一键部署脚本
# 0.基础优化
# - 开启防火墙
# - 关闭selinux
# - 创建www用户
# - 开启80 443 873 nfs端口
- hosts: all
tasks:
- name: Start FireWall
service:
name: firewalld
state: started
- name: Stop SeLinux
selinux:
state: disabled
- name: Create www Group
group:
name: www
gid: 666
state: present
- name: Create www User
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: Open http Port
firewalld:
service: http
state: enabled
permanent: no
- name: Open https Port
firewalld:
service: https
state: enabled
permanent: no
- name: Open rsync Port
firewalld:
port: 873/tcp
state: enabled
permanent: no
- name: Open nfs Port
firewalld:
service: nfs
state: enabled
permanent: no
# 0.1安装rsync
- hosts: install_rsync
tasks:
- name: Install Rsync Server
yum:
name: rsync
state: present
# 0.2配置rsync
- hosts: backup
tasks:
- name: Configure Rsync Conf
copy:
src: /root/ansible/rsync/rsyncd.conf
dest: /etc/rsyncd.conf
owner: root
group: root
mode: 0644
# 0.3创建备份目录
- name: Create Backup Dir
file:
path: /backup
owner: www
group: www
mode: 0755
state: directory
# 0.4创建密码文件
- name: Create PASS File
copy:
content: zls:123
dest: /etc/rsync.pass
owner: root
group: root
mode: 0600
# 0.5启动rsync服务
- name: Start Rsync Server
service:
name: rsyncd
state: started
enabled: true
# 0.6安装nfs
- hosts: install_nfs
tasks:
- name: Install NFS Server
yum:
name: nfs-utils
state: present
# 0.7配置nfs配置文件
- hosts: nfs
tasks:
- name: Configure NFS Conf
copy:
content: /web_data 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
dest: /etc/exports
owner: root
group: root
mode: 0644
# 0.8创建共享目录
- name: Create Share Dir
file:
path: /web_data
owner: www
group: www
mode: 0755
state: directory
# 0.9启动NFS服务
- name: Start NFS Server
service:
name: nfs-server
state: started
enabled: true
# 0.91推送备份脚本到nfs服务器
- name: Push NFS Backup Shell
copy:
src: /root/ansible/nfs/backup.sh
dest: /root/backup.sh
owner: root
group: root
mode: 0755
# 0.99添加定时任务
- name: Create Crond
cron:
name: NFS Backup Rsync
job: '/bin/sh /root/backup.sh &>/dev/null'
# 1.web01和web02安装nginx
- hosts: web_group
tasks:
- name: Install Nginx Server
yum:
name: nginx
state: present
# 2.web01和web02配置nginx
- name: Configure Nginx Conf
copy:
src: /root/ansible/nginx/nginx.conf
dest: /etc/nginx/nginx.conf
owner: root
group: root
mode: 0644
# 3.web01和web02配置虚拟主机
- name: Configure Nginx Server
copy:
src: /root/ansible/nginx/www.zls.com.conf
dest: /etc/nginx/conf.d/www.zls.com.conf
owner: root
group: root
mode: 0644
# 4.创建web01和web02的站点目录
- name: Create HTML Directory
file:
path: /code
owner: www
group: www
mode: 0755
state: directory
# 5.web01和web02启动nginx
- name: Start Nginx Server
service:
name: nginx
state: started
enabled: true
# 6.创建一个用户上传图片目录
- name: Create Upload Dir
file:
path: /opt/upload
owner: www
group: www
mode: 0755
state: directory
# 7.挂载nfs共享目录
- name: Mount NFS Share Dir
mount:
path: /opt/upload
src: 172.16.1.31:/web_data
fstype: nfs
state: mounted
# 8.创建默认页面
- hosts: web01
tasks:
- name: Create web01 index.html
copy:
content: zls_web01_page
dest: /code/index.html
owner: www
group: www
mode: 0644
- hosts: web02
tasks:
- name: Create web02 index.html
copy:
content: zls_web02_page
dest: /code/index.html
owner: www
group: www
mode: 0644
环境
| 主机名 |
wanIP |
lanIP |
角色 |
| web01 |
10.0.0.7 |
172.16.1.7 |
nginx,php |
| web02 |
10.0.0.8 |
172.16.1.8 |
nginx,php |
| nfs |
10.0.0.31 |
172.16.1.31 |
nfs-utils,rsync |
| backup |
10.0.0.41 |
172.16.1.41 |
rsync |
| db01 |
10.0.0.51 |
172.16.1.51 |
mariadb |
| m01 |
10.0.0.61 |
172.16.1.61 |
ansible |
1.创建免密连接
vim ssh.sh
#!/bin/bash
if [ ! -d "/root/.ssh" ];then
install=`yum install -y sshpass`
pass='0000'
ip='172.16.1.'
