Adding WordPress Ansible playbook scripts

scripts/ansiblePlaybook/wordpress/group_vars/all

@@ -0,0 +1,52 @@
+# Below variables values are updated at runtime
+wp_db_server_name: wordpress
+wp_db_user: wordpress
+wp_db_password: password
+wp_db_name: wordpress
+user_name: azusername
+vm_password: password
+vm_ip: IP
+lb_dns_name: domain
+site_domain_name: domain
+
+# Password will be auto generated
+wp_admin_password: 
+wp_db_user_pass: 
+
+# Static values
+wordpress_dir: wordpress
+wp_title: LAMP-WordPress
+wp_admin_user: admin
+wp_admin_email: test@microsoft.com
+wp_db_user_id: wordpress
+
+# Disable All Updates
+# By default automatic updates are enabled, set this value to true to disable all automatic updates
+auto_up_disable: true
+
+#Define Core Update Level
+#true  = Development, minor, and major updates are all enabled
+#false = Development, minor, and major updates are all disabled
+#minor = Minor updates are enabled, development, and major updates are disabled
+core_update_level: true
+
+# WordPress Latest Version
+#if you want to update wordpress to latest version then update sha1sum value from https://wordpress.org/download/releases/
+wp_version: 5.4.1
+woocommerce_version: 4.0.1
+wp_sha1sum: 9800c231828eb5cd76ba0b8aa6c1a74dfca2daff
+
+#default_paths
+default_permission: www-data
+woocommerce_script_name: woocommerce.sh
+replication_name: wordpress_replication.sh
+
+webroot: /var/www/html
+wordpress_path: /tmp/wordpress
+
+wordpress_url: https://wordpress.org/wordpress
+wp_salt_path: https://api.wordpress.org/secret-key/1.1/salt/
+wp_cli_url: https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
+woocommerce_plugin_url: https://downloads.wordpress.org/plugin/woocommerce.
+woocommerce_url: https://raw.githubusercontent.com/Azure/LAMP/master/scripts/woocommerce.sh
+replication_url: https://raw.githubusercontent.com/Azure/LAMP/master/scripts/wordpress_replication.sh

scripts/ansiblePlaybook/wordpress/playbook.yml

@@ -0,0 +1,10 @@
+- hosts: 127.0.0.1
+  connection: local
+  roles:
+    - sshkeyconfig
+
+- hosts: webservers
+  roles:
+     - wordpress
+     - woocommerce
+     - replication

scripts/ansiblePlaybook/wordpress/roles/replication/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+-
+  get_url:
+    dest: /home/{{user_name | quote }}
+    group: "{{ user_name | quote }}"
+    mode: 493
+    owner: "{{ user_name | quote }}"
+    url: "{{replication_url}}"
+  name: "Download replica script using get_url"
+-
+  name: "Run a replica script with arguments (using 'cmd' parameter)"
+  shell: /home/{{ user_name | quote }}/{{replication_name}} {{ site_domain_name | quote }} {{ webroot | quote }}
+  args:
+    executable: /bin/bash
+
+- name: Create wordpress.txt file for user
+  copy:
+    dest: "/home/{{ user_name | quote }}/wordpress.txt"
+    content: |
+      WordPress Site Details:
+      uid= {{ wp_admin_user | quote }}
+      pwd= {{ wp_admin_password | quote }}
+      WordPress DB User Details:
+      db_id= {{ wp_db_user | quote }}
+      db_pwd= {{ wp_db_user_pass | quote }}

