├── .config
└── ansible-lint.yml
├── .gitignore
├── .travis.yml
├── .yamllint
├── CHANGELOG.md
├── LICENSE.md
├── README.md
├── defaults
└── main.yml
├── files
└── my-phpfpm.te
├── handlers
└── main.yml
├── meta
└── main.yml
├── tasks
├── config.yml
├── install.yml
├── main.yml
├── plugins.yml
├── salt.yml
└── themes.yml
├── templates
├── wordpress.conf.j2
└── wp-config.php.j2
└── vars
├── Fedora.yml
├── RedHat-7.yml
└── RedHat.yml
/.config/ansible-lint.yml:
--------------------------------------------------------------------------------
1 | ---
2 | skip_list: # or 'warn_list' to consider them as warnings
3 | - experimental # all rules tagged as experimental
4 | - fqcn[action-core] # Use FQCN for builtin actions.
5 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # .gitignore
2 |
3 | # Hidden Vagrant-directory
4 | .vagrant
5 |
6 | # Backup files (e.g. Vim, Gedit, etc.)
7 | *~
8 |
9 | # Vagrant base boxes (you never know when someone puts one in the repository)
10 | *.box
11 |
12 | # Ignore test directory
13 | *-tests/
14 |
15 | # Ignore Ansible fact cache
16 | .cache/
17 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | # .travis.yml Execution script for role tests on Travis-CI
2 | ---
3 | sudo: required
4 |
5 | env:
6 | matrix:
7 | - DISTRIBUTION: centos
8 | VERSION: 7
9 | - DISTRIBUTION: fedora
10 | VERSION: 28
11 |
12 | services:
13 | - docker
14 |
15 | before_install:
16 | # Install latest Git
17 | - sudo apt-get update
18 | - sudo apt-get install --only-upgrade git
19 | # Allow fetching other branches than master
20 | - git config remote.origin.fetch +refs/heads/*:refs/remotes/origin/*
21 | # Fetch the branch with test code
22 | - git fetch origin docker-tests
23 | - git worktree add docker-tests origin/docker-tests
24 |
25 | script:
26 | # Create container and apply test playbook
27 | - ./docker-tests/docker-tests.sh
28 |
29 | # Run functional tests on the container
30 | - SUT_IP=172.17.0.3 ./docker-tests/functional-tests.sh
31 |
32 | notifications:
33 | webhooks: https://galaxy.ansible.com/api/v1/notifications/
34 |
--------------------------------------------------------------------------------
/.yamllint:
--------------------------------------------------------------------------------
1 | # .yamllint -- Custom rules for linting Yaml code
2 | # Longer line length (120) is allowed
3 | ---
4 |
5 | rules:
6 | braces:
7 | min-spaces-inside: 0
8 | max-spaces-inside: 0
9 | min-spaces-inside-empty: -1
10 | max-spaces-inside-empty: -1
11 | brackets:
12 | min-spaces-inside: 0
13 | max-spaces-inside: 0
14 | min-spaces-inside-empty: -1
15 | max-spaces-inside-empty: -1
16 | colons:
17 | max-spaces-before: 0
18 | max-spaces-after: 1
19 | commas:
20 | max-spaces-before: 0
21 | min-spaces-after: 1
22 | max-spaces-after: 1
23 | comments:
24 | level: warning
25 | require-starting-space: true
26 | min-spaces-from-content: 2
27 | comments-indentation:
28 | level: warning
29 | document-end: disable
30 | document-start:
31 | level: warning
32 | present: true
33 | empty-lines:
34 | max: 2
35 | max-start: 0
36 | max-end: 0
37 | empty-values:
38 | forbid-in-block-mappings: false
39 | forbid-in-flow-mappings: false
40 | hyphens:
41 | max-spaces-after: 1
42 | indentation:
43 | spaces: consistent
44 | indent-sequences: true
45 | check-multi-line-strings: false
46 | key-duplicates: enable
47 | key-ordering: disable
48 | line-length:
49 | max: 120
50 | level: warning
51 | allow-non-breakable-words: true
52 | allow-non-breakable-inline-mappings: false
53 | new-line-at-end-of-file: enable
54 | new-lines:
55 | type: unix
56 | trailing-spaces: enable
57 | truthy:
58 | level: warning
59 |
60 | # vim: ft=yaml
61 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Change log
2 |
3 | This file contains al notable changes to the wordpress Ansible role.
