Road-to-DevOps/Pepiniere/Ansible/Formation/travaux-pratiques/tp-ansible-playbooks.md

# TP Ansible

## Les Playbooks

Créer un Playbook et l'exécuter sur des cibles.


* Créer dans le dossier de travail un fichier playbook nommé `get-user-id.yaml` avec le contenu suivant :

```yaml
- hosts: all
  tasks:
  - name: Get user id
    command: id
```

* Que va faire ce playbook ?


* Exécuter le Playbook :

<!-- .slide: data-state="small-code" -->
```nohighlight
$ ansible-playbook -i inventories/formation/hosts playbooks/get-user-id.yaml

PLAY [all] ********************************************************************

TASK [Gathering Facts] ********************************************************
ok: [ansible-3]
ok: [ansible-2]
ok: [ansible-1]

TASK [Get user id] ************************************************************
changed: [ansible-3]
changed: [ansible-2]
changed: [ansible-1]

PLAY RECAP ********************************************************************
ansible-1          : ok=2    changed=1    unreachable=0    failed=0   
ansible-2          : ok=2    changed=1    unreachable=0    failed=0   
ansible-3          : ok=2    changed=1    unreachable=0    failed=0   
```

L'action est bien effectuée même si on ne voit pas le détail.


* Relancer l'éxécution du Playbook en mode verbeux.

<!-- .slide: data-state="small-code" -->
```nohighlight
$ ansible-playbook -v -i inventories/formation/hosts playbooks/get-user-id.yaml

PLAY [all] ********************************************************************

TASK [Gathering Facts] ********************************************************
ok: [ansible-3]
ok: [ansible-2]
ok: [ansible-1]

TASK [Get user id] ************************************************************
changed: [ansible-3] => {"changed": true, "cmd": ["id"], "delta": "0:00:00.008768", "end": "2018-09-21 17:06:07.020080", "rc": 0, "start": "2018-09-21 17:06:07.011312", "stderr": "", "stderr_lines": [], "stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),27(sudo)", "stdout_lines": ["uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),27(sudo)"]}
changed: [ansible-2] => {"changed": true, "cmd": ["id"], "delta": "0:00:00.010668", "end": "2018-09-21 17:06:02.736220", "rc": 0, "start": "2018-09-21 17:06:02.725552", "stderr": "", "stderr_lines": [], "stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),10(wheel)", "stdout_lines": ["uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),10(wheel)"]}
changed: [ansible-1] => {"changed": true, "cmd": ["id"], "delta": "0:00:00.008940", "end": "2018-09-21 17:06:06.974383", "rc": 0, "start": "2018-09-21 17:06:06.965443", "stderr": "", "stderr_lines": [], "stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),10(wheel)", "stdout_lines": ["uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),10(wheel)"]}

PLAY RECAP ********************************************************************
ansible-1          : ok=2    changed=1    unreachable=0    failed=0   
ansible-2          : ok=2    changed=1    unreachable=0    failed=0   
ansible-3          : ok=2    changed=1    unreachable=0    failed=0   
```

Pas très pratique...


* Utiliser le paramètre `register` pour enregistrer le résultat de la commande.

* Créer une nouvelle tâche basée sur le module `debug` pour afficher le résultat de la commande.

https://docs.ansible.com/ansible/latest/modules/debug_module.html


`playbooks/get-user-id.yaml`
```yaml
- hosts: all
  tasks:

  - name: Get user id
    command: id
    register: user_id

  - name: Display user id
    debug:
      var: user_id.stdout
```


<!-- .slide: data-state="small-code" -->
```nohighlight
$ ansible-playbook -i inventories/formation/hosts playbooks/get-user-id.yaml
...

TASK [Get user id] ************************************************************
changed: [ansible-3]
changed: [ansible-2]
changed: [ansible-1]

TASK [Display user id] ********************************************************
ok: [ansible-1] => {
    "user_id.stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),
    10(wheel)"
}
ok: [ansible-2] => {
    "user_id.stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),
    10(wheel)"
}
ok: [ansible-3] => {
    "user_id.stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),
    27(sudo)"
}

PLAY RECAP ********************************************************************
ansible-1          : ok=3    changed=1    unreachable=0    failed=0   
ansible-2          : ok=3    changed=1    unreachable=0    failed=0   
ansible-3          : ok=3    changed=1    unreachable=0    failed=0   
```


## TP Installer Apache httpd

Installation d'un serveur web Apache httpd.


