Playbook部署php+nginx
1、编写playbook
cat << 'CAT_END' > install_php_nginx.yaml - hosts: httpd vars: web_site_path: /ansible/admin tasks: # 配置php仓库 - name: Install php repo yum: name: "{{item}}" state: present validate_certs: no loop: - epel-release - yum-utils - https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm tags: install # 安装php软件 - name: Install php yum: name: "{{packages}}" vars: packages: - php74-php - php74-php-cli - php74-php-common - php74-php-devel - php74-php-embedded - php74-php-gd - php74-php-mcrypt - php74-php-mbstring - php74-php-pdo - php74-php-xml - php74-php-fpm - php74-php-mysqlnd - php74-php-opcache - php74-php-pecl-memcached - php74-php-pecl-redis - php74-php-pecl-mongodb tags: install # 安装nginx软件 - name: Install nginx yum: name: nginx tags: install # 创建nginx使用组 - name: Create Nginx Process Runtime Group group: name: www gid: 666 tags: install # 创建nginx使用用户 - name: Create Nginx Process Runtime User user: name: www uid: 666 create_home: no tags: - install - configure # 复制nginx配置文件 - name: configure nginx nginx.conf copy: src: ./conf/nginx.conf.j2 dest: /etc/nginx/nginx.conf owner: 'root' group: 'root' mode: '0644' notify: restart nginx server tags: configure # 复制vhost配置文件 - name: configure nginx vhost ansible.example.com template: src: ./conf/ansible.example.com.conf.j2 dest: /etc/nginx/conf.d/ansible.example.com.conf notify: restart nginx server # 语法检查 - name: check nginx configure shell: cmd: /usr/sbin/nginx -t register: check_nginx changed_when: - check_nginx.stdout.find('successful') - false # php配置 - name: configure php php.ini copy: src: "{{ item.src }}" dest: "{{ item.dest }}" mode: "{{ item.mode }}" loop: - {src: "./conf/php.ini.j2",dest: "/etc/opt/remi/php74/php.ini",mode: "0644"} - {src: "./conf/www.conf.j2",dest: "/etc/opt/remi/php74/php-fpm.d/www.conf",mode: "0644"} notify: restart php server # 开启php和nginx服务 - name: systemd nginx add php server systemd: name: "{{ item }}" state: started enabled: yes loop: - nginx - php74-php-fpm # 创建存放项目目录 - name: create web site directory file: path: "{{ web_site_path }}" state: directory owner: "www" group: "www" mode: "0755" - name: unarchive phpMyAdmin code unarchive: src: file/phpmyadmin.zip dest: "{{ web_site_path }}" owner: "www" group: "www" handlers: - name: restart nginx server systemd: name: nginx state: restarted - name: restart php server systemd: name: php74-php-fpm state: restarted CAT_END
2、准备配置文件
2.1、nginx.conf.j2
cat <<'CAT_END'>nginx.conf.j2 user www; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 4096; include /etc/nginx/mime.types; default_type application/octet-stream; include /etc/nginx/conf.d/*.conf; } CAT_END
2.2、php.ini.j2
# 从测试机器拷贝配置文件 scp root@192.168.10.17:/etc/opt/remi/php74/php.ini conf/php.ini.j2
2.3、www.conf.j2
# 从测试机器拷贝配置文件 scp root@192.168.10.17:/etc/opt/remi/php74/php-fpm.d/www.conf conf/www.conf.j2
2.4、ansible.example.com.conf.j2
cat > ansible.example.com.conf.j2 <<'EOF' server { listen 80; server_name ansible.example.com; root {{ web_site_path }}; index index.php index.html; location ~ \.php$ { try_files $uri =404; root {{ web_site_path }}; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } EOF
3、语法检查
ansible-playbook install_php_nginx.yaml --syntax-check
4、布署
]# ansible-playbook install_php_nginx.yaml PLAY [httpd] ************************************************************************************************************************************************* TASK [Gathering Facts] *************************************************************************************************************************************** ok: [192.168.10.18] ok: [192.168.10.17] TASK [Install php repo] ************************************************************************************************************************************** ok: [192.168.10.18] => (item=epel-release) ok: [192.168.10.17] => (item=epel-release) ok: [192.168.10.18] => (item=yum-utils) ok: [192.168.10.17] => (item=yum-utils) ok: [192.168.10.17] => (item=https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm) ok: [192.168.10.18] => (item=https://mirrors.tuna.tsinghua.edu.cn/remi/enterprise/remi-release-7.rpm) TASK [Install php] ******************************************************************************************************************************************* ok: [192.168.10.18] ok: [192.168.10.17] TASK [Install nginx] ***************************************************************************************************************************************** ok: [192.168.10.17] ok: [192.168.10.18] TASK [Create Nginx Process Runtime Group] ******************************************************************************************************************** ok: [192.168.10.17] ok: [192.168.10.18] TASK [Create Nginx Process Runtime User] ********************************************************************************************************************* ok: [192.168.10.18] ok: [192.168.10.17] TASK [configure nginx nginx.conf] **************************************************************************************************************************** ok: [192.168.10.18] ok: [192.168.10.17] TASK [configure nginx vhost ansible.example.com] ************************************************************************************************************* ok: [192.168.10.18] ok: [192.168.10.17] TASK [check nginx configure] ********************************************************************************************************************************* ok: [192.168.10.17] ok: [192.168.10.18] TASK [configure php php.ini] ********************************************************************************************************************************* ok: [192.168.10.17] => (item={u'dest': u'/etc/opt/remi/php74/php.ini', u'src': u'./conf/php.ini.j2', u'mode': u'0644'}) ok: [192.168.10.18] => (item={u'dest': u'/etc/opt/remi/php74/php.ini', u'src': u'./conf/php.ini.j2', u'mode': u'0644'}) ok: [192.168.10.18] => (item={u'dest': u'/etc/opt/remi/php74/php-fpm.d/www.conf', u'src': u'./conf/www.conf.j2', u'mode': u'0644'}) ok: [192.168.10.17] => (item={u'dest': u'/etc/opt/remi/php74/php-fpm.d/www.conf', u'src': u'./conf/www.conf.j2', u'mode': u'0644'}) TASK [systemd nginx add php server] ************************************************************************************************************************** ok: [192.168.10.17] => (item=nginx) ok: [192.168.10.18] => (item=nginx) ok: [192.168.10.17] => (item=php74-php-fpm) ok: [192.168.10.18] => (item=php74-php-fpm) TASK [create web site directory] ***************************************************************************************************************************** ok: [192.168.10.18] ok: [192.168.10.17] TASK [unarchive phpMyAdmin code] ***************************************************************************************************************************** ok: [192.168.10.17] ok: [192.168.10.18] PLAY RECAP *************************************************************************************************************************************************** 192.168.10.17 : ok=13 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 192.168.10.18 : ok=13 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
5、测试访问