Skip to content

C
configuration
Commit a92c7bf3 by Joe Blaylock
Options

Merge pull request #473 from edx/jbau/phpmyadmin 

PHP / PHPMYADMIN role
parents d48c77b1 5218e2de
Showing with 233 additions and 0 deletions
playbooks/edx-west/carnegie-prod-app.yml
......@@ -21,11 +21,13 @@
- "{{ secure_dir }}/vars/datadog_carn.yml"
roles:
- common
- php
- role: nginx
nginx_sites:
- lms
- cms
- lms-preview
- phpmyadmin
nginx_template_directory: "{{local_dir}}/nginx/templates/carnegie/"
- {'role': 'edxapp', 'openid_workaround': true}
- datadog
......
playbooks/edx-west/carnegie-prod-phpmyadmin.yml 0 → 100644
- hosts: ~tag_Name_app(10|20)_carn
#- hosts: ~tag_Name_app20_carn
sudo: True
vars:
secure_dir: '../../../configuration-secure/ansible'
# this indicates the path to site-specific (with precedence)
# things like nginx template files
#local_dir: '../../../edx-secret/ansible/local'
local_dir: "{{secure_dir}}/local"
# this toggles http basic auth on and off. false in production
not_prod: false
vars_files:
- "{{ secure_dir }}/vars/edxapp_carnegie_vars.yml"
- "{{ secure_dir }}/vars/users.yml"
- "{{ secure_dir }}/vars/edxapp_prod_users.yml"
- "{{ secure_dir }}/vars/datadog_prod.yml"
roles:
- php
- role: nginx
nginx_sites:
- phpmyadmin
playbooks/roles/nginx/templates/phpmyadmin.j2 0 → 100644
upstream php {
server {{ FPM_LISTENER }};
}
server {
listen {{ PHP_SERVER_PORT }} default; ## listen for ipv4; this line is default and implied
listen [::]:{{ PHP_SERVER_PORT }} default ipv6only=on; ## listen for ipv6
charset utf-8;
access_log {{log_base_dir}}/nginx/phpmyadmin_access.log;
error_log {{log_base_dir}}/nginx/phpmyadmin_error.log;
root {{ PHP_WEB_ROOT }};
index index.php index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then trigger 404
try_files $uri $uri/ =404;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
fastcgi_pass php;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME {{ PHP_WEB_ROOT }}$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT {{ PHP_WEB_ROOT }};
# send bad requests to 404
fastcgi_intercept_errors on;
include fastcgi_params;
}
}
\ No newline at end of file
playbooks/roles/php/defaults/main.yml 0 → 100644
PHP_SERVER_PORT: 8088
PHP_WEB_ROOT: '/opt/php-www'
FPM_LISTENER: "127.0.0.1:19010"
INSTALL_PHPMYADMIN: true
MYSQL_SERVER_HOST: '127.0.0.1'
MYSQL_SERVER_PORT: 3307
MYSQL_SERVER_USER: 'root' # used only to create the PHPMYADMIN_CONTROL_USER
MYSQL_SERVER_PASS: '' # used only to create the PHPMYADMIN_CONTROL_USER
PHPMYADMIN_DBS_SHOWN:
- 'edxapp'
PHPMYADMIN_REL_PATH: 'pma'
PHPMYADMIN_SERVER: 'http://127.0.0.1:9010'
PHPMYADMIN_BLOWFISH_SECRET: '1234567890' # please change me
PHPMYADMIN_CONTROLUSER: 'pma'
PHPMYADMIN_CONTROLPASS: ''
PHPMYADIN_PMADB: 'phpmyadmin'
phpmyadmin_abs_url: '{{ PHPMYADMIN_SERVER }}/{{ PHPMYADMIN_REL_PATH }}'
playbooks/roles/php/handlers/main.yml 0 → 100644
---
- name: restart php5-fpm
service: name=php5-fpm state=restarted
playbooks/roles/php/tasks/main.yml 0 → 100644
# installs PHP running on php5-fpm and nginx
---
- name: install php5 apt packages
apt: pkg=php5-cli,php5-fpm state=present
tags:
- php
- name: change php5-fpm listen
lineinfile: dest=/etc/php5/fpm/pool.d/www.conf regexp="^listen=.*$" line="listen={{ FPM_LISTENER }}" state=present
notify: restart php5-fpm
tags:
- php
- name: create php web root dir
file: path={{ PHP_WEB_ROOT }} state=directory owner=www-data group=www-data mode=0750
tags:
- php
- include: phpmyadmin.yml
when: INSTALL_PHPMYADMIN
\ No newline at end of file
playbooks/roles/php/tasks/phpmyadmin.yml 0 → 100644
# Installs PHPMYADMIN
---
- name: installs phpmyadmin (and python-mysqldb for later ansible tasks)
apt: pkg=phpmyadmin,python-mysqldb state=present
tags:
- php
- phpmyadmin
- name: delete setup directories
file: path=/usr/share/phpmyadmin/{{ item }} state=absent
with_items:
- setup
- config
tags:
- php
- phpmyadmin
- name: link phpmyadmin
file: state=link src=/usr/share/phpmyadmin dest={{ PHP_WEB_ROOT }}/{{ PHPMYADMIN_REL_PATH }} owner=www-data group=www-data mode=0750
tags:
- php
- phpmyadmin
- name: set correct perms in phpmyadmin install
file: path=/usr/share/phpmyadmin state=directory recurse=true owner=www-data group=www-data mode=0750
tags:
- php
- phpmyadmin
- name: configure phpmyadmin
template: src=config.inc.php.j2 dest=/etc/phpmyadmin/config.inc.php owner=root group=www-data mode=0640
tags:
- php
- phpmyadmin
- name: create phpmyadmin mysql conf user
mysql_user: >
login_host={{ MYSQL_SERVER_HOST }}
login_user={{ MYSQL_SERVER_USER }} login_password={{ MYSQL_SERVER_PASS }}
name={{ PHPMYADMIN_CONTROLUSER }} password={{ PHPMYADMIN_CONTROLPASS }}
state=present
tags:
- php
- phpmyadmin
- name: unzip db creation script that creates phpmyadmin db (so we can manipulate it)
command: gunzip /usr/share/doc/phpmyadmin/examples/create_tables.sql.gz
ignore_errors: true
tags:
- php
- phpmyadmin
- name: write desired phpmyadmin db to script
lineinfile: >
dest=/usr/share/doc/phpmyadmin/examples/create_tables.sql
regexp="^CREATE DATABASE IF NOT EXISTS.*$"
line="CREATE DATABASE IF NOT EXISTS `{{ PHPMYADIN_PMADB }}`"
tags:
- php
- phpmyadmin
- name: use desired phpmyadmin db in script
lineinfile: >
dest=/usr/share/doc/phpmyadmin/examples/create_tables.sql
regexp="^USE.*$"
line="USE `{{ PHPMYADIN_PMADB }}`;"
tags:
- php
- phpmyadmin
- name: run db creation script (creates phpmyadmin db)
shell: "mysql -h {{ MYSQL_SERVER_HOST }} -P {{ MYSQL_SERVER_PORT }} -u{{ MYSQL_SERVER_USER }} -p{{ MYSQL_SERVER_PASS }} < /usr/share/doc/phpmyadmin/examples/create_tables.sql"
tags:
- php
- phpmyadmin
- name: grant all on phpmyadin database to control user
mysql_user: >
login_host={{ MYSQL_SERVER_HOST }}
login_user={{ MYSQL_SERVER_USER }} login_password={{ MYSQL_SERVER_PASS }}
name={{ PHPMYADMIN_CONTROLUSER }}
priv={{ PHPMYADIN_PMADB }}.*:ALL
tags:
- php
- phpmyadmin
playbooks/roles/php/templates/config.inc.php.j2 0 → 100644
<?php
/* Servers configuration */
$i = 0;
/* Server: RDS [1] */
$i++;
$cfg['Servers'][$i]['host'] = '{{ MYSQL_SERVER_HOST }}';
$cfg['Servers'][$i]['port'] = '{{ MYSQL_SERVER_PORT }}';
$cfg['Servers'][$i]['socket'] = '';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['extension'] = 'mysqli';
$cfg['Servers'][$i]['compress'] = true;
$cfg['Servers'][$i]['auth_type'] = 'cookie';
$cfg['Servers'][$i]['user'] = '';
$cfg['Servers'][$i]['password'] = '';
$cfg['Servers'][$i]['only_db'] = array({% for db in PHPMYADMIN_DBS_SHOWN %}"{{ db }}",{% endfor %});
$cfg['Servers'][$i]['controluser'] = '{{ PHPMYADMIN_CONTROLUSER }}';
$cfg['Servers'][$i]['controlpass'] = '{{ PHPMYADMIN_CONTROLPASS }}';
$cfg['Servers'][$i]['pmadb'] = '{{ PHPMYADIN_PMADB }}';
$cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
$cfg['Servers'][$i]['history'] = 'pma_history';
/* End of servers configuration */
$cfg['blowfish_secret'] = '{{ PHPMYADMIN_BLOWFISH_SECRET }}';
$cfg['DefaultLang'] = 'en';
$cfg['ServerDefault'] = 1;
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
$cfg['PmaAbsoluteUri']='{{ phpmyadmin_abs_url }}';
?>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment