agaric-coop/box/provisioning/roles/drupalvm.www/tasks/main.yml

87 lines
3.3 KiB
YAML

---
- name: Define drupalvm_webserver_user (Debian).
set_fact:
drupalvm_webserver_user: www-data
when: ansible_os_family == 'Debian' and drupalvm_webserver_user is undefined
- name: Define drupalvm_webserver_user (RedHat).
set_fact:
drupalvm_webserver_user: "{{ (drupalvm_webserver == 'apache') | ternary('httpd', 'nginx') }}"
when: ansible_os_family == 'RedHat' and drupalvm_webserver_user is undefined
- name: Register information about the /vagrant directory.
stat:
path: /vagrant
register: vagrant_directory
# When using NFS the group id of a folder will be identical to that of the host
# machine, but the groupname will differ or not exist. For the latter case
# we create a group called `vagrant_group`.
#
# In Ansible 2.3+ the gr_name will be set if the GID is mapped to an existing
# group. If the GID doesn't exist, gr_name will be undefined.
- name: Ensure a group with the same GID as used to sync directories exist (Ansible 2.3+).
group:
gid: "{{ vagrant_directory.stat.gid }}"
name: vagrant_group
state: present
when: >
ansible_version.full | version_compare('2.3', '>=') and
vagrant_directory.stat.exists and
vagrant_directory.stat.gr_name is undefined
- name: Ensure the webserver user is in the same group as the owner of synced directories (Ansible 2.3+).
user:
name: "{{ drupalvm_webserver_user }}"
append: yes
groups: "{{ vagrant_directory.stat.gr_name|default('vagrant_group') }}"
when: >
ansible_version.full | version_compare('2.3', '>=') and
vagrant_directory.stat.exists and
not (vagrant_directory.stat.gr_name is defined and vagrant_directory.stat.gr_name == 'root')
# With Ansible 2.2 or lower, the existance of gr_name is dependant on the
# existance of UID as well, therefore we cannot rely on it.
# TODO: Remove the version compares and the 2.2 tasks once we require Ansible
# 2.3+
- name: Detect if group used to sync directories already exist (Ansible 2.2).
shell: "getent group {{ vagrant_directory.stat.gid }} | cut -d':' -f1"
register: vagrant_directory_groupname
changed_when: false
when: >
ansible_version.full | version_compare('2.3', '<') and
vagrant_directory.stat.exists
- name: Ensure a group with the same GID as used to sync directories exist (Ansible 2.2).
group:
gid: "{{ vagrant_directory.stat.gid }}"
name: vagrant_group
state: present
when: >
ansible_version.full | version_compare('2.3', '<') and
vagrant_directory.stat.exists and
vagrant_directory_groupname.stdout == ''
- name: Ensure the webserver user is in the same group as the owner of synced directories (Ansible 2.2).
user:
name: "{{ drupalvm_webserver_user }}"
append: yes
groups: "{{ vagrant_directory_groupname.stdout|default('vagrant_group') }}"
when: >
ansible_version.full | version_compare('2.3', '<') and
vagrant_directory.stat.exists and
vagrant_directory_groupname.stdout != 'root'
- name: Ensure admin group exist.
group: "name=admin state=present"
- name: Ensure vagrant user is in admin group.
user: "name={{ vagrant_user }} append=yes groups=admin"
- name: Set nicer permissions on Apache log directory.
file:
path: "/var/log/{{ apache_daemon }}"
state: directory
mode: 0755
recurse: true
when: drupalvm_webserver == 'apache'