scripts/ansiblePlaybook/wordpress/roles/sshkeyconfig/tasks/main.yml

@@ -0,0 +1,23 @@
+---
+   - name: "upgrade"
+     apt:
+      upgrade: true
+     become: true
+
+   - name: "install sshpass"
+     #command: apt-get install sshpass
+     apt:
+       name: sshpass
+       state: latest
+     become: yes
+
+   - name: “generate sshkey”
+     openssh_keypair:
+      path: /home/{{ user_name | quote }}/.ssh/id_rsa
+      group: "{{ user_name | quote }}"
+      owner: "{{ user_name | quote }}"
+      size: 4096
+     become: yes
+      
+   - name: "copy file to remote host"
+     command: sshpass -p {{ vm_password | quote }} ssh-copy-id -i /home/{{ user_name | quote }}/.ssh/id_rsa.pub -o StrictHostKeyChecking=no {{user_name | quote }}@{{ vm_ip | quote }}

scripts/ansiblePlaybook/wordpress/roles/woocommerce/tasks/main.yml

@@ -0,0 +1,18 @@
+---
+-
+  get_url:
+    dest: /home/{{user_name | quote }}
+    group: "{{user_name | quote }}"
+    mode: 493
+    owner: "{{user_name | quote }}"
+    url: "{{woocommerce_url}}"
+  name: "Download woocommerce script using get_url"
+-
+  name: "Run a woocommerce script with arguments (using 'cmd' parameter)"
+  shell: /home/{{user_name | quote }}/{{woocommerce_script_name}} {{ woocommerce_plugin_url | quote }}{{ woocommerce_version | quote }}.zip {{ user_name | quote }} {{ woocommerce_version | quote }} {{ webroot | quote }}
+  args:
+    executable: /bin/bash
+
+-
+  name: "Activate woocommerce with wp cli command"
+  command: "wp plugin activate woocommerce --path='{{webroot}}/{{wordpress_dir}}'"

scripts/ansiblePlaybook/wordpress/roles/wordpress/tasks/main.yml

@@ -0,0 +1,87 @@
+---
+- name: Create webroot
+  file:
+    state: directory
+    path: "{{webroot}}"
+    owner: "{{default_permission}}"
+    group: "{{default_permission}}"
+    mode: 0755
+  become: yes
+
+- name: Check if WordPress directory exists in "{{webroot}}"
+  stat: path="{{webroot}}/{{wordpress_dir}}"
+  register: check_path
+
+- name: Download WordPress
+  get_url: 
+    url: "{{wordpress_url}}-{{ wp_version }}.tar.gz"
+    dest: "{{wordpress_path}}-{{ wp_version }}.tar.gz" 
+    checksum: "sha1:{{ wp_sha1sum }}" 
+  become: yes
+  when: not check_path.stat.exists
+
+- name: Extract WordPress
+  unarchive:
+    src: "{{wordpress_path}}-{{ wp_version }}.tar.gz"
+    dest: /tmp
+    owner: "{{default_permission}}"
+    group: "{{default_permission}}"
+    copy: no
+  become: yes
+  when: not check_path.stat.exists
+  
+- 
+  name: create a database
+  command: mysql -h {{wp_db_server_name}} -u {{wp_db_user}} -p{{wp_db_password}} -e "CREATE DATABASE {{wp_db_name}} CHARACTER SET utf8;"
+  register: output
+
+- 
+  name: grant user permission to database
+  command: mysql -h {{wp_db_server_name}} -u {{wp_db_user}} -p{{wp_db_password}} -e "GRANT ALL ON {{wp_db_name}}.* TO {{wp_db_user_id}} IDENTIFIED BY '{{wp_db_user_pass}}';"
+  register: outputpremission
+
+- name: Move WordPress install files
+  command: "mv {{wordpress_path}} {{webroot}}/{{wordpress_dir}}"
+  become: yes
+  when: not check_path.stat.exists
+
+- name: Fetch random salts for WordPress config
+  local_action: "command curl {{wp_salt_path}}"
+  register: "wp_salt"
+  become: no
+
+- name: Add wp-config
+  template: "src=wp-config.php dest={{webroot}}/{{wordpress_dir}}/wp-config.php"
+  become: yes
+
+- name: Update WordPress config file
+
+  lineinfile:
+    dest: "{{webroot}}/{{wordpress_dir}}/wp-config.php"
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+  with_items:
+    - {'regexp': "define\\('DB_NAME', '(.)+'\\);", 'line': "define('DB_NAME', '{{wp_db_name}}');"}
+    - {'regexp': "define\\('DB_USER', '(.)+'\\);", 'line': "define('DB_USER', '{{wp_db_user}}');"}
+    - {'regexp': "define\\('DB_PASSWORD', '(.)+'\\);", 'line': "define('DB_PASSWORD', '{{wp_db_password}}');"}
+  become: yes
+  no_log: true
+  
+- name: download wpcli
+  get_url:
+    dest: "/home/{{user_name}}"
+    group: "{{default_permission}}"
+    owner: "{{default_permission}}"
+    url: "{{wp_cli_url}}"
+  become: yes
+
+- name: install wp-cli
+  command: "chmod +x /home/{{user_name}}/wp-cli.phar"
+  become: yes
+
+- name: move wp-cli
+  command: "mv /home/{{user_name}}/wp-cli.phar /usr/local/bin/wp"
+  become: yes
+
+- name: install wordpress
+  command: "wp core install --url='http://{{lb_dns_name}}' --title='{{wp_title}}' --admin_user='{{wp_admin_user}}' --admin_password='{{wp_admin_password}}' --admin_email='{{wp_admin_email}}' --path='{{webroot}}/{{wordpress_dir}}'"

