Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

coopsymbiotic-ansible/roles/aegir/tasks/main.yml

Go to file
 
 
Cannot retrieve contributors at this time
843 lines (750 sloc) 23.1 KB
Raw Blame
Open in GitHub Desktop
---
# Installs Aegir3 (http://www.aegirproject.org)
# Assumes Debian, with MariaDB, Nginx, php-fpm
# Depends on the mariadb role
- name: aegir | Force gathering facts for partial ansible runs
setup:
tags:
- packages
- packages-php
- aegir-php
- aegir-install
- aegir-goaccess
- packages-php-gpg
- include_vars: "{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml"
when: phpversion is undefined
tags:
- packages
- packages-php
- aegir-php
- name: Debian | Add Sury.org apt reporitory key
apt_key:
url: "https://packages.sury.org/php/apt.gpg"
state: present
keyring: /etc/apt/trusted.gpg.d/php.gpg
tags:
- packages
- packages-php
- packages-php-gpg
- aegir-php
- name: Debian | Add Sury.org repository
apt_repository:
repo: deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main
state: present
update_cache: yes
when: ansible_distribution == "Debian"
tags:
- packages
- packages-php
- aegir-php
- name: Ubuntu | Add Sury.org repository
apt_repository:
repo: deb http://ppa.launchpad.net/ondrej/php/ubuntu {{ ansible_distribution_release }} main
state: present
update_cache: yes
when: ansible_distribution == "Ubuntu"
tags:
- packages
- packages-php
- aegir-php
- name: Debian | Pin Sury repositories
template: src=etc/apt/preferences.d/php-symbiotic dest=/etc/apt/preferences.d/php-symbiotic owner=root group=root mode=0444
when: ansible_distribution == "Debian" or ansible_distribution == "Ubuntu"
tags:
- packages
- packages-php
- aegir-php
# Required for enabling locales, for CiviCRM native gettext
- apt: name="locales" state=present install_recommends=no
# Create a aegir_root user for MariaDB (avoids issues with root's empty password)
- apt: name="pwgen" state=present install_recommends=no
- name: Check a password was created for the aegir_root MySQL user
stat: path="/root/.mysql.root"
register: aegir_root_sql_pass
tags:
- aegir-install
- name: Generate a aegir_root password for MySQL
shell: pwgen 15 1 > /root/.mysql.root
when: not aegir_root_sql_pass.stat.exists
tags:
- aegir-install
- name: Fetch the aegir_root password for MySQL
command: cat /root/.mysql.root
register: aegir_root_password
changed_when: false
tags:
- aegir-install
- name: Set a fact for the mysql root password
set_fact:
aegir_db_password: "{{ aegir_root_password.stdout }}"
tags:
- aegir-install
- name: Create the aegir_root user in MySQL
shell: /usr/bin/mysql -e "GRANT ALL ON *.* TO 'aegir_root'@'localhost' IDENTIFIED BY '{{ aegir_root_password.stdout }}' WITH GRANT OPTION"
when: not aegir_root_sql_pass.stat.exists
tags:
- aegir-install
- name: Making sure the drush package is removed (aegir3 installs through composer)
apt: pkg=drush state=absent
- apt: update_cache=yes
tags:
- packages
- apt:
name: "nginx"
state: present
install_recommends: no
when: ("'aegir_apache' not in group_names")
tags:
- packages
- aegir-nginx
- apt:
name: "php{{ phpversion }}-fpm"
state: present
install_recommends: no
when: "'aegir_apache' not in group_names"
tags:
- packages
- packages-php
- aegir-php
# nb: imagick is required by Mosaico
- apt:
name: [
"php{{ phpversion }}",
"php{{ phpversion }}-bcmath",
"php{{ phpversion }}-gd",
"php{{ phpversion }}-cli",
