From e5a385e5c8982b5fcce4adf8deb19d82c4dd3ebb Mon Sep 17 00:00:00 2001
From: Jason Rothstein <fdragon@fdragon.org>
Date: Sun, 31 Oct 2021 00:08:05 -0500
Subject: [PATCH] Install phpMyAdmin and MariaDB service

---
 handlers/main.yml          |  27 +++++-
 meta/main.yml              |   8 +-
 tasks/main.yml             | 176 ++++++++++++++++++++++++++++++++++++-
 vars/Fedora-34-default.yml |  13 +++
 vars/default.yml           |   2 +
 5 files changed, 220 insertions(+), 6 deletions(-)
 create mode 100644 vars/Fedora-34-default.yml
 create mode 100644 vars/default.yml

diff --git a/handlers/main.yml b/handlers/main.yml
index e343175..94c1744 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,2 +1,27 @@
 ---
-# handlers file for ensure_mariadb
\ No newline at end of file
+# handlers file for ensure_mariadb
+- name: 'ensure_mariadb.package_facts'
+  ansible.builtin.package_facts:
+- name: 'ensure_mariadb.service_facts'
+  ansible.builtin.service_facts:
+- name: 'ensure_mariadb.service_reload'
+  when:
+    - ansible_system == 'Linux'
+    - ansible_service_mgr == 'systemd'
+    - ensure_mariadb is defined
+  ansible.builtin.systemd:
+    daemon_reload: 'yes'
+- name: 'ensure_mariadb.services'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - ensure_mariadb.service_list is defined
+    - ensure_mariadb.service_list is iterable
+    - item.state == 'started'
+  ansible.builtin.service:
+    enabled: '{{ item.enabled }}'
+    name: '{{ item.name }}'
+    state: 'restarted'
+  loop: '{{ ensure_mariadb.service_list }}'
+  loop_control:
+    label: '{{ item.name }} will be restarted'
diff --git a/meta/main.yml b/meta/main.yml
index 227ad9c..60062bd 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -1,6 +1,6 @@
 galaxy_info:
-  author: your name
-  description: your role description
+  author: Jason Rothstein
+  description: Deploy MariaDB
   company: your company (optional)
 
   # If the issue tracker for your role is not on github, uncomment the
@@ -14,7 +14,7 @@ galaxy_info:
   # - GPL-3.0-only
   # - Apache-2.0
   # - CC-BY-4.0
-  license: license (GPL-2.0-or-later, MIT, etc)
+  license: LGPL-3.0-or-later
 