scripts/ansiblePlaybook/wordpress/roles/wordpress/templates/wp-config.php

@@ -0,0 +1,76 @@
+<?php
+/**
+ * Following configration file will be updated in the wordpress folder in runtime 
+ *
+ * Following configurations: Azure Database for MySQL server settings, Table Prefix,
+ * Secret Keys, WordPress Language, and ABSPATH. 
+ * 
+ * wp-config.php  file is used during the installation.
+ * Copy the wp-config file to wordpress folder.
+ *
+ */
+
+// ** Azure Database for MySQL server settings - You can get the following details from Azure Portal** //
+/** Database name for WordPress */
+define('DB_NAME', '{{ wp_db_name }}');
+
+/** username for MySQL database */
+define('DB_USER', '{{ wp_db_user }}');
+
+/** password for MySQL database */
+define('DB_PASSWORD', '{{ wp_db_password }}');
+
+/** Azure Database for MySQL server hostname */
+define('DB_HOST', '{{wp_db_server_name}}');
+
+/** Database Charset to use in creating database tables. */
+define('DB_CHARSET', 'utf8');
+
+/** The Database Collate type. Don't change this if in doubt. */
+define('DB_COLLATE', '');
+
+/**
+ * Authentication Unique Keys and Salts.
+ * You can generate unique keys and salts at https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service
+ * You can change these at any point in time to invalidate all existing cookies.
+ */
+
+{{ wp_salt.stdout }}
+
+/**
+ * WordPress Database Table prefix.
+ *
+ * You can have multiple installations in one database if you give each a unique prefix.
+ * Only numbers, letters, and underscores are allowed.
+ */
+$table_prefix  = 'wp_';
+
+/**
+ * WordPress Localized Language, defaults language is English.
+ *
+ * A corresponding MO file for the chosen language must be installed to wp-content/languages. 
+ */
+define('WPLANG', '');
+
+/**
+ * For developers: Debugging mode for WordPress.
+ * Change WP_DEBUG to true to enable the display of notices during development.
+ * It is strongly recommended that plugin and theme developers use WP_DEBUG in their development environments.
+ */
+define('WP_DEBUG', false);
+
+/** Disable Automatic Updates Completely */
+define( 'AUTOMATIC_UPDATER_DISABLED', {{auto_up_disable}} );
+
+/** Define AUTOMATIC Updates for Components. */
+define( 'WP_AUTO_UPDATE_CORE', {{core_update_level}} );
+
+/** Absolute path to the WordPress directory. */
+if ( !defined('ABSPATH') )
+  define('ABSPATH', dirname(__FILE__) . '/');
+
+/** Sets up WordPress vars and included files. */
+require_once(ABSPATH . 'wp-settings.php');
+
+/** Avoid FTP credentails. */
+define('FS_METHOD','direct');