4 |
5 | This file adheres to the guidelines of [http://keepachangelog.com/](http://keepachangelog.com/). Versioning follows [Semantic Versioning](http://semver.org/).
6 |
7 | ## 1.5.1 - 202210-17
8 |
9 | ### Changed
10 |
11 | - Compile the SELinux module on the VM itself instead of trying to install the compiled module. This should prevent version mismatches when installing the compiled module on the target system.
12 | - Add the tag `wordpress` to tasks that still didn't have one
13 |
14 | ## 1.5.0 - 2022-10-14
15 |
16 | ### Added
17 |
18 | - `wordpress_version`, the version of Wordpress to be installed
19 |
20 | ### Changed
21 |
22 | - Fixed many code style and idempotence problems in contributed code
23 | - Fixed ansible-lint warnings
24 | - Simplify Apache config (drop Apache 2.2 config, which would never be installed on the supported platforms)
25 | - Fix for SELinux not allowing php-fpm to connect to mysql.socket
26 |
27 | ## 1.4.2 - 2022-10-14
28 |
29 | ### Changed
30 |
31 | - Add support for EL 9 by refactoring distro-specific vars files
32 |
33 | ## 1.4.1 - 2021-08-30
34 |
35 | ### Changed
36 |
37 | - Add support for EL 8 (Credit: [Joran Goossens](https://github.com/jorangooss99))
38 | - Update search rules for distro-specific variables so a wider range of distros (like AlmaLinux, and probably also Rocky Linux) is also supported
39 | - Replace with_items with loop (Credit: [Varun Priolkar](https://github.com/arhue))
40 |
41 | ## 1.4.0 - 2018-10-13
42 |
43 | ### Added
44 |
45 | - Variable `wordpress_allow_file_mods`, to enable installation of additional themes and plugins through the Wordpress admin dashboard
46 | - Variable `wordpress_automatic_updates` to enable automatic updates
47 | - Variable `wordpress_debug` to enable debug mode
48 |
49 | ## 1.3.0 - 2018-10-07
50 |
51 | ### Added
52 |
53 | - (GH-9) Variable `wordpress_force_ssl` (defaults to false) that, when enabled, defines FORCE_SSL_ADMIN and FORCE_SSL_LOGIN in wp-config.php in order to force https on admin pages. (credit: [Lander Van den Bulcke](https://github.com/landervdb))
54 |
55 | ### Changed
56 |
57 | - (GH-11) Fix error in the documentation (credit: [Glenn De Smedt](https://github.com/GlennDeSmedt))
58 | - Fixed Ansible deprecation warnings and yamllint warnings
59 | - (GH-10) Installation of a salt is now idempotent
60 |
61 | ## 1.2.0 - 2017-01-25
62 |
63 | ### Added
64 |
65 | - (GH-7) Added variable `mariadb_database_host` (credit [Kwinten Guillaume](https://github.com/kwinteng))
66 |
67 | ### Changed
68 |
69 | - Removed hard-coded paths to config files
70 | - Set SELinux boolean `httpd_can_network_connect_db` when necessary
71 | - Check whether Apache is already installed
72 |
73 | ### Removed
74 |
75 | - (GH-7) Removed dependency on `bertvv.mariadb` role
76 |
77 | ## 1.1.4 - 2016-05-10
78 |
79 | ### Added
80 |
81 | - Explicit support for Fedora and CentOS 7, tests for these platforms.
82 |
83 | ### Changes
84 |
85 | - Removed Ansible 2.0 deprecation warnings
86 |
87 | ## 1.1.3 - 2015-10-30
88 |
89 | This is a bugfix release
90 |
91 | ### Changes
92 |
93 | - Fixed #5 (attempting to log in to the admin page redirects to the login page without error message)
94 |
95 | ## 1.1.2 - 2015-10-11
96 |
97 | This is a bugfix release
98 |
99 | ### Changes
100 |
101 | - Fixed #2 (downloading plugins/themes without a version number). Credit to [Jordi Stevens](https://github.com/Xplendit)
102 | - Fixed #4 (Playbook sometimes crashes when getting new salts). As a consequence of the changes, the playbook will no longer fetch new salts every time it is run. When you want to get new salts, delete /usr/share/wordpress/wp-salts.php and re-run the playbook.
103 | - Replace hard-coded values of Wordpress installation directory with a variable
104 |
105 | ## 1.1.1 - 2015-10-07
106 |
107 | ### Changes
108 |
109 | - Fixed missing value of `wordpress_themes`
110 |
111 | ## 1.1.0 - 2015-10-07
112 |
113 | ### Added
114 |
115 | - Install plugins with role variable `wordpress_plugins`
116 | - Install themes with role variable `wordpress_themes`
117 |
118 | ## 1.0.0 - 2015-04-28
119 |
120 | First release!
