Break role into apache, php, redis

defaults/main.yml

-# apache
 apache_conf_ext: ''
 apache_conf_default_prefix: ''
 apache_server_admin: 'webmaster@paragon-es.de'
@@ -10,37 +9,5 @@ apache_server_defs: []
 apache_server_default_root: 'live/htdocs'
 apache_server_default_svn_source: false
 apache_server_default_svn_target: 'live'
-apache_needs_oci8: false
 apache_certificates: []
 apache_auth: false
-
-# php.ini
-php_conf_dir: 'conf.d'
-php_allow_call_time_pass_reference: 'on'
-php_max_execution_time: '30'
-php_max_input_vars: '1000'
-php_memory_limit: '32M'
-php_display_errors: 'Off'
-php_display_startup_errors: 'Off'
-php_error_reporting: 'E_ALL & ~E_NOTICE'
-php_filter_default: 'unsafe_raw'
-php_html_errors: 'Off'
-php_log_errors: 'On'
-php_magic_quotes_gpc: 'On'
-php_post_max_size: '32M'
-php_upload_max_filesize: '2M'
-php_date_timezone: 'Europe/Berlin'
-php_register_globals: 'Off'
-php_register_long_arrays: 'On'
-php_session_cookie_lifetime: '0'
-php_session_gc_divisor: '1000'
-php_session_gc_maxlifetime: '1440'
-php_session_cache_expire: '180'
-php_expose_php: 'Off'
-php_browscap: false
-
-# apc.ini
-apc_rfc1867: '1'
-apc_shm_size: '256M'
-apc_shm_segments: '1'
-apc_num_files_hint: '0'

files/composer

-#!/usr/bin/env bash
-
-php -d allow_url_fopen=On /usr/local/bin/composer.phar $@

handlers/main.yml

@@ -2,11 +2,14 @@
 # file: roles/apache/handlers/main.yml
 
 - name: 'Apache | Restart Apache'
-  service: name=apache2 state=restarted
+  service:
+    name=apache2
+    state=restarted
 
 - name: 'Apache | Checkout htdocs for default'
-  subversion: repo='{{apache_server_default_svn_source}}'
-              dest='/var/www/{{apache_server_default_svn_target}}'
+  subversion:
+    repo={{ apache_server_default_svn_source }}
+    dest=/var/www/{{ apache_server_default_svn_target }}
   sudo: no
   when: false
   notify: 'Apache | Change ownership for web server files'
@@ -15,8 +18,9 @@
   when: apache_server_default_svn_source != false
 
 - name: 'Apache | Checkout htdocs for our site(s)'
-  subversion: repo='{{item.svn_source}}'
-              dest='/var/www/{{item.svn_target}}'
+  subversion:
+    repo={{ item.svn_source }}
+    dest=/var/www/{{ item.svn_target }}
   sudo: no
   with_items: apache_server_defs
   notify: 'Apache | Change ownership for web server files'

meta/main.yml

@@ -2,3 +2,4 @@
 
 dependencies:
   - { role: common }
+  - { role: php }

tasks/apache.yml

 ---
 # file: roles/apache/tasks/apache.yml
 
-- name: 'Apache | Install required packages.'
-  apt: pkg={{item}} state=installed
+- name: "Apache | Install required packages."
+  apt:
+    pkg={{ item }}
+    state=installed
   with_items:
-    - php5
     - apache2
-    - mysql-client
-    - php-apc
-    - php-soap
-    - php5-mysql
-    - php5-xmlrpc
-    - php5-gd
-    - php5-mcrypt
-    - php5-imap
-    - php5-curl
-    - php5-xdebug
-    - php5-dev
-    - php-pear
-  notify: 'Apache | Restart Apache'
+  notify: "Apache | Restart Apache"
 