scripts/woocommerce.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# Woocommerce plugin will be downloaded and copied to plugins directory of Wordpress
+
+wooco_URL=${1} 
+wooco_path=/home/${2}
+web_root=${4}
+wooco_version=${3}
+wooco_dir_name=downloads.wordpress.org
+wooco_plugin_path=plugin/woocommerce
+
+downloadwoocommerce(){
+  wget -p ${wooco_URL} ${wooco_path}/
+}
+extractfile(){
+  sudo apt install unzip
+  sudo unzip ${wooco_path}/${wooco_dir_name}/${wooco_plugin_path}.${wooco_version}.zip
+  sudo cp -rf ${wooco_path}/woocommerce ${web_root}/wordpress/wp-content/plugins/
+  sudo rm -rf ${wooco_path}/woocommerce
+  sudo rm -rf {wooco_path}/${wooco_dir_name}/
+}
+
+downloadwoocommerce 
+extractfile 

scripts/wordpress_main.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+# The following script will run at the time of template deployment and user input will be encoded.
+# Script will download the wordpress_script.sh as a raw content from GitHub.
+# Encoded input will be decoded and appended to the wordpress_script.sh for execution.
+# The output of the script would be run.sh file at /home/azureadmin(username)/
+
+decotext=`echo ${2} | base64 --decode`
+
+clonerepo(){
+  cd /home/"${1}"/ 
+  wget https://raw.githubusercontent.com/Azure/LAMP/master/scripts/wordpress_script.sh
+  sudo chown -R "${1}":"${1}" /home/"${1}"/wordpress_script.sh
+}
+clonerepo ${1}
+  cat <<EOF > /home/"${1}"/run.sh
+  #!/bin/bash
+  bash /home/${1}/wordpress_script.sh ${decotext}
+EOF
+sudo chown -R "${1}":"${1}" /home/"${1}"/run.sh
+sudo -u ${1} bash /home/"${1}"/run.sh

scripts/wordpress_replication.sh

@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Generates OpenSSL certificates.
+# WordPress replication script will be replicating the WordPress folder to virtual machine scaleset
+# Updates the nginx configuration
+
+webroot=${2}
+replica_path=/azlamp/html/${1}
+replica_certs=/azlamp/certs/${1}
+replica_data=/azlamp/data/${1}
+replica_bin=/azlamp/bin
+wp_content=wp-content/uploads
+
+change_location() {
+    sudo mkdir ${replica_path}
+    sudo cp -rf ${webroot}/wordpress/* ${replica_path}
+    sudo chown -R www-data:www-data ${replica_path}
+}
+configuring_certs() {
+    sudo mkdir ${replica_certs}
+    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${replica_certs}/nginx.key -out ${replica_certs}/nginx.crt -subj "/C=US/ST=WA/L=Redmond/O=IT/CN=${1}"
+    sudo chown www-data:www-data ${replica_certs}/nginx.*
+    sudo chmod 400 ${replica_certs}/nginx.*
+}
+linking_data_location() {
+    sudo mkdir -p ${replica_data}/${wp_content}
+    sudo ln -s ${replica_data}/${wp_content} ${replica_path}/${wp_content}
+    sudo chmod 0755 ${replica_data}/${wp_content}
+    sudo chown -R www-data:www-data ${replica_data}/wp-content
+}
+update_nginx_configuration() {
+    cd ${replica_bin}/
+    sudo sed -i "s~#1)~1)~" ${replica_bin}/update-vmss-config
+    sudo sed -i "s~#    . /azlamp/bin/utils.sh~   . /azlamp/bin/utils.sh~" ${replica_bin}/update-vmss-config
+    sudo sed -i "s~#    reset_all_sites_on_vmss true VMSS~    reset_all_sites_on_vmss true VMSS~" ${replica_bin}/update-vmss-config
+    sudo sed -i "s~#;;~;;~" ${replica_bin}/update-vmss-config
+}
+replication() {
+    cd /usr/local/bin/
+    sudo bash update_last_modified_time.azlamp.sh
+}
+
+# ${1} value is a domain name which will update in runtime
+change_location
+configuring_certs ${1}
+linking_data_location
+update_nginx_configuration
+replication 

