initial work

README.md

@@ -1,3 +1,6 @@
-# ansible
+# Ansible
 
-notes on ansible deployment
+This repository is for working with ansible,
+I hope you fine something in here interesting.
+
+-ed

dnf_update.yml

@@ -0,0 +1,23 @@
+# Copyright 2021, Edward Kujawski
+# https://gitea.atl.org/ekujawski/ansible
+# Licenced under the GPL-3 of later license.
+# https://gitea.atl.org/ekujawski/ansible/src/branch/master/LICENSE
+
+- name: DNF Update
+  hosts: application_servers
+
+  tasks:
+  - name: upgrade all packages
+    dnf:
+      name: "*"
+      state: latest
+
+
+  - name: RPM dependencies
+    dnf:
+      name:
+        - vim-enhanced
+        - screen
+
+  - name: Unconditionally reboot the machine with all defaults
+    reboot:

f33.yml

@@ -0,0 +1,109 @@
+# Copyright 2021, Edward Kujawski
+# https://gitea.atl.org/ekujawski/ansible
+# Licenced under the GPL-3 of later license.
+# https://gitea.atl.org/ekujawski/ansible/src/branch/master/LICENSE
+
+- name: Install NginX
+  hosts: application_servers
+  vars:
+    nginx_version: 1.19.8
+    nginx_dev_version: 0.3.1
+    openssl_version: 1.1.1k
+
+
+  tasks:
+  - name: RPM dependencies
+    dnf:
+      name:
+        - git
+        - gcc
+        - brotli-devel
+        - pcre-devel
+        - zlib-devel
+        - perl-FindBin
+        - perl-File-Compare
+
+  - name: OpenSSL Downloaded
+    stat:
+      path: /usr/local/src/openssl-{{ openssl_version }}.tar.gz
+    register: openssl_downloaded
+
+  - name: Download OpenSSL
+    shell: |
+      cd /usr/local/src
+      wget https://www.openssl.org/source/openssl-{{ openssl_version }}.tar.gz
+    when: openssl_downloaded.stat.exists == False
+
+  - name: Extract OpenSSL
+    shell: |
+      cd /usr/local/src
+      rm -rf openssl-{{ openssl_version }}
+      tar -xzf openssl-{{ openssl_version }}.tar.gz
+
+  - name: Download NGINX Dev Kit
+    shell: |
+      cd /usr/local/src
+      if [ ! -f ngx_devel_kit-{{ nginx_dev_version }}.tar.gz ] ; then
+        wget https://github.com/vision5/ngx_devel_kit/archive/refs/tags/v{{ nginx_dev_version }}.tar.gz -O ngx_devel_kit-{{ nginx_dev_version }}.tar.gz
+      fi
+      if [ ! -d ngx_devel_kit-{{ nginx_dev_version }} ] ; then
+        tar -xzf ngx_devel_kit-{{ nginx_dev_version }}.tar.gz
+      fi
+      rm -f ngx_devel_kit
+      ln -s ngx_devel_kit-{{ nginx_dev_version }} ngx_devel_kit
+
+  - name: NGINX Brotli
+    shell: |
+      cd /usr/local/src
+      if [ ! -d ngx_brotli ] ; then
+        git clone https://github.com/google/ngx_brotli.git
+      fi
+      cd ngx_brotli
+      git pull
+
+  - name: NGINX Downloaded
+    stat:
+      path: /usr/local/src/nginx-{{ nginx_version }}.tar.gz
+    register: nginx_downloaded
+
+  - name: Download NGINX
+    shell: |
+      cd /usr/local/src
+      wget https://nginx.org/download/nginx-{{ nginx_version }}.tar.gz
+    when: nginx_downloaded.stat.exists == False
+
+  - name: NGINX Configure
+    shell: |
+      cd /usr/local/src
+      cat > nginx-{{ nginx_version }}.configure <<EOF
+      ./configure --prefix='/usr/local/nginx-{{ nginx_version }}' \
+        --with-http_ssl_module \
+        --with-mail \
+        --with-mail_ssl_module \
+        --with-http_gzip_static_module \
+        --with-http_stub_status_module \
+        --with-cc-opt='-Wno-error' \
+        --with-http_v2_module \
+        --with-ld-opt='-Wl,-rpath,/usr/lib64' \
+        --add-module=/usr/local/src/ngx_devel_kit \
+        --add-module=/usr/local/src/ngx_brotli \
+        --with-openssl=/usr/local/src/openssl-1.1.1k \
+        --with-http_auth_request_module \
+        --with-stream
+      EOF
+
+  - name: NGINX Code
+    shell: |
+      cd /usr/local/src
+      rm -rf nginx-{{ nginx_version }}
+      tar -xzf nginx-{{ nginx_version }}.tar.gz
+
+  - name: NGINX Compile
+    shell: |
+      cd /usr/local/src/nginx-{{ nginx_version }}
+      . ../nginx-{{ nginx_version }}.configure
+      make -j2 install
+      cd /usr/local
+      rm -rf nginx
+      ln -s nginx-{{ nginx_version }} nginx
+

