Create Ansible Playbook for LEMP Stack

Ansible is an easy automation software that automates software program software deployment, cloud provisioning, and configuration administration. It is a server orchestration software that lets you handle and management numerous server nodes from single locations known as ‘Management Machines’. Ansible was created by Michael DeHaan in 2012 and is written in Python and Powershell.

On this tutorial, we will present you how one can create primary Ansible Playbook for provisioning the LEMP Stack on Ubuntu 18.04 Server. You’ll discover ways to create primary Ansible Playbook that may be scaled for different PHP venture purposes comparable to WordPress, Nextcloud and many others.

Prerequisite

  • 2 Ubuntu OS.
    • 10.5.5.20   ansible
    • 10.5.5.26   provision
  • Data of  primary utilization Ansible
  • Root privileges

What we’ll do:

  1. Setup Ansible Playbook Challenge
  2. Generate Ansible Playbook Roles Listing Construction
  3. Setup hosts and web site.yml
  4. Setup ‘widespread’ Roles – Primary setup
  5. Setup ‘net’ Roles – Nginx and PHP-FPM Configuration
  6. Setup ‘db’ Roles – MySQL Database Configuration
  7. Testing

Step 1 – Setup Ansible Playbook Challenge

Ansible Playbook is a set of directions that you simply ship to run on a single or group of server hosts. It represents the ansible-provisioning, the place the automation is outlined as duties, and all jobs like putting in packages, enhancing information, will likely be carried out by ansible modules.

The Ansible Playbook incorporates some primary configuration, together with hosts and person data of the supply servers, a activity checklist that will likely be carried out to the supply servers, template and customized configurations, and a gaggle of variables a part of templates and duties.

Firstly, create the grasp venture listing on the ‘ansible-control’ machine. The grasp venture listing will likely be saved all our playbook directories, information, and configurations.

Create the Ansible venture listing known as ‘project-lemp’ and go into it.

mkdir project-lemp/
cd project-lemp

Now create new configuration file ‘hosts’ and ‘web site.yml’, then create a brand new listing known as ‘roles’.

contact hosts web site.yml
mkdir -p roles/

Particulars about configurations:

hosts – It is a list file that incorporates items of details about managed servers by ansible. It permits you to create a gaggle of servers that make you extra simpler to handle and scale the stock file itself. The stock file will be created with many alternative codecs, together with the INI and YAML codecs.

web site.yml – The grasp playbook file that incorporates which group of hosts that will likely be managed utilizing our accessible roles.

roles – it is a group of Ansible playbooks that will likely be used to provision the server. The ansible roles have their very own listing buildings, every position will comprise directories comparable to duties, handlers, vars and many others.

Step 2 – Generate Ansible Roles for the Listing Construction

On this step, we will generate ansible roles listing utilizing the ansible-galaxy command. We’ll generate two of roles known as ‘widespread’ roles and the ‘net’ roles.

Contained in the ‘project-lemp’ listing, go to the listing ‘roles’.

cd roles/

Generate roles construction listing and information for the ‘widespread’ and ‘net’ roles by working the ansible-galaxy command beneath.

ansible-galaxy init widespread
ansible-galaxy init net
ansible-galaxy init db

After that, test all accessible ansible roles listing buildings utilizing the next command.

tree .

You can be proven the outcome as beneath.

Directory structure

Step 3 – Setup hosts and web site.yml

The ‘hosts’ file will comprise checklist and group of the server managed by the Ansible. For this information, we’ll create a gaggle known as ‘lemp’ with the member named ‘server01’ and the IP deal with 10.5.5.26.

Edit the ‘hosts’ file utilizing vim editor.

vim hosts

Paste configuration beneath.

[lemp]
server01 ansible_host=10.5.5.26

Save and shut.

Subsequent, edit the location.yml configuration file.

vim web site.yml

Paste configurations beneath.

---

- hosts: lemp
  remote_user: hakase
  change into: sure

  roles:
    - widespread
    - net
    - db

Save and shut.

Setup hosts and site.yml

Step 3 – Setup Widespread Roles

On this step, we will arrange the widespread roles. And so as to try this, we have to create a listing of duties that we will do.

Beneath the checklist of duties that we will do on the ‘widespread’ roles.

  1. Change repository
  2. Replace repository
  3. Improve packages to the most recent model
  4. Setup the server timezone

Now go to the ‘widespread’ listing and edit the ‘duties/essential.yml’ configuration.

cd widespread/
vim duties/essential.yml

Create a activity for altering the repository, and we will likely be utilizing the ‘copy’ module that can copy the bottom ‘sources.checklist’ on the ‘information’ listing to the distant host ‘/and many others/apt/’.

