Skip to content

Instantly share code, notes, and snippets.

@INDIAN2020

INDIAN2020/lemp-playbook.yml

Created December 28, 2023 11:17
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save INDIAN2020/f78cac79cba72f554a216f311595de88 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save INDIAN2020/f78cac79cba72f554a216f311595de88 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. INDIAN2020 created this gist Dec 28, 2023.
    105 changes: 105 additions & 0 deletions lemp-playbook.yml
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,105 @@
    #────────────────────────────────────────────
    # LEMP on Ubuntu 18.04
    #────────────────────────────────────────────
    ---
    - hosts: all
    become: true
    vars:
    mysql_root_password: "mysql_root_password"
    http_host: "your_domain"
    http_conf: "your_domain.conf"
    http_port: "80"

    tasks:
    - name: Install Prerequisites
    apt: name={{ item }} update_cache=yes state=latest force_apt_get=yes
    loop: [ 'aptitude' ]

    - name: Install LEMP Packages
    apt: name={{ item }} update_cache=yes state=latest
    loop: [ 'nginx', 'mysql-server', 'python3-pymysql', 'php-fpm', 'php-mysql' ]

    # Nginx Configuration
    - name: Sets Nginx conf file
    copy:
    content: |
    server {
    listen {{ http_port }};
    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;
    server_name {{ http_host }};
    location / {
    try_files $uri $uri/ =404;
    }
    location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
    }
    location ~ /\.ht {
    deny all;
    }
    }
    dest: "/etc/nginx/sites-available/{{ http_conf }}"

    - name: Enables new site
    file:
    src: "/etc/nginx/sites-available/{{ http_conf }}"
    dest: "/etc/nginx/sites-enabled/{{ http_conf }}"
    state: link
    notify: Reload Nginx

    - name: Removes "default" site
    file:
    path: "/etc/nginx/sites-enabled/default"
    state: absent
    notify: Reload Nginx

    # MySQL Configuration
    - name: Sets the root password
    mysql_user:
    name: root
    password: "{{ mysql_root_password }}"
    login_unix_socket: /var/run/mysqld/mysqld.sock

    - name: Removes all anonymous user accounts
    mysql_user:
    name: ''
    host_all: yes
    state: absent
    login_user: root
    login_password: "{{ mysql_root_password }}"

    - name: Removes the MySQL test database
    mysql_db:
    name: test
    state: absent
    login_user: root
    login_password: "{{ mysql_root_password }}"

    # UFW Configuration
    - name: "UFW - Allow HTTP on port {{ http_port }}"
    ufw:
    rule: allow
    port: "{{ http_port }}"
    proto: tcp

    # Sets Up PHP Info Page
    - name: Sets Up PHP Info Page
    copy:
    content: |
    <?php phpinfo(); ?>
    dest: "/var/www/html/info.php"

    handlers:
    - name: Reload Nginx
    service:
    name: nginx
    state: reloaded

    - name: Restart Nginx
    service:
    name: nginx
    state: restarted