* Créer un playbook qui exécutera les tâches suivantes sur la machine `ansible-1` :

    - Installe le paquet `httpd` et lancer le service `httpd`,

    - Configure le service `httpd` pour qu'il se relance à chaque redémarrage du système,

    - Créé et copie une page web statique à l'emplacement `/var/www/html/index.html`,

    - Configure firewalld pour autoriser le traffic `http` entrant,


* Exécuter le Playbook sur la cible  
`ansible-1`.

* Se connecter à l'application dans  
le navigateur web.


```yaml
- hosts: ansible-1

  tasks:
   - name: Installation of apache package
     yum:
       name: httpd
       state: present
       update_cache: yes

   - name: Ensure apache is running (and enabled at boot)
     service:
       name: httpd
       state: started
       enabled: yes

   - name: Copying homepage
     copy:
       src: index.html
       dest: /var/www/html/index.html
       mode: 0444

   - name: Allow http traffic on port 80
     firewalld:
       service: http
       permanent: true
       state: enabled
       immediate: yes
```


## TP Installer un Wordpress

Installation de l'outil de blog Wordpress.


* Serveur de base de données : `ansible-2` (centos 7)

    * Installer le serveur Mariadb <small>(mariadb-server)</small>

    * Créer une base de donnée et un utilisateur <small>(modules mysql_db, mysql_user)</small>
---
* Serveur web : `ansible-1` (centos 8)

    * Installer le serveur Apache httpd + php <small>(httpd, php, php-mysqlnd)</small>

    * Télécharger Wordpress _5.0.8_ <small>(https://wordpress.org/wordpress-5.0.8.tar.gz)</small>

    * Décompresser le dossier dans _/var/www/html/_ avec les bon droits <small>(module unarchive)</small>

    * Editer la configuration de Wordpress pour qu'il accède à la bdd


### 1. Base de données

* Installer le serveur Mariadb

* Créer une base de donnée et un utilisateur

<!-- .slide: data-state="medium-code" -->
```bash
# Installation packages Mariadb
yum install mariadb-server

# Mise en place règles firewall
firewall-cmd --add-service=mysql --permanent
firewall-cmd --reload

# Options de démarrage de Mariadb
systemctl enable mariadb
systemctl start mariadb

# Création base et utilisateur
mysql -u root -p
CREATE DATABASE wordpress;
CREATE USER wordpressuser@localhost IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON wordpress.* TO wordpressuser@localhost;
FLUSH PRIVILEGES;
```


### 2. Apache

<!-- .slide: data-state="medium-code" -->
```bash
# Installation de Apache
yum install httpd php php-mysql wget

# Mise en place règles firewall
firewall-cmd --add-service=http --permanent
firewall-cmd --reload

# Options de démarrage de Apache
systemctl enable httpd
systemctl start httpd
```


### 3. Wordpress

<!-- .slide: data-state="medium-code" -->
```bash
# Déploiement de wordpress :
cd /var/www/html && wget  https://wordpress.org/latest.tar.gz

# Décompression de wordpress
tar -xzf /var/www/html/latest.tar.gz -C /var/www/html
rm -f /var/www/html/latest.tar.gz

# Configuration de Wordpress
cp /var/www/html/wordpress/wp-config-sample.php \
   /var/www/html/wordpress/wp-config.php
vi /var/www/html/wordpress/wp-config.php
    # define('DB_NAME', 'wordpress');
    # define('DB_USER', 'wordpressuser');
    # define('DB_PASSWORD', 'password');
    # define('DB_HOST', 'localhost');
```


Quelques modules possibles...

