Finetuning

2023-04-07 18:45:34 +02:00 · 2023-04-07 18:45:34 +02:00 · 4d5c5cbf58
commit 4d5c5cbf58
parent 04a3a1c37f
3 changed files with 5 additions and 125 deletions
--- a/roles/configure-wordpress/files/wp-config.php.j2
+++ b/roles/configure-wordpress/files/wp-config.php.j2
@ -1,99 +0,0 @@
 /**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
 */
 // ** MySQL settings - You can get this info from your web host ** //
 /** The name of the database for WordPress */
 define( 'DB_NAME', '{{ mysql_db }}' );
 /** MySQL database username */
 define( 'DB_USER', '{{ mysql_user }}' );
 /** MySQL database password */
 define( 'DB_PASSWORD', '{{ mysql_user_pass }}' );
 /** MySQL hostname */
 define( 'DB_HOST', '127.0.0.1:3306' );
 /** Database Charset to use in creating database tables. */
 define( 'DB_CHARSET', 'utf8' );
 /** The Database Collate type. Don't change this if in doubt. */
 define( 'DB_COLLATE', '' );
 define( 'WP_REDIS_HOST', '127.0.0.1' );
 define( 'WP_REDIS_PORT', 6379 );
 define( 'WP_REDIS_PASSWORD', '{{ redis_pass }}' );
 define( 'WP_REDIS_TIMEOUT', 1 );
 define( 'WP_REDIS_READ_TIMEOUT', 1 );
 // change the database for each site to avoid cache collisions
 // values 0-15 are valid in a default redis config.
 define( 'WP_REDIS_DATABASE', 1 );
 /** Filesystem access **/
 define('FS_METHOD', 'direct');
 /**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
 define( 'AUTH_KEY',         '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
 define( 'SECURE_AUTH_KEY',  '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
 define( 'LOGGED_IN_KEY',    '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
 define( 'NONCE_KEY',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
 define( 'AUTH_SALT',        '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
 define( 'SECURE_AUTH_SALT', '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
 define( 'LOGGED_IN_SALT',   '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
 define( 'NONCE_SALT',       '{{ lookup('password', '/dev/null chars=ascii_letters length=64') }}' );
 /**#@-*/
 /**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
 $table_prefix = 'wp_';
 /**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the Codex.
 *
 * @link https://codex.wordpress.org/Debugging_in_WordPress
 */
 define( 'WP_DEBUG', false );
 /* That's all, stop editing! Happy publishing. */
 /** Absolute path to the WordPress directory. */
 if ( ! defined( 'ABSPATH' ) ) {
 define( 'ABSPATH', dirname( __FILE__ ) . '/' );
 }
 /** Sets up WordPress vars and included files. */
 require_once( ABSPATH . 'wp-settings.php' );
--- a/roles/configure-wordpress/tasks/main.yml
+++ b/roles/configure-wordpress/tasks/main.yml
@ -1,21 +0,0 @@
 ---
 - name: Task name
  stat:
    path: /var/www/{{ vhost_name }}/wp-config.php
  register: project_config
 - name: Copy Configuration file
  template:
    src: files/wp-config.php.j2
    dest: /var/www/{{ vhost_name }}/wp-config.php
  when: not project_config.stat.exists
 - name: Chown
  become: true
  shell: chown -R www-data:www-data /var/www/{{ vhost_name }}/wp-config.php
  when: not project_config.stat.exists
 - name: Chmod
  become: true
  shell: chmod -R 755 /var/www/{{ vhost_name }}/wp-config.php
  when: not project_config.stat.exists
--- a/roles/install-wordpress/tasks/main.yml
+++ b/roles/install-wordpress/tasks/main.yml
@ -10,7 +10,7 @@
    state: directory
    mode: '0755'
  when: not project_dir.stat.exists
-    
+
 - name: Download latest WP
  get_url:
    url: https://wordpress.org/latest.zip
@ -48,12 +48,12 @@
    state: absent
  when: not project_dir.stat.exists
- name: Chown
+- name: Files permission
  become: true
-  shell: chown -R www-data:www-data /var/www/{{ vhost_name }}
+  shell: "/usr/bin/find /var/www/{{ vhost_name }}/ -type f -exec chmod 640 {} \\;"
  when: not project_dir.stat.exists
- name: Chmod
+- name: Directory permissions
  become: true
-  shell: chmod -R 755 /var/www/{{ vhost_name }}
+  shell: "/usr/bin/find /var/www/{{ vhost_name }}/ -type d -exec chmod 750 {} \\;"
  when: not project_dir.stat.exists