From 7fd284d92a185506515919a54bcc4f8bd870445e Mon Sep 17 00:00:00 2001
From: Hassan Raya <hassanraya76@gmail.com>
Date: Tue, 25 Oct 2022 21:52:42 +0200
Subject: [PATCH] TP3
---
TP3/ansible/files/httpd.conf | 14 ++++++++
TP3/ansible/inventory.txt | 2 ++
TP3/ansible/playbook.yml | 11 ++++++
TP3/ansible/roles/apache/tasks/main.yml | 21 ++++++++++++
TP3/ansible/roles/firewall/tasks/main.yml | 12 +++++++
TP3/ansible/roles/mysql/tasks/main.yml | 32 +++++++++++++++++
TP3/ansible/roles/php/tasks/main.yml | 10 ++++++
TP3/ansible/roles/wordpress/tasks/main.yml | 40 ++++++++++++++++++++++
TP3/ansible/vars/default.yml | 13 +++++++
TP3/docker_compose/docker-compose.yml | 31 +++++++++++++++++
10 files changed, 186 insertions(+)
create mode 100644 TP3/ansible/files/httpd.conf
create mode 100644 TP3/ansible/inventory.txt
create mode 100644 TP3/ansible/playbook.yml
create mode 100644 TP3/ansible/roles/apache/tasks/main.yml
create mode 100644 TP3/ansible/roles/firewall/tasks/main.yml
create mode 100644 TP3/ansible/roles/mysql/tasks/main.yml
create mode 100644 TP3/ansible/roles/php/tasks/main.yml
create mode 100644 TP3/ansible/roles/wordpress/tasks/main.yml
create mode 100644 TP3/ansible/vars/default.yml
create mode 100644 TP3/docker_compose/docker-compose.yml
diff --git a/TP3/ansible/files/httpd.conf b/TP3/ansible/files/httpd.conf
new file mode 100644
index 0000000..a0fb368
--- /dev/null
+++ b/TP3/ansible/files/httpd.conf
@@ -0,0 +1,14 @@
+<VirtualHost *:{{ http_port }}>
+ ServerAdmin webmaster@localhost
+ ServerName {{ http_host }}
+ ServerAlias www.{{ http_host }}
+ DocumentRoot /var/www/{{ http_host }}/wordpress
+ ErrorLog /var/log/httpd/error.log
+ CustomLog /var/log/httpd/access.log combined
+
+ <Directory /var/www/{{ http_host }}/wordpress>
+ Options Indexes FollowSymLinks
+ AllowOverride all
+ Require all granted
+ </Directory>
+</VirtualHost>
\ No newline at end of file
diff --git a/TP3/ansible/inventory.txt b/TP3/ansible/inventory.txt
new file mode 100644
index 0000000..001e366
--- /dev/null
+++ b/TP3/ansible/inventory.txt
@@ -0,0 +1,2 @@
+target1
+ansible_host=127.0.0.1
diff --git a/TP3/ansible/playbook.yml b/TP3/ansible/playbook.yml
new file mode 100644
index 0000000..3c9fcd2
--- /dev/null
+++ b/TP3/ansible/playbook.yml
@@ -0,0 +1,11 @@
+- hosts: target1
+ gather_facts: False
+ become: true
+ vars_files:
+ - vars/default.yml
+ roles:
+ - apache
+ - php
+ - mysql
+ - wordpress
+ - firewall
\ No newline at end of file
diff --git a/TP3/ansible/roles/apache/tasks/main.yml b/TP3/ansible/roles/apache/tasks/main.yml
new file mode 100644
index 0000000..b65179b
--- /dev/null
+++ b/TP3/ansible/roles/apache/tasks/main.yml
@@ -0,0 +1,21 @@
+- name: Install HTTP Packages
+ yum: name=httpd update_cache=yes state=latest
+
+- name: Start httpd service
+ systemd: name=httpd state=started enabled=yes
+
+- name: Create Apache Document Root
+ file:
+ path: "/var/www/{{ http_host }}"
+ state: directory
+ owner: "apache"
+ group: "apache"
+ mode: '0755'
+
+- name: Set up Apache VirtualHost
+ template:
+ src: "files/httpd.conf"
+ dest: "/etc/httpd/conf.d/{{ http_conf }}"
+ owner: root
+ group: root
+ mode: u=rw,g=r,o=r
\ No newline at end of file
diff --git a/TP3/ansible/roles/firewall/tasks/main.yml b/TP3/ansible/roles/firewall/tasks/main.yml
new file mode 100644
index 0000000..40d15b9
--- /dev/null
+++ b/TP3/ansible/roles/firewall/tasks/main.yml
@@ -0,0 +1,12 @@
+# Firewall Configuration
+ - name: Disable SELinux Permanently (Reboot Required)
+ selinux: state=disabled
+
+ - name: Disable SELinux Without Reboot
+ command: /sbin/setenforce 0
+
+ - name: Configure Firewall
+ firewalld: zone=public service=http permanent=yes state=enabled
+
+ - name: Reload Firewall
+ systemd: name=firewalld state=reloaded
\ No newline at end of file
diff --git a/TP3/ansible/roles/mysql/tasks/main.yml b/TP3/ansible/roles/mysql/tasks/main.yml
new file mode 100644
index 0000000..508d2be
--- /dev/null
+++ b/TP3/ansible/roles/mysql/tasks/main.yml
@@ -0,0 +1,32 @@
+# MySQL Configuration
+ - name: Install MySQL Packages
+ yum: name={{ item }} update_cache=yes state=latest
+ loop: [ 'mysql-server', 'php-mysqlnd', 'python3-PyMySQL' ]
+
+ - name: Start mysqld service
+ systemd: name=mysqld state=started enabled=yes
+
+ - name: Set MySQL root Password