121 |
122 | ### Added
123 |
124 | - Installs Wordpress and generates `wp-config.php` with safe secret keys and salts
125 |
126 |
--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
1 | # BSD License
2 |
3 | Copyright (c) 2014, Bert Van Vreckem, (bert.vanvreckem@gmail.com)
4 |
5 | All rights reserved.
6 |
7 | Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
8 |
9 | 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
10 |
11 | 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
12 |
13 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
14 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Ansible role `wordpress`
2 |
3 | [](https://travis-ci.org/bertvv/ansible-role-wordpress)
4 |
5 | An Ansible role for installing Wordpress. Specifically, the responsibilities of this role are to:
6 |
7 | - install Wordpress dependencies
8 | - install Wordpress by downloading a tarball from wordpress.org
9 | - Configure the database settings and Apache
10 | - fetch security keys and salts
11 | - generate `wp-config.php`
12 |
13 | ## Dependencies
14 |
15 | - [bertvv.httpd](https://galaxy.ansible.com/bertvv/httpd)
16 |
17 | ## Requirements
18 |
19 | You need to have a database server set up with a database, user, and password that can is available to this Wordpress instance. You can set it up on the same machine (e.g. using another Ansible role like [bertvv.mariadb](https://github.com/bertvv/ansible-role-mariadb)), but it can also be an existing database on another host.
20 |
21 | ## Role Variables
22 |
23 | | Variable | Default | Comments (type) |
24 | | :---------------------------- | :---------- | :------------------------------------------------------------------------------------------------ |
25 | | `wordpress_allow_file_mods` | false | When `true`, installation of additional themes and plugins through the admin dashboard is allowed |
26 | | `wordpress_automatic_updates` | false | When `true`, automatic updates are enabled |
27 | | `wordpress_database_host` | 'localhost' | The database server. |
28 | | `wordpress_database` | 'wordpress' | The name of the database for Wordpress. |
29 | | `wordpress_debug` | false | When `true`, enables debug mode |
30 | | `wordpress_force_ssl` | false | When `true`, forces HTTPS on admin pages. |
31 | | `wordpress_password` | 'wordpress' | The password of the database user. |
32 | | `wordpress_plugins` | [] | Plugins to be installed. See below. |
33 | | `wordpress_themes` | [] | Themes to be installed. See below. |
34 | | `wordpress_user` | 'wordpress' | The name of the database user. |
35 | | `wordpress_version` | '6.0.2' | The version of Wordpress to be installed |
36 |
37 | **Remark:** it is **very strongly** suggested to change the default password.
38 |
39 | ## Plugins and themes
40 |
41 | To install plugins and themes (from the Wordpress Plugin and Theme Directory), you need to specify at least the name. Most plugins and themes also have a version, in which case you need to provide it as well. The version number should not be given if the plugins does't have one. An example:
42 |
43 | ```yaml
44 | wordpress_plugins:
45 | - name: wp-super-cache
46 | version: 1.4.5
47 | - name: jetpack
48 | version: 3.7.2
49 | - name: lipsum # Plugin without a version
50 | wordpress_themes:
51 | - name: xcel
52 | version: 1.0.9
53 | ```
54 |
55 | ## Example Playbook
56 |
57 | See the test playbooks in either the [Vagrant](https://github.com/bertvv/ansible-role-wordpress/blob/vagrant-tests/test.yml) or [Docker](https://github.com/bertvv/ansible-role-wordpress/blob/docker-tests/test.yml) test environment. See the section Testing for details.
