An Ansible playbook for automated deployment of full-stack Plone servers.
Python Shell Makefile
Failed to load latest commit information.
docs Add mail_hostname variable. Feb 4, 2017
firewalls Firewall playbook cleanup Jan 18, 2016
roles Add mail_hostname variable. Feb 4, 2017
.gitignore Remove vbox_host.cfg from distribution since it's now dynamically gen… Oct 4, 2016
.gitmodules Nope, submodules blocked ansible-galaxy Nov 19, 2014
HISTORY.txt Add mail_hostname variable. Feb 4, 2017
Makefile Basic makefile Mar 28, 2016
README.rst Remove vbox_host.cfg from distribution since it's now dynamically gen… Oct 4, 2016
Vagrantfile Document and refine vbox_host.cfg file generation Oct 7, 2016
firewall.yml Require Ansible 2.x; use 'become' rather than 'sudo'. Mar 26, 2016
playbook.yml Stop Ansible version check being skipped if a tag is present May 25, 2016
sample-medium.yml Use 5.0.6 in samples Oct 2, 2016
sample-multiserver.yml Document ssh pipelining Jul 14, 2016
sample-small.yml Use 5.0.6 in samples Oct 2, 2016
sample-very-small.yml Set x flags on mode Apr 13, 2016
version.txt Version update Feb 3, 2017


Plone Ansible playbook


Use Ansible to provision a full-stack Plone server


Plone's Ansible Playbook can completely provision a remote server to run the full stack of Plone, including:

  • Plone in a cluster configuration;
  • Automatic starting and process control of the Plone cluster with supervisor;
  • Load balancing of the cluster with HAProxy;
  • Caching with Varnish;
  • Nginx as a world-facing remote proxy and URL rewrite engine;
  • An outgoing-mail-only mail server using Postfix;
  • Monitoring and log analysis with munin-node and logwatch and fail2ban.
  • Use of a local VirtualBox provisioned via vagrant to test and model your remote server.

An ansible playbook and roles describe the desired condition of the server. The playbook is used both for initial provisioning and for updating.

We generally support relatively current CentOS and Debian/Ubuntu environments. Versions currently supported are Ubuntu 14 (Trusty) LTS, Ubuntu 15, Debian wheezy, Debian jessy, and CentOS 7. Support for Ubuntu Xenial 16.0.4 is currently under development.

See the docs subdirectory or readthedocs for complete documentation.


  1. Install a current version of Ansible (use virtualenv and pip -- not your OS package manager);
  2. If you wish to test locally, install Vagrant and VirtualBox;
  3. Check out or download a copy of the STABLE branch of this package;
  4. Run ansible-galaxy -p roles -r requirements.yml install to install required roles;
  5. Copy one of the sample*.yml files to local-configure.yml and edit as needed.
  6. To test in a local virtual machine, run vagrant up or vagrant provision;
  7. To deploy, create an Ansible inventory file for the remote host and run ansible-playbook --ask-sudo-pass -i myhost.cfg playbook.yml;
  8. Set a real password for your Plone instance on the target server;
  9. Set up appropriate firewalls.


This version of the playbook requires that the plone.plone_server role be 1.2.0+.