linux9期架构-day30--使用变量搭建博客
需求
搭建博客
需要做到动态资源存储至数据库
静态资源存储至nfs
并且对nfs数据做好备份,结合sersync
环境准备
| 主机名 |
ip |
角色 |
| m01 |
10.0.0.61 |
ansible管理端 |
| web01 |
10.0.0.7 |
nginx |
| web02 |
10.0.0.8 |
nginx |
| nfs |
10.0.0.31 |
nfs共享存储及serync |
| rsync |
10.0.0.41 |
备份数据 |
| db01 |
10.0.0.51 |
数据库服务器 |
ansible前提准备文件
----------------------------------------------------------rsync准备
# 1. 准备rsync主配置文件
[root@m01 rsync]# cat rsyncd.conf
uid = www
gid = www
port = 873
fake super = yes
use chroot = no
max connections = 200
timeout = 600
ignore errors
read only = false
list = false
auth users = rsync_backup
secrets file = /etc/rsync.passwd
log file = /var/log/rsyncd.log
#####################################
[backup]
comment = welcome to oldboyedu backup!
path = /backup
# 2.创建rsync用户密码对应文件
[root@m01 rsync]# cat rsync.passwd
rsync_backup:123
------------------------------------------------------------nfs准备
# 1. 下载安装包到ansible
https://raw.githubusercontent.com/wsgzao/sersync/master/sersync2.5.4_64bit_binary_stable_final.tar.gz
# 2. 解压文件
[root@m01 rsync]# tar xf sersync2.5.4_64bit_binary_stable_final.tar.gz
# 3. 解压后的包重命名(作为sersync监控使用)
[root@m01 rsync]# mv GNU-Linux-x86/ sersync
---------------------------------------------------------web两台主机准备
# 1. 准备nginx和php安装包
-rw-r--r-- 1 root root 20453103 May 27 15:08 nginx.php.tar.gz
# 2. 准备wordpress博客压缩包
-rw-r--r-- 1 root root 11098483 May 20 14:38 wordpress-5.0.3-zh_CN.tar.gz
# 3. 准备nginx主配置文件(将用户改为了www)
-rw-r--r-- 1 root root 641 Jun 12 04:30 nginx.conf
# 4. 准备php配置文件(就是将文件中的用户和组改为了www)
-rw-r--r-- 1 root root 17962 Jun 12 04:32 www.conf
# 5. 准备nignx连接php文件(也是nginx的conf.d下的配置文件)
[root@m01 nginx]# cat nginx_blog.conf
server {
listen 80;
server_name www.wp.com;
root /code/wordpress;
index index.php index.html;
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
# 目录结构
[root@m01 ansible]# tree
.
├── a.yml
├── b.yml
├── nfs
│ └── exports
├── nginx
│ ├── nginx_blog.conf
│ ├── nginx.conf
│ ├── nginx.php.tar.gz
│ ├── wordpress-5.0.3-zh_CN.tar.gz
│ ├── wp-config.php
│ └── www.conf
├── rsync
│ ├── rsyncd.conf
│ ├── rsync.passwd
│ ├── sersync
│ │ ├── confxml.xml
│ │ └── sersync2
│ └── sersync2.5.4_64bit_binary_stable_final.tar.gz
主机清单文件
[web_group]
web01 ansible_ssh_host=10.0.0.7
web02 ansible_ssh_host=10.0.0.8
[nfs_group]
nfs ansible_ssh_host=10.0.0.31
[backup_group]
backup ansible_ssh_host=10.0.0.41
[db_group]
db01 ansible_ssh_host=10.0.0.51
剧本编写
[root@m01 ansible]# cat b.yml
- hosts: all
vars:
- user_group: www
- database_user: wp
tasks:
- name: open firewalld
service:
name: firewalld
state: started
enabled: yes
- name: open firewalld port
firewalld:
port: "{{ item }}"
permanent: no
state: enabled
with_items:
- 3306/tcp
- 80/tcp
- 873/tcp
- name: open firewalld service
firewalld:
service: nfs
permanent: no
state: enabled
when: ansible_fqdn == 'nfs'
- name: stop selinux
selinux:
state: disabled
- name: create www group
group:
name: "{{ user_group }}"
gid: 666
- name: create www user
user:
name: "{{ user_group }}"
uid: 666
group: "{{ user_group }}"
state: present
shell: /sbin/nologin
create_home: false
- name: install mariadb
yum:
name:
- mariadb-server
- MySQL-python
state: present