"php{{ phpversion }}-curl",
"php{{ phpversion }}-intl",
"php{{ phpversion }}-json",
"php{{ phpversion }}-ldap",
"php{{ phpversion }}-mysql",
"php{{ phpversion }}-soap",
"php{{ phpversion }}-ssh2",
"php{{ phpversion }}-zip",
"php{{ phpversion }}-xsl",
"php{{ phpversion }}-mbstring",
"php{{ phpversion }}-zip",
"php{{ phpversion }}-imagick"
]
state: present
install_recommends: no
when: phpversion != 8.0
tags:
- packages
- packages-php
- aegir-php
# PHP 8.0 does not have php8.0-json
- apt:
name: [
"php{{ phpversion }}",
"php{{ phpversion }}-bcmath",
"php{{ phpversion }}-gd",
"php{{ phpversion }}-cli",
"php{{ phpversion }}-curl",
"php{{ phpversion }}-intl",
"php{{ phpversion }}-ldap",
"php{{ phpversion }}-mysql",
"php{{ phpversion }}-soap",
"php{{ phpversion }}-ssh2",
"php{{ phpversion }}-zip",
"php{{ phpversion }}-xsl",
"php{{ phpversion }}-mbstring",
"php{{ phpversion }}-zip",
"php{{ phpversion }}-imagick"
]
state: present
install_recommends: no
when: phpversion == 8.0
tags:
- packages
- packages-php
- aegir-php
- apt:
name: [
patch, # required for drush make
pwgen,
curl,
gettext,
xauth,
xvfb,
libxrender1,
ttf-mscorefonts-installer,
fonts-dejavu-core,
imagemagick
]
state: present
install_recommends: no
tags:
- packages
# A bit off topic, but too often had the issue where mailname was misconfigured
- copy: content="{{ inventory_hostname }}" dest=/etc/mailname
- file: path=/etc/mailname owner=root group=root mode=0644
- name: Ensure that our locales are enabled
locale_gen:
name: "{{ item }}"
state: present
with_items:
- en_US.UTF-8
- en_CA.UTF-8
- fr_BE.UTF-8
- fr_CA.UTF-8
- fr_FR.UTF-8
- ca_ES.UTF-8
- es_ES.UTF-8
tags:
- aegir
- aegir-locales
# Has to happen early, used by the hostmaster installation
- name: sudo | Deploy sudoers file for people who are allowed to sudo to aegir
template: src=etc/sudoers.d/symbiotic-aegir dest=/etc/sudoers.d/symbiotic-aegir owner=root group=root mode=0440
tags:
- aegir-sudoers
- aegir-sudoers-symbiotic
- aegir-helper-scripts
- aegir-ansible
- aegir-install
- aegir-goaccess
- name: Install composer
include: composer.yml
tags:
- aegir-composer
- name: Install Aegir using git
include: git.yml
tags:
- aegir-install
- name: Download provision_symbiotic from Github
become_user: aegir
git: repo=https://github.com/coopsymbiotic/provision_symbiotic.git
version=master
dest=/var/aegir/.drush/provision_symbiotic
update=yes
tags:
- aegir-provision-symbiotic
- aegir-weekly
- name: Download provision_customhtaccess from Github
become_user: aegir
git: repo=https://github.com/mlutfy/provision_customhtaccess.git
version=master
dest=/var/aegir/.drush/provision_customhtaccess
update=yes
tags:
- aegir-provision-customhtaccess
- name: Download drush utf8mb4_convert from Git
become_user: aegir
git:
repo: https://git.drupalcode.org/project/utf8mb4_convert.git
version: 7.x-1.x
dest: /var/aegir/.drush/utf8mb4_convert
update: yes
tags:
- aegir-drush-extras
- name: Download drush registry_rebuild from Git
become_user: aegir
git:
repo: https://git.drupalcode.org/project/registry_rebuild.git
version: 7.x-2.x
dest: /var/aegir/.drush/registry_rebuild
update: yes
tags:
- aegir-drush-extras
##
## Update hosting_civicrm from git
##
- name: Get Hostmaster root directory
become: true
become_user: aegir
shell: "drush @hostmaster status | grep 'Drupal root' | awk '{ print $4 }'"
register: hostmaster_root
tags:
