Finetuning

2023-04-07 18:45:34 +02:00 · 2023-04-07 18:45:34 +02:00 · 4d5c5cbf58
commit 4d5c5cbf58
parent 04a3a1c37f
3 changed files with 5 additions and 125 deletions
--- a/roles/configure-wordpress/files/wp-config.php.j2
+++ b/roles/configure-wordpress/files/wp-config.php.j2
@ -1,99 +0,0 @@
-
-/**
-* The base configuration for WordPress
-*
-* The wp-config.php creation script uses this file during the
-* installation. You don't have to use the web site, you can
-* copy this file to "wp-config.php" and fill in the values.
-*
-* This file contains the following configurations:
-*
-* * MySQL settings
-* * Secret keys
-* * Database table prefix
-* * ABSPATH
-*
-* @link https://codex.wordpress.org/Editing_wp-config.php
-*
-* @package WordPress
-*/
- 
-// ** MySQL settings - You can get this info from your web host ** //
-/** The name of the database for WordPress */
-define( 'DB_NAME', '{{ mysql_db }}' );
-/** MySQL database username */
-define( 'DB_USER', '{{ mysql_user }}' );
-/** MySQL database password */
-define( 'DB_PASSWORD', '{{ mysql_user_pass }}' );
-/** MySQL hostname */
-define( 'DB_HOST', '127.0.0.1:3306' );
-/** Database Charset to use in creating database tables. */
-define( 'DB_CHARSET', 'utf8' );
-/** The Database Collate type. Don't change this if in doubt. */
-define( 'DB_COLLATE', '' );
-
-define( 'WP_REDIS_HOST', '127.0.0.1' );
-define( 'WP_REDIS_PORT', 6379 );
-define( 'WP_REDIS_PASSWORD', '{{ redis_pass }}' );
-define( 'WP_REDIS_TIMEOUT', 1 );
-define( 'WP_REDIS_READ_TIMEOUT', 1 );
-
-// change the database for each site to avoid cache collisions
-// values 0-15 are valid in a default redis config.
-define( 'WP_REDIS_DATABASE', 1 );
-
-/** Filesystem access **/
-define('FS_METHOD', 'direct');
- 
-/**#@+
- 
-* Authentication Unique Keys and Salts.
-*
-* Change these to different unique phrases!
-* You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
-* You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
-*
-* @since 2.6.0
-*/
-define( 'AUTH_KEY',         '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
-define( 'SECURE_AUTH_KEY',  '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
-define( 'LOGGED_IN_KEY',    '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
-define( 'NONCE_KEY',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
-define( 'AUTH_SALT',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
-define( 'SECURE_AUTH_SALT', '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
-define( 'LOGGED_IN_SALT',   '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
-define( 'NONCE_SALT',       '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
- 
-/**#@-*/
- 
-/**
-* WordPress Database Table prefix.
-*
-* You can have multiple installations in one database if you give each
-* a unique prefix. Only numbers, letters, and underscores please!
-*/
-$table_prefix = 'wp_';
- 
-/**
-* For developers: WordPress debugging mode.
-*
-* Change this to true to enable the display of notices during development.
-* It is strongly recommended that plugin and theme developers use WP_DEBUG
-* in their development environments.
-*
-* For information on other constants that can be used for debugging,
-* visit the Codex.
-*
-* @link https://codex.wordpress.org/Debugging_in_WordPress
-*/
-define( 'WP_DEBUG', false );
- 
-/* That's all, stop editing! Happy publishing. */
- 
-/** Absolute path to the WordPress directory. */
-if ( ! defined( 'ABSPATH' ) ) {
-define( 'ABSPATH', dirname( __FILE__ ) . '/' );
-}
- 
-/** Sets up WordPress vars and included files. */
-require_once( ABSPATH . 'wp-settings.php' );
--- a/roles/configure-wordpress/tasks/main.yml
+++ b/roles/configure-wordpress/tasks/main.yml
@ -1,21 +0,0 @@
---
- name: Task name
-  stat:
-    path: /var/www/{{ vhost_name }}/wp-config.php
-  register: project_config
-
- name: Copy Configuration file
-  template:
-    src: files/wp-config.php.j2
-    dest: /var/www/{{ vhost_name }}/wp-config.php
-  when: not project_config.stat.exists
-
- name: Chown
-  become: true
-  shell: chown -R www-data:www-data /var/www/{{ vhost_name }}/wp-config.php
-  when: not project_config.stat.exists
-
- name: Chmod
-  become: true
-  shell: chmod -R 755 /var/www/{{ vhost_name }}/wp-config.php
-  when: not project_config.stat.exists
--- a/roles/install-wordpress/tasks/main.yml
+++ b/roles/install-wordpress/tasks/main.yml
@ -10,7 +10,7 @@
    state: directory
    mode: '0755'
  when: not project_dir.stat.exists
-    
+
 - name: Download latest WP
  get_url:
    url: https://wordpress.org/latest.zip
@ -48,12 +48,12 @@
    state: absent
  when: not project_dir.stat.exists

- name: Chown
+- name: Files permission
  become: true
-  shell: chown -R www-data:www-data /var/www/{{ vhost_name }}
+  shell: "/usr/bin/find /var/www/{{ vhost_name }}/ -type f -exec chmod 640 {} \\;"
  when: not project_dir.stat.exists

- name: Chmod
+- name: Directory permissions
  become: true
-  shell: chmod -R 755 /var/www/{{ vhost_name }}
+  shell: "/usr/bin/find /var/www/{{ vhost_name }}/ -type d -exec chmod 750 {} \\;"
  when: not project_dir.stat.exists