scripts/wordpress_script.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+
+# Install ansible server, SVN and configure the host VM IP (controller VM IP) 
+# It will update groups_var/all file in playbook with the user inputs dynamically
+# It will execute ansible playbook for installing WordPress in host VM (controller VM)
+
+log_path=/home/${3}/var.txt
+home_path=/home/${3}
+vars_path=/home/${3}/wordpress/group_vars/all
+# wp_admin_password is the password for wordpress site
+wp_admin_password=$(</dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8)
+wp_db_user_pass=$(</dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8)
+
+install_ansible() {
+  sudo apt-add-repository ppa:ansible/ansible -y
+  sudo apt-get update
+  sudo apt-get install ansible -y
+}
+configure_ansible() {
+  sudo chown -R ${2}:${2} ${home_path}/.ansible/cp
+  echo "Configure ansible Ip is : ${1}" >> ${log_path}
+  sudo chmod 777 /etc/ansible/hosts
+  sudo echo -e "[webservers]\n${1}" >>/etc/ansible/hosts
+  sudo chmod 755 /etc/ansible/hosts
+}
+install_svn() {
+  sudo apt-get update -y
+  sudo apt-get install -y subversion
+}
+wordpress_install() {
+  cd /home/${1}
+  svn checkout https://github.com/Azure/LAMP/trunk/scripts/ansiblePlaybook/wordpress
+  sudo sed -i "s~domain_name: domain~domain_name: ${5}~" ${vars_path}
+  sudo sed -i "s~dns_name: domain~dns_name: ${5}~" ${vars_path}
+  sudo sed -i "s~user_name: azusername~user_name: ${1}~" ${vars_path}  
+  sudo sed -i "s~wp_db_server_name: wordpress~wp_db_server_name: ${2}~" ${vars_path} 
+  sudo sed -i "s~wp_db_user: wordpress~wp_db_user: ${3}~" ${vars_path} 
+  sudo sed -i "s~wp_db_password: password~wp_db_password: ${4}~" ${vars_path}
+  sudo sed -i "s~vm_password: password~vm_password: ${6}~" ${vars_path}
+  sudo sed -i "s~vm_ip: IP~vm_ip: ${7}~" ${vars_path}
+  sudo sed -i "s~wp_db_name: wordpress~wp_db_name: ${8}~" ${vars_path}
+  sudo sed -i "s~wp_admin_password: ~wp_admin_password: ${wp_admin_password}~" ${vars_path}
+  sudo sed -i "s~wp_db_user_pass: ~wp_db_user_pass: ${wp_db_user_pass}~" ${vars_path}
+  ansible-playbook /home/${1}/wordpress/playbook.yml -i /etc/ansible/hosts -u ${1}
+}
+
+# Disable strict host key checking to configure host VM IP  (controller VM IP)
+sudo sed -i "s~#   StrictHostKeyChecking ask~   StrictHostKeyChecking no~" /etc/ssh/ssh_config 
+sudo systemctl restart ssh
+install_ansible >> ${log_path}
+configure_ansible ${1} ${3} >> ${log_path}
+install_svn
+wordpress_install ${3} ${4} ${5} ${6} ${7} ${2} ${1} ${8} >> ${log_path}
+# Enable strict host key checking
+sudo sed -i "s~   StrictHostKeyChecking no~#   StrictHostKeyChecking ask~" /etc/ssh/ssh_config 
+sudo systemctl restart ssh