DEV Community: Nitesh Rijal The latest articles on DEV Community by Nitesh Rijal (@neetesshhr). https://dev.to/neetesshhr https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1201280%2F1981a944-b944-4d9b-8cc4-70af25554975.jpeg DEV Community: Nitesh Rijal https://dev.to/neetesshhr en DEVOPS Mastery: Automating PHP Web app Deployment with GitHub Actions, AWS, and Ansible Nitesh Rijal Sun, 20 Oct 2024 13:09:28 +0000 https://dev.to/neetesshhr/devops-mastery-automating-php-web-app-deployment-with-github-actions-aws-and-ansible-31k https://dev.to/neetesshhr/devops-mastery-automating-php-web-app-deployment-with-github-actions-aws-and-ansible-31k <p>A comprehensive guide to building a secure, scalable CI/CD pipeline for any PHP-based application, including WordPress, Drupal, and custom solutions</p> <p>In today’s fast-paced web development world, automating deployment processes isn’t just a luxury — it’s a necessity. Whether you’re managing a popular CMS like WordPress, a robust e-commerce platform, or a custom PHP application, the challenges of consistent, secure, and efficient deployments remain the same. This guide will walk you through creating a powerful, flexible automation solution that can handle any PHP-based web application with ease.</p> <p>We’ll use SuiteCRM, an open-source customer relationship management system, as our primary example. However, the principles and techniques we’ll cover are universally applicable to any PHP application. From setting up a CI/CD pipeline with GitHub Actions to provisioning infrastructure with AWS CloudFormation, and configuring servers with Ansible, we’ll explore a comprehensive DevOps approach that will revolutionize your deployment process.</p> <h2> Introduction </h2> <p>This tutorial provides a comprehensive guide to automating the deployment of SuiteCRM using GitHub Actions, AWS CloudFormation, and Ansible. We'll cover the entire process, including all necessary code for GