├── README.md ├── group_vars └── all ├── hosts ├── playbook.yml └── roles ├── common └── tasks │ ├── main.yml │ └── swap.yml ├── hhvm ├── handlers │ └── main.yml ├── tasks │ └── main.yml └── templates │ └── etc │ └── hhvm │ ├── php.ini │ └── server.ini ├── nginx ├── handlers │ └── main.yml ├── tasks │ └── main.yml └── templates │ └── etc │ └── nginx │ ├── conf.d │ └── upstream.conf │ └── nginx.conf ├── percona ├── handlers │ └── main.yml ├── tasks │ └── main.yml └── templates │ ├── etc │ └── mysql │ │ └── my.cnf │ └── percona-gpg-key ├── php-fpm ├── handlers │ └── main.yml └── tasks │ └── main.yml ├── wordpress ├── meta │ └── main.yml ├── tasks │ └── main.yml └── templates │ ├── etc │ └── nginx │ │ └── wordpress.conf │ └── wp │ ├── local-config.php │ └── wp-config.php └── wp-cli └── tasks └── main.yml /README.md: -------------------------------------------------------------------------------- 1 | # WARNING: DEPRECATED 2 | 3 | Unfortunately I don't have the time to upkeep this project or provide updates for issues. I'd recommend using Carl Alexander's DebOps for WordPress project which does the same thing as this project. You can find it here: 4 | 5 | https://github.com/carlalexander/debops-wordpress 6 | 7 | # Mercury Vagrant (HGV) Deployment Playbook 8 | 9 | [Click here for the full version](https://github.com/zach-adams/hgv-deploy-full) 10 | 11 | ## Introduction 12 | 13 | This Ansible Playbook is designed to setup a [Mercury-Like](https://github.com/wpengine/hgv/) environment on a Production server without the configuration hassle. This playbook was forked from [WPEngine's Mercury Vagrant](https://github.com/wpengine/hgv/). 14 | 15 | Essentially this server setup is a LEMP server except it runs HHVM by default instead of PHP-FPM. 16 | 17 | *Note: Remeber not to run weird scripts on your server as root without reviewing them first. Please review this playbook to ensure I'm not installing malicious software.* 18 | 19 | This Playbook will setup: 20 | 21 | - **Percona DB** (MySQL) 22 | - **HHVM** (Default) 23 | - **PHP-FPM** (Backup) 24 | - **Nginx** (Customized for WordPress) 25 | - **Clean WordPress Install** (Latest Version) 26 | - **WP-CLI** 27 | 28 | *Basic version does not include Varnish, Memcached and APC* 29 | 30 | #### This playbook will only run on Ubuntu 14.04 LTS or later 31 | 32 | ## Installation 33 | 34 | 1. SSH onto a newly created server 35 | 2. Add Ansible with `sudo add-apt-repository ppa:ansible/ansible` 36 | 3. Update Apt with `sudo apt-get update && sudo apt-get upgrade` 37 | 4. Install Git and Ansible with `sudo apt-get install ansible git` 38 | 5. Clone this repository with `git clone https://github.com/zach-adams/hgv-deploy-basic` 39 | 6. Edit `group_vars/all` with your specific details with `vim|emacs|nano group_vars/all` 40 | 7. Edit `hosts` with your specific hostname `vim|emacs|nano hosts` 41 | 8. Run Ansible with `ansible-playbook -i hosts playbook.yml` 42 | 9. Remove the cloned git directory from your server 43 | 10. You're good to go! A new WordPress install running HHVM and Varnish should be waiting for you at your hostname! 44 | 45 | ## Switching HHVM back to PHP-FPM 46 | 47 | Your Nginx configuration should automatically facilitate switching to PHP-FPM if there's an issue with HHVM, however if you want to switch back manually you can do so like this: 48 | 49 | 1. Open your Nginx configuration with `vim|emacs|nano /etc/nginx/sites-available/( Your Hostname )` 50 | 2. Find the following section towards the bottom: 51 | 52 | ``` 53 | location ~ \.php$ { 54 | proxy_intercept_errors on; 55 | error_page 500 501 502 503 = @fallback; 56 | fastcgi_buffers 8 256k; 57 | fastcgi_buffer_size 128k; 58 | fastcgi_intercept_errors on; 59 | include fastcgi_params; 60 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 61 | fastcgi_pass hhvm; 62 | } 63 | ``` 64 | 65 | 3. Change `fastcgi_pass hhvm;` to `fastcgi_pass php;` 66 | 4. Restart Nginx with `sudo service nginx restart` 67 | 5. You should now be running PHP-FPM! Check to make sure using `phpinfo();` 68 | 69 | ## Issues 70 | 71 | Please report any issues through Github or email me at zach@zach-adams.com and I'll do my best to get back to you! 72 | -------------------------------------------------------------------------------- /group_vars/all: -------------------------------------------------------------------------------- 1 | --- 2 | host: "yourhostname.com" 3 | 4 | wp_db_name: wordpress 5 | wp_db_user: wpuser 6 | wp_db_password: secret 7 | 8 | wp_admin_user: admin 9 | wp_admin_password: password 10 | 11 | wp_site_name: Mercury WP Site 12 | 13 | nginx_listen_port: 80 14 | nginx_listen_port_http_to_fcgi: 8083 15 | 16 | wpcli_version: WP-CLI 0.17.1 17 | wp_doc_root: /var/www/html 18 | web_user: www-data 19 | web_group: www-data 20 | -------------------------------------------------------------------------------- /hosts: -------------------------------------------------------------------------------- 1 | [all] 2 | yourhostname.com -------------------------------------------------------------------------------- /playbook.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: all 3 | connection: local 4 | sudo: yes 5 | 6 | roles: 7 | - common 8 | - hhvm 9 | - php-fpm 10 | - percona 11 | - nginx 12 | - wp-cli 13 | - { role: wordpress, enviro: hhvm, tags: [ 'wordpress' ] } 14 | -------------------------------------------------------------------------------- /roles/common/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install necessary packages for proper system state 3 | apt: name={{ item }} state=latest 4 | with_items: 5 | - sysv-rc-conf 6 | - python-apt 7 | - python-pycurl 8 | - python-mysqldb 9 | - git 10 | - curl 11 | - unzip 12 | - php5-mysql 13 | - traceroute 14 | - ack-grep 15 | - subversion 16 | - autojump 17 | - siege 18 | 19 | - name: Get Composer 20 | get_url: url=https://getcomposer.org/composer.phar dest=/usr/local/bin/composer mode=0755 validate_certs=no 21 | 22 | - name: Install PsySH 23 | get_url: url=http://psysh.org/psysh dest=/usr/local/bin/psysh mode=0755 24 | 25 | - name: Install Boris 26 | get_url: url=https://github.com/d11wtq/boris/releases/download/v1.0.8/boris.phar dest=/usr/local/bin/boris mode=0755 validate_certs=no 27 | 28 | - name: Fix the stdin bug, step 1 29 | lineinfile: dest=/root/.profile line="mesg n" state=absent 30 | 31 | - name: Fix the stdin bug, step 2 32 | lineinfile: dest=/root/.profile line="tty -s && mesg n" 33 | 34 | - include: swap.yml 35 | -------------------------------------------------------------------------------- /roles/common/tasks/swap.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Create swap file 3 | command: dd if=/dev/zero of=/swapfile bs=1024 count=2048k creates=/swapfile 4 | 5 | - name: Setup swap area 6 | command: mkswap /swapfile 7 | when: ansible_swaptotal_mb < 1 8 | 9 | - name: Change swap file permissions 10 | file: path=/swapfile 11 | owner=root 12 | group=root 13 | mode=0600 14 | 15 | - name: Write swap entry in fstab 16 | mount: name=none 17 | src=/swapfile 18 | fstype=swap 19 | opts=sw 20 | passno=0 21 | dump=0 22 | state=present 23 | 24 | - name: Swap on 25 | command: swapon /swapfile 26 | when: ansible_swaptotal_mb < 1 27 | -------------------------------------------------------------------------------- /roles/hhvm/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: hhvm reload 4 | service: name=hhvm state=reloaded 5 | 6 | - name: hhvm restart 7 | service: name=hhvm state=restarted 8 | 9 | - name: update-rc hhvm 10 | command: update-rc.d hhvm defaults 11 | -------------------------------------------------------------------------------- /roles/hhvm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Enable HHVM repo key 3 | apt_key: url=http://dl.hhvm.com/conf/hhvm.gpg.key state=present 4 | 5 | - name: Enable HHVM repo 6 | apt_repository: repo="deb http://dl.hhvm.com/ubuntu {{ ansible_lsb.codename }} main" state=present 7 | 8 | - name: Install HHVM 9 | apt: name=hhvm state=present 10 | 11 | - name: Do /etc/hhvm/server.ini 12 | template: src=etc/hhvm/server.ini dest=/etc/hhvm/server.ini owner=root group=root mode=0644 13 | notify: hhvm restart 14 | 15 | - name: Do /etc/hhvm/php.ini 16 | template: src=etc/hhvm/php.ini dest=/etc/hhvm/php.ini owner=root group=root mode=0644 17 | notify: hhvm restart 18 | 19 | - name: Ensure HHVM is running 20 | service: name=hhvm state=started enabled=yes 21 | -------------------------------------------------------------------------------- /roles/hhvm/templates/etc/hhvm/php.ini: -------------------------------------------------------------------------------- 1 | ; php options 2 | session.save_handler = files 3 | session.save_path = /var/lib/php5 4 | session.gc_maxlifetime = 1440 5 | 6 | ; hhvm specific 7 | hhvm.log.level = Warning 8 | hhvm.log.always_log_unhandled_exceptions = true 9 | hhvm.log.runtime_error_reporting_level = 8191 10 | hhvm.mysql.typed_results = false 11 | -------------------------------------------------------------------------------- /roles/hhvm/templates/etc/hhvm/server.ini: -------------------------------------------------------------------------------- 1 | ; php options 2 | 3 | pid = /var/run/hhvm/pid 4 | 5 | ; hhvm specific 6 | 7 | hhvm.server.file_socket = /var/run/hhvm/hhvm.sock 8 | hhvm.server.type = fastcgi 9 | hhvm.server.default_document = index.php 10 | hhvm.log.use_log_file = true 11 | hhvm.log.file = /var/log/hhvm/error.log 12 | hhvm.log.header = true 13 | hhvm.repo.central.path = /var/run/hhvm/hhvm.hhbc 14 | hhvm.server.file_socket=/var/run/hhvm/hhvm.sock 15 | -------------------------------------------------------------------------------- /roles/nginx/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: nginx reload 4 | service: name=nginx state=reloaded 5 | 6 | - name: nginx restart 7 | service: name=nginx state=restarted 8 | 9 | - name: update-rc nginx 10 | command: update-rc.d nginx defaults 11 | -------------------------------------------------------------------------------- /roles/nginx/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Nginx GPG key 3 | apt_key: url=http://nginx.org/keys/nginx_signing.key state=present 4 | 5 | - name: Enable Nginx stable repo 6 | apt_repository: repo='deb http://nginx.org/packages/ubuntu {{ ansible_lsb.codename }} nginx' state=present update_cache=yes 7 | 8 | - name: Install nginx 9 | apt: name=nginx state=present 10 | notify: 11 | - nginx