58 |
59 |
60 | ## Testing
61 |
62 | There are two types of test environments available. One powered by Vagrant, another by Docker. The latter is suitable for running automated tests on Travis-CI. Test code is kept in separate orphan branches. For details of how to set up these test environments on your own machine, see the README files in the respective branches:
63 |
64 | - Vagrant: [vagrant-tests](https://github.com/bertvv/ansible-role-wordpress/tree/vagrant-tests)
65 | - Docker: [docker-tests](https://github.com/bertvv/ansible-role-wordpress/tree/docker-tests)
66 |
67 | ## License
68 |
69 | 2-clause BSD license, see [LICENSE.md](LICENSE.md)
70 |
71 | ## Contributors
72 |
73 | - [Bert Van Vreckem](https://github.com/bertvv/) (maintainer)
74 | - [Joran Goossens](https://github.com/jorangooss99)
75 | - [Jordi Stevens](https://github.com/Xplendit)
76 | - [Kwinten Guillaume](https://github.com/kwinteng)
77 |
--------------------------------------------------------------------------------
/defaults/main.yml:
--------------------------------------------------------------------------------
1 | # roles/wordpress/defaults/main.yml
2 | ---
3 |
4 | wordpress_version: '6.0.2'
5 | wordpress_database_host: localhost
6 | wordpress_database: wordpress
7 | wordpress_user: wordpress
8 | wordpress_password: wordpress
9 |
10 | wordpress_plugins: []
11 | wordpress_themes: []
12 |
13 | wordpress_force_ssl: false
14 | wordpress_allow_file_mods: true
15 | wordpress_automatic_updates: true
16 | wordpress_debug: false
17 |
--------------------------------------------------------------------------------
/files/my-phpfpm.te:
--------------------------------------------------------------------------------
1 |
2 | module my-phpfpm 1.0;
3 |
4 | require {
5 | type httpd_t;
6 | type unconfined_service_t;
7 | class unix_stream_socket connectto;
8 | }
9 |
10 | #============= httpd_t ==============
11 | allow httpd_t unconfined_service_t:unix_stream_socket connectto;
12 |
--------------------------------------------------------------------------------
/handlers/main.yml:
--------------------------------------------------------------------------------
1 | # roles/wordpress/handlers/main.yml
2 | ---
3 |
4 | - name: Restart wordpress
5 | service:
6 | name: wordpress
7 | state: restarted
8 | tags: wordpress
9 |
10 | - name: Restart firewalld
11 | service:
12 | name: firewalld
13 | state: restarted
14 | tags: wordpress
15 |
16 | - name: Compile and apply SELinux policy
17 | shell: >
18 | checkmodule -M -m -o /root/my-phpfpm.mod /root/my-phpfpm.te;
19 | semodule_package -o /root/my-phpfpm.pp -m /root/my-phpfpm.mod;
20 | semodule --priority=300 --install=/root/my-phpfpm.pp;
21 | rm /root/my-phpfpm.{mod,pp}
22 | tags: wordpress
23 |
--------------------------------------------------------------------------------
/meta/main.yml:
--------------------------------------------------------------------------------
1 | ---
2 | galaxy_info:
3 | namespace: bertvv
4 | role_name: wordpress
5 | author: Bert Van Vreckem
6 | description: >
7 | Installs Wordpress on a RedHat based distribution (RHEL/CentOS, Fedora)
8 | license: BSD
9 | min_ansible_version: 2.0
10 | platforms:
11 | - name: EL
12 | versions:
13 | - 7
14 | - 8
15 | - 9
16 | - name: Fedora
17 | versions:
18 | - 28
19 | galaxy_tags:
20 | - web
21 | dependencies:
22 | - bertvv.httpd
23 |
--------------------------------------------------------------------------------
/tasks/config.yml:
--------------------------------------------------------------------------------
1 | # roles/wordpress/tasks/config.yml
2 | # Configures Wordpress
3 | ---
4 |
5 | - name: Apache config file for Wordpress
6 | template:
7 | src: wordpress.conf.j2
8 | dest: "{{ wordpress_httpd_configuration }}"
9 | owner: root
10 | group: root
11 | mode: '0644'
12 | setype: httpd_config_t
13 | notify: restart httpd
14 | tags: wordpress
15 |
16 | - name: Wordpress config file
17 | template:
18 | src: wp-config.php.j2
19 | dest: "{{ wordpress_configuration }}"
20 | owner: root
21 | group: apache
22 | mode: '0640'
23 | setype: etc_t
24 | notify: restart httpd
25 | tags: wordpress
26 |
27 | - name: Allow Apache to access database over the network if necessary
28 | ansible.posix.seboolean:
29 | name: httpd_can_network_connect_db