+ mysql_user:
+ login_host: 'localhost'
+ login_user: 'root'
+ login_password: ''
+ name: 'root'
+ password: '{{ mysql_root_password }}'
+ state: present
+
+ - name: Creates database for WordPress
+ mysql_db:
+ name: "{{ mysql_db }}"
+ state: present
+ login_user: root
+ login_password: "{{ mysql_root_password }}"
+
+ - name: Create MySQL user for WordPress
+ mysql_user:
+ name: "{{ mysql_user }}"
+ password: "{{ mysql_password }}"
+ priv: "{{ mysql_db }}.*:ALL"
+ state: present
+ login_user: root
+ login_password: "{{ mysql_root_password }}"
\ No newline at end of file
diff --git a/TP3/ansible/roles/php/tasks/main.yml b/TP3/ansible/roles/php/tasks/main.yml
new file mode 100644
index 0000000..b23112a
--- /dev/null
+++ b/TP3/ansible/roles/php/tasks/main.yml
@@ -0,0 +1,10 @@
+- name: Install PHP Remi Repository
+ yum: name=http://rpms.remirepo.net/enterprise/remi-release-8.rpm update_cache=yes state=latest
+
+- name: Enable PHP Remi Repository
+ command: dnf module reset php -y
+ command: dnf module enable php:remi-7.4 -y
+
+- name: Install PHP Extensions
+ yum: name={{ item }} update_cache=yes state=latest
+ loop: "{{ php_modules }}"
\ No newline at end of file
diff --git a/TP3/ansible/roles/wordpress/tasks/main.yml b/TP3/ansible/roles/wordpress/tasks/main.yml
new file mode 100644
index 0000000..87f6acc
--- /dev/null
+++ b/TP3/ansible/roles/wordpress/tasks/main.yml
@@ -0,0 +1,40 @@
+# WordPress Configuration
+
+ - name: Download and unpack latest WordPress
+ unarchive:
+ src: https://wordpress.org/latest.tar.gz
+ dest: "/var/www/{{ http_host }}"
+ remote_src: yes
+ creates: "/var/www/{{ http_host }}/wordpress"
+
+ - name: Set ownership
+ file:
+ path: "/var/www/{{ http_host }}"
+ state: directory
+ recurse: yes
+ owner: apache
+ group: apache
+
+ - name: Set permissions for directories
+ shell: "/usr/bin/find /var/www/{{ http_host }}/wordpress/ -type d -exec chmod 750 {} \\;"
+
+ - name: Set permissions for files
+ shell: "/usr/bin/find /var/www/{{ http_host }}/wordpress/ -type f -exec chmod 640 {} \\;"
+
+ - name: Copy sample config file
+ command: mv /var/www/{{ http_host }}/wordpress/wp-config-sample.php /var/www/{{ http_host }}/wordpress/wp-config.php creates=/var/www/{{ http_host }}/wordpress/wp-config.php
+ become: yes
+
+ - name: Update WordPress config file
+ lineinfile:
+ path: "/var/www/{{ http_host }}/wordpress/wp-config.php"
+ regexp: "{{item.regexp}}"
+ line: "{{item.line}}"
+ with_items:
+ - {'regexp': "define\\( 'DB_NAME', '(.)+' \\);", 'line': "define( 'DB_NAME', '{{mysql_db}}' );"}
+ - {'regexp': "define\\( 'DB_USER', '(.)+' \\);", 'line': "define( 'DB_USER', '{{mysql_user}}' );"}
+ - {'regexp': "define\\( 'DB_PASSWORD', '(.)+' \\);", 'line': "define( 'DB_PASSWORD', '{{mysql_password}}' );"}
+
+ - name: Restart httpd service
+ systemd: name=httpd state=restarted
+ become: yes
\ No newline at end of file
diff --git a/TP3/ansible/vars/default.yml b/TP3/ansible/vars/default.yml
new file mode 100644
index 0000000..2ad2560
--- /dev/null
+++ b/TP3/ansible/vars/default.yml
@@ -0,0 +1,13 @@
+#PHP Settings
+php_modules: [ 'php', 'php-curl', 'php-gd', 'php-mbstring', 'php-xml', 'php-xmlrpc', 'php-soap', 'php-intl', 'php-zip' ]
+
+#MySQL Settings
+mysql_root_password: "somewordpress"
+mysql_db: "wordpress"
+mysql_user: "wordpress"
+mysql_password: "wordpress"
+
+#HTTP Settings
+http_host: "wp.example.com"
+http_conf: "wp.example.com.conf"
+http_port: "80"
\ No newline at end of file
diff --git a/TP3/docker_compose/docker-compose.yml b/TP3/docker_compose/docker-compose.yml
new file mode 100644
index 0000000..f67dc72
--- /dev/null
+++ b/TP3/docker_compose/docker-compose.yml
@@ -0,0 +1,31 @@
+version: "3.9"
+
+services:
+ db:
+ image: mysql:5.7
+ volumes:
+ - db_data:/var/lib/mysql
+ restart: always
+ environment:
+ MYSQL_ROOT_PASSWORD: somewordpress
+ MYSQL_DATABASE: wordpress
+ MYSQL_USER: wordpress
+ MYSQL_PASSWORD: wordpress
+
+ wordpress:
+ depends_on:
+ - db
+ image: wordpress:latest
+ volumes:
+ - wordpress_data:/var/www/html
+ ports:
+ - "8000:80"
+ restart: always
+ environment:
+ WORDPRESS_DB_HOST: db
+ WORDPRESS_DB_USER: wordpress
+ WORDPRESS_DB_PASSWORD: wordpress
+ WORDPRESS_DB_NAME: wordpress
+volumes:
+ db_data: {}
+ wordpress_data: {}
--
GitLab