ansible剧本--day06--搭建wordpress

目录

• linux9期架构-day30--使用变量搭建博客
  • 需求
  • 环境准备
  • ansible前提准备文件
  • 主机清单文件
  • 剧本编写

linux9期架构-day30--使用变量搭建博客

需求

搭建博客
需要做到动态资源存储至数据库
静态资源存储至nfs
并且对nfs数据做好备份，结合sersync

环境准备

主机名	ip	角色
m01	10.0.0.61	ansible管理端
web01	10.0.0.7	nginx
web02	10.0.0.8	nginx
nfs	10.0.0.31	nfs共享存储及serync
rsync	10.0.0.41	备份数据
db01	10.0.0.51	数据库服务器

ansible前提准备文件

----------------------------------------------------------rsync准备
# 1. 准备rsync主配置文件
[root@m01 rsync]# cat rsyncd.conf 
uid = www												
gid = www												
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup

# 2.创建rsync用户密码对应文件
[root@m01 rsync]# cat rsync.passwd 
rsync_backup:123

------------------------------------------------------------nfs准备
# 1. 下载安装包到ansible
https://raw.githubusercontent.com/wsgzao/sersync/master/sersync2.5.4_64bit_binary_stable_final.tar.gz

# 2. 解压文件
[root@m01 rsync]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz

# 3. 解压后的包重命名（作为sersync监控使用）
[root@m01 rsync]# mv GNU-Linux-x86/ sersync


---------------------------------------------------------web两台主机准备
# 1. 准备nginx和php安装包
-rw-r--r-- 1 root root 20453103 May 27 15:08 nginx.php.tar.gz

# 2. 准备wordpress博客压缩包
-rw-r--r-- 1 root root 11098483 May 20 14:38 wordpress-5.0.3-zh_CN.tar.gz

# 3. 准备nginx主配置文件（将用户改为了www）
-rw-r--r-- 1 root root      641 Jun 12 04:30 nginx.conf

# 4. 准备php配置文件（就是将文件中的用户和组改为了www）
-rw-r--r-- 1 root root    17962 Jun 12 04:32 www.conf

# 5. 准备nignx连接php文件（也是nginx的conf.d下的配置文件）
[root@m01 nginx]# cat nginx_blog.conf 
server {
        listen 80;
        server_name www.wp.com;
        root /code/wordpress;
        index index.php index.html;

        location ~ .php$ {
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include /etc/nginx/fastcgi_params;

        }
}

# 目录结构
[root@m01 ansible]# tree
.
├── a.yml
├── b.yml
├── nfs
│   └── exports
├── nginx
│   ├── nginx_blog.conf
│   ├── nginx.conf
│   ├── nginx.php.tar.gz
│   ├── wordpress-5.0.3-zh_CN.tar.gz
│   ├── wp-config.php
│   └── www.conf
├── rsync
│   ├── rsyncd.conf
│   ├── rsync.passwd
│   ├── sersync
│   │   ├── confxml.xml
│   │   └── sersync2
│   └── sersync2.5.4_64bit_binary_stable_final.tar.gz

主机清单文件

[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8

[nfs_group]
nfs ansible_ssh_host=10.0.0.31

[backup_group]
backup ansible_ssh_host=10.0.0.41

[db_group]
db01 ansible_ssh_host=10.0.0.51

剧本编写

[root@m01 ansible]# cat b.yml
- hosts: all
  vars:
    - user_group: www
    - database_user: wp
  tasks:
    - name: open firewalld 
      service:
        name: firewalld
        state: started
        enabled: yes

    - name: open firewalld port
      firewalld:
        port: "{{ item }}"
        permanent: no
        state: enabled
      with_items:
        - 3306/tcp
        - 80/tcp
        - 873/tcp

    - name: open firewalld service
      firewalld:
        service: nfs
        permanent: no
        state: enabled
      when: ansible_fqdn == 'nfs'

    - name: stop selinux
      selinux:
        state: disabled

    - name: create www group
      group:
        name: "{{ user_group  }}"
        gid: 666

    - name: create www user
      user:
        name: "{{ user_group }}"
        uid: 666
        group: "{{ user_group }}"
        state: present
        shell: /sbin/nologin
        create_home: false

    - name: install mariadb
      yum:
        name:
          - mariadb-server
          - MySQL-python
        state: present
      when: ansible_fqdn == 'db01'