-# TODO: Upgrade APCu on Ubuntu 14.04
-# @see https://github.com/owncloud/core/issues/14175#issuecomment-74573088
-# wget https://launchpad.net/~ondrej/+archive/ubuntu/php5/+build/6149263/+files/php5-apcu_4.0.6-1%2Bdeb.sury.org~utopic%2B1_amd64.deb
-# sudo dpkg -i php5-apcu_4.0.6-1+deb.sury.org~utopic+1_amd64.deb
-
-- name: 'Apache | Configuration file, php.ini'
-  template: src=etc-php5-apache2-php-ini
-            dest=/etc/php5/apache2/php.ini
-            owner=root
-            group=root
-            mode=0644
-  notify: 'Apache | Restart Apache'
-
-- name: 'Apache | Cache configuration file, apc.ini'
-  template: src=etc-php5-conf-d-apc-ini
-            dest=/etc/php5/{{php_conf_dir}}/apc.ini
-            owner=root
-            group=root
-            mode=0644
-  notify: 'Apache | Restart Apache'
-
-- name: 'Apache | Create extra directory for browscap'
-  file: dest='/etc/php5/apache2/extra'
-        state=directory
-        owner=root
-        group=root
-  when: php_browscap
-
-- name: 'Apache | browscap.ini'
-  copy: src=browscap.ini
-        dest=/etc/php5/apache2/extra/browscap.ini
-        owner=root
-        group=root
-  notify: 'Apache | Restart Apache'
-  when: php_browscap
-
-- name: 'Apache | Enable PHP modules'
-  shell: php5enmod {{item}}
-  with_items:
-    - mcrypt
-    - imap
-  when: php_conf_dir == 'mods-available'
-
-- name: 'Apache | Enable some required modules'
-  command: a2enmod {{item}} creates=/etc/apache2/mods-enabled/{{item}}.load
+- name: "Apache | Enable some required modules"
+  apache_module:
+    name={{ item }}
+    state=present
   with_items:
     - rewrite
     - vhost_alias
     - status
     - ssl
-
-- name: 'Apache | Turn on Extended Status'
-  lineinfile: dest=/etc/apache2/apache2.conf
-              regexp='^ExtendedStatus '
-              line='ExtendedStatus On'
-
-- name: 'Apache | Install SSL certificates'
-  copy: src={{inventory_dir}}/files/ssl/{{item.file}}
-        dest=/etc/ssl/private
+  notify: "Apache | Restart Apache"
+
+- name: "Apache | Turn on Extended Status"
+  lineinfile:
+    dest=/etc/apache2/apache2.conf
+    regexp='^ExtendedStatus '
+    line='ExtendedStatus On'
+  notify: "Apache | Restart Apache"
+
+- name: "Apache | Install SSL certificates"
+  copy:
+    src={{ inventory_dir }}/files/ssl/{{ item.file }}
+    dest=/etc/ssl/private
   with_items: apache_certificates
-  notify: 'Apache | Restart Apache'
-
-- name: 'Apache | Create htdocs directory for default'
-  file: dest='/var/www/{{apache_server_default_svn_target}}'
-        state=directory
-        owner=www-data
-        group=www-data
-
-- name: 'Apache | Create htdocs directory for apc status'
-  file: dest='/var/www/apc'
-        state=directory
-        owner=www-data
-        group=www-data
-
-- name: 'Apache | Copy APC status php script'
-  copy: src=apc.php
-        dest=/var/www/apc
-        owner=www-data
-        group=www-data
-
-- name: 'Apache | Create htdocs directory for our site(s)'
-  file: dest='/var/www/{{item.svn_target}}'
-        state=directory
-        owner=www-data
-        group=www-data
+  notify: "Apache | Restart Apache"
+
+- name: "Apache | Create htdocs directory for default"
+  file:
+    dest=/var/www/{{ apache_server_default_svn_target }}
+    state=directory
+    owner=www-data
+    group=www-data
+
+- name: "Apache | Create htdocs directory for our site(s)"
+  file:
+    dest=/var/www/{{ item.svn_target }}
+    state=directory
+    owner=www-data
+    group=www-data
   with_items: apache_server_defs
 