   min_ansible_version: 2.9
 
@@ -50,4 +50,4 @@ galaxy_info:
 dependencies: []
   # List your role dependencies here, one per line. Be sure to remove the '[]' above,
   # if you add dependencies to this list.
-  
\ No newline at end of file
+  
diff --git a/tasks/main.yml b/tasks/main.yml
index 75717b2..fb4cb50 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,2 +1,176 @@
 ---
-# tasks file for ensure_mariadb
\ No newline at end of file
+# tasks file for ensure_mariadb
+- name: 'include variables'
+  when:
+    - ansible_system == 'Linux'
+  include_vars:
+    file: '{{ lookup("first_found", findme ) }}'
+    name: 'ensure_mariadb'
+  vars:
+    findme:
+      files:
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_distribution }}-default.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-{{ ansible_architecture }}.yml'
+        - '{{ ansible_os_family }}-{{ ansible_distribution_major_version }}-default.yml'
+        - '{{ ansible_os_family }}-default.yml'
+        - 'default.yml'
+      paths:
+        - '../vars/'
+      errors: 'ignore'
+- name: 'package discovery'
+  when:
+    - ansible_system == 'Linux'
+    - packages is not defined
+  ansible.builtin.package_facts:
+- name: 'service discovery'
+  when:
+    - ansible_system == 'Linux'
+    - services is not defined
+  ansible.builtin.service_facts:
+- name: 'ensure sysctl'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - ensure_mariadb.sysctl_list is defined
+    - ensure_mariadb.sysctl_list is iterable
+  ansible.posix.sysctl:
+    name: '{{ item.name }}'
+    reload: '{{ item.reload | default(omit) }}'
+    state: '{{ item.state }}'
+    sysctl_file: '{{ item.sysctl_file | default(omit) }}'
+    sysctl_set: '{{ item.sysctl_set | default(omit) }}'
+    value: '{{ item.value | default(omit) }}'
+  loop: '{{ ensure_mariadb.sysctl_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.value }}'
+- name: 'ensure packages'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - ensure_mariadb.package_list is defined
+    - ensure_mariadb.package_list is iterable
+    - packages[item.name] is not defined
+  ansible.builtin.package:
+    name: '{{ item.name }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_mariadb.package_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
+  notify:
+    - 'ensure_mariadb.package_facts'
+    - 'ensure_mariadb.service_facts'
+- name: 'ensure seboolean'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - ensure_mariadb.seboolean_list is defined
+    - ensure_mariadb.seboolean_list is iterable
+  ansible.posix.seboolean:
+    name: '{{ item.name }}'
+    persistent: '{{ item.persistent }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_mariadb.seboolean_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
+- name: 'ensure configurations'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - ensure_mariadb.template_list is defined
+    - ensure_mariadb.template_list is iterable
+  ansible.builtin.template:
+    backup: 'no'
+    dest: '{{ item.dest }}'
+    group: '{{ item.group | default(omit) }}'
+    mode: '{{ item.mode | default(omit) }}'
+    owner: '{{ item.owner | default(omit) }}'
+    selevel: '{{ iteml.selevel | default(omit) }}'
+    serole: '{{ item.serole | default(omit) }}'
+    setype: '{{ item.setype | default(omit) }}'
+    seuser: '{{ item.seuser | default(omit) }}'
+    src: '{{ item.src }}'
+  loop: '{{ ensure_mariadb.template_list }}'
+  loop_control:
+    label: '{{ item.dest }} will be ensured'
+  notify:
+    - 'ensure_mariadb.package_facts'
+    - 'ensure_mariadb.service_facts'
+    - 'ensure_mariadb.service_reload'
+    - 'ensure_mariadb.services'
+- name: 'ensure firewall'
+  when:
+    - ansible_system == 'Linux'
+    - packages["firewalld"] is defined
+    - packages["python3-firewall"] is defined
+    - ensure_mariadb is defined
+    - ensure_mariadb.firewall_list is defined
+    - ensure_mariadb.firewall_list is iterable
+  ansible.posix.firewalld:
+    permanent: '{{ item.permanent }}'
+    service: '{{ item.service }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_mariadb.firewall_list }}'
+  loop_control:
+    label: '{{ item.service }} will be {{ item.state }}'
+- name: 'base mod_md store'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - http_vhost is defined
+    - http_vhost is iterable
+  ansible.builtin.file:
+    group: 'mariadb'
+    owner: 'root'
+    mode: '0770'
+    path: '/etc/httpd/md'
+    state: 'directory'
+    setype: 'httpd_var_lib_t'
+- name: 'ensure vhost document roots'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - http_vhost is defined
+    - http_vhost is iterable
+    - item.fqdn is defined
+  ansible.builtin.file:
+    path: '/srv/http/{{ item.fqdn }}'
+    state: 'directory'
+    setype: 'httpd_sys_content_t'
+  loop: '{{ http_vhost }}'
+  loop_control:
+    label: '/srv/http/{{ item.fqdn }} will be ensured'
+- name: 'ensure website content from git repos'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - http_vhost is defined
+    - http_vhost is iterable
+    - item.fqdn is defined
+    - item.repo is defined
+  ansible.builtin.git:
+    accept_hostkey: 'yes'
+    dest: '/srv/http/{{ item.fqdn }}'
+    repo: '{{ item.repo }}'
+  loop: '{{ http_vhost }}'
+  loop_control:
+    label: '/srv/http/{{ item.fqdn }} will be populated...'
+- name: 'ensure services'
+  when:
+    - ansible_system == 'Linux'
+    - ensure_mariadb is defined
+    - ensure_mariadb.service_list is defined
+    - ensure_mariadb.service_list is iterable
+  ansible.builtin.service:
+    enabled: '{{ item.enabled }}'
+    name: '{{ item.name }}'
+    state: '{{ item.state }}'
+  loop: '{{ ensure_mariadb.service_list }}'
+  loop_control:
+    label: '{{ item.name }} will be {{ item.state }}'
+  notify:
+    - 'ensure_mariadb.package_facts'
+    - 'ensure_mariadb.service_facts'
+- name: 'flush handlers'
+  meta: 'flush_handlers'
diff --git a/vars/Fedora-34-default.yml b/vars/Fedora-34-default.yml
new file mode 100644
index 0000000..06cca85
--- /dev/null
+++ b/vars/Fedora-34-default.yml
@@ -0,0 +1,13 @@
+---
+# vars file for ensure_mariadb
+package_list:
+  - name: 'mariadb'
+    state: 'present'
+  - name: 'mariadb-server'
+    state: 'present'
+  - name: 'phpMyAdmin'
+    state: 'present'
+firewall_list:
+  - permanent: 'yes'
+    service: 'mysql'
+    state: 'enabled'
diff --git a/vars/default.yml b/vars/default.yml
new file mode 100644
index 0000000..db004be
--- /dev/null
+++ b/vars/default.yml
@@ -0,0 +1,2 @@
+---
+# vars file for ensure_mariadb
\ No newline at end of file