- title: Change repository Ubuntu 18.04Step 4 - Setup 'net' Roles
  copy:
    src: sources.checklist
    dest: /and many others/apt/
    backup: sure

Create a activity for updating the repository and improve all packages to newest model utilizing the ‘apt’ module.

- title: Replace repository and Improve packages
  apt:
    improve: dist
    update_cache: sure

Now create the duty for configuring the system timezone utilizing the ansible timezone module.

- title: Setup timezone to Asia/Jakarta
  timezone:
    title: Asia/Jakarta
    state: newest

Save and shut.

Setup Common Roles

After that, create a brand new repository configuration ‘sources.checklist’ contained in the ‘information’ listing.

vim information/sources.checklist

Select the closest repository of your server location, beneath is mine.

deb http://buaya.klas.or.id/ubuntu/ bionic essential restricted
deb http://buaya.klas.or.id/ubuntu/ bionic-updates essential restricted
deb http://buaya.klas.or.id/ubuntu/ bionic universe
deb http://buaya.klas.or.id/ubuntu/ bionic-updates universe
deb http://buaya.klas.or.id/ubuntu/ bionic multiverse
deb http://buaya.klas.or.id/ubuntu/ bionic-updates multiverse
deb http://buaya.klas.or.id/ubuntu/ bionic-backports essential restricted universe multiverse
deb http://buaya.klas.or.id/ubuntu/ bionic-security essential restricted
deb http://buaya.klas.or.id/ubuntu/ bionic-security universe
deb http://buaya.klas.or.id/ubuntu/ bionic-security multiverse

Save and shut.

lastly, the ‘widespread’ roles configuration has been accomplished.

Step 4 – Setup ‘net’ Roles

On this step, we will arrange the ‘net’ roles. It’ll do some duties together with set up the Nginx net server, PHP-FPM with some primary extentions, and configuring the PHP-FPM with Nginx.

Beneath are particulars duties that we are going to do on the ‘net’ roles:

  1. Set up Nginx
  2. Set up PHP-FPM
  3. Configure php.ini
  4. Create a digital host
  5. Add file phpinfo

Goto the ‘net’ listing and edit the ‘duties/essential.yml’ file.

cd net/
vim duties/essential.yml

Create the primary activity for nginx set up utilizing the apt module.

- title: Set up Nginx
  apt:
    title: nginx
    state: newest

Now create the duty for putting in PHP-FPM with some primary extensions. And for the a number of packages set up, we are able to use python ‘checklist’ format comparable to beneath.

- title: Instal PHP-FPM
  apt:
    title: ['php','php-fpm','php-common','php-cli','php-curl']
    state: newest

Subsequent, we’ll add new traces to the php.ini configuration utilizing the ‘blockinfile’ module. And on the finish of the road, we’ll notify the ansible to restart the php-fpm service after configuring the php.ini file.

- title: Configure php.ini
  blockinfile:
    dest: /and many others/php/{{ php_version }}/fpm/php.ini
    block: |
      date.time = Asia/Jakarta
      cgi-fix_pathinfo = 0
    backup: sure
  notify: restart php-fpm

Now we’ll copy the nginx digital host configuration utilizing the ‘template’ module. The template module will copy the configuration from the ‘templates’ listing to the distant server. We will copy the jinja2 digital host template ‘vhost.j2’ to the ‘/and many others/nginx/sites-enabled/’ listing, and the final we’ll notify the ansible to restart the nginx service.

- title: Create Nginx digital host
  template:
    src: vhost.j2
    dest: /and many others/nginx/sites-enabled/vhost-{{ domain_name }}
  notify: restart nginx

After that, we’ll create new duties for creating the web-root listing utilizing the ‘file’ module and duplicate the index.php template into it.

- title: Create web-root listing
  file:
    path: /var/www/{{ domain_name }}
    state: listing

- title: Add index.html and data.php information
  template:
    src: index.php.j2
    dest: /var/www/{{ domain_name }}/index.php

Save and shut.

Now we will configure the handlers for restarting the nginx and php-fpm service. Edit the ‘handlers/essential.yml’ configuration utilizing vim editor.

vim handlers/essential.yml

Paste configurations beneath.

- title: restart nginx
  service:
    title: nginx
    state: restarted
    enabled: sure

- title: restart php-fpm
  service:
    title: php{{ php_version }}-fpm
    state: restarted
    enabled: sure

Save and shut.

