Ansible playbook to setup web server and playbook to deploy laravel project with zero time.
- install python2 and aptitude
- upgrade all software
- create user with sudo rights
- configure sshd: disables root login and password authentication, also allows to login only user created on previous step
- install
- git
- ntp
- vim
- tmux
- htop
- curl
- unzip
- configure automatic security updates (do not reloads server, only installs updates)
- setup timezone
- configure iptables and fail2ban
- create swap file
- setup ssl certificate with letsencrypt
- install node.js, npm and yarn
- install nginx
- install php and composer
- install mysql
- creates following folders structure for zero time deployment:
/path/to/domain
current
->/link/to/latest/release
persistent
storage
releases
2017-08-10-10-00-00
2017-08-11-10-00-00
2017-08-12-10-00-00
- clone repository
- set correct permissions
- link
/path/to/release/storage
to/path/to/domain/persistent/storage
- install composer dependencies
- link
/path/to/release/.env
to/path/to/domain/persistent/.env
- install npm dependencies and generate assets
- optimize laravel application
- backup database
- run new migrations
- link
/path/to/domain/current
to/path/to/domain/releases/new-release
- delete all, but 10 latest releases
If build fails
- rollback migrations
- remove new release folder
- link
/path/to/domain/current
to/path/to/domain/releases/last-success-release
Create inventory
file in project root. You should specify ip address of your
server in this file.
[web]
46.101.210.137
ansible-galaxy install -r requirements.yml
Copy vars/main.yml.example
to vars/main.yml
and change variable values for
your needs. For security reasons you may want to encrypt this file using
ansible-vault:
ansible-vault encrypt vars/main.yml
And then edit this file with
ansible-vault edit vars/main.yml
To see all available variables take a look at roles/*/defaults/main.yml
. Also
visit external roles github page for additional documentation.
To generate password for your user use
sudo apt-get install -y whois
mkpasswd --method=SHA-512
- Site config for nginx place in
roles/nginx/templates/yoursite.j2
- Php-fpm pool config place in
roles/php/templates/yoursite.conf.j2
- Default configs are available in this gist
By default on ubuntu 16.04 there is no python 2 and aptitude. Without those programs ansible cannot work. To fix it run:
ansible-playbook initial-setup.yml
Beside it this playbook also creates user and configures ssh server.
This playbook setup nginx, php-fpm, mysql, nodejs, etc.
ansible-playbook setup.yml
ansible-playbook setup.yml --tags=user,nginx
ansible-playbook setup.yml --skip-tags=user,nginx
ansible-playbook deploy.yml
If you discover any security related issues, please email [email protected] instead of using the issue tracker.