Create roles for symfony app and ssl certificate

ansible/roles/symfony-app/tasks/main.yml

@@ -0,0 +1,67 @@
+---
+- name: 'Check app requirements for {{ app_name }}.'
+  fail:
+    msg: You must set app name.
+  when: not app_name
+
+- name: 'Create group "{{ app_group }}" for {{ app_name }}.'
+  group:
+    name: '{{ app_group }}'
+    state: present
+
+- name: 'Create user "{{ app_user }}" for {{ app_name }}.'
+  user:
+    name: '{{ app_user }}'
+    comment: '{{ app_name }} application owner'
+    group: '{{ app_group }}'
+    shell: /bin/bash
+
+- name: 'Set up user ssh keys for {{ app_name }}.'
+  authorized_key:
+    user: '{{ app_user }}'
+    key: '{{ item }}'
+    state: present
+  with_items: '{{ app_user_ssh_keys }}'
+
+- name: 'Set up system environment variables for {{ app_name }}.'
+  lineinfile:
+    dest: /etc/environment
+    regexp: '^{{ item.key }}='
+    line: '{{ item.key }}="{{ item.value }}"'
+  with_dict: '{{ app_envs }}'
+
+- name: 'Create ssl certificate for {{ app_name }}.'
+  include_role:
+    name: ssl-certificate
+    private: yes
+  vars:
+    cert_type: '{{ app_cert_type }}'
+    cert_name: '{{ app_name }}'
+    cert_email: '{{ app_cert_email }}'
+    cert_domains: '{{ app_domains }}'
+    cert_directory: '{{ app_cert_directory }}'
+    cert_key: '{{ app_cert_key }}'
+    cert_certificate: '{{ app_cert_certificate }}'
+    cert_dhparam: '{{ app_dhparam_file }}'
+  when: app_cert
+
+- name: 'Create web directory for {{ app_name }}.'
+  file:
+    state: directory
+    path: '{{ app_directory }}'
+    owner: '{{ app_user }}'
+    group: '{{ app_group }}'
+    recurse: yes
+  notify: restart nginx
+
+- name: 'Create nginx config for {{ app_name }}.'
+  template:
+    src: app.conf.j2
+    dest: '/etc/nginx/sites-enabled/{{ app_name }}.conf'
+  notify: restart nginx
+
+- name: 'Creates php-fpm pool config for {{ app_name }}.'
+  template:
+    src: fpm-pool.conf.j2
+    dest: '/etc/php/{{ app_php_version }}/fpm/pool.d/{{ app_name }}.conf'
+  notify: restart php-fpm