pbarriat
/
Brevet


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990
							---
- name: "[NGINX] -  remove some commented line in php-fpm conf"
  ansible.builtin.lineinfile:
    dest: "{{ php_dir }}/fpm/pool.d/www.conf"
    regexp: '^\;env'
    state: absent
    # validate: "/usr/sbin/{{ php_bin }} -t #%s"
  notify: reload php-fpm

- name: "[NGINX] -  Add path variable to php-fpm"
  ansible.builtin.blockinfile:
    dest: "{{ php_dir }}/fpm/pool.d/www.conf"
    insertafter: '^; Default Value: clean env$'
    marker: "; {mark} ANSIBLE MANAGED BLOCK"
    block: |
      env[HOSTNAME] = $HOSTNAME
      env[PATH] = $PATH
      env[TMP] = /tmp
      env[TMPDIR] = /tmp
      env[TEMP] = /tmp
  notify: reload php-fpm

- name: "[NGINX] -  enable APC for php CLI"
  ansible.builtin.lineinfile:
    dest: "{{ php_dir }}/cli/php.ini"
    line: "apc.enable_cli = 1"
    insertbefore: "^; End:$"
    state: present
    # validate: "/usr/sbin/{{ php_bin }} -t #%s"
  notify: reload php-fpm

- name: "[NGINX] -  enable PHP OPcache for php.ini"
  ansible.builtin.lineinfile:
    dest: "{{ php_dir }}/fpm/php.ini"
    state: present
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
    backrefs: true
  with_items:
    - { regexp: 'opcache.enable=0', line: 'opcache.enable=1' }
    - { regexp: 'opcache.enable_cli', line: 'opcache.enable_cli=1' }
    - { regexp: 'opcache.interned_strings_buffer', line: 'opcache.interned_strings_buffer=8' }
    - { regexp: 'opcache.max_accelerated_files', line: 'opcache.max_accelerated_files=10000' }
    - { regexp: 'opcache.memory_consumption', line: 'opcache.memory_consumption=128' }
    - { regexp: 'opcache.save_comments', line: 'opcache.save_comments=1' }
    - { regexp: 'opcache.revalidate_freq', line: 'opcache.revalidate_freq=1' }
    - { regexp: 'memory_limit', line: 'memory_limit={{ php_memory_limit }}'}
    # validate: "/usr/sbin/{{ php_bin }} -t #%s"
  notify: reload php-fpm


- name: "[NGINX] -  Public Diffie-Hellman Parameter are generated. This might take a while."
  ansible.builtin.command: "openssl dhparam -out {{ nextcloud_tls_dhparam }} 2048"
  args:
    creates: "{{ nextcloud_tls_dhparam }}"

- name: "[NGINX] -  php handler configuration is present."
  ansible.builtin.template:
    dest: /etc/nginx/sites-available/php_handler.cnf
    src: templates/nginx_php_handler.j2
    mode: 0640
  notify: reload http

- name: "[NGINX] -  php handler is enabled"
  ansible.builtin.file:
    path: /etc/nginx/sites-enabled/php_handler
    src: /etc/nginx/sites-available/php_handler.cnf
    state: link
  notify: reload http

- name: "[NGINX] -  generate Nextcloud configuration for nginx"
  ansible.builtin.template:
    dest: /etc/nginx/sites-available/nc_{{ nextcloud_instance_name }}.cnf
    src: "{{ nextcloud_websrv_template }}"
    mode: 0640
  notify: reload http

- name: "[NGINX] -  Enable Nextcloud in nginx conf"
  ansible.builtin.file:
    path: /etc/nginx/sites-enabled/nc_{{ nextcloud_instance_name }}
    src: /etc/nginx/sites-available/nc_{{ nextcloud_instance_name }}.cnf
    state: link
  notify: reload http

- name: "[NGINX] -  Disable nginx default site"
  ansible.builtin.file:
    path: /etc/nginx/sites-enabled/default
    state: absent
  when: nextcloud_disable_websrv_default_site | bool
  notify: reload http