ssh-keygen -t rsa -P "" -f /root/.ssh/id_rsa
for i in 7 8 9 31 41 51 ;
do
sshpass -p $pass ssh-copy-id -i /root/.ssh/id_rsa.pub -o stricthostkeychecking=no root@${ip}${i}
done
fi
sh ssh.sh
2.安装ansible
yum install -y ansible
3.配置主机清单
vim /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[nfs_group]
nfs ansible_ssh_host=10.0.0.31
[backup_group]
backup ansible_ssh_host=10.0.0.41
[db_group]
db01 ansible_ssh_host=10.0.0.51
4.写剧本
vim /root/playbook/artist.yml
# 基础优化
- hosts: all
tasks:
- name: Start FireWall
service:
name: firewalld
state: started
- name: Stop SeLinux
selinux:
state: disabled
- name: Create www Group
group:
name: www
gid: 666
state: present
- name: Create www User
user:
name: www
uid: 666
group: www
shell: /sbin/nologin
create_home: false
- name: Open Port
firewalld:
service: "{{ item }}"
state: enabled
permanent: no
with_items:
- 'http'
- 'https'
when: ansible_fqdn is match 'web*'
- name: Open Port
firewalld:
service: "{{ item }}"
state: enabled
permanent: no
with_items:
- 'nfs'
when: ansible_fqdn == 'nfs'
- name: Open Port
firewalld:
port: "{{ item }}"
state: enabled
permanent: no
with_items:
- '873/tcp'
when: ansible_fqdn == 'backup' or ansible_fqdn == 'nfs'
- name: Open Port
firewalld:
port: "{{ item }}"
state: enabled
permanent: no
with_items:
- '3306/tcp'
when: ansible_fqdn == 'db01'
# 备份服务器
- name: Install Rsync Server
script: /root/sh/rsync.sh
when: ansible_fqdn == 'backup'
# 文件共享服务器
- name: Install Sersync Server
script: /root/sh/sersync.sh
when: ansible_fqdn == 'nfs'
# 数据库服务器
- hosts: db01
tasks:
- name: Install MariaDB Server
yum:
name:
- mariadb-server
- MySQL-python
state: present
- name: Start MariaDB Server
service:
name: mariadb
state: started
enabled: true
- name: Create WordPress User
mysql_user:
#login_user: 'root'
#login_password: '123'
#login_host: 'localhost'
name: php_user
password: '111'
host: '%'
priv: '*.*:ALL'
state: present
- name: Push SQL File to DB
copy:
src: /root/wp.sql
dest: /tmp/
- name: Import WordPress Data
mysql_db:
#login_user: 'root'
#login_password: '123'
#login_host: 'localhost'
state: import
name: all
target: /tmp/wp.sql
# web服务器
- hosts: web_group
tasks:
- name: Create Nginx Repo
yum_repository:
name: nginx-stable
description: nginx
baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck: no
enabled: yes
- name: Install Nginx Server
yum:
name: nginx
state: present
- name: Create HTML Directory
file:
path: /code
owner: www
group: www
mode: 0755
state: directory
- name: Configure files
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "/root/conf/php.ini", dest: "/etc/" }
- { src: "/root/conf/www.conf", dest: "/etc/php-fpm.d/" }
- { src: "/root/conf/wp.conf", dest: "/etc/nginx/conf.d/" }
- name: Create Php
unarchive:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "/root/php.tar.gz", dest: "/opt/" }
- { src: "/root/wp.tar.gz", dest: "/code" }
- name: Install Php
shell: yum localinstall -y /opt/*rpm
- name: Mount NFS Share Dir
mount:
path: /code/wordpress/wp-content/uploads/
src: 172.16.1.31:/code/wp
fstype: nfs
state: mounted
- name: Start Nginx Server
service:
name: "{{ item }}"
state: started
enabled: true
with_items:
- 'nginx'
- 'php-fpm'
5.前期准备
# vim /root/sh/rsync.sh
#!/bin/bash
install=`yum install -y rsync`
cat >/etc/rsyncd.conf<<'EOF'
#!/bin/bash
uid = rsync
gid = rsync
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = kang_bak
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
[backup]
comment = welcome to oldboyedu backup!
