Ansible で CentOS 7 に Movable Type 6 をセットアップする

Ansible で CentOS 7 に Movable Type 6 をセットアップする手順のまとめ。
ここでは VirtualBox で CentOS 7 を2つ立ち上げてテスト。

Ansibleのインストール

yum -y install epel-release
yum -y install ansible

接続

接続先の設定

cp /etc/ansible/hosts{,.org}
cat <<_EOD_ > /etc/ansible/hosts
[webservers]
192.168.56.102

[all:vars]
ansible_ssh_port=22
ansible_ssh_user=root
ansible_ssh_pass=p@ssW0rd
_EOD_

テストなのでとりあえずrootで直接接続。実際には環境に応じて設定。

SSH key host checking の無効化

cp /etc/ansible/ansible.cfg{,.org}
sed -i '/#host_key_checking/s/#//' /etc/ansible/ansible.cfg;

これもテストなのでとりあえず。

接続テスト

ansible all -m ping

192.168.56.102 | success >> {
    "changed": false,
    "ping": "pong"
}

上記が返ってくれば成功。

192.168.56.102 | FAILED => SSH Error: ssh: connect to host 192.168.56.102 port 22: No route to host
    while connecting to 192.168.56.102:22
It is sometimes useful to re-run the command using -vvvv, which prints SSH debug output to help diagnose the issue.

接続先が間違っているなど。

192.168.56.102 | FAILED => Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.  Please add this host's fingerprint to your known_hosts file to manage this host.

SSH key host checking でひっかかっているので host_key を登録するかチェックを無効化する。

Playbook

Playbookの作成

cat <<_EOD_ > playbook.yml
---
- hosts: all
  user: root
  tasks:

  # SELinux
  - name: disable SELinux
    selinux: state=disabled

  # Yum Update
  - name: yum update
    yum: name=* state=latest

  # Apache
  - name: install httpd
    yum: name=httpd state=installed
  - name: firewall-cmd --permanent --add-service=http
    firewalld: service=http permanent=true state=enabled immediate=true
  - name: enable cgi-script handler
    replace:
      dest=/etc/httpd/conf/httpd.conf
      regexp='#AddHandler cgi-script'
      replace='AddHandler cgi-script'
  - name: httpd start
    service: name=httpd state=started enabled=yes

  # Memcached
  - name: install Memcached
    yum: name=memcached state=installed
  - name: memcached start
    service: name=memcached state=started enabled=yes

  # MySQL
  - name: install MySQL Yum Repository
    yum: name=http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm state=installed
  - name: install mysql-community-server
    yum: name=mysql-community-server state=installed
  - name: install perl-DBD-MySQL
    yum: name=perl-DBD-MySQL state=installed
  - name: install MySQL-python for Ansible
    yum: name=MySQL-python state=installed
  - name: mysqld start
    service: name=mysqld state=started enabled=yes
  - name: create database
    mysql_db: name=mt state=present encoding=utf8
  - name: create mysql user
    mysql_user: name=mt password=passw0rd priv=mt.*:ALL,GRANT state=present

  # Movable Type
  - name: copy MT.zip
    copy: src=/root/MT-6.2.zip dest=/var/www/MT-6.2.zip owner=apache group=apache mode=0644
  - name: install unzip
    yum: name=unzip state=installed
  - name: unarchive MT.zip
    unarchive: src=/var/www/MT-6.2.zip dest=/var/www/cgi-bin copy=no
  - name: rename MT-6.2 to mt
    command: mv /var/www/cgi-bin/MT-6.2 /var/www/cgi-bin/mt
    when: MT-6.2
  - name: ln -s /var/www/cgi-bin/mt/mt-static /var/www/html/mt-static
    file: src=/var/www/cgi-bin/mt/mt-static dest=/var/www/html/mt-static owner=apache group=apache state=link
  - name: chmod /var/www/html
    file: path=/var/www/html owner=apache group=apache mode=0777
  - name: chmod /var/www/cgi-bin/mt
    file: path=/var/www/cgi-bin/mt owner=apache group=apache mode=0777
  - name: chmod /var/www/cgi-bin/mt/mt-static/support
    file: path=/var/www/cgi-bin/mt/mt-static/support owner=apache group=apache mode=0777

  # Perl libraries
  - name: install Perl libraries by Yum
    yum: name="{{ item }}" state=installed
    with_items:
       - perl-App-cpanminus
       - perl-IPC-Run
       - perl-DBD-ODBC
       - perl-Archive-Tar
       - perl-XML-LibXML
       - perl-Test-Simple
       - perl-XMLRPC-Lite
       - perl-LDAP
       - perl-GD
       - perl-CGI-Emulate-PSGI
       - ImageMagick-perl
       - perl-Authen-SASL
       - perl-CGI
       - perl-Mozilla-CA
       - perl-YAML-Syck
       - perl-IO-String
       - perl-DB_File
       - perl-Crypt-DSA
       - perl-Cache-Memcached
       - perl-Heap
       - perl-File-NFSLock
       - perl-Crypt-SSLeay
       - perl-Text-CSV_XS
       - expat-devel

  # Perl CPAN libraries
  - name: install cpan-modules with cpanm
    cpanm: name={{item}} notest=True
    with_items:
    - Cache::File
    - XML::SAX::Expat
    - XML::SAX::ExpatXS
    - Imager
_EOD_

Dry-runで実行

ansible-playbook playbook.yml --check -vvvv

テストなので途中で速攻でこける。コメントアウトして通すとか。ちょっと検討。

本番実行

ansible-playbook playbook.yml

モジュール類の確認

• http://192.168.56.102/cgi-bin/mt/mt-check.cgi

セットアップ

• http://192.168.56.102/cgi-bin/mt/mt.cgi

ブラウザーでのセットアップは面倒なので、事前にSQLを用意した方が良いかもしれない。

mt-config.cgi

mt-config.cgi

ImageDriver ImageMagick
MemcachedServers localhost:11211

とりあえず。そのうちPSGI対応版を検討。

その他

• http://note103.hateblo.jp/entry/2015/04/17/010528 頭で変数まとめた方がよさそう。あとでチェック。
• http://wp.graphact.com/2015/08/08/vagrant-ansible-mt 未確認。あとでチェック。
• https://github.com/ichika-r/ansible-playbook-mt 未確認。あとでチェック。