- aegir-civicrm-platform
- aegir-hosting-civicrm
- aegir-hosting-https
- aegir-hosting-usage
- aegir-hosting-wordpress
- aegir-ansible
- aegir-fixownership
- aegir-goaccess
# Unless we check if it's already a git repo, in most cases it's static
# since it has been updated by the aegir3 debian packages.
- name: Delete the old hosting_civicrm directory
file: path="{{ hostmaster_root.stdout }}/profiles/hostmaster/modules/aegir/hosting_civicrm" state=absent
tags:
- aegir-ansible
- name: Deploy latest hosting_civicrm from Git
become: true
become_user: aegir
git: repo=https://git.drupal.org/project/hosting_civicrm.git
version=7.x-3.x
dest="{{ hostmaster_root.stdout }}/profiles/hostmaster/modules/aegir/hosting_civicrm"
update=yes
force=yes
ignore_errors: yes
tags:
- aegir-hosting-civicrm
- aegir-ansible
- name: Flush Hostmaster cache
become: true
become_user: aegir
shell: "drush @hostmaster cc all"
tags:
- aegir-hosting-civicrm
##
## Deploy hosting_wordpress
##
- name: Deploy latest hosting_wordpress from Git
become: true
become_user: aegir
git: repo=https://github.com/mlutfy/hosting_wordpress.git
version=7.x-3.x
dest="{{ hostmaster_root.stdout }}/sites/{{ inventory_hostname }}/modules/hosting_wordpress"
update=yes
ignore_errors: yes
tags:
- aegir-hosting-wordpress
- name: Install wp-cli
get_url:
url: "https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar"
dest: /usr/local/bin/wp
mode: '0755'
tags:
- aegir-hosting-wordpress
# @todo replace by systemd timer?
# @todo Avoid running if the config-wp file does not exist?
- name: hosting_wordpress | Configure dehydrated cron
cron:
name="dehydrated-aegir-wp"
minute="35"
hour="19"
job="/var/aegir/config/letsencrypt/script -c -f /var/aegir/config/letsencrypt/config-wp >/dev/null"
cron_file="dehydrated-aegir-wp"
user="aegir"
state=present
tags:
- aegir-hosting-wordpress
- aegir-hosting-wordpress-dehydrated
##
## Deploy hosting_civicrm_ansible and dependencies
##
- name: Deploy latest hosting_civicrm_ansible from Git
become: true
become_user: aegir
git: repo=https://github.com/coopsymbiotic/hosting_civicrm_ansible.git
version=master
dest="{{ hostmaster_root.stdout }}/sites/{{ inventory_hostname }}/modules/hosting_civicrm_ansible"
update=yes
ignore_errors: yes
tags:
- aegir-hosting-civicrm-ansible
- aegir-ansible
- name: Deploy latest aegir_ansible from Git
become: true
become_user: aegir
git: repo=https://git.drupalcode.org/project/aegir_ansible
version=7.x-1.x
dest="{{ hostmaster_root.stdout }}/sites/{{ inventory_hostname }}/modules/aegir_ansible"
update=yes
ignore_errors: yes
tags:
- aegir-hosting-civicrm-ansible
- aegir-ansible
# This is perhaps a bit weird and overkill, but for now everything is in the
# same Ansible repo. We should probably have a cron to auto-update?
- name: Deploy latest coopsymbiotic Ansible playbooks from Git
git: repo=https://github.com/coopsymbiotic/coopsymbiotic-ansible.git
version=master
dest="/usr/local/coopsymbiotic-ansible"
update=yes
force=yes
ignore_errors: yes
tags:
- aegir-hosting-civicrm-ansible
- aegir-ansible
- aegir-ansible-symlink
- name: Install Ansible via Debian apt
apt: name={{ item }} state=present install_recommends=no
with_items:
- ansible
tags:
- packages
- aegir-ansible
- stat:
path: /usr/local/coopsymbiotic-ansible/bin/aegir-ansible
register: aegir_ansible_link
tags:
- aegir-ansible-symlink
- name: Delete the old aegir-ansible script
file:
path: /usr/local/bin/aegir-ansible
state: absent
when: aegir_ansible_link.stat.isreg is defined and aegir_ansible_link.stat.isreg
tags:
- aegir-ansible
- aegir-ansible-symlink
- name: Symlink the aegir-ansible script
file:
src: /usr/local/coopsymbiotic-ansible/bin/aegir-ansible
dest: /usr/local/bin/aegir-ansible
state: link
tags:
- aegir-ansible
- aegir-ansible-symlink