when: ansible_fqdn == 'db01'
- name: start mariadb
service:
name: mariadb
state: restarted
enabled: yes
when: ansible_fqdn == 'db01'
- name: create database
mysql_db:
name: "{{ database_user }}"
state: present
when: ansible_fqdn == 'db01'
- name: create database user
mysql_user:
name: "{{ database_user }}"
password: '123'
host: '%'
priv: '*.*:ALL'
state: present
when: ansible_fqdn == 'db01'
- name: install rsync
yum:
name: rsync
state: present
when: ansible_fqdn == 'backup'
- name: rsync config
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { src: "/ansible/rsync/rsyncd.conf" , dest: "/etc/rsyncd.conf" , mode: "0644" }
- { src: "/ansible/rsync/rsync.passwd" , dest: "/etc/rsync.passwd" , mode: "0600" }
when: ansible_fqdn == 'backup'
- name: create bakcup directories
file:
path: /backup
owner: www
group: www
state: directory
when: ansible_fqdn == 'backup'
- name: start rsync server
service:
name: rsyncd
state: restarted
when: ansible_fqdn == 'backup'
- name: install nfs rsync
yum:
name:
- nfs-utils
- rsync
- inotify-tools
state: present
when: ansible_fqdn == 'nfs'
- name: nfs conf and Connect to the rsync password file
copy:
content: "{{ item.content}}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { content: "/data 10.0.0.0/24(rw,sync,all_squash,anonuid=666,anongid=666)" , dest: "/etc/exports" , mode: "0644" }
- { content: "123" , dest: "/etc/rsync.passwd" , mode: "0600" }
when: ansible_fqdn == 'nfs'
- name: create nfs directory
file:
path: /data
owner: "{{ user_group }}"
group: "{{ user_group }}"
state: directory
when: ansible_fqdn == 'nfs'
- name: copy sersync directory
copy:
src: /ansible/rsync/sersync
dest: /usr/local/
when: ansible_fqdn == 'nfs'
- name: start nfs server
service:
name: nfs-server
state: restarted
enabled: yes
when: ansible_fqdn == 'nfs'
- name: start sersync
shell: "chmod 777 /usr/local/sersync/sersync2 && /usr/local/sersync/sersync2 -rdo /usr/local/sersync/confxml.xml"
when: ansible_fqdn == 'nfs'
- hosts: web_group
tasks:
- name: install nfs on the web
yum:
name: nfs-utils
state: present
- name: create data directory
file:
path: /code
state: directory
- name: unzip php and nginx
unarchive:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "/ansible/nginx/nginx.php.tar.gz" , dest: "/opt" }
- { src: "/ansible/nginx/wordpress-5.0.3-zh_CN.tar.gz" , dest: "/code" }
- name: panduan
shell: 'ls -l /etc/nginx'
register: nginx_info
ignore_errors: yes
- name: get nginx info
debug:
msg: "{{ nginx_info.rc }}"
- name: install nginx_php
shell: "cd /opt/nginx.php/ && rpm -Uvh *rpm"
when: nginx_info.rc !=0
- name: cp nginx_blog.conf
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
with_items:
- { src: "/ansible/nginx/nginx_blog.conf" , dest: "/etc/nginx/conf.d/nginx_blog.conf" }
- { src: "/ansible/nginx/nginx.conf" , dest: "/etc/nginx/nginx.conf" }
- { src: "/ansible/nginx/www.conf" , dest: "/etc/php-fpm.d/www.conf" }
- name: change permission
shell: "chown -R www.www /code"
- name: start php-fpm and nginx
service:
name: "{{ item }}"
state: restarted
with_items:
- php-fpm
- nginx
- name: mount
mount:
path: /code/wordpress/wp-content/uploads
src: '10.0.0.31:/data'
fstype: nfs
state: mounted
- 备份文件
