Split web and DB onto different servers

This commit is contained in:
Oliver Davies 2020-10-09 16:27:44 +01:00
parent f0b3cc30ec
commit 7b11bb43f6
10 changed files with 110 additions and 51 deletions

View file

@ -1,21 +1,67 @@
---
- hosts: all
- hosts: db
become: true
vars_files:
- vars/vars.yml
- vars/provision_vault.yml
- vars/provision_vars.yml
vars:
firewall_additional_rules:
- "iptables -A INPUT -p tcp --dport 3306 -s 10.131.0.2 -j ACCEPT"
firewall_allowed_tcp_ports: [2849]
mysql_bind_address: '10.131.0.3'
mysql_users:
- name: "{{ app_mysql_user }}"
password: "{{ app_mysql_password }}"
host: '10.131.0.2'
priv: "oliverdavies_uk.*:ALL"
mysql_databases:
- name: oliverdavies_uk
pre_tasks:
- name: Update apt cache
apt:
update_cache: true
cache_valid_time: 3600
roles:
- name: geerlingguy.firewall
- name: geerlingguy.security
- name: geerlingguy.certbot
- name: geerlingguy.mysql
- hosts: web
vars_files:
- vars/vars.yml
- vars/provision_vault.yml
- vars/provision_vars.yml
vars:
composer_version_branch: '--1'
firewall_allowed_tcp_ports: [80, 443, 2849]
mysql_packages:
- mariadb-client
mysql_users: []
roles:
- name: geerlingguy.firewall
- name: geerlingguy.security
- name: geerlingguy.certbot
- name: geerlingguy.nginx
- name: geerlingguy.mysql
- name: geerlingguy.php-versions
- name: geerlingguy.php
- name: geerlingguy.php-mysql
- name: geerlingguy.composer
- name: geerlingguy.nodejs
tags: [nodejs]
pre_tasks:
- name: Update apt cache
apt:
update_cache: true
cache_valid_time: 3600
tasks:
- name: Install packages