directory /var/www/vhosts 7 | file: path=/var/www/vhosts/ state=directory recurse=yes 8 | 9 | - name: Install Composer 10 | shell: curl -sS https://getcomposer.org/installer | php -- --install-dir=/var/www/vhosts 11 | when: nginx_vhost.changed 12 | 13 | - name: Install ZF2 Skeleton 14 | command: php composer.phar create-project -sdev --repository-url="https://packages.zendframework.com" zendframework/skeleton-application default 15 | args: 16 | chdir: /var/www/vhosts 17 | when: nginx_vhost.changed 18 | 19 | - name: Restart Nginx 20 | service: name=nginx state=restarted 21 | when: nginx_vhost.changed 22 | -------------------------------------------------------------------------------- /playbooks/site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Set up Nginx 3 | hosts: nginx 4 | user: root 5 | roles: 6 | - { role: base } 7 | - { role: nginx } 8 | - { role: sysctl } 9 | 10 | - name: Set up PHP-FPM 11 | hosts: php 12 | user: root 13 | roles: 14 | - { role: base } 15 | - { role: php } 16 | 17 | - name: Set up load tester 18 | hosts: load-tester 19 | user: root 20 | roles: 21 | - { role: base } 22 | - { role: load-tester } 23 | --------------------------------------------------------------------------------