* yum
* service
* command
* mysql_db
* mysql_user
* file
* get_url
* unarchive
* copy
* lineinfile
* replace


<!-- .slide: data-state="medium-code" -->
`install-apache-wordpress-mariadb.yaml`
```yaml
- hosts: ansible-2
  vars:
   - DB_NAME: wordpress
   - DB_USER: wordpressuser
   - DB_PASSWORD: "12345"
   - DB_HOST: "{{ hostvars['ansible-2']['ansible_host'] }}"
   - WEB_HOST: "{{ hostvars['ansible-1']['ansible_host'] }}"
  tasks:
   - name: Installation of mariadb-server package
     yum:
       name: mariadb-server
       state: present
       update_cache: yes

   - name: Ensure mariadb-server is running (and enabled at boot)
     service:
       name: mariadb
       state: started
       enabled: yes

   - name: Installation of MySQL-python package
     # package required to use ansible mysql modules
     yum:
       name: MySQL-python
       state: present
       update_cache: yes

   - name: Create a new database with name '{{ DB_NAME }}'
     mysql_db:
       name: '{{ DB_NAME }}'
       state: present

   - name: Create a new database user with name '{{ DB_USER }}'
     mysql_user:
       name: '{{ DB_USER }}'
       password: '{{ DB_PASSWORD }}'
       priv: '{{ DB_NAME }}.*:ALL'
       host: '{{ WEB_HOST }}'
       state: present

   - name: Allow mariadb traffic on port 3306
     firewalld:
       service: mysql
       permanent: true
       state: enabled
       immediate: yes

- hosts: ansible-1
  vars:
   - DB_NAME: wordpress
   - DB_USER: wordpressuser
   - DB_PASSWORD: "12345"
   - DB_HOST: "{{ hostvars['ansible-2']['ansible_host'] }}"
  tasks:
   - name: Installation of apache package
     dnf:
       name: httpd
       state: present
       update_cache: yes

   - name: Installation of php package
     dnf:
       name: php
       state: present
       update_cache: yes

   - name: Installation of php-mysqlnd package
     dnf:
       name: php-mysqlnd
       state: present
       update_cache: yes
     notify: Reload Apache

   - name: Installation of wget package
     dnf:
       name: wget
       state: present
       update_cache: yes

   - name: Ensure apache is running (and enabled at boot)
     service:
       name: httpd
       state: started
       enabled: yes

   - name: Download worpress archive
     get_url:
       url: https://wordpress.org/wordpress-5.0.8.tar.gz
       dest: /var/www/html/wordpress.tar.gz
       mode: 0440

   - name: Untar worpress archive
     unarchive:
       src: /var/www/html/wordpress.tar.gz
       dest: /var/www/html
       remote_src: true

   - name: Remove wordpress archive
     file:
       path: /var/www/html/wordpress.tar.gz
       state: absent

   - name: Create wordpress configuration file
     copy:
       src: /var/www/html/wordpress/wp-config-sample.php
       dest: /var/www/html/wordpress/wp-config.php
       remote_src: true

   - name: Update wordpress configuration file with db name
     replace:
       dest: /var/www/html/wordpress/wp-config.php
       regexp: 'database_name_here'
       replace: '{{ DB_NAME }}'

   - name: Update wordpress configuration file with user name
     replace:
       dest: /var/www/html/wordpress/wp-config.php
       regexp: 'username_here'
       replace: '{{ DB_USER }}'

   - name: Update wordpress configuration file with user password
     replace:
       dest: /var/www/html/wordpress/wp-config.php
       regexp: 'password_here'
       replace: '{{ DB_PASSWORD }}'

   - name: Update wordpress configuration file with host
     replace:
       dest: /var/www/html/wordpress/wp-config.php
       regexp: 'localhost'
       replace: '{{ DB_HOST }}'

   - name: Allow http traffic on port 80
     firewalld:
       service: http
       permanent: true
       state: enabled
       immediate: yes

  handlers:
   - name: Reload Apache
     service:
       name: httpd
       state: restarted
```
(Fix) Bad files path 2 years ago			`# TP Ansible`

			`## Les Playbooks`

			`Créer un Playbook et l'exécuter sur des cibles.`


			* Créer dans le dossier de travail un fichier playbook nommé `get-user-id.yaml` avec le contenu suivant :

			```yaml
			`- hosts: all`
			`tasks:`
			`- name: Get user id`
			`command: id`
			```

			`* Que va faire ce playbook ?`


			`* Exécuter le Playbook :`

			`<!-- .slide: data-state="small-code" -->`
			```nohighlight
			`$ ansible-playbook -i inventories/formation/hosts playbooks/get-user-id.yaml`

			`PLAY [all] ********************************************************************`

			`TASK [Gathering Facts] ********************************************************`
			`ok: [ansible-3]`
			`ok: [ansible-2]`
			`ok: [ansible-1]`

			`TASK [Get user id] ************************************************************`
			`changed: [ansible-3]`
			`changed: [ansible-2]`
			`changed: [ansible-1]`

			`PLAY RECAP ********************************************************************`
			`ansible-1 : ok=2 changed=1 unreachable=0 failed=0`
			`ansible-2 : ok=2 changed=1 unreachable=0 failed=0`
			`ansible-3 : ok=2 changed=1 unreachable=0 failed=0`
			```