##
## Deploy hosting_usage
##
- name: Deploy latest hosting_usage from Git
become: true
become_user: aegir
git: repo=https://github.com/coopsymbiotic/hosting_usage.git
version=master
dest="{{ hostmaster_root.stdout }}/sites/{{ inventory_hostname }}/modules/hosting_usage"
update=yes
ignore_errors: yes
tags:
- aegir-hosting-usage
- aegir-goaccess
##
## Required so that our ansible scripts can access the server's site inventory
# @todo Remove hardcoded IPs
##
- name: Aegir | Add our IPs to system allowlist
shell: "drush @hm vset provision_symbiotic_system_whitelist '76.10.173.17,2607:f2c0:f00f:2900::/56,2607:f2c0:a000::/48,205.204.73.202,2605:9000:402:6a17::61'"
become: true
become_user: aegir
tags:
- aegir-ansible
- name: Aegir | Trigger a hostmaster verify so that the vhost is updated
shell: "drush @hm provision-verify"
become: true
become_user: aegir
tags:
- aegir-ansible
##
## Configurations
##
# This command sometimes freezes the ansible run, so we async to wait for 60 seconds, poll every 5 seconds
- name: Aegir modules | Enable a few extra Aegir modules
shell: "drush @hostmaster en hosting_queued hosting_https hosting_letsencrypt hosting_alias hosting_clone hosting_tasks_extra hosting_remote_import hosting_civicrm aegir_ansible_inventory hosting_civicrm_ansible hosting_wpsite -y"
async: 60
poll: 5
become: true
become_user: aegir
tags:
- aegir-hosting-https
- aegir-hosting-civicrm
- aegir-hosting-civicrm-ansible
- aegir-hosting-wordpress
- aegir-ansible
# ixiam/hosting#67
- name: Aegir modules | Disable hosting_platform_composer_git because we do not need it and seems buggy
shell: "drush @hostmaster dis hosting_platform_composer_git -y"
async: 60
poll: 5
become: true
become_user: aegir
- name: Aegir modules | Enable hosting_nginx_https
shell: "drush @hostmaster en hosting_nginx_https -y"
async: 60
poll: 5
become: true
become_user: aegir
when: "'aegir_apache' not in group_names"
tags:
- aegir-hosting-https
- name: Aegir modules | Enable hosting_apache_https
shell: "drush @hostmaster en hosting_apache_https -y"
async: 60
poll: 5
become: true
become_user: aegir
when: "'aegir_apache' in group_names"
tags:
- aegir-hosting-https
- name: Aegir modules | Disable the annoying Drupal overlay
shell: "drush @hostmaster dis overlay -y"
async: 60
poll: 5
become: true
become_user: aegir
- name: Aegir settings | Enable Aegir queue process
shell: "drush @hostmaster vset hosting_feature_queued 1"
become: true
become_user: aegir
tags:
- aegir-settings
- name: Aegir settings | Set CiviCRM default cron interval to 15 mins
shell: "drush @hostmaster vset hosting_civicrm_ansible_cron_default_interval 900"
become: true
become_user: aegir
tags:
- aegir-settings
- name: Aegir settings | Misc other settings
become: true
become_user: aegir
shell: "drush @hostmaster vset {{ item.name }} {{ item.value }}"
with_items:
- { name: 'hosting_feature_git', value: '1' }
- { name: 'hosting_feature_git_pull', value: '1' }
- { name: 'hosting_feature_http_basic_auth', value: '1' }
- { name: 'hosting_feature_migrate', value: '1' }
- { name: 'hosting_feature_remote_import', value: '1' }
- { name: 'hosting_feature_fix_ownership', value: '1' }
- { name: 'hosting_feature_sync', value: '1' }
- { name: 'hosting_feature_tasks_extra', value: '1' }
- { name: 'hosting_feature_task_gc', value: '1' }
- { name: 'hosting_queue_civicrm_cron_enabled', value: '1' }
- { name: 'hosting_queue_civicrm_cron_frequency', value: '300' }
- { name: 'hosting_queue_civicrm_cron_items', value: '50' }
- { name: 'hosting_feature_fix_ownership', value: '1' }
- { name: 'hosting_feature_fix_permissions', value: '1' }
tags:
- aegir-settings
- aegir-fixownership
- name: Aegir settings | Delete a few settings
become: true
become_user: aegir
shell: "drush @hostmaster vdel {{ item }} -y"
with_items:
- update_notify_emails
# Generated with: openssl dhparam -check -5 4096 > /etc/nginx/params.4096
# but it's way to slow to run on each server.
- name: Aegir | Copy the dhparam file for nginx https
copy:
src: /etc/ansible/files/etc/nginx/params.4096
dest: /etc/nginx/params.4096
owner: root
group: root
mode: '0640'
tags:
- aegir-dhparam
# Disable nginx logging, since Aegir enables it per-host
- name: Aegir | Disable global error.log
lineinfile:
path: /etc/nginx/nginx.conf
regexp: 'access_log /var/log/nginx/access.log'
line: " # access_log /var/log/nginx/access.log; # disabled by ansible"
notify: reload nginx
tags:
- aegir-nginx
- aegir-nginx-conf
- name: nginx | Disable global error.log
lineinfile:
path: /etc/nginx/nginx.conf
regexp: 'error_log /var/log/nginx/error.log'
line: " # error_log /var/log/nginx/error.log; # disabled by ansible"
notify: reload nginx
tags:
- aegir-nginx
- aegir-nginx-conf
- name: nginx | Disable server_tokens
lineinfile:
path: /etc/nginx/nginx.conf
regexp: 'server_tokens off;'
line: " server_tokens off; # set by ansible"
notify: reload nginx
tags:
- aegir-nginx
- aegir-nginx-conf
- name: nginx | Setup a default vhost
template:
src: etc/nginx/sites-available/default
dest: /etc/nginx/sites-available/default
owner: root
group: root
mode: 0644
notify: reload nginx
tags:
- aegir-nginx
- aegir-nginx-conf
- name: nginx | Enable the default vhost
file:
src: /etc/nginx/sites-available/default
dest: /etc/nginx/sites-enabled/default
state: link
notify: reload nginx
tags:
- aegir-nginx
- aegir-nginx-conf
# Using lineinfile instead of a template so that we can still add other
# settings in global.inc without ansible.
- name: Aegir | Enable CiviCRM Native Gettext globally
lineinfile:
path: /var/aegir/config/includes/global.inc
regexp: 'CIVICRM_GETTEXT_NATIVE'
line: "define('CIVICRM_GETTEXT_NATIVE', 1);"
tags:
- aegir-globalinc
- name: Aegir | Enable CiviCRM l10n basedir define
lineinfile:
path: /var/aegir/config/includes/global.inc
regexp: 'CIVICRM_L10N_BASEDIR'
line: "define('CIVICRM_L10N_BASEDIR', '/var/aegir/l10n-civicrm');"
tags:
- aegir-globalinc
# deprecated?
- name: Aegir | Set our CiviCRM l10n directory
lineinfile:
path: /var/aegir/config/includes/global.inc
regexp: 'global \$civicrm_paths;'
line: 'global $civicrm_paths;'
tags:
- aegir-globalinc
- name: Aegir | Set our CiviCRM l10n directory
lineinfile:
path: /var/aegir/config/includes/global.inc
regexp: "\\$civicrm_paths\\['civicrm.l10n'\\]\\['path'\\]"
line: "$civicrm_paths['civicrm.l10n']['path'] = '/var/aegir/l10n-civicrm';"
insertafter: 'global \$civicrm_paths;'
tags:
- aegir-globalinc
- name: hosting-queued | Deploy hosting-queued unit file
template:
src: etc/systemd/system/hosting-queued.service
dest: /etc/systemd/system/hosting-queued.service
owner: root
group: root
mode: 0444
notify: reload systemd
tags:
- aegir-hosting-queued
- name: hosting-queued | Enable the hosting-queued service
systemd:
name: hosting-queued
enabled: yes
masked: no
tags:
- aegir-hosting-queued
- name: hosting-queued | Restart Aegir hosting queue
service: name=hosting-queued state=restarted
tags:
- aegir-hosting-queued
# Requirements for the wkhtmltox 0.15 package
- apt: name={{ item }} state=absent install_recommends=no
with_items:
- fontconfig
- xfonts-base
- xfonts-75dpi
tags:
- packages
- aegir
- aegir-wkhtmltopdf
- name: Install wkhtmltopdf from deb
apt:
deb: https://github.com/wkhtmltopdf/wkhtmltopdf/releases/download/0.12.5/wkhtmltox_0.12.5-1.stretch_amd64.deb
tags:
- aegir
- aegir-wkhtmltopdf
#
# c.f. https://www.drupal.org/project/hosting_civicrm/issues/2972031
#
- name: Deploy our version of fix-drupal-site-permissions.sh
