WIP: Vagrant with provision

.gitignore

@@ -21,3 +21,5 @@
 ###< symfony/web-server-bundle ###
 
 config/parameters.yaml
+
+.vagrant

Vagrantfile

@@ -0,0 +1,24 @@
+Vagrant.configure('2') do |config|
+    config.vm.box       = 'ubuntu/bionic64'
+    config.vm.host_name = 'bcr.www'
+    config.ssh.forward_agent = true
+
+    config.vm.network 'private_network', ip: '192.168.123.12'
+    config.vm.network 'forwarded_port', guest: 80, host: 9050
+
+    config.vm.synced_folder ".", "/var/www", :nfs => true
+
+    config.vm.provision :shell, path: "bootstrap.sh"
+
+    config.vm.provision "shell" do |s|
+        ssh_pub_key = File.readlines("#{Dir.home}/.ssh/id_rsa.pub").first.strip
+        s.inline = <<-SHELL
+          echo #{ssh_pub_key} >> /home/vagrant/.ssh/authorized_keys
+          echo #{ssh_pub_key} >> /root/.ssh/authorized_keys
+        SHELL
+     end
+
+    config.vm.provision :ansible do |ansible|
+        ansible.playbook = "ansible/main.yml"
+    end
+end

ansible/main.retry

@@ -0,0 +1 @@
+default

ansible/main.yml

@@ -0,0 +1,13 @@
+---
+-   hosts: all
+    roles:
+        -   role: app
+            become: true
+        -   role: php72
+            become: true
+        -   role: npm
+            become: true
+        -   role: composer
+            become: true
+        -   role: nginx
+            become: true

ansible/roles/app/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+app_hostname: bcr.www
+

ansible/roles/app/meta/main.yml

@@ -0,0 +1,4 @@
+---
+dependencies:
+    - nginx
+    - php72

ansible/roles/app/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+-   name: ensure hosts entry
+    lineinfile:
+        dest: /etc/hosts
+        regexp: '^127.0.0.1'
+        line: '127.0.0.1 localhost {{ app_hostname }}'
+
+-   name: nginx config copy
+    template:
+        src: vhost.j2
+        dest: /etc/nginx/sites-available/bcr.conf
+
+-   name: nginx config API link
+    file:
+        src: /etc/nginx/sites-available/bcr.conf
+        dest: /etc/nginx/sites-enabled/bcr.conf
+        state: link
+
+-   name: Remove symlink
+    file:
+        path: /etc/nginx/sites-enabled/default
+        state: absent
+    notify:
+        - restart nginx
+        - restart php-fpm

ansible/roles/app/templates/vhost.j2

@@ -0,0 +1,23 @@
+# nginx
+server {
+    listen 80;
+    listen [::]:80 ipv6only=on;
+
+    root /var/www/public;
+    index index.php index.html index.htm;
+
+    server_name {{ app_hostname }};
+
+    location / {
+        try_files $uri $uri/ /index.php?q=$uri&$args;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param HTTPS off;
+    }
+}

ansible/roles/composer/tasks/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Install compopser package
+  apt:
+      name: composer
+      state: present

ansible/roles/nginx/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+- name: restart nginx
+  become: true
+  service:
+    name: nginx
+    state: restarted

ansible/roles/nginx/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+- name: Install nginx packages.
+  apt:
+    name: nginx
+    state: present
+
+- name: Uninstall apache packages.
+  apt:
+    name: httpd
+    state: absent
+
+- name: start and enable nginx service.
+  service:
+    name: nginx
+    state: started
+    enabled: true

ansible/roles/npm/tasks/main.yml

@@ -0,0 +1,18 @@
+---
+-   name: install node sources
+    shell: curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
+
+-   name: install nodejs
+    apt:
+        name: nodejs
+        state: present
+
+-   name: install npm
+    apt:
+        name: npm
+        state: present
+
+-   name: install yarn
+    npm:
+        name: yarn
+        global: true

ansible/roles/php72/defaults/main.yml

@@ -0,0 +1,10 @@
+---
+fpm_user: www-data
+fpm_group: www-data
+fpm_listen: 127.0.0.1:9000
+fpm_log_path: /var/log/php
+
+php_ini:
+  'date.timezone': "Europe/Berlin"
+  'memory_limit': 2048M
+  'max_execution_time': 300

ansible/roles/php72/handlers/main.yml

@@ -0,0 +1,6 @@
+---
+- name: restart php-fpm
+  become: true
+  service:
+    name: php7.2-fpm
+    state: restarted

ansible/roles/php72/tasks/main.yml

@@ -0,0 +1,32 @@
+---
+-   name: add php7.2 repository
+    apt_repository:
+        repo: 'ppa:ondrej/php'
+        state: present
+
+-   name: Install php packages.
+    apt:
+        name: ['memcached', 'php7.2', 'php7.2-cli', 'php7.2-fpm', 'php7.2-json', 'php7.2-dom', 'php7.2-memcached', 'php7.2-curl', 'curl']
+        state: present
+    notify:
+        - restart php-fpm
+
+-   name: ensure php log dir exists
+    file:
+        path: "{{ fpm_log_path }}"
+        state: directory
+        owner: "{{ fpm_user }}"
+        group: "{{ fpm_group }}"
+        recurse: true
+
+-   name: place php-fpm configuration file.
+    template:
+        src: fpm-www.conf.j2
+        dest: /etc/php/7.2/fpm/pool.d/www.conf
+    notify:
+        - restart php-fpm
+
+-   name: start and enable php-fpm service.
+    service:
+        name: php7.2-fpm
+        enabled: true

ansible/roles/php72/templates/fpm-www.conf.j2

@@ -0,0 +1,12 @@
+[www]
+user = {{ fpm_user }}
+group = {{ fpm_group }}
+listen = {{ fpm_listen }}
+listen.allowed_clients = 127.0.0.1
+listen.owner = www-data
+listen.group = www-data
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3

bootstrap.sh

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+apt-get -y install python