			`L'action est bien effectuée même si on ne voit pas le détail.`


			`* Relancer l'éxécution du Playbook en mode verbeux.`

			`<!-- .slide: data-state="small-code" -->`
			```nohighlight
			`$ ansible-playbook -v -i inventories/formation/hosts playbooks/get-user-id.yaml`

			`PLAY [all] ********************************************************************`

			`TASK [Gathering Facts] ********************************************************`
			`ok: [ansible-3]`
			`ok: [ansible-2]`
			`ok: [ansible-1]`

			`TASK [Get user id] ************************************************************`
			`changed: [ansible-3] => {"changed": true, "cmd": ["id"], "delta": "0:00:00.008768", "end": "2018-09-21 17:06:07.020080", "rc": 0, "start": "2018-09-21 17:06:07.011312", "stderr": "", "stderr_lines": [], "stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),27(sudo)", "stdout_lines": ["uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),27(sudo)"]}`
			`changed: [ansible-2] => {"changed": true, "cmd": ["id"], "delta": "0:00:00.010668", "end": "2018-09-21 17:06:02.736220", "rc": 0, "start": "2018-09-21 17:06:02.725552", "stderr": "", "stderr_lines": [], "stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),10(wheel)", "stdout_lines": ["uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),10(wheel)"]}`
			`changed: [ansible-1] => {"changed": true, "cmd": ["id"], "delta": "0:00:00.008940", "end": "2018-09-21 17:06:06.974383", "rc": 0, "start": "2018-09-21 17:06:06.965443", "stderr": "", "stderr_lines": [], "stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),10(wheel)", "stdout_lines": ["uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),10(wheel)"]}`

			`PLAY RECAP ********************************************************************`
			`ansible-1 : ok=2 changed=1 unreachable=0 failed=0`
			`ansible-2 : ok=2 changed=1 unreachable=0 failed=0`
			`ansible-3 : ok=2 changed=1 unreachable=0 failed=0`
			```

			`Pas très pratique...`


			* Utiliser le paramètre `register` pour enregistrer le résultat de la commande.

			* Créer une nouvelle tâche basée sur le module `debug` pour afficher le résultat de la commande.

			`https://docs.ansible.com/ansible/latest/modules/debug_module.html`


			`playbooks/get-user-id.yaml`
			```yaml
			`- hosts: all`
			`tasks:`

			`- name: Get user id`
			`command: id`
			`register: user_id`

			`- name: Display user id`
			`debug:`
			`var: user_id.stdout`
			```


			`<!-- .slide: data-state="small-code" -->`
			```nohighlight
			`$ ansible-playbook -i inventories/formation/hosts playbooks/get-user-id.yaml`
			`...`

			`TASK [Get user id] ************************************************************`
			`changed: [ansible-3]`
			`changed: [ansible-2]`
			`changed: [ansible-1]`

			`TASK [Display user id] ********************************************************`
			`ok: [ansible-1] => {`
			`"user_id.stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),`
			`10(wheel)"`
			`}`
			`ok: [ansible-2] => {`
			`"user_id.stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),`
			`10(wheel)"`
			`}`
			`ok: [ansible-3] => {`
			`"user_id.stdout": "uid=1001(ansible) gid=1001(ansible) groupes=1001(ansible),`
			`27(sudo)"`
			`}`

			`PLAY RECAP ********************************************************************`
			`ansible-1 : ok=3 changed=1 unreachable=0 failed=0`
			`ansible-2 : ok=3 changed=1 unreachable=0 failed=0`
			`ansible-3 : ok=3 changed=1 unreachable=0 failed=0`
			```



			`## TP Installer Apache httpd`

			`Installation d'un serveur web Apache httpd.`


			* Créer un playbook qui exécutera les tâches suivantes sur la machine `ansible-1` :

			- Installe le paquet `httpd` et lancer le service `httpd`,

			- Configure le service `httpd` pour qu'il se relance à chaque redémarrage du système,

			- Créé et copie une page web statique à l'emplacement `/var/www/html/index.html`,

			- Configure firewalld pour autoriser le traffic `http` entrant,


			`* Exécuter le Playbook sur la cible`
			`ansible-1`.

