INDIAN2020/lemp-playbook.yml

## lemp-playbook.yml
#────────────────────────────────────────────
# LEMP on Ubuntu 18.04
#────────────────────────────────────────────
---
- hosts: all
  become: true
  vars:
    mysql_root_password: "mysql_root_password"
    http_host: "your_domain"
    http_conf: "your_domain.conf"
    http_port: "80"

  tasks:
    - name: Install Prerequisites
      apt: name={{ item }} update_cache=yes state=latest force_apt_get=yes
      loop: [ 'aptitude' ]

    - name: Install LEMP Packages
      apt: name={{ item }} update_cache=yes state=latest
      loop: [ 'nginx', 'mysql-server', 'python3-pymysql', 'php-fpm', 'php-mysql' ]

    # Nginx Configuration
    - name: Sets Nginx conf file
      copy:
        content: |
          server {
            listen {{ http_port }};
            root /var/www/html;
            index index.php index.html index.htm index.nginx-debian.html;
            server_name {{ http_host }};

            location / {
              try_files $uri $uri/ =404;
            }

            location ~ \.php$ {
              include snippets/fastcgi-php.conf;
              fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
            }

            location ~ /\.ht {
              deny all;
            }
          }
        dest: "/etc/nginx/sites-available/{{ http_conf }}"

    - name: Enables new site
      file:
        src: "/etc/nginx/sites-available/{{ http_conf }}"
        dest: "/etc/nginx/sites-enabled/{{ http_conf }}"
        state: link
      notify: Reload Nginx

    - name: Removes "default" site
      file:
        path: "/etc/nginx/sites-enabled/default"
        state: absent
      notify: Reload Nginx

    # MySQL Configuration
    - name: Sets the root password
      mysql_user:
        name: root
        password: "{{ mysql_root_password }}"
        login_unix_socket: /var/run/mysqld/mysqld.sock

    - name: Removes all anonymous user accounts
      mysql_user:
        name: ''
        host_all: yes
        state: absent
        login_user: root
        login_password: "{{ mysql_root_password }}"

    - name: Removes the MySQL test database
      mysql_db:
        name: test
        state: absent
        login_user: root
        login_password: "{{ mysql_root_password }}"

    # UFW Configuration
    - name: "UFW - Allow HTTP on port {{ http_port }}"
      ufw:
        rule: allow
        port: "{{ http_port }}"
        proto: tcp

    # Sets Up PHP Info Page
    - name: Sets Up PHP Info Page
      copy:
        content: |
          <?php phpinfo(); ?>
        dest: "/var/www/html/info.php"

  handlers:
    - name: Reload Nginx
      service:
        name: nginx
        state: reloaded

    - name: Restart Nginx
      service:
        name: nginx
        state: restarted
	#────────────────────────────────────────────
	# LEMP on Ubuntu 18.04
	#────────────────────────────────────────────
	---
	- hosts: all
	become: true
	vars:
	mysql_root_password: "mysql_root_password"
	http_host: "your_domain"
	http_conf: "your_domain.conf"
	http_port: "80"

	tasks:
	- name: Install Prerequisites
	apt: name={{ item }} update_cache=yes state=latest force_apt_get=yes
	loop: [ 'aptitude' ]

	- name: Install LEMP Packages
	apt: name={{ item }} update_cache=yes state=latest
	loop: [ 'nginx', 'mysql-server', 'python3-pymysql', 'php-fpm', 'php-mysql' ]

	# Nginx Configuration
	- name: Sets Nginx conf file
	copy:
	content: \|
	server {
	listen {{ http_port }};
	root /var/www/html;
	index index.php index.html index.htm index.nginx-debian.html;
	server_name {{ http_host }};

	location / {
	try_files $uri $uri/ =404;
	}

	location ~ \.php$ {
	include snippets/fastcgi-php.conf;
	fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
	}

	location ~ /\.ht {
	deny all;
	}
	}
	dest: "/etc/nginx/sites-available/{{ http_conf }}"

	- name: Enables new site
	file:
	src: "/etc/nginx/sites-available/{{ http_conf }}"
	dest: "/etc/nginx/sites-enabled/{{ http_conf }}"
	state: link
	notify: Reload Nginx

	- name: Removes "default" site
	file:
	path: "/etc/nginx/sites-enabled/default"
	state: absent
	notify: Reload Nginx

	# MySQL Configuration
	- name: Sets the root password
	mysql_user:
	name: root
	password: "{{ mysql_root_password }}"
	login_unix_socket: /var/run/mysqld/mysqld.sock

	- name: Removes all anonymous user accounts
	mysql_user:
	name: ''
	host_all: yes
	state: absent
	login_user: root
	login_password: "{{ mysql_root_password }}"

	- name: Removes the MySQL test database
	mysql_db:
	name: test
	state: absent
	login_user: root
	login_password: "{{ mysql_root_password }}"

	# UFW Configuration
	- name: "UFW - Allow HTTP on port {{ http_port }}"
	ufw:
	rule: allow
	port: "{{ http_port }}"
	proto: tcp

	# Sets Up PHP Info Page
	- name: Sets Up PHP Info Page
	copy:
	content: \|
	<?php phpinfo(); ?>
	dest: "/var/www/html/info.php"

	handlers:
	- name: Reload Nginx
	service:
	name: nginx
	state: reloaded

	- name: Restart Nginx
	service:
	name: nginx
	state: restarted