30 | state: true
31 | persistent: true
32 | when: >
33 | ansible_selinux.status == 'enabled' and
34 | wordpress_database_host != 'localhost'
35 | tags: wordpress
36 |
37 | - name: Copy SELinux policy file to allow `php-fpm` to connect to mysql.socket
38 | copy:
39 | src: my-phpfpm.te
40 | dest: /root
41 | notify: Compile and apply SELinux policy
42 | tags: wordpress
43 |
--------------------------------------------------------------------------------
/tasks/install.yml:
--------------------------------------------------------------------------------
1 | # roles/wordpress/tasks/install.yml
2 | ---
3 |
4 | - name: Check whether Apache is already installed
5 | stat:
6 | path: "{{ wordpress_httpd_service }}"
7 | register: wordpress_httpd_status
8 | failed_when: not wordpress_httpd_status.stat.exists
9 | tags: wordpress
10 |
11 | - name: Install Wordpress Prerequisites
12 | package:
13 | name: "{{ wordpress_packages }}"
14 | state: present
15 | tags: wordpress
16 |
17 | - name: Download Wordpress
18 | get_url:
19 | url: https://wordpress.org/wordpress-{{ wordpress_version }}.tar.gz
20 | dest: "{{ wordpress_install_directory }}"
21 | changed_when: false
22 | tags: wordpress
23 |
24 | - name: Unzipping wordpress
25 | unarchive:
26 | src: "{{ wordpress_install_directory }}/wordpress-{{ wordpress_version }}.tar.gz"
27 | dest: "{{ wordpress_install_directory }}"
28 | remote_src: true
29 | owner: root
30 | group: apache
31 | setype: httpd_sys_rw_content_t
32 | creates: "{{ wordpress_directory }}"
33 | tags: wordpress
34 |
35 | - name: Remove wordpress.tar.gz file
36 | file:
37 | path: "{{ wordpress_install_directory }}/wordpress-{{ wordpress_version }}.tar.gz"
38 | state: absent
39 | changed_when: false
40 | tags: wordpress
41 |
--------------------------------------------------------------------------------
/tasks/main.yml:
--------------------------------------------------------------------------------
1 | # roles/wordpress/tasks/main.yml
2 | ---
3 |
4 | - name: Include distribution-specific variables
5 | include_vars: "{{ item }}"
6 | with_first_found:
7 | - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
8 | - "{{ ansible_distribution }}.yml"
9 | - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml"
10 | - "{{ ansible_os_family }}.yml"
11 | - "{{ ansible_distribution_file_variety }}-{{ ansible_distribution_major_version }}.yml"
12 | - "{{ ansible_distribution_file_variety }}.yml"
13 | tags: wordpress
14 |
15 | - name: Install Wordpress
16 | include_tasks: install.yml
17 | tags: wordpress
18 |
19 | - name: Check if salt is already present
20 | stat:
21 | path: "{{ wordpress_directory }}/wp-salts.php"
22 | register: salt_file
23 | tags: wordpress
24 |
25 | - name: Install new salt
26 | include_tasks: salt.yml
27 | when: not salt_file.stat.exists
28 | tags: wordpress
29 |
30 | - name: Configure wordpress
31 | include_tasks: config.yml
32 | tags: wordpress
33 |
34 | - name: Install plugins
35 | include_tasks: plugins.yml
36 | tags: wordpress
37 |
38 | - name: Install themes
39 | include_tasks: themes.yml
40 | tags: wordpress
41 |
--------------------------------------------------------------------------------
/tasks/plugins.yml:
--------------------------------------------------------------------------------
1 | # roles/wordpress/tasks/plugins.yml
2 | # Installs plugins from the Wordpress Plugin Directory
3 | ---
4 |
5 | ## Plugins with a version number, e.g.
6 | #
7 | # wordpress_plugins:
8 | # - name: foo
9 | # version: 1.0.0
10 | # - name: bar
11 | # version: 4.2.0
12 |
13 | - name: Download plugins with version numbers
14 | get_url:
15 | url: "https://downloads.wordpress.org/plugin/{{ item.name }}.{{ item.version }}.zip"
16 | dest: "/tmp/{{ item.name }}.{{ item.version }}.zip"
17 | force: false
18 | with_items: "{{ wordpress_plugins }}"
19 | when: item.version is defined
20 | tags: wordpress
21 |
22 | - name: Unpack plugins with version numbers
23 | unarchive:
24 | src: "/tmp/{{ item.name }}.{{ item.version }}.zip"
25 | dest: "{{ wordpress_plugin_directory }}"
26 | creates: "{{ wordpress_plugin_directory }}/{{ item.name }}/"
27 | copy: false
28 | with_items: "{{ wordpress_plugins }}"
29 | when: item.version is defined
30 | tags: wordpress
31 |
32 | ## Plugins without a version number, e.g.
33 | #
34 | # wordpress_plugins:
35 | # - name: foo
36 | # - name: bar
37 |
38 | - name: Download plugins without version numbers
39 | get_url:
40 | url: "https://downloads.wordpress.org/plugin/{{ item.name }}.zip"
41 | dest: "/tmp/{{ item.name }}.zip"
42 | force: false
43 | with_items: "{{ wordpress_plugins }}"
44 | when: item.version is not defined
45 | tags: wordpress
46 |
47 | - name: Unpack plugins without version numbers
48 | unarchive:
49 | src: "/tmp/{{ item.name }}.zip"
50 | dest: "{{ wordpress_plugin_directory }}"
51 | creates: "{{ wordpress_plugin_directory }}/{{ item.name }}/"
52 | copy: false
53 | with_items: "{{ wordpress_plugins }}"
54 | when: item.version is not defined
55 | tags: wordpress
56 |
--------------------------------------------------------------------------------
/tasks/salt.yml:
--------------------------------------------------------------------------------
1 | # roles/wordpress/tasks/salt.yml
2 | # Download a new salt
3 | ---
4 | - name: Download Salts
5 | get_url:
6 | url: https://api.wordpress.org/secret-key/1.1/salt/
7 | dest: "{{ wordpress_directory }}/wp-salts.php"
8 | seuser: system_u
9 | setype: httpd_sys_script_exec_t
10 | force: false
11 | notify: restart httpd
12 | tags: wordpress
13 |
14 | - name: Insert PHP start tag in Salts file
15 | lineinfile:
16 | dest: "{{ wordpress_directory }}/wp-salts.php"
17 | line: ''
27 | state: present
28 | insertafter: EOF
29 | notify: restart httpd
30 | tags: wordpress
31 |
--------------------------------------------------------------------------------
/tasks/themes.yml:
--------------------------------------------------------------------------------
1 | # roles/wordpress/tasks/themes.yml
2 | # Installs themes from the Wordpress Theme Directory
3 | ---
4 |
5 | ## themes with a version number, e.g.
6 | #
7 | # wordpress_themes:
8 | # - name: foo
9 | # version: 1.0.0
10 | # - name: bar
11 | # version: 4.2.0
12 |
13 | - name: Download themes with version numbers
14 | get_url:
15 | url: "https://downloads.wordpress.org/theme/{{ item.name }}.{{ item.version }}.zip"
16 | dest: "/tmp/{{ item.name }}.{{ item.version }}.zip"
17 | force: false
18 | loop: "{{ wordpress_themes | flatten(levels=1) }}"
19 | when: item.version is defined
20 | tags: wordpress
21 |
22 | - name: Unpack themes with version numbers
23 | unarchive:
24 | src: "/tmp/{{ item.name }}.{{ item.version }}.zip"
25 | dest: "{{ wordpress_theme_directory }}"
26 | creates: "{{ wordpress_theme_directory }}/{{ item.name }}"
27 | copy: false
28 | loop: "{{ wordpress_themes | flatten(levels=1) }}"
29 | when: item.version is defined
30 | tags: wordpress
31 |
32 | ## themes without a version number, e.g.
33 | #
34 | # wordpress_themes:
35 | # - name: foo
36 | # - name: bar
37 |
38 | - name: Download themes without version numbers
39 | get_url:
40 | url: "https://downloads.wordpress.org/theme/{{ item.name }}.zip"
41 | dest: "/tmp/{{ item.name }}.zip"
42 | force: false
43 | loop: "{{ wordpress_themes | flatten(levels=1) }}"
44 | when: item.version is not defined
45 | tags: wordpress
46 |
47 | - name: Unpack themes without version numbers
48 | unarchive:
49 | src: "/tmp/{{ item.name }}.zip"
50 | dest: "{{ wordpress_theme_directory }}"
51 | creates: "{{ wordpress_theme_directory }}/{{ item.name }}"
52 | copy: false
53 | loop: "{{ wordpress_themes | flatten(levels=1) }}"
54 | when: item.version is not defined
55 | tags: wordpress
56 |
--------------------------------------------------------------------------------
/templates/wordpress.conf.j2:
--------------------------------------------------------------------------------
1 | Alias /wordpress {{ wordpress_directory }}
2 |
3 |
4 | Options FollowSymlinks
5 | AllowOverride All
6 | Require all granted
7 |
8 |
9 |
10 |
11 | Order Deny,Allow
12 | Deny from all
13 |
14 |
15 |
--------------------------------------------------------------------------------
/templates/wp-config.php.j2:
--------------------------------------------------------------------------------
1 |