			`* Se connecter à l'application dans`
			`le navigateur web.`


			```yaml
			`- hosts: ansible-1`

			`tasks:`
			`- name: Installation of apache package`
			`yum:`
			`name: httpd`
			`state: present`
			`update_cache: yes`

			`- name: Ensure apache is running (and enabled at boot)`
			`service:`
			`name: httpd`
			`state: started`
			`enabled: yes`

			`- name: Copying homepage`
			`copy:`
			`src: index.html`
			`dest: /var/www/html/index.html`
			`mode: 0444`

			`- name: Allow http traffic on port 80`
			`firewalld:`
			`service: http`
			`permanent: true`
			`state: enabled`
			`immediate: yes`
			```



			`## TP Installer un Wordpress`

			`Installation de l'outil de blog Wordpress.`


			* Serveur de base de données : `ansible-2` (centos 7)

			`* Installer le serveur Mariadb <small>(mariadb-server)</small>`

			`* Créer une base de donnée et un utilisateur <small>(modules mysql_db, mysql_user)</small>`
			`---`
			* Serveur web : `ansible-1` (centos 8)

			`* Installer le serveur Apache httpd + php <small>(httpd, php, php-mysqlnd)</small>`

			`* Télécharger Wordpress _5.0.8_ <small>(https://wordpress.org/wordpress-5.0.8.tar.gz)</small>`

			`* Décompresser le dossier dans _/var/www/html/_ avec les bon droits <small>(module unarchive)</small>`

			`* Editer la configuration de Wordpress pour qu'il accède à la bdd`


			`### 1. Base de données`

			`* Installer le serveur Mariadb`

			`* Créer une base de donnée et un utilisateur`

			`<!-- .slide: data-state="medium-code" -->`
			```bash
			`# Installation packages Mariadb`
			`yum install mariadb-server`

			`# Mise en place règles firewall`
			`firewall-cmd --add-service=mysql --permanent`
			`firewall-cmd --reload`

			`# Options de démarrage de Mariadb`
			`systemctl enable mariadb`
			`systemctl start mariadb`

			`# Création base et utilisateur`
			`mysql -u root -p`
			`CREATE DATABASE wordpress;`
			`CREATE USER wordpressuser@localhost IDENTIFIED BY 'password';`
			`GRANT ALL PRIVILEGES ON wordpress.* TO wordpressuser@localhost;`
			`FLUSH PRIVILEGES;`
			```


			`### 2. Apache`

			`<!-- .slide: data-state="medium-code" -->`
			```bash
			`# Installation de Apache`
			`yum install httpd php php-mysql wget`

			`# Mise en place règles firewall`
			`firewall-cmd --add-service=http --permanent`
			`firewall-cmd --reload`

			`# Options de démarrage de Apache`
			`systemctl enable httpd`
			`systemctl start httpd`
			```


			`### 3. Wordpress`

			`<!-- .slide: data-state="medium-code" -->`
			```bash
			`# Déploiement de wordpress :`
			`cd /var/www/html && wget https://wordpress.org/latest.tar.gz`

			`# Décompression de wordpress`
			`tar -xzf /var/www/html/latest.tar.gz -C /var/www/html`
			`rm -f /var/www/html/latest.tar.gz`

			`# Configuration de Wordpress`
			`cp /var/www/html/wordpress/wp-config-sample.php \`
			`/var/www/html/wordpress/wp-config.php`
			`vi /var/www/html/wordpress/wp-config.php`
			`# define('DB_NAME', 'wordpress');`
			`# define('DB_USER', 'wordpressuser');`
			`# define('DB_PASSWORD', 'password');`
			`# define('DB_HOST', 'localhost');`
			```


			`Quelques modules possibles...`

			`* yum`
			`* service`
			`* command`
			`* mysql_db`
			`* mysql_user`
			`* file`
			`* get_url`
			`* unarchive`
			`* copy`
			`* lineinfile`
			`* replace`