    - name: start mariadb
      service:
        name: mariadb
        state: restarted
        enabled: yes
      when: ansible_fqdn == 'db01'

    - name: create database
      mysql_db:
        name: "{{ database_user }}"
        state: present
      when: ansible_fqdn == 'db01'

    - name: create database user
      mysql_user:
        name: "{{ database_user }}"
        password: '123'
        host: '%'
        priv: '*.*:ALL'
        state: present
      when: ansible_fqdn == 'db01'

    - name: install rsync
      yum:
        name: rsync
        state: present
      when: ansible_fqdn == 'backup'

    - name: rsync config
      copy:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        mode: "{{ item.mode }}"
      with_items:
        - { src: "/ansible/rsync/rsyncd.conf" , dest: "/etc/rsyncd.conf" , mode: "0644" }
        - { src: "/ansible/rsync/rsync.passwd" , dest: "/etc/rsync.passwd" , mode: "0600" }
      when: ansible_fqdn == 'backup'

    - name: create bakcup directories
      file:
        path: /backup
        owner: www
        group: www
        state: directory
      when: ansible_fqdn == 'backup'

    - name: start rsync server
      service:
        name: rsyncd
        state: restarted
      when: ansible_fqdn == 'backup'

    - name: install nfs rsync
      yum:
        name:
          - nfs-utils
          - rsync
          - inotify-tools
        state: present
      when: ansible_fqdn == 'nfs'

    - name: nfs conf and Connect to the rsync password file
      copy:
        content: "{{ item.content}}"
        dest: "{{ item.dest }}"
        mode: "{{ item.mode }}"
      with_items:
        - { content: "/data 10.0.0.0/24(rw,sync,all_squash,anonuid=666,anongid=666)" , dest: "/etc/exports" , mode: "0644" }
        - { content: "123" , dest: "/etc/rsync.passwd" , mode: "0600" }
      when: ansible_fqdn == 'nfs'
        
    - name: create nfs directory
      file:
        path: /data
        owner: "{{ user_group }}"
        group: "{{ user_group }}"
        state: directory
      when: ansible_fqdn == 'nfs'

    - name: copy sersync directory
      copy:
        src: /ansible/rsync/sersync
        dest: /usr/local/
      when: ansible_fqdn == 'nfs'

    - name: start nfs server
      service:
        name: nfs-server
        state: restarted
        enabled: yes
      when: ansible_fqdn == 'nfs'

    - name: start sersync
      shell: "chmod 777 /usr/local/sersync/sersync2 && /usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml" 
      when: ansible_fqdn == 'nfs'

- hosts: web_group
  tasks:
    - name: install nfs on the web
      yum:
        name: nfs-utils
        state: present

    - name: create data directory
      file:
        path: /code
        state: directory

    - name: unzip php and nginx
      unarchive:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
      with_items:
        - { src: "/ansible/nginx/nginx.php.tar.gz" , dest: "/opt" }      
        - { src: "/ansible/nginx/wordpress-5.0.3-zh_CN.tar.gz" , dest: "/code" } 
     
    - name: panduan
      shell: 'ls -l /etc/nginx'
      register: nginx_info
      ignore_errors: yes

    - name: get nginx info
      debug:
        msg: "{{ nginx_info.rc }}"

    - name: install nginx_php
      shell: "cd /opt/nginx.php/ && rpm -Uvh *rpm"
      when: nginx_info.rc !=0

    - name: cp nginx_blog.conf
      copy:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
      with_items:
        - { src: "/ansible/nginx/nginx_blog.conf" , dest: "/etc/nginx/conf.d/nginx_blog.conf" }
        - { src: "/ansible/nginx/nginx.conf" , dest: "/etc/nginx/nginx.conf" }
        - { src: "/ansible/nginx/www.conf" , dest: "/etc/php-fpm.d/www.conf" }

    - name: change permission
      shell: "chown -R www.www /code"

    - name: start php-fpm and nginx
      service:
        name: "{{ item }}"
        state: restarted
      with_items:
        - php-fpm
        - nginx

    - name: mount
      mount:
        path: /code/wordpress/wp-content/uploads
        src: '10.0.0.31:/data'
        fstype: nfs
        state: mounted

• 结果显示

• 备份文件