-- name: 'Apache | Configuration file for default site'
-  template: src=etc-apache2-sites-available-default
-            dest=/etc/apache2/sites-available/{{apache_conf_default_prefix}}default{{apache_conf_ext}}
-            owner=root
-            group=root
-            mode=0644
+- name: "Apache | Configuration file for default site"
+  template:
+    src=etc-apache2-sites-available-default
+    dest=/etc/apache2/sites-available/{{ apache_conf_default_prefix }}default{{ apache_conf_ext }}
+    owner=root
+    group=root
+    mode=0644
   when: apache_server_default == "yes"
   notify:
-    - 'Apache | Restart Apache'
-    - 'Apache | Checkout htdocs for default'
-
-- name: 'Apache | Configuration file for default ssl site'
-  template: src=etc-apache2-sites-available-default-ssl
-            dest=/etc/apache2/sites-available/default-ssl{{apache_conf_ext}}
-            owner=root
-            group=root
-            mode=0644
+    - "Apache | Restart Apache"
+    - "Apache | Checkout htdocs for default"
+
+- name: "Apache | Configuration file for default ssl site"
+  template:
+    src=etc-apache2-sites-available-default-ssl
+    dest=/etc/apache2/sites-available/default-ssl{{ apache_conf_ext }}
+    owner=root
+    group=root
+    mode=0644
   when: apache_server_default_ssl == "yes"
   notify:
-    - 'Apache | Restart Apache'
-    - 'Apache | Checkout htdocs for default'
-
-- name: 'Apache | Configuration file for ServerDensity'
-  template: src=etc-apache2-sites-available-sd-agent
-            dest=/etc/apache2/sites-available/sd-agent{{apache_conf_ext}}
-            owner=root
-            group=root
-            mode=0644
-  notify: 'Apache | Restart Apache'
-
-- name: 'Apache | Configuration file for our site(s)'
-  template: src=etc-apache2-sites-available-vhost
-            dest=/etc/apache2/sites-available/{{item.vhost}}{{apache_conf_ext}}
-            owner=root
-            group=root
-            mode=0644
+    - "Apache | Restart Apache"
+    - "Apache | Checkout htdocs for default"
+
+- name: "Apache | Configuration file for our site(s)"
+  template:
+    src=etc-apache2-sites-available-vhost
+    dest=/etc/apache2/sites-available/{{ item.vhost }}{{ apache_conf_ext }}
+    owner=root
+    group=root
+    mode=0644
   with_items: apache_server_defs
   notify:
-    - 'Apache | Restart Apache'
-    - 'Apache | Checkout htdocs for our site(s)'
+    - "Apache | Restart Apache"
+    - "Apache | Checkout htdocs for our site(s)"
 
-- name: 'Apache | Enable the default site'
-  command: a2ensite default creates=/etc/apache2/sites-enabled/000-default{{apache_conf_ext}}
+- name: "Apache | Enable the default site"
+  command: a2ensite default creates=/etc/apache2/sites-enabled/000-default{{ apache_conf_ext }}
   when: apache_server_default == "yes"
 
-- name: 'Apache | Enable the default ssl site'
-  command: a2ensite default-ssl creates=/etc/apache2/sites-enabled/default-ssl{{apache_conf_ext}}
+- name: "Apache | Enable the default ssl site"
+  command: a2ensite default-ssl creates=/etc/apache2/sites-enabled/default-ssl{{ apache_conf_ext }}
   when: apache_server_default_ssl == "yes"
 
-- name: 'Apache | Enable the sd-agent site'
-  command: a2ensite sd-agent creates=/etc/apache2/sites-enabled/sd-agent{{apache_conf_ext}}
-
-- name: 'Apache | Enable our new site(s)'
-  command: a2ensite {{item.vhost}} creates=/etc/apache2/sites-enabled/{{item.vhost}}{{apache_conf_ext}}
+- name: "Apache | Enable our new site(s)"
+  command: a2ensite {{ item.vhost }} creates=/etc/apache2/sites-enabled/{{ item.vhost }}{{ apache_conf_ext }}
   with_items: apache_server_defs
 
-- name: 'Apache | Install redis'
-  apt: pkg=redis-server state=installed
-
-- name: 'Apache | Check Redis Requirement'
-  shell: php --ri redis
-  register: redis_available
-  failed_when: false
-
-- include: redis.yml
-  when: redis_available is defined and 'Redis Support => enabled' not in redis_available.stdout_lines
-
-- name: 'Apache | Check Redis Version'
-  shell: redis-server --version
-  register: redis_version
-  changed_when: redis_version.stdout != 'Redis server v=2.8.9 sha=00000000:0 malloc=jemalloc-3.2.0 bits=64 build=4d2fb9284998e1d3'
-
-- include: redis_update.yml
-  when: repository is defined and redis_version.stdout != 'Redis server v=2.8.9 sha=00000000:0 malloc=jemalloc-3.2.0 bits=64 build=4d2fb9284998e1d3'
-
-- name: 'Apache | Check OCI Requirement'
-  shell: ls /usr/lib/php5/20090626/pdo_oci.so
-  register: oci_available
-  when: apache_needs_oci8
-  ignore_errors: yes
-  changed_when: oci_available.stdout != '/usr/lib/php5/20090626/pdo_oci.so'
-  notify:
-    - 'Apache | Restart Apache'
-
-- include: oci.yml
-  when: repository is defined and apache_needs_oci8 and oci_available.stdout != '/usr/lib/php5/20090626/pdo_oci.so'
-
-- name: 'Apache | Check Composer Requirement'
-  shell: ls /usr/local/bin/composer.phar
-  register: composer_available
-  ignore_errors: yes
-  changed_when: composer_available.stdout != '/usr/local/bin/composer.phar'
-
-- include: composer.yml
-  when: composer_available is defined and composer_available.stdout != '/usr/local/bin/composer.phar'
-
-- name: 'Apache | Create passwords directory for AuthType Basic'
-  file: dest='/var/www/passwords'
-        state=directory
-        owner=www-data
-        group=www-data
+- name: "Apache | Create passwords directory for AuthType Basic"
+  file:
+    dest=/var/www/passwords
+    state=directory
+    owner=www-data
+    group=www-data
   when: apache_auth
 