restart 12 | - update-rc nginx 13 | 14 | - name: Ensure /etc/nginx directories exist 15 | file: path={{ item }} state=directory owner=root group=root mode=0755 16 | with_items: 17 | - /etc/nginx/sites-available 18 | - /etc/nginx/sites-enabled 19 | 20 | - name: Configure /etc/nginx/nginx.conf 21 | template: src=etc/nginx/nginx.conf dest=/etc/nginx/nginx.conf owner=root group=root mode=0644 22 | notify: nginx restart 23 | 24 | - name: Do nginx upstream.conf 25 | template: src=etc/nginx/conf.d/upstream.conf dest=/etc/nginx/conf.d/upstream.conf owner=root group=root mode=0644 26 | notify: nginx restart 27 | 28 | - name: Remove default.conf 29 | file: path=/etc/nginx/sites-enabled/default state=absent 30 | 31 | - name: Ensure main docroot exists 32 | file: path={{ wp_doc_root }} state=directory 33 | 34 | - name: Set up master docroot 35 | file: path={{ wp_doc_root }} state=directory owner={{ web_user }} group={{ web_group }} mode=0775 36 | 37 | - name: Make sure Nginx is running 38 | service: name=nginx state=started enabled=yes 39 | -------------------------------------------------------------------------------- /roles/nginx/templates/etc/nginx/conf.d/upstream.conf: -------------------------------------------------------------------------------- 1 | upstream hhvm { 2 | server unix:/var/run/hhvm/hhvm.sock; 3 | } 4 | 5 | upstream php { 6 | server unix:/var/run/php5-fpm.sock; 7 | } -------------------------------------------------------------------------------- /roles/nginx/templates/etc/nginx/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 2; 3 | pid /var/run/nginx.pid; 4 | 5 | events { 6 | worker_connections 768; 7 | multi_accept on; 8 | use epoll; 9 | } 10 | 11 | http { 12 | 13 | 14 | # Basic Settings 15 | sendfile on; 16 | tcp_nopush on; 17 | tcp_nodelay on; 18 | keepalive_timeout 20; 19 | client_max_body_size 15m; 20 | client_body_timeout 60; 21 | client_header_timeout 60; 22 | client_body_buffer_size 1K; 23 | client_header_buffer_size 1k; 24 | large_client_header_buffers 4 8k; 25 | send_timeout 60; 26 | reset_timedout_connection on; 27 | types_hash_max_size 2048; 28 | server_tokens off; 29 | 30 | # server_names_hash_bucket_size 64; 31 | # server_name_in_redirect off; 32 | 33 | include /etc/nginx/mime.types; 34 | default_type application/octet-stream; 35 | 36 | ## 37 | # Logging Settings 38 | ## 39 | 40 | access_log /var/log/nginx/access.log; 41 | error_log /var/log/nginx/error.log; 42 | 43 | log_format uagents '$http_user_agent'; 44 | log_format apachestandard '$remote_addr $http_host $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'; 45 | log_format wpengine '$time_local|v1|$remote_addr|$http_host|$status|$body_bytes_sent|$upstream_addr|$upstream_response_time|$request_time|$request'; 46 | log_format wpengine2 '$time_local|vx|$remote_addr|$http_host|$status|$body_bytes_sent|$upstream_addr|$upstream_response_time|$request_time|$request|$args|$http_user_agent|$http_referer|$http_cache_control'; 47 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 48 | '$status $body_bytes_sent "$http_referer" ' 49 | '"$http_user_agent" "$http_x_forwarded_for"'; 50 | 51 | ## 52 | # Gzip Settings 53 | ## 54 | 55 | gzip on; 56 | gzip_static on; 57 | gzip_disable "msie6"; 58 | gzip_vary on; 59 | gzip_proxied any; 60 | gzip_comp_level 6; 61 | gzip_min_length 512; 62 | gzip_buffers 16 8k; 63 | gzip_http_version 1.1; 64 | gzip_types text/css text/javascript text/xml text/plain text/x-component 65 | application/javascript application/x-javascript application/json 66 | application/xml application/rss+xml font/truetype application/x-font-ttf 67 | font/opentype application/vnd.ms-fontobject image/svg+xml; 68 | ## 69 | # nginx-naxsi config 70 | ## 71 | # Uncomment it if you installed nginx-naxsi 72 | ## 73 | 74 | #include /etc/nginx/naxsi_core.rules; 75 | 76 | ## 77 | # nginx-passenger config 78 | ## 79 | # Uncomment it if you installed nginx-passenger 80 | ## 81 | 82 | #passenger_root /usr; 83 | #passenger_ruby /usr/bin/ruby; 84 | 85 | ## 86 | # Virtual Host Configs 87 | ## 88 | 89 | include /etc/nginx/conf.d/*.conf; 90 | include /etc/nginx/sites-enabled/*; 91 | } 92 | -------------------------------------------------------------------------------- /roles/percona/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: mysql restart 4 | service: name=mysql state=restarted 5 | 6 | - name: mysql reload 7 | service: name=mysql state=reloaded 8 | 9 | - name: update-rc mysql 10 | command: update-rc.d mysql defaults 11 | 12 | -------------------------------------------------------------------------------- /roles/percona/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: ensure /etc/mysql 3 | file: path=/etc/mysql state=directory owner=root group=root mode=0755 4 | tags: [ 'percona', 'database' ] 5 | 6 | # - name: ensure /etc/mysql/my.cnf ... 7 | # template: src=etc/mysql/my.cnf dest=/etc/mysql/my.cnf owner=root group=root mode=0644 8 | # notify: 9 | # - mysql restart 10 | 11 | - name: Install Percona GPG key 12 | apt_key: data="{{ lookup('file', '../templates/percona-gpg-key') }}" state=present 13 | tags: [ 'percona', 'database' ] 14 | 15 | - name: Enable Percona repo 16 | apt_repository: repo='deb http://repo.percona.com/apt {{ ansible_lsb.codename }} main' state=present 17 | tags: [ 'percona', 'database' ] 18 | 19 | - name: Install Percona server 20 | apt: name=percona-server-server-5.6 state=present 21 | notify: 22 | - update-rc mysql 23 | - mysql restart 24 | tags: [ 'percona', 'database' ] 25 | 26 | - name: Install Percona client 27 | apt: name=percona-server-client-5.6 state=present 28 | tags: [ 'percona', 'database' ] 29 | 30 | #- name: Ensure Percona is running 31 | # service: name=mysql state=started 32 | -------------------------------------------------------------------------------- /roles/percona/templates/etc/mysql/my.cnf: -------------------------------------------------------------------------------- 1 | [client] 2 | port = 3306 3 | socket = /var/run/mysqld/mysqld.sock 4 | 5 | [mysqld_safe] 6 | socket = /var/run/mysqld/mysqld.sock 7 | nice = 0 8 | 9 | [mysqld] 10 | user = mysql 11 | pid-file = /var/run/mysqld/mysqld.pid 12 | socket = /var/run/mysqld/mysqld.sock 13 | port = 3306 14 | basedir = /usr 15 | datadir = /var/lib/mysql 16 | tmpdir = /tmp 17 | lc-messages-dir = /usr/share/mysql 18 | skip-external-locking 19 | key_buffer = 16M 20 | max_allowed_packet = 16M 21 | thread_stack = 192K 22 | thread_cache_size = 8 23 | myisam-recover = BACKUP 24 | query_cache_limit = 1M 25 | query_cache_size = 16M 26 | log_error = /var/log/mysql/error.log 27 | expire_logs_days = 10 28 | max_binlog_size = 100M 29 | 30 | [mysqldump] 31 | quick 32 | quote-names 33 | max_allowed_packet = 16M 34 | 35 | [mysql] 36 | 37 | [isamchk] 38 | key_buffer = 16M 39 | 40 | !includedir /etc/mysql/conf.d/ 41 | -------------------------------------------------------------------------------- /roles/percona/templates/percona-gpg-key: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | Version: SKS 1.1.4 3 | Comment: Hostname: pgp.mit.edu 4 | 5 | mQGiBEsm3aERBACyB1E9ixebIMRGtmD45c6c/wi2IVIa6O3G1f6cyHH4ump6ejOiAX63hhEs 6 | 4MUCGO7KnON1hpjuNN7MQZtGTJC0iX97X2Mk+IwB1KmBYN9sS/OqhA5Citj2RAkug4PFHR9d 7 | y21v0flj66KjBS3GpuOadpcrZ/k0g7Zi6t7kDWV0hwCgxCa2f/ESC2MN3q3j9hfMTBhhDCsD 8 | /3+iOxtDAUlPMIH50MdK5yqagdj8V/sxaHJ5u/zwYQunRlhB9f9QUFfhfnjRn8wjeYasMARD 9 | ctCde5nbx3Pc+nRIXoB4D1Z1ZxRzR/lb7S4i8KRr9xhommFnDv/egkx+7X1aFp1f2wN2DQ4e 10 | cGF4EAAVHwFz8H4eQgsbLsa67DV3BACj1cBwCf8tckWsvFtQfCP4CiBB50Ku49MU2Nfwq7du 11 | rfIiePF4IIYRDZggkHKSfP3oUZBGJx00BujtTobERraaV7lIRIwETZao76MqGt9K1uIqw4NT 12 | /jAbi9cerFaOmAkaujbcB11HYIyjtkAGq9mXxaVqCC3RPWGr+fqAx/akBLQ2UGVyY29uYSBN 13 | eVNRTCBEZXZlbG9wbWVudCBUZWFtIDxteXNxbC1kZXZAcGVyY29uYS5jb20+iGAEExECACAF 14 | Aksm3aECGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAcTL3NzS79Kpk/AKCQKSEgwX9r 15 | 8jR+6tAnCVpzyUFOQwCfX+fw3OAoYeFZB3eu2oT8OBTiVYu5Ag0ESybdoRAIAKKUV8rbqlB8 16 | qwZdWlmrwQqg3o7OpoAJ53/QOIySDmqy5TmNEPLmlHkwGqEqfbFYoTbOCEEJi2yFLg9UJCSB 17 | M/sfPaqb2jGP7fc0nZBgUBnFuA9USX72O0PzVAF7rCnWaIz76iY+AMI6xKeRy91TxYo/yenF 18 | 1nRSJ+rExwlPcHgI685GNuFGchAExMTgbnoPx1ka1Vqbe6iza+FnJq3f4p9luGbZdSParGdl 19 | KhGqvVUJ3FLeLTqtcaOn5cN2ZsdakE07GzdSktVtdYPT5BNMKgOAxhXKy11IPLj2Z5C33iVY 20 | SXjpTelJb2qHvcg9XDMhmYJyE3O4AWFh2no3Jf4ypIcABA0IAJO8ms9ov6bFqFTqA0UW2gWQ 21 | cKFN4Q6NPV6IW0rV61ONLUc0VFXvYDtwsRbUmUYkB/L/R9fHj4lRUDbGEQrLCoE+/HyYvr2r 22 | xP94PT6Bkjk/aiCCPAKZRj5CFUKRpShfDIiow9qxtqv7yVd514Qqmjb4eEihtcjltGAoS54+ 23 | 6C3lbjrHUQhLwPGqlAh8uZKzfSZq0C06kTxiEqsG6VDDYWy6L7qaMwOqWdQtdekKiCk8w/Fo 24 | ovsMYED2qlWEt0i52G+0CjoRFx2zNsN3v4dWiIhkZSL00Mx+g3NA7pQ1Yo5Vhok034mP8L2f 25 | BLhhWaK3LG63jYvd0HLkUFhNG+xjkpeISQQYEQIACQUCSybdoQIbDAAKCRAcTL3NzS79Klac 26 | AJ0aAkBQapIaHNvmAhtVjLPNwke4ZgCePe3sPPF49lBal7QaYPdjqapa1SSISQQYEQIACQUC 27 | SybdoQIbDAAKCRAcTL3NzS79KlacAJ9H6emL/8dsoquhE9PNnKCIeMTmmQCfXRLIoNjJa20V 28 | EwJDzR7YVdBEiQI= 29 | =K1W3 30 | -----END PGP PUBLIC KEY BLOCK----- 31 | -------------------------------------------------------------------------------- /roles/php-fpm/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: php5-fpm restart 4 | service: name=php5-fpm state=restarted 5 | -------------------------------------------------------------------------------- /roles/php-fpm/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install PHP packages 4 | apt: name={{ item }} state=present 5 | with_items: 6 | - php5 7 | - php5-cli 8 | - php5-gd 9 | - php5-fpm 10 | - php5-xdebug 11 | - phpunit 12 | 13 | # - name: Do fpm/php.ini 14 | # template: src=etc/php5/fpm/php.ini dest=/etc/php5/fpm/php.ini owner=root group=root mode=0644 15 | # notify: php5-fpm restart 16 | -------------------------------------------------------------------------------- /roles/wordpress/meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: 3 | - { role: wp-cli } 4 | - { role: nginx } 5 | -------------------------------------------------------------------------------- /roles/wordpress/tasks/main.yml: -------------------------------------------------------------------------------- 1 | - name: "Provision {{ wp_db_name }} WP Database" 2 | mysql_db: name="{{ wp_db_name }}" state=present 3 | 4 | - name: "Grant {{ wp_db_user }} WP user access to WP DB {{ wp_db_name }}" 5 | mysql_user: name="{{ wp_db_user }}" priv="{{ wp_db_name }}.*:ALL" host="%" password={{ wp_db_password }} state=present 6 | 7 | - name: "Grant {{ wp_db_user }} WP user access to WP DB {{ wp_db_name }}" 8 | mysql_user: name="{{ wp_db_user }}" priv="{{ wp_db_name }}.