php.yaml

@@ -0,0 +1,90 @@
+# Copyright 2021, Edward Kujawski
+# https://gitea.atl.org/ekujawski/ansible
+# Licenced under the GPL-3 of later license.
+# https://gitea.atl.org/ekujawski/ansible/src/branch/master/LICENSE
+
+- name: Install PHP
+  hosts: application_servers
+  vars:
+    php_version: 7.4.16
+
+
+  tasks:
+  - name: RPM dependencies
+    dnf:
+      name:
+        - git
+        - gcc
+        - libxml2-devel
+        - openssl-devel
+        - sqlite-devel
+        - libcurl-devel
+        - libpng-devel
+        - libwebp-devel
+        - libjpeg-turbo-devel
+        - libXpm-devel
+        - freetype-devel
+        - oniguruma-devel
+        - brotli-devel
+        - pcre-devel
+        - zlib-devel
+        - perl-FindBin
+        - perl-File-Compare
+
+
+  - name: PHP Downloaded
+    stat:
+      path: /usr/local/src/php-{{ php_version }}.tar.xz
+    register: php_downloaded
+
+  - name: Download PHP
+    shell: |
+      cd /usr/local/src
+      wget https://www.php.net/distributions/php-{{ php_version }}.tar.xz
+    when: php_downloaded.stat.exists == False
+
+  - name: PHP Configure
+    shell: |
+      cd /usr/local/src
+      cat > php-{{ php_version }}.configure <<EOF
+      ./configure \
+        --prefix=/usr/local/php-{{ php_version }} \
+        --enable-fpm \
+        --with-mysqli \
+        --with-openssl \
+        --with-zlib \
+        --enable-gd \
+        --with-webp \
+        --with-jpeg \
+        --with-xpm \
+        --with-freetype \
+        --enable-gd-jis-conv \
+        --enable-mbstring \
+        --with-curl
+      EOF
+
+
+  - name: PHP Code
+    shell: |
+      cd /usr/local/src
+      rm -rf php-{{ php_version }}
+      tar -xf php-{{ php_version }}.tar.xz
+
+  - name: PHP Compile
+    shell: |
+      cd /usr/local/src/php-{{ php_version }}
+      . ../php-{{ php_version }}.configure
+      make -j`nproc --all`
+
+  - name: PHP Install
+    shell: |
+      cd /usr/local/src/php-{{ php_version }}
+      make install
+      cd /usr/local
+      rm -rf php
+      ln -s php-{{ php_version }} php
+      cd /usr/local/bin
+      ln -sf ../php/bin/* .
+      cd /usr/local/sbin
+      ln -sf ../php/sbin/* .
+

start.md

@@ -0,0 +1,28 @@
+Install public key:
+
+```bash
+mkdir ~/.ssh
+echo ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICat1i8kNvqq3uSBb5z7JGfdqjh/X+3RiKTjqRM3w8G2 ed@asus2.kujawski.com > ~/.ssh/authorized_keys
+chmod go-rwx -R ~/.ssh
+```
+
+Then point repos to local mirror:
+
+```bash
+echo 'H4sIAAAAAAAAA9WRPWvDMBCGd/2KQEI3+5KpUBBdmmQohdBOJRQj22dbtSyJk5wm/76ynSahhRL6
+MWQRJ+nu0SuedYG5IfHCtGiQL/rNaEKoUDjcII2i0SQNpaCsYl3RkuKV9/YGYBiNG0lkaL8DJXW7
+hT3AwQkK5mHZ+UrqEg5MMA7YuEEvwmDdk11AD0wXD1BL5hUzHxsq4aP1ltAaPtxHJ69cdVR+zIxa
+pApzPmOZabUPn5yxjpELLxLcWknIr3PW0ZLSllmFWc2nzO8scrINO5zNurLGHS+kwhAR0Gdgawmh
+KwpX8Lh6iJarZXQ/f46+5oqOkVwtbSKLpNViI6Tq8vGFUA4ZW+8Hc0zbUurCnCUm1HfdABt/MpSb
+N62MyGPcisYqBNumPxXVRwJPiMB+66tnnWNtegGunGkpw+9EPfUd/2BnePqPpAywC7fyDp6ybvPQ
+BAAA' | base64 -d |gunzip > /etc/yum.repos.d/fedora.repo
+
+echo 'H4sIAAAAAAAAA9WRP2vDMBDFd32KQEI3+eKlQ0F0aZKhFEJDhxKKke2zrVqWhCylybev/Cdp6FDa
+kiWLOEl3793jt/Um5w7bN6J4g2yJubZ8MrMokbe4Qzuhk1kaSm6zKtQvQzvpnryVrHLO3AEU/VzU
+CGu1HW8ghfJ7GA3gTBMW4Ti4SqgSTuJApg06HobqXrUNsoNeGw2Cxup3zFykbQnH1nuLRrPRg44W
+OS3O3G46dXbyIah4KjFnMcm0Vy6kjkmnkpSmzCrMajYn7mCQWdOQ01tMOstgwxPcG2GR3Vbdb40H
+VgiJYVtAl4GpBYRBGr7gef1EV+sVfVy80iECPduLfq3U1sIkoki84jsuZLcfW3LZIiHbY7YcU18K
+Veg/ogrVQzdKpt+Y5fpDSc3zCPe8MRLB+PSf6PrdgFyOXy/4K4rza2DXam8z/AncEdam77w8q03I
+s7kkoSHStSP6BNx0rIn/BAAA' | base64 -d|gunzip > /etc/yum.repos.d/fedora-updates.repo
+```
+