-- name: 'Apache | Setup AuthType Basic'
-  shell: htpasswd -bc /var/www/passwords/{{apache_auth.user}} {{apache_auth.user}} {{apache_auth.password}}
+- name: "Apache | Setup AuthType Basic"
+  shell: htpasswd -bc /var/www/passwords/{{ apache_auth.user }} {{ apache_auth.user }} {{ apache_auth.password }}
   when: apache_auth

tasks/composer.yml

----
-# file: roles/apache/tasks/composer.yml
-
-- name: install composer
-  shell: curl -sS https://getcomposer.org/installer | php -d allow_url_fopen=On chdir=/usr/local/bin creates=/usr/local/bin/composer.phar
-
-- name: install composer bash-script
-  copy: src=composer
-        dest=/usr/local/bin/composer
-        owner=root
-        group=root
-        mode=0755

tasks/oci.yml

----
-# file: roles/apache/tasks/oci8.yml
-#
-# @see OCI8 Install: https://help.ubuntu.com/community/PHPOracle
-# Better:
-# @see PDO_OCI Install: https://drupal.org/comment/5572626#comment-5572626
-
-- name: 'Apache | OCI | Enable OCI for PHP'
-  copy: content='extension={{item}}.so'
-        dest=/etc/php5/{{php_conf_dir}}/{{item}}.ini
-        owner=root
-        group=root
-        mode=0644
-  with_items:
-    - 'oci8'
-    - 'pdo_oci'
-
-- name: 'Apache | OCI | Remove possible components in /tmp'
-  command: rm -Rf /tmp/{{item}}
-  with_items:
-    - 'instantclient_11_2'
-    - 'oracle_x64_11_2_0_3_0_oci8_so'
-    - 'oracle_x64_11_2_0_3_0_pdo_oci_so'
-
-- name: 'Apache | OCI | Make available Oracle InstantClient'
-  command: scp -r {{repository}}{{item}} /tmp/
-  sudo: no
-  with_items:
-    - 'instantclient_11_2'
-    - 'oracle_x64_11_2_0_3_0_oci8_so'
-    - 'oracle_x64_11_2_0_3_0_pdo_oci_so'
-
-- name: 'Apache | OCI | Remove /usr/local/lib/instantclient_11_2'
-  command: rm -Rf /usr/local/lib/instantclient_11_2
-
-- name: 'Apache | OCI | Move Oracle InstantClient to /usr/local/lib'
-  command: mv /tmp/instantclient_11_2 /usr/local/lib/
-
-- name: 'Apache | OCI | Move oci8 to /usr/lib/php5'
-  command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so /usr/lib/php5/20090626/oci8.so
-
-- name: 'Apache | OCI | Move pdo_oci to /usr/lib/php5'
-  command: mv /tmp/oracle_x64_11_2_0_3_0_pdo_oci_so /usr/lib/php5/20090626/pdo_oci.so
-
-- name: 'Apache | OCI | Change ownership for Oracle InstantClient'
-  command: chown -R root:root {{item}}
-  with_items:
-    - '/usr/local/lib/instantclient_11_2'
-    - '/usr/lib/php5/20090626/oci8.so'
-    - '/usr/lib/php5/20090626/pdo_oci.so'
-
-- name: 'Apache | OCI | Make available libclntsh.so'
-  file: src=/usr/local/lib/instantclient_11_2/libclntsh.so.11.1
-        dest=/usr/local/lib/instantclient_11_2/libclntsh.so
-        state=link