path = /backup
EOF
useradd rsync -s /sbin/nologin -M
mkdir /backup
chown rsync.rsync /backup/ -R
echo 'kang_bak:123' > /etc/rsync.passwd
chmod 600 /etc/rsync.passwd
systemctl start rsyncd
systemctl enable rsyncd
# vim /root/sh/sersync.sh
#!/bin/bash
install=`yum install -y rsync nfs-utils inotify-tools`
echo "/code/wp 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)" >> /etc/exports
echo "/code/zh 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)" >> /etc/exports
groupadd www -g 666
useradd www -u 666 -g 666 -s /sbin/nologin -M
mkdir -p /code/{wp,zh}
chown www.www /code/
systemctl start rpcbind nfs-server
systemctl enable rpcbind nfs-server
download=`wget http://test.driverzeng.com/other/sersync2.5.4_64bit_binary_stable_final.tar.gz`
tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
mv GNU-Linux-x86 /usr/local/sersync
cat >/usr/local/sersync/confxml.xml<<'EOF'
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="false"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<sersync>
<!-- 客户端需要监控的目录 -->
<localpath watch="/code">
<!-- rsync服务端的IP 和 name:模块 -->
<remote ip="10.0.0.41" name="backup"/>
<!--<remote ip="192.168.8.39" name="tongbu"/>-->
<!--<remote ip="192.168.8.40" name="tongbu"/>-->
</localpath>
<rsync>
<!-- rsync命令执行的参数 -->
<commonParams params="-az"/>
<!-- rsync认证start="true" users="rsync指定的匿名用户" passwordfile="指定一个密码文件的位置权限必须600" -->
<auth start="true" users="kang_bak" passwordfile="/etc/rsync.passwd"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
EOF
echo '123' > /etc/rsync.passwd
chmod 600 /etc/rsync.passwd
/usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml
# vim /root/conf/wp.conf
server {
listen 80;
server_name wp.com;
root /code/wp;
index index.php index.html;
location ~ \.php$ {
root /code/wp;
fastcgi_pass localhost:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
# 以及配置好的:
1.wp压缩包
2.php.ini
3.www.conf
4.php.tar.gz
5.wp.sql
环境准备
| 主机名称 |
应用环境 |
外网地址 |
内网地址 |
| backup |
rsync服务端+nfs服务端 |
10.0.0.41 |
172.16.1.41 |
| nfs01 |
nfs服务端+rsync客户端 |
10.0.0.31 |
172.16.1.31 |
| web01 |
nginx+php+nfs客户端 |
10.0.0.7 |
172.16.1.7 |
| db01 |
mysql |
10.0.0.51 |
172.16.1.51 |
需求分析
1.同一用户www
2.db01
安装数据库
启动+自启
#给root用户创建密码(db01完成)
#创建wordpress库(db01完成)
#创建数据库用户(db01完成)
3.backup
安装rsync
传输rsync配置文件
创建备份目录
传输用户密码文件
启动rsync
4.nfs01
安装rsync,nfs-utils
传输nfs配置文件
创建共享目录
安装sersync
改名
#需要优化
传输sersync配置文件
创建rsync客户端密码文件
启动nfs
启动Sersync
5.web01
安装nfs-utils
#需要优化
安装nginx,php
修改nginx和php默认用户
传输wordpress虚拟主机配置
创建部署wordpress
创建文件上传目录
挂载文件目录
启动nginx
启动php
主机清单
[root@m01 ~]# vim /etc/ansible/hosts
[web_group]
web01 ansible_ssh_host=10.0.0.7
[backup_group]
backup ansible_ssh_host=10.0.0.41
[nfs_group]
nfs01 ansible_ssh_host=10.0.0.31
[db_group]
db01 ansible_ssh_host=10.0.0.51
rsync配置文件
mkdir /root/rsync -p
vim /root/rsync/rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
log file = /var/log/rsyncd.log
auth users = rsync_subin
secrets file = /etc/rsync.passwd
[wordpress_backup]
comment = welcome to wordpress backup!
