---
- name: moodle installation & configuration
hosts: moodle
become: true
vars:
- dns_hostname: moodle
- dns_domain: krolaki.eu
- mariadb_database_password: strongPassword
tasks:
- name: ssl certificate to the target server copy
ansible.builtin.copy:
src: "/etc/pki/tls/certs/{{ dns_hostname }}-{{ dns_domain }}.crt"
dest: "/etc/pki/tls/certs/{{ dns_hostname }}-{{ dns_domain }}.crt"
owner: root
group: root
mode: "0644"
- name: ssl key to the target server copy
ansible.builtin.copy:
src: "/etc/pki/tls/private/{{ dns_hostname }}-{{ dns_domain }}.key"
dest: "/etc/pki/tls/private/{{ dns_hostname }}-{{ dns_domain }}.key"
owner: root
group: root
mode: "0644"
- name: web directory create
ansible.builtin.file:
path: /var/www/html/{{ dns_hostname }}
state: directory
owner: apache
group: apache
mode: '0755'
- name: vhost configuration
ansible.builtin.template:
src: /etc/ansible/templates/httpd/sites-available/template.conf.j2
dest: /etc/httpd/sites-available/{{ dns_hostname }}.conf
- name: vhost enable
ansible.builtin.file:
src: /etc/httpd/sites-available/{{ dns_hostname }}.conf
dest: /etc/httpd/sites-enabled/{{ dns_hostname }}.conf
owner: root
group: root
state: link
- name: moodle directory copy
ansible.builtin.unarchive:
src: "https://download.moodle.org/download.php/direct/stable403/moodle-latest-403.zip"
dest: /var/www/html/
remote_src: yes
owner: apache
group: apache
mode: "755"
- name: moodle files copy
ansible.builtin.copy:
src: /var/www/html/moodle/
dest: /var/www/html/{{ dns_hostname }}
remote_src: yes
owner: apache
group: apache
mode: "755"
- name: moodledata directory create
ansible.builtin.file:
path: /var/www/html/moodledata
state: directory
owner: apache
group: apache
mode: "755"
- name: moodledata/lang directory create
ansible.builtin.file:
path: /var/www/html/moodledata/lang
state: directory
owner: apache
group: apache
mode: "755"
- name: configuration file copy
ansible.builtin.template:
src: /etc/ansible/templates/moodle/config.php.j2
dest: /var/www/html/{{ dns_hostname }}/config.php
owner: apache
group: apache
mode: '440'
- name: httpd_sys_rw_content_t moodle dir selinux context set
community.general.sefcontext:
target: '/var/www/html/moodle(/.*)?'
setype: httpd_sys_rw_content_t
state: present
- name: httpd_sys_rw_content_t moodledata dir selinux context set
community.general.sefcontext:
target: '/var/www/html/moodledata(/.*)?'
setype: httpd_sys_rw_content_t
state: present
- name: httpd_sys_rw_content_t moodledata/lang dir selinux context set
community.general.sefcontext:
target: '/var/www/html/moodledata/lang(/.*)?'
setype: httpd_sys_rw_content_t
state: present
- name: httpd_sys_rw_content_t moodle dir selinux context set
community.general.sefcontext:
target: '/var/www/html/moodle(/.*)?'
setype: httpd_sys_rw_content_t
state: present
- name: selinux file context set
command: restorecon -Rv /var/www/html/moodle
- name: selinux file context set
command: restorecon -Rv /var/www/html/moodledata
- name: selinux file context set
command: restorecon -Rv /var/www/html/moodledata/lang
- name: selinux load module
ansible.builtin.shell: "{{ item }}"
loop:
- ausearch -c 'php-fpm' --raw | audit2allow -M my-phpfpm
- semodule -X 300 -i my-phpfpm.pp
- name: httpd_can_network_connect flag set
ansible.posix.seboolean:
name: httpd_can_network_connect
state: true
persistent: true
- name: moodle database create
community.mysql.mysql_db:
login_host: "localhost"
login_user: "root"
login_password: "{{ mariadb_root_password }}"
name: "{{ dns_hostname }}"
state: present
- name: moodle database user create
community.mysql.mysql_user:
login_host: "localhost"
login_user: "root"
login_password: "{{ mariadb_root_password }}"
name: "{{ dns_hostname }}"
password: "{{ mariadb_database_password }}"
priv: "{{ dns_hostname }}.*:ALL"
state: present
- name: httpd service restart
ansible.builtin.systemd:
name: httpd
state: restarted
...