Newscoop Ansible config

newscoop.yml

---
- hosts: application

  vars:
    domain: rumman.co
    deploy_key_file: ~/.ssh/gitlab-deploy
    www_dir: /var/www/{{ domain }}/newscoop
    virtualhost_conf: "/etc/apache2/sites-available/{{ domain }}.conf"
    apache_log_dir: /var/log/{{ domain }}
    apache_remove_default_vhost: true
    apache_vhosts_filename: false
    apache_mods_enabled:
      - rewrite.load
    apache_state: started
    mysql_root_password: "{{ lookup('env', 'MYSQL_ROOT_PASSWORD') }}"

  pre_tasks:
    - name: add repositories
      become: yes
      apt_repository: repo={{ item }} update_cache=yes
      with_items:
        - "ppa:ondrej/php"

    - name: Install updates
      apt: update_cache=yes upgrade=dist

  roles:
    - geerlingguy.apache
    - geerlingguy.mysql
    - geerlingguy.php
    - geerlingguy.apache-php-fpm
    - geerlingguy.composer

  tasks:
    - name: Install packages
      become: yes
      apt: name={{ item }} state=latest
      with_items:
        - git
        - acl
        - ack-grep
        - php7.0
        - libapache2-mod-php7.0
        - php7.0-intl
        - php7.0-cli
        - php7.0-zip
        - php7.0-xml
        - php7.0-curl
        - php7.0-fpm
        - php7.0-intl
        - php7.0-mbstring
        - php7.0-json
        - php7.0-mcrypt
        - php7.0-sqlite3
        - php7.0-mysql

    - name: Create virtualhost
      become: yes
      template:
        src: "virtualhost.conf"
        dest: "/etc/apache2/sites-available/{{ domain }}.conf"

    - name: Prepare log dir
      become: yes
      file:
        path: "{{ apache_log_dir }}"
        owner: www-data
        group: adm
        mode: 0770
        state: directory

    - name: Enable virtualhost
      become: yes
      file:
        src: "{{ virtualhost_conf }}"
        path: /etc/apache2/sites-enabled/{{ domain }}.conf
        state: link
      notify: restart apache2

    - name: Create deploy user (operator)
      become: yes
      user:
        name: operator
        groups: adm
        state: present
        generate_ssh_key: yes

    - name: Copy private deploy key
      become: yes
      become_user: operator
      copy:
        src: "{{ deploy_key_file }}"
        dest: "~/.ssh/deploy-key"
        owner: operator
        group: adm
        mode: 0600

    - name: Copy public deploy key
      become: yes
      become_user: operator
      copy:
        src: "{{ deploy_key_file }}.pub"
        dest: "~/.ssh/deploy-key.pub"
        owner: operator
        group: adm
        mode: 0644

    - name: Install newscoop
      become: yes
      become_user: operator
      git:
        repo: git@gitlab.com:rumman-co/Newscoop.git
        clone: yes
        dest: "/var/www/{{ domain }}"
        key_file: "~/.ssh/deploy-key"
        accept_hostkey: true
        force: yes

    - name: Install Composer modules
      become: yes
      become_user: operator
      command: composer install chdir={{ www_dir }}

    - name: Fix permissions
      become: yes
      file:
        path: /var/www/{{ domain }}
        owner: www-data
        group: adm
        mode: 0775
        recurse: yes
        state: directory

  handlers:
    - name: restart apache2
      become: yes
      service: name=apache2 state=restarted

virtualhost.conf

<VirtualHost *:80>
    ServerAdmin webmaster@{{ domain }}
    ServerName {{ domain }}
    ServerAlias www.{{ domain }}
    DocumentRoot /var/www/{{ domain }}/newscoop
    DirectoryIndex index.php index.html
    ErrorLog {{ apache_log_dir }}/error.log
    CustomLog {{ apache_log_dir }}/access.log combined
</VirtualHost>