template: src=usr/local/bin/fix-drupal-site-permissions.sh dest=/usr/local/bin/fix-drupal-site-permissions.sh owner=root group=root mode=0755
tags:
- aegir-fixownership
- aegir-fixpermission-override
- name: Deploy our fix-wordpress-permissions.sh
template: src=usr/local/bin/fix-wordpress-permissions.sh dest=/usr/local/bin/fix-wordpress-permissions.sh owner=root group=root mode=0755
tags:
- aegir-fixownership
- aegir-fixpermission-override
- name: Deploy other Aegir helper scripts
template: src="usr/local/bin/{{ item }}" dest="/usr/local/bin/{{ item }}" owner=root group=root mode=0755
with_items:
- resync-drupal-db.sh
- resync-wordpress-db.sh
- aegir-db-filestats
- aegir-getlock
tags:
- aegir-helper-scripts
- aegir-ansible
- name: Deploy our version of BOA's weekly.sh
template: src=usr/local/bin/aegir-weekly.sh dest=/usr/local/bin/aegir-weekly.sh owner=root group=root mode=0755
tags:
- aegir-weekly
- name: Setup a cron for our version of BOA's weekly.sh
cron:
name="aegir-weekly"
minute="35"
hour="18"
hour="18"
weekday="6"
job="/usr/local/bin/aegir-weekly.sh"
cron_file="aegir-weekly"
user="root"
state=present
tags:
- aegir-weekly
- name: Aegir | Deploy civicrm-pull-patch
template: src=usr/local/bin/civicrm-pull-patch dest=/usr/local/bin/civicrm-pull-patch owner=root group=root mode=0755
tags:
- aegir-civicrm-scripts
- name: Aegir | Deploy cvlog
template: src=usr/local/bin/cvlog dest=/usr/local/bin/cvlog owner=root group=root mode=0755
tags:
- aegir-civicrm-scripts
- name: Aegir | Deploy civicrm-update-translations
template: src=usr/local/bin/civicrm-update-translations dest=/usr/local/bin/civicrm-update-translations owner=root group=root mode=0755
tags:
- aegir-civicrm-scripts
- aegir-civicrm-translations
- name: Aegir | Download CiviCRM translations
shell: "/usr/local/bin/civicrm-update-translations"
args:
creates: /var/aegir/l10n-civicrm
tags:
- aegir-civicrm-translations
- include: settings-php.yml
tags:
- aegir-php
- include: civicrm.yml
tags:
- aegir-civicrm
- include: aegir-helpers.yml
tags:
- aegir-helpers
- name: Aegir | Deploy our local.drushrc.php
template: src=var/aegir/dot.drush/local.drushrc.php dest=/var/aegir/.drush/local.drushrc.php owner=aegir group=aegir mode=0644
tags:
- aegir-drush
- name: bash | Deploy bashrc and profile configurations
template: src=var/aegir/dot{{ item }} dest=/var/aegir/{{ item }} owner=aegir group=aegir mode=0644
with_items:
- .bashrc
- .profile
tags:
- aegir-bash
- name: Deploy our duct tape script to safely reload nginx
template: src=usr/local/bin/aegir-reload-nginx.sh dest=/usr/local/bin/aegir-reload-nginx.sh owner=root group=root mode=0755
tags:
- aegir-sudoers
- name: Deploy wrapper for getting systemd timer logs
template: src=usr/local/bin/aegir-systemctl-status dest=/usr/local/bin/aegir-systemctl-status owner=root group=root mode=0755
tags:
- aegir-sudoers
- aegir-ansible
- include: platforms.yml
tags:
- aegir-civicrm-platforms
- include: sshfs-keys.yml
tags:
- aegir-sshfs
- include: mysql-users.yml mysql_users="{{ aegir_mysql_users_ro }}" mysql_privs="SELECT,SHOW VIEW,PROCESS"
when: aegir_mysql_users_ro | length > 0
tags:
- aegir-mysql-users
- aegir-mysql-users-ro
- include: mysql-users.yml mysql_users="{{ aegir_mysql_users_rw }}" mysql_privs="SELECT,SHOW VIEW,PROCESS,INSERT,UPDATE,DELETE,CREATE VIEW,REPLICATION CLIENT"
when: aegir_mysql_users_rw | length > 0
tags:
- aegir-mysql-users
- aegir-mysql-users-rw
# @todo Needs fixing
- include: mysql-replication.yml
when: aegir_mysql_replication_hosts | length > 0
tags:
- aegir-mysql-replication
- include: cleanuptmp.yml
tags:
- aegir-cleanuptmp
- include: goaccess.yml
tags:
- aegir-goaccess