Skip to content

LobSab/initial-webserver-setup

 
 

Repository files navigation

Initial Ubuntu 16.04 Web Server Setup

Ansible playbook to setup web server and playbook to deploy laravel project with zero time.

What initial-setup.yml playbook does

  • install python2 and aptitude
  • upgrade all software
  • create user with sudo rights
  • configure sshd: disables root login and password authentication, also allows to login only user created on previous step

What setup.yml playbook does

  • install
    • git
    • ntp
    • vim
    • tmux
    • htop
    • curl
    • unzip
  • configure automatic security updates (do not reloads server, only installs updates)
  • setup timezone
  • configure iptables and fail2ban
  • create swap file
  • setup ssl certificate with letsencrypt
  • install node.js, npm and yarn
  • install nginx
  • install php and composer
  • install mysql
  • creates following folders structure for zero time deployment:
    • /path/to/domain
      • current -> /link/to/latest/release
      • persistent
        • storage
      • releases
        • 2017-08-10-10-00-00
        • 2017-08-11-10-00-00
        • 2017-08-12-10-00-00

What deploy.yml playbook does

  • clone repository
  • set correct permissions
  • link /path/to/release/storage to /path/to/domain/persistent/storage
  • install composer dependencies
  • link /path/to/release/.env to /path/to/domain/persistent/.env
  • install npm dependencies and generate assets
  • optimize laravel application
  • backup database
  • run new migrations
  • link /path/to/domain/current to /path/to/domain/releases/new-release
  • delete all, but 10 latest releases

If build fails

  • rollback migrations
  • remove new release folder
  • link /path/to/domain/current to /path/to/domain/releases/last-success-release

Install

Inventory file

Create inventory file in project root. You should specify ip address of your server in this file.

[web]
46.101.210.137

Install dependencies

ansible-galaxy install -r requirements.yml

Environment variables

Copy vars/main.yml.example to vars/main.yml and change variable values for your needs. For security reasons you may want to encrypt this file using ansible-vault:

ansible-vault encrypt vars/main.yml

And then edit this file with

ansible-vault edit vars/main.yml

To see all available variables take a look at roles/*/defaults/main.yml. Also visit external roles github page for additional documentation.

To generate password for your user use

sudo apt-get install -y whois
mkpasswd --method=SHA-512

Nginx and php-fpm configs

  • Site config for nginx place in roles/nginx/templates/yoursite.j2
  • Php-fpm pool config place in roles/php/templates/yoursite.conf.j2
  • Default configs are available in this gist

Initial setup

By default on ubuntu 16.04 there is no python 2 and aptitude. Without those programs ansible cannot work. To fix it run:

ansible-playbook initial-setup.yml

Beside it this playbook also creates user and configures ssh server.

Provision server

This playbook setup nginx, php-fpm, mysql, nodejs, etc.

ansible-playbook setup.yml

To run only specific roles

ansible-playbook setup.yml --tags=user,nginx

To exclude specific roles

ansible-playbook setup.yml --skip-tags=user,nginx

Deploy

ansible-playbook deploy.yml

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Credits

About

Ansible playbook for initial ubuntu 16.04 webserver setup and Laravel zero time deployment

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Jinja 100.0%