ansible – moodle playbook

Posted on by was 
---
- name: moodle installation & configuration
  hosts: moodle
  become: true

  vars:
  - dns_hostname: moodle
  - dns_domain: krolaki.eu
  - mariadb_database_password: strongPassword

  tasks:
  - name: ssl certificate to the target server copy
    ansible.builtin.copy:
      src: "/etc/pki/tls/certs/{{ dns_hostname }}-{{ dns_domain }}.crt"
      dest: "/etc/pki/tls/certs/{{ dns_hostname }}-{{ dns_domain }}.crt"
      owner: root
      group: root
      mode: "0644"
  - name: ssl key to the target server copy
    ansible.builtin.copy:
      src: "/etc/pki/tls/private/{{ dns_hostname }}-{{ dns_domain }}.key"
      dest: "/etc/pki/tls/private/{{ dns_hostname }}-{{ dns_domain }}.key"
      owner: root
      group: root
      mode: "0644"
  - name: web directory create
    ansible.builtin.file:
      path: /var/www/html/{{ dns_hostname }}
      state: directory
      owner: apache
      group: apache
      mode: '0755'
  - name: vhost configuration
    ansible.builtin.template:
      src: /etc/ansible/templates/httpd/sites-available/template.conf.j2
      dest: /etc/httpd/sites-available/{{ dns_hostname }}.conf
  - name: vhost enable
    ansible.builtin.file:
      src: /etc/httpd/sites-available/{{ dns_hostname }}.conf
      dest: /etc/httpd/sites-enabled/{{ dns_hostname }}.conf
      owner: root
      group: root
      state: link

  - name: moodle directory copy
    ansible.builtin.unarchive:
      src: "https://download.moodle.org/download.php/direct/stable403/moodle-latest-403.zip"
      dest: /var/www/html/
      remote_src: yes
      owner: apache
      group: apache
      mode: "755"
  - name: moodle files copy
    ansible.builtin.copy:
      src: /var/www/html/moodle/
      dest: /var/www/html/{{ dns_hostname }}
      remote_src: yes
      owner: apache
      group: apache
      mode: "755"
  - name: moodledata directory create
    ansible.builtin.file:
      path: /var/www/html/moodledata
      state: directory
      owner: apache
      group: apache
      mode: "755"
  - name: moodledata/lang directory create
    ansible.builtin.file:
      path: /var/www/html/moodledata/lang
      state: directory
      owner: apache
      group: apache
      mode: "755"
  - name: configuration file copy
    ansible.builtin.template:
      src: /etc/ansible/templates/moodle/config.php.j2
      dest: /var/www/html/{{ dns_hostname }}/config.php
      owner: apache
      group: apache
      mode: '440'
  - name: httpd_sys_rw_content_t moodle dir selinux context set
    community.general.sefcontext:
      target: '/var/www/html/moodle(/.*)?'
      setype: httpd_sys_rw_content_t
      state: present
  - name: httpd_sys_rw_content_t moodledata dir selinux context set
    community.general.sefcontext:
      target: '/var/www/html/moodledata(/.*)?'
      setype: httpd_sys_rw_content_t
      state: present
  - name: httpd_sys_rw_content_t moodledata/lang dir selinux context set
    community.general.sefcontext:
      target: '/var/www/html/moodledata/lang(/.*)?'
      setype: httpd_sys_rw_content_t
      state: present
  - name: httpd_sys_rw_content_t moodle dir selinux context set
    community.general.sefcontext:
      target: '/var/www/html/moodle(/.*)?'
      setype: httpd_sys_rw_content_t
      state: present
  - name: selinux file context set
    command: restorecon -Rv /var/www/html/moodle
  - name: selinux file context set
    command: restorecon -Rv /var/www/html/moodledata
  - name: selinux file context set
    command: restorecon -Rv /var/www/html/moodledata/lang
  - name: selinux load module
    ansible.builtin.shell: "{{ item }}"
    loop:
      - ausearch -c 'php-fpm' --raw | audit2allow -M my-phpfpm
      - semodule -X 300 -i my-phpfpm.pp
  - name: httpd_can_network_connect flag set
    ansible.posix.seboolean:
      name: httpd_can_network_connect
      state: true
      persistent: true
  - name: moodle database create
    community.mysql.mysql_db:
      login_host: "localhost"
      login_user: "root"
      login_password: "{{ mariadb_root_password }}"    
      name: "{{ dns_hostname }}"
      state: present
  - name: moodle database user create
    community.mysql.mysql_user:
      login_host: "localhost"
      login_user: "root"
      login_password: "{{ mariadb_root_password }}"
      name: "{{ dns_hostname }}"
      password: "{{ mariadb_database_password }}"
      priv: "{{ dns_hostname }}.*:ALL"
      state: present
  - name: httpd service restart
    ansible.builtin.systemd:
      name: httpd
      state: restarted
...

Leave a Reply

Your email address will not be published. Required fields are marked *