tasks/redis.yml

----
-# file: roles/apache/tasks/redis.yml
-#
-# Instructions from http://ricochen.wordpress.com/2012/03/25/install-phpredis-on-ubuntu/
-
-- name: 'Apache | Redis | Enable Redis for PHP'
-  copy: content='extension={{item}}.so'
-        dest=/etc/php5/{{php_conf_dir}}/{{item}}.ini
-        owner=root
-        group=root
-        mode=0644
-  with_items:
-    - 'redis'
-
-- name: 'Apache | Redis | Remove possible components in /tmp'
-  command: rm -Rf /tmp/{{item}}
-  with_items:
-    - 'phpredis'
-
-- name: 'Apache | Redis | Checkout redis sources'
-  shell: git clone git://github.com/nicolasff/phpredis.git /tmp/phpredis
-
-- name: 'Apache | Redis | Compile redis'
-  shell: "{{item}} chdir=/tmp/phpredis"
-  with_items:
-    - phpize
-    - ./configure
-    - make
-    - make install
-
-- name: 'Apache | Redis | Enable PHP Redis module'
-  shell: php5enmod {{item}}
-  with_items:
-    - redis
-  when: php_conf_dir == 'mods-available'

tasks/redis_update.yml

----
-# file: roles/apache/tasks/redis_update.yml
-
-# Update to version 2.8.9
-
-
-- name: 'Apache | Redis Update | Get Files from Repository'
-  command: scp -r {{repository}}{{item}} /tmp
-  sudo: no
-  with_items:
-    - 'redis-server'
-
-- name: 'Apache | Redis Update | Ensure Directories'
-  file: dest='{{item}}'
-        state=directory
-        owner=redis
-        group=redis
-  with_items:
-    - '/var/run/redis'
-    - '/var/lib/redis'
-    - '/var/log/redis'
-
-- name: 'Apache | Redis Update | Stop Redis Server'
-  service: name=redis-server state=stopped
-
-- name: 'Apache | Redis Update | Copy Redis Binaries'
-  shell: cp /tmp/redis-server/* /usr/bin
-
-- name: 'Apache | Redis Update | Update Configuration File'
-  template: src=etc-redis-redis-conf
-            dest=/etc/redis/redis.conf
-            owner=root
-            group=root
-            mode=0644
-
-- name: 'Apache | Redis Update | Update Start Script'
-  template: src=etc-init-d-redis-server
-            dest=/etc/init.d/redis-server
-            owner=root
-            group=root
-            mode=0755
-
-- name: 'Apache | Redis Update | Set the kernel paramter for vm overcommit'
-  sysctl: name=vm.overcommit_memory value=1 state=present
-
-- name: 'Apache | Redis Update | Start Redis Server'
-  service: name=redis-server state=restarted

templates/etc-init-d-redis-server

-#!/bin/sh
-
-EXEC=/usr/bin/redis-server
-CLIEXEC=/usr/bin/redis-cli
-PIDFILE=/var/run/redis/redis-server.pid
-CONF="/etc/redis/redis.conf"
-REDISPORT="6379"
-###############
-# SysV Init Information
-# chkconfig: - 58 74
-# description: redis-server is the redis daemon.
-### BEGIN INIT INFO
-# Provides: redis-server
-# Required-Start: $network $local_fs $remote_fs
-# Required-Stop: $network $local_fs $remote_fs
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Should-Start: $syslog $named
-# Should-Stop: $syslog $named
-# Short-Description: start and stop redis-server
-# Description: Redis daemon
-### END INIT INFO
-
-
-case "$1" in
-    start)
-        if [ -f $PIDFILE ]
-        then
-            echo "$PIDFILE exists, process is already running or crashed"
-        else
-            echo "Starting Redis server..."
-            $EXEC $CONF
-        fi
-        ;;
-    stop)
-        if [ ! -f $PIDFILE ]
-        then
-            echo "$PIDFILE does not exist, process is not running"
-        else
-            PID=$(cat $PIDFILE)
-            echo "Stopping ..."
-            $CLIEXEC -p $REDISPORT shutdown
-            while [ -x /proc/${PID} ]
-            do
-                echo "Waiting for Redis to shutdown ..."
-                sleep 1
-            done
-            echo "Redis stopped"
-        fi
-        ;;
-    status)
-        if [ ! -f $PIDFILE ]
-        then
-            echo 'Redis is not running'
-        else
-            echo "Redis is running ($(<$PIDFILE))"
-        fi
-        ;;
-    restart)
-        $0 stop
-        $0 start
-        ;;
-    *)
-        echo "Please use start, stop, restart or status as first argument"
-        ;;
-esac

templates/etc-php5-conf-d-apc-ini

-extension = apc.so
-apc.rfc1867 = {{apc_rfc1867}}
-apc.shm_size = {{apc_shm_size}}
-apc.shm_segments = {{apc_shm_segments}}
-apc.num_files_hint = {{apc_num_files_hint}}