			`<!-- .slide: data-state="medium-code" -->`
			`install-apache-wordpress-mariadb.yaml`
			```yaml
			`- hosts: ansible-2`
			`vars:`
			`- DB_NAME: wordpress`
			`- DB_USER: wordpressuser`
			`- DB_PASSWORD: "12345"`
			`- DB_HOST: "{{ hostvars['ansible-2']['ansible_host'] }}"`
			`- WEB_HOST: "{{ hostvars['ansible-1']['ansible_host'] }}"`
			`tasks:`
			`- name: Installation of mariadb-server package`
			`yum:`
			`name: mariadb-server`
			`state: present`
			`update_cache: yes`

			`- name: Ensure mariadb-server is running (and enabled at boot)`
			`service:`
			`name: mariadb`
			`state: started`
			`enabled: yes`

			`- name: Installation of MySQL-python package`
			`# package required to use ansible mysql modules`
			`yum:`
			`name: MySQL-python`
			`state: present`
			`update_cache: yes`

			`- name: Create a new database with name '{{ DB_NAME }}'`
			`mysql_db:`
			`name: '{{ DB_NAME }}'`
			`state: present`

			`- name: Create a new database user with name '{{ DB_USER }}'`
			`mysql_user:`
			`name: '{{ DB_USER }}'`
			`password: '{{ DB_PASSWORD }}'`
			`priv: '{{ DB_NAME }}.*:ALL'`
			`host: '{{ WEB_HOST }}'`
			`state: present`

			`- name: Allow mariadb traffic on port 3306`
			`firewalld:`
			`service: mysql`
			`permanent: true`
			`state: enabled`
			`immediate: yes`

			`- hosts: ansible-1`
			`vars:`
			`- DB_NAME: wordpress`
			`- DB_USER: wordpressuser`
			`- DB_PASSWORD: "12345"`
			`- DB_HOST: "{{ hostvars['ansible-2']['ansible_host'] }}"`
			`tasks:`
			`- name: Installation of apache package`
			`dnf:`
			`name: httpd`
			`state: present`
			`update_cache: yes`

			`- name: Installation of php package`
			`dnf:`
			`name: php`
			`state: present`
			`update_cache: yes`

			`- name: Installation of php-mysqlnd package`
			`dnf:`
			`name: php-mysqlnd`
			`state: present`
			`update_cache: yes`
			`notify: Reload Apache`

			`- name: Installation of wget package`
			`dnf:`
			`name: wget`
			`state: present`
			`update_cache: yes`

			`- name: Ensure apache is running (and enabled at boot)`
			`service:`
			`name: httpd`
			`state: started`
			`enabled: yes`

			`- name: Download worpress archive`
			`get_url:`
			`url: https://wordpress.org/wordpress-5.0.8.tar.gz`
			`dest: /var/www/html/wordpress.tar.gz`
			`mode: 0440`

			`- name: Untar worpress archive`
			`unarchive:`
			`src: /var/www/html/wordpress.tar.gz`
			`dest: /var/www/html`
			`remote_src: true`

			`- name: Remove wordpress archive`
			`file:`
			`path: /var/www/html/wordpress.tar.gz`
			`state: absent`

			`- name: Create wordpress configuration file`
			`copy:`
			`src: /var/www/html/wordpress/wp-config-sample.php`
			`dest: /var/www/html/wordpress/wp-config.php`
			`remote_src: true`

			`- name: Update wordpress configuration file with db name`
			`replace:`
			`dest: /var/www/html/wordpress/wp-config.php`
			`regexp: 'database_name_here'`
			`replace: '{{ DB_NAME }}'`

			`- name: Update wordpress configuration file with user name`
			`replace:`
			`dest: /var/www/html/wordpress/wp-config.php`
			`regexp: 'username_here'`
			`replace: '{{ DB_USER }}'`

			`- name: Update wordpress configuration file with user password`
			`replace:`
			`dest: /var/www/html/wordpress/wp-config.php`
			`regexp: 'password_here'`
			`replace: '{{ DB_PASSWORD }}'`

			`- name: Update wordpress configuration file with host`
			`replace:`
			`dest: /var/www/html/wordpress/wp-config.php`
			`regexp: 'localhost'`
			`replace: '{{ DB_HOST }}'`

			`- name: Allow http traffic on port 80`
			`firewalld:`
			`service: http`
			`permanent: true`
			`state: enabled`
			`immediate: yes`

			`handlers:`
			`- name: Reload Apache`
			`service:`
			`name: httpd`
			`state: restarted`
			```