Ansible Wordpress Install

  • So to go along with @Dashrender's post, I made an Ansible "role" that sets up Wordpress. I put role in quotes because this really should be separate roles for each service (mariadb, apache, firewalld, etc). This also isn't idempotent because it doesn't create a my.cnf file for the db credentials (and I'm too lazy to set that up). The role automatically grabs the API stuff from Wordpress and fills it in for the wp-config file. Here's the files needed (I pulled most of the commends out of the apache config to save space):


    # tasks file for wordpress
    - name: install dependencies
          - httpd 
          - mariadb 
          - mariadb-server 
          - php 
          - php-pdo_mysql 
          - php-xml 
          - php-gd 
          - wget 
          - nano
          - policycoreutils-python
          - MySQL-python
        state: installed
    - name: create wordpress dir
        path: "/var/www/html/{{ domain }}"
        state: directory
        owner: apache
        group: apache
        mode: 0755
    - name: get wordpress
        dest: /var/www/html/{{ domain }}
        extra_opts: --strip=1
        remote_src: yes
        owner: apache
        group: apache
      notify: get API information
    - name: start mariadb
        name: mariadb
        state: started
        enabled: true
    - name: create database
        name: "wp_{{ domain }}_db"
        state: present
    - name: create database user
        name: "{{ db_user }}"
        password: "{{ db_pass }}"
        priv: '{{ db_name }}.*:ALL,GRANT'
      notify: secure mariadb
    - name: run API handler now
      meta: flush_handlers
    - name: set mariadb root password
        name: root
        password: "{{ root_db_pass }}"
    - name: copy template
        src: wp-config.j2
        dest: /var/www/html/{{ domain }}/wp-config.php
    - name: copy httpd template
        src: httpd.j2
        dest: /etc/httpd/conf/httpd.conf
        owner: root
        group: root
        mode: 0644
    - name: start httpd
        name: httpd
        state: started
        enabled: true
    - name: ensure firewalld is running
        name: firewalld
        state: started
        enabled: true
    - name: open firewall services
        service: "{{ item }}"
        permanent: true
        state: enabled
        immediate: true
        - https
        - http


    # handlers file for wordpress
    - name: get API information
        url: ""
        return_content: yes
      register: api_info
    - name: secure mariadb
      command: 'mysql -ne "{{ item }}"'
        - DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '', '::1');
        - DELETE FROM mysql.user WHERE User='';
        - DROP DATABASE test;


     * The base configuration for WordPress
     * The wp-config.php creation script uses this file during the
     * installation. You don't have to use the web site, you can
     * copy this file to "wp-config.php" and fill in the values.
     * This file contains the following configurations:
     * * MySQL settings
     * * Secret keys
     * * Database table prefix
     * * ABSPATH
     * @link
     * @package WordPress
    // ** MySQL settings - You can get this info from your web host ** //
    /** The name of the database for WordPress */
    define('DB_NAME', '{{ db_name }}');
    /** MySQL database username */
    define('DB_USER', '{{ db_user }}');
    /** MySQL database password */
    define('DB_PASSWORD', '{{ db_pass }}');
    /** MySQL hostname */
    define('DB_HOST', 'localhost');
    /** Database Charset to use in creating database tables. */
    define('DB_CHARSET', 'utf8');
    /** The Database Collate type. Don't change this if in doubt. */
    define('DB_COLLATE', '');
     * Authentication Unique Keys and Salts.
     * Change these to different unique phrases!
     * You can generate these using the {@link secret-key service}
     * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
     * @since 2.6.0
    {{ api_info.content }}
     * WordPress Database Table prefix.
     * You can have multiple installations in one database if you give each
     * a unique prefix. Only numbers, letters, and underscores please!
    $table_prefix  = 'wp_';
     * For developers: WordPress debugging mode.
     * Change this to true to enable the display of notices during development.
     * It is strongly recommended that plugin and theme developers use WP_DEBUG
     * in their development environments.
     * For information on other constants that can be used for debugging,
     * visit the Codex.
     * @link
    define('WP_DEBUG', false);
    /* That's all, stop editing! Happy blogging. */
    /** Absolute path to the WordPress directory. */
    if ( !defined('ABSPATH') )
    	define('ABSPATH', dirname(__FILE__) . '/');
    /** Sets up WordPress vars and included files. */
    require_once(ABSPATH . 'wp-settings.php');


    ServerRoot "/etc/httpd"
    Listen 80
    Include conf.modules.d/*.conf
    User apache
    Group apache
    ServerAdmin [email protected]
    <Directory />
        AllowOverride none
        Require all denied
    DocumentRoot "/var/www/html/{{ domain }}"
    <Directory "/var/www">
        AllowOverride None
        # Allow open access:
        Require all granted
    <Directory "/var/www/html/{{ domain }}">
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
    <IfModule dir_module>
        DirectoryIndex index.html
    <Files ".ht*">
        Require all denied
    ErrorLog "logs/error_log"
    LogLevel warn
    <IfModule log_config_module>
        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
        LogFormat "%h %l %u %t \"%r\" %>s %b" common
        <IfModule logio_module>
          # You need to enable mod_logio.c to use %I and %O
          LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
        CustomLog "logs/access_log" combined
    <IfModule alias_module>
        ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
    <Directory "/var/www/cgi-bin">
        AllowOverride None
        Options None
        Require all granted
    <IfModule mime_module>
        TypesConfig /etc/mime.types
        AddType application/x-compress .Z
        AddType application/x-gzip .gz .tgz
        AddType text/html .shtml
        AddOutputFilter INCLUDES .shtml
    AddDefaultCharset UTF-8
    <IfModule mime_magic_module>
        MIMEMagicFile conf/magic
    EnableSendfile on
    IncludeOptional conf.d/*.conf


    - hosts: all
      become: true
        - db_pass: password
        - db_user: wpuser
        - domain: example
        - db_name: wp_{{ domain }}_db
        - root_db_pass: password
        - ../../wordpress


    # -*- mode: ruby -*-
    # vi: set ft=ruby :
    Vagrant.configure("2") do |config|
  = "centos/7"
      config.vm.define "wordpress"
      config.vm.hostname = ""
      config.vm.provision "ansible" do |ansible|
        ansible.playbook = "tests/test.yml"
        ansible.groups = {
          "webservers" => ["wordpress"]

  • Great