--- - hosts: db become: true vars_files: - vars/vars.yml - vars/provision_vault.yml - vars/provision_vars.yml vars: firewall_additional_rules: - "iptables -A INPUT -p tcp --dport 3306 -s 10.131.0.2 -j ACCEPT" firewall_allowed_tcp_ports: [2849] mysql_bind_address: '10.131.0.3' mysql_users: - name: "{{ app_mysql_user }}" password: "{{ app_mysql_password }}" host: '10.131.0.2' priv: "oliverdavies_uk.*:ALL" mysql_databases: - name: oliverdavies_uk pre_tasks: - name: Update apt cache apt: update_cache: true cache_valid_time: 3600 roles: - name: geerlingguy.firewall - name: geerlingguy.security - name: geerlingguy.mysql - hosts: web vars_files: - vars/vars.yml - vars/provision_vault.yml - vars/provision_vars.yml vars: composer_version_branch: '--1' firewall_allowed_tcp_ports: [80, 443, 2849] mysql_packages: - mariadb-client mysql_users: [] roles: - name: geerlingguy.firewall - name: geerlingguy.security - name: geerlingguy.certbot - name: geerlingguy.nginx - name: geerlingguy.mysql - name: geerlingguy.php-versions - name: geerlingguy.php - name: geerlingguy.php-mysql - name: geerlingguy.composer - name: geerlingguy.nodejs pre_tasks: - name: Update apt cache apt: update_cache: true cache_valid_time: 3600 tasks: - name: Install packages package: name: [curl, zip] state: present - name: Add cron jobs cron: name: Drupal cron - oliverdavies.uk minute: '*/5' job: > {{ project_root_path }}/{{ ansistrano_current_dir }}/bin/drush core-cron --root={{ project_root_path }}/{{ ansistrano_current_dir }}/{{ project_web_dir }} --uri https://www.oliverdavies.uk --quiet