*:ALL" host="localhost" password={{ wp_db_password }} state=present 9 | 10 | - name: "Set up {{ wp_doc_root }} docroot" 11 | file: path={{ wp_doc_root }} state=directory owner={{ web_user }} group={{ web_group }} 12 | 13 | - name: "Set up {{ enviro }} virtualhost" 14 | template: src=etc/nginx/wordpress.conf dest=/etc/nginx/sites-available/{{ enviro }}.conf 15 | 16 | - name: "Enable {{ enviro }} virtualhost" 17 | file: src=/etc/nginx/sites-available/{{ enviro }}.conf dest=/etc/nginx/sites-enabled/{{ enviro }}.conf state=link 18 | notify: nginx reload 19 | 20 | - name: "Download and install WordPress for {{ enviro }}" 21 | command: /usr/local/bin/wp core download --path={{ wp_doc_root}} 22 | sudo: yes 23 | sudo_user: "{{ web_user }}" 24 | 25 | - name: Fetch random salts for WordPress config 26 | local_action: command curl https://api.wordpress.org/secret-key/1.1/salt/ 27 | register: "wp_salt" 28 | sudo: no 29 | 30 | - name: "Create wp-config for {{ enviro }}" 31 | template: src=wp/wp-config.php dest={{ wp_doc_root }}/wp-config.php owner={{ web_user }} group={{ web_group }} 32 | 33 | - name: "Localconfig for {{ enviro }} WordPress" 34 | template: src=wp/local-config.php dest={{ wp_doc_root }}/local-config.php owner={{ web_user }} group={{ web_group }} 35 | 36 | - name: "Run the WP install for {{ enviro }}" 37 | command: /usr/local/bin/wp core install --url={{ host }} --title="{{ wp_site_name }}" --admin_user={{ wp_admin_user }} --admin_password={{ wp_admin_password }} --admin_email="admin@example.com" 38 | sudo: yes 39 | sudo_user: "{{ web_user }}" 40 | args: 41 | # run_once: true 42 | chdir: "{{ wp_doc_root }}" 43 | -------------------------------------------------------------------------------- /roles/wordpress/templates/etc/nginx/wordpress.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 80; 3 | server_name {{ host }}; 4 | root {{ wp_doc_root }}; 5 | 6 | index index.html index.htm index.php; 7 | 8 | access_log /var/log/nginx/{{ host }}.access.log; 9 | access_log /var/log/nginx/{{ host }}.apachestyle.access.log apachestandard; 10 | error_log /var/log/nginx/{{ host }}.error.log; 11 | 12 | location = /favicon.ico { access_log off; log_not_found off; } 13 | location = /robots.txt { access_log off; log_not_found off; } 14 | location = /apple-touch-icon.png { access_log off; log_not_found off; } 15 | location = /apple-touch-icon-precomposed.png { access_log off; log_not_found off; } 16 | location ~ /\. { deny all; access_log off; log_not_found off; } 17 | 18 | location / { 19 | try_files $uri $uri/ /index.php?q=$uri&$args; 20 | } 21 | location ~ \.php$ { 22 | proxy_intercept_errors on; 23 | error_page 500 501 502 503 = @fallback; 24 | fastcgi_buffers 8 256k; 25 | fastcgi_buffer_size 128k; 26 | fastcgi_intercept_errors on; 27 | include fastcgi_params; 28 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 29 | fastcgi_pass hhvm; 30 | } 31 | location @fallback { 32 | fastcgi_buffers 8 256k; 33 | fastcgi_buffer_size 128k; 34 | include fastcgi_params; 35 | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 36 | fastcgi_pass php; 37 | } 38 | location ~* .(css|js|png|jpg|jpeg|gif|ico)$ { expires 1d; } 39 | } 40 | -------------------------------------------------------------------------------- /roles/wordpress/templates/wp/local-config.php: -------------------------------------------------------------------------------- 1 |