Ansible web roles

Subsequent, we’ll edit the ‘vars/essential.yml’ configuration. On the prime of configurations you’ll discover the variable configurations ‘{{ php_version }}’ and ‘{{ domain_name }}’. These variables signify our surroundings setup for the php model and the area title that will likely be used. The variable makes ansible extra reusable as a result of we simply have to edit the variable configuration ‘vars/essential.yml’ and never enhancing the bottom configuration.

Edit the variables configuration ‘vars/essential.yml’ utilizing vim editor.

vim vars/essential.yml

Paste configurations beneath.

php_version: 7.2
domain_name: hakase-labs.io

Save and shut.

Now we’ll create jinja2 template configurations ‘index.php.j2’ and ‘vhost.j2’ on the ‘templates/’ listing.

vim templates/index.php.j2

Paste configuration beneath.

<html>
<physique>

<h1><middle>index.html for area {{ domain_name }}</middle></h1>

<p>
<p>

<?php
phpinfo();
?>

</physique>
</html>

Save and shut.

After that, create the template for nginx digital host configuration ‘vhost.j2’.

vim templates/vhost.j2

Paste configurations beneath.

server {
    pay attention 80;
    pay attention [::]:80;

    root /var/www/{{ domain_name }};
    index index.php index.html index.htm index.nginx-debian.html;

    server_name {{ domain_name }};

    location / {
        try_files $uri $uri/ =404;
    }

    # go PHP scripts to FastCGI server
    #
        location ~ .php$ {
            try_files $uri =404;
            fastcgi_split_path_info ^(.+.php)(/.+)$;
            fastcgi_pass unix:/var/run/php/php{{ php_version }}-fpm.sock;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            embody fastcgi_params;
        }

}

Save and shut the configuration, and we’re completed the net roles configuration.

Step 5 – Setup ‘db’ Roles

At this step, we will configure the ‘db’ roles for the MySQL database set up and configuration.

Beneath are particulars duties that can do on the ‘db’ roles.

  1. set up mysql
  2. Create MySQL database
  3. Create MySQL person
  4. restart mysql

Goto the ‘db’ listing and edit the ‘duties/essential.yml’ configuration.

cd db/
vim duties/essential.yml

Now set up the MySQL packages utilizing the ‘apt’ module and python ‘checklist’ format for a number of packages set up.

- title: Set up MySQL
  apt:
    title: ['mysql-server','mysql-client','python-mysqldb']
    state: newest
  notify: restart mysql

Then create new duties for creating the MySQL database and person, then grant all privileges of the person to the database.

- title: Create database
  mysql_db:
    title: '{{ db_name }}'
    state: current

- title: Create person for the database
  mysql_user:
    title: '{{ db_user }}'
    password: '{{ db_pass }}'
    encrypted: sure
    priv: '{{ db_name }}.*:ALL'
    state: current

Save and shut.

Setup database roles

Subsequent, edit the ‘handlers/essential.yml’ configuration.

vim handlers/essential.yml

Paste the configuration of the duty for restarting the MySQL service.

- title: restart mysql
  service:
    title: mysql
    state: restarted
    enabled: sure

Save and shut.

After that, edit the vars variable configuration ‘vars/essential.yml’.

vim vars/essential.yml

Paste these variables for MySQL database and person configuration beneath.

db_name: hakase-db
db_user: hakase
db_pass: '*C960D382DB42E57D3BAC33891CF87900DCB1A869'

Save and shut.

The ‘db_pass’ variable has the MySQL encrypted password, and you’ll generate an encrypted MySQL password utilizing on-line instruments.

Step 6 – Run the Ansible Playbook

Goto the Ansible venture listing.

cd project-lemp/

Run the ansible-playbook command beneath.

ansible-playbook -i hosts web site.yml

Now the ansible will run all roles that we assign to the host. When it is full, you may be proven the outcome as beneath.

Run the Ansible Playbook

Be sure to get no error.

Step 7 – Testing

Open your net browser and kind the area title on the deal with bar http://hakase-labs.io.

And you may be proven the index web page with phpinfo as beneath.

Testing

The PHP-FPM and Nginx are working.

Subsequent, again to the server terminal and log in to the MySQL server utilizing the person and password that we have created on the ‘mysql’ roles variable.

mysql -u hakase -p
PASSWORD: hakasepass

test the checklist of database owned by the person.

present databases;

And you may be logged to the MySQL shell and will likely be proven the database named ‘hakase-db’ on the checklist.

Database test

Lastly, the Ansible Playbook for the LEMP Stack set up and configuration has been created and examined efficiently.

https://docs.ansible.com/ansible/latest/index.html

LEAVE A REPLY

Please enter your comment!
Please enter your name here