path = /backup/wordpress
nginx配置文件
mkdir -p /root/nginx
vim /root/nginx/wordpress.conf
server {
listen 80;
server_name blog.subin.com;
root /code/wordpress;
index index.php index.html;
location ~ \.php$ {
fastcgi_pass localhost:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
nfs配置文件
mkdir /root/nfs -p
vim /root/nfs/exports
/wordpress_file_upload 172.16.1.0/24(rw,sync,all_squash,anonuid=666,anongid=666)
---------------------------------------------------------------------------------------
vim /root/nfs/confxml.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<head version="2.5">
<host hostip="localhost" port="8008"></host>
<debug start="false"/>
<fileSystem xfs="false"/>
<filter start="false">
<exclude expression="(.*)\.svn"></exclude>
<exclude expression="(.*)\.gz"></exclude>
<exclude expression="^info/*"></exclude>
<exclude expression="^static/*"></exclude>
</filter>
<!-- 修改 -->
<inotify>
<delete start="true"/>
<createFolder start="true"/>
<createFile start="true"/>
<closeWrite start="true"/>
<moveFrom start="true"/>
<moveTo start="true"/>
<attrib start="true"/>
<modify start="true"/>
</inotify>
<!-- 修改 -->
<sersync>
<localpath watch="/wordpress_file_upload">
<remote ip="172.16.1.41" name="wordpress_backup"/>
</localpath>
<!-- 修改 -->
<rsync>
<commonParams params="-az"/>
<auth start="true" users="rsync_subin" passwordfile="/etc/rsync.password"/>
<userDefinedPort start="false" port="874"/><!-- port=874 -->
<timeout start="false" time="100"/><!-- timeout=100 -->
<ssh start="false"/>
</rsync>
<failLog path="/tmp/rsync_fail_log.sh" timeToExecute="60"/><!--default every 60mins execute once-->
<crontab start="false" schedule="600"><!--600mins-->
<crontabfilter start="false">
<exclude expression="*.php"></exclude>
<exclude expression="info/*"></exclude>
</crontabfilter>
</crontab>
<plugin start="false" name="command"/>
</sersync>
<plugin name="command">
<param prefix="/bin/sh" suffix="" ignoreError="true"/> <!--prefix /opt/tongbu/mmm.sh suffix-->
<filter start="false">
<include expression="(.*)\.php"/>
<include expression="(.*)\.sh"/>
</filter>
</plugin>
<plugin name="socket">
<localpath watch="/opt/tongbu">
<deshost ip="192.168.138.20" port="8009"/>
</localpath>
</plugin>
<plugin name="refreshCDN">
<localpath watch="/data0/htdocs/cms.xoyo.com/site/">
<cdninfo domainname="ccms.chinacache.com" port="80" username="xxxx" passwd="xxxx"/>
<sendurl base="http://pic.xoyo.com/cms"/>
<regexurl regex="false" match="cms.xoyo.com/site([/a-zA-Z0-9]*).xoyo.com/images"/>
</localpath>
</plugin>
</head>
变量文件
vim /root/group_vars/all
groupname: www
groupgid: 666
username: www
useruid: 666
create_home: false
login_shell: /sbin/nologin
sources_dirname: /root/sources/
--------------------------------------------------------------------------
vim /root/group_vars/db_group
db_yum_name: mariadb-server
db_server_name: mariadb
--------------------------------------------------------------------------
vim /root/group_vars/backup_group
rsync_yum_name: rsync
rsync_service_name: rsyncd
rsync_conf_src: /root/rsync/rsyncd.conf
rsync_conf_dest: /etc/rsyncd.conf
rsync_user_pass: rsync_subin:password
rsync_user_pass_dest: /etc/rsync.passwd
rsync_backup_dirname: /backup/wordpress
--------------------------------------------------------------------------
vim /root/group_vars/nfs_group
rsync_yum_name: rsync
rsync_pass: password
rsync_pass_dest: /etc/rsync.password
nfs_yum_name: nfs-utils
nfs_service_name: nfs-server
nfs_exports_src: /root/nfs/exports
nfs_exports_dest: /etc/exports
nfs_share_dirname: /wordpress_file_upload
sersync_tar_name: sersync2.5.4_64bit_binary_stable_final.tar.gz
sersync_unarchive_dest: /usr/local
sersync_delete_shell: rm -rf /usr/local/sersync
sersync_rename_shell: mv /usr/local/GNU-Linux-x86 /usr/local/sersync
sersync_conf_src: /root/nfs/confxml.xml
sersync_conf_dest: /usr/local/sersync/confxml.xml
sersync_shell: /usr/local/sersync/sersync2 -dro
--------------------------------------------------------------------------
vim /root/group_vars/web_group
nfs_yum_name: nfs-utils
nginx_php_tar_name: nginx_php.tar.gz
nginx_php_dest: /root
nginx_php_shell: cd /root/nginx_php && rpm -Uvh *.rpm
update_nginxuser_shell: sed -i '/^user/c user www;' /etc/nginx/nginx.conf
update_phpuser_shell: sed -i '/^user/c user = www' /etc/php-fpm.d/www.conf
update_phpgroup_shell: sed -i '/^group/c group = www' /etc/php-fpm.d/www.conf
nginx_server_conf_src: /root/nginx/wordpress.conf
nginx_server_conf_dest: /etc/nginx/conf.d/wordpress.conf
nginx_code_name: /code
wordpress_tar_name: wordpress-5.4-zh_CN.tar.gz
wordpress_dest: /code
nginx_mount_path: /code/wordpress/wp-content/uploads
nginx_mount_src: 172.16.1.31:/wordpress_file_upload
nginx_server_name: nginx
php_server_name: php-fpm
剧本
vim /root/wordpress.yml
---
- hosts: all
tasks:
- name: 同一用户组www
group:
name: "{{ groupname }}"
gid: "{{ groupgid }}"
- name: 同一用户www
user:
name: "{{ username }}"
group: "{{ groupname }}"
uid: "{{ useruid }}"
create_home: "{{ create_home }}"
shell: "{{ login_shell }}"
- hosts: db_group
tasks:
- name: 安装数据库
yum:
name: "{{ db_yum_name }}"
state: present
- name: 数据库启动+自启
service:
name: "{{ db_server_name }}"
state: started
enabled: yes
- hosts: backup_group
tasks:
- name: 安装rsync服务
yum:
name: "{{ rsync_yum_name }}"
state: present
- name: 推送rsync配置文件
copy:
src: "{{ rsync_conf_src }}"
dest: "{{ rsync_conf_dest }}"
owner: root
group: root
mode: 0644
- name: 创建密码文件并且授权
copy:
content: "{{ rsync_user_pass }}"
dest: "{{ rsync_user_pass_dest }}"
owner: root
group: root
mode: 0600
- name: 创建backup目录
file:
path: "{{ rsync_backup_dirname }}"
state: directory
mode: 0755
owner: "{{ username }}"
group: "{{ groupname }}"
recurse: yes
- name: 启动rsync服务
service:
name: "{{ rsync_service_name }}"
state: started
enabled: yes
- hosts: nfs_group
tasks:
- name: nfs安装rsync
yum:
name: "{{ rsync_yum_name }}"
state: present
- name: nfs安装nfs-utils
yum:
name: "{{ nfs_yum_name }}"
state: present
- name: 推送nfs配置文件
copy:
src: "{{ nfs_exports_src }}"
dest: "{{ nfs_exports_dest }}"
owner: root
group: root
mode: 0644
- name: 创建nfs共享目录
file:
path: "{{ nfs_share_dirname }}"
owner: "{{ username }}"
group: "{{ groupname }}"
mode: 0755
recurse: yes
- name: 解压sersync包
unarchive:
src: "{{ sources_dirname }}{{ sersync_tar_name }}"
dest: "{{ sersync_unarchive_dest }}"
- name: 删除原有目录
shell: "{{ sersync_delete_shell }}"
- name: sersync改名
shell: "{{ sersync_rename_shell }}"
- name: 传输sersync配置文件
copy:
src: "{{ sersync_conf_src }}"
dest: "{{ sersync_conf_dest }}"
owner: root
group: root
mode: 0755
backup: yes
- name: 创建rsync客户端密码文件
copy:
content: "{{ rsync_pass }}"
dest: "{{ rsync_pass_dest }}"
owner: root
group: root
mode: 0600
- name: 启动nfs-server
service:
name: "{{ nfs_service_name }}"
state: started
enabled: yes
- name: 启动Sersync
shell: "{{ sersync_shell }} {{ sersync_conf_dest }}"
- hosts: web_group
tasks:
- name: nfs安装nfs-utils
yum:
name: "{{ nfs_yum_name }}"
state: present
- name: 解压nginx,php包
unarchive:
src: "{{ sources_dirname }}{{ nginx_php_tar_name }}"
dest: "{{ nginx_php_dest }}"
- name: 安装nginx,php
shell: "{{ nginx_php_shell }}"
- name: 修改nginx和php默认用户
shell: "{{ update_nginxuser_shell }} && {{ update_phpuser_shell }} && {{ update_phpgroup_shell }}"
- name: 推送nginx配置文件
copy:
src: "{{ nginx_server_conf_src }}"
dest: "{{ nginx_server_conf_dest }}"
owner: root
group: root
mode: 0644
- name: 创建wordpress站点目录
file:
path: "{{ nginx_code_name }}"
state: directory
owner: "{{ username }}"
group: "{{ groupname }}"
mode: 0755
recurse: yes
- name: 部署wordpress
unarchive:
src: "{{ sources_dirname }}{{ wordpress_tar_name }}"
dest: "{{ wordpress_dest }}"
owner: "{{ username }}"
group: "{{ groupname }}"
mode: 0755
- name: 创建文件上传目录
file:
path: "{{ nginx_mount_path }}"
state: directory
owner: "{{ username }}"
group: "{{ groupname }}"
mode: 0755
recurse: yes
- name: 挂载文件目录
mount:
path: "{{ nginx_mount_path }}"
src: "{{ nginx_mount_src }}"
fstype: nfs
opts: defaults
state: mounted
- name: 启动nginx
service:
name: "{{ nginx_server_name }}"
state: started
enabled: yes
- name: 启动php
service:
name: "{{ php_server_name }}"
state: started
enabled: yes
db01配置数据库
#给root用户创建密码
[root@db01 ~]# mysqladmin -uroot password 1
#连接数据库
[root@db01 ~]# mysql -uroot -p1
#创建wordpress的库
MariaDB [(none)]> create database wordpress;
#创建一个共同数据库用户
MariaDB [(none)]> grant all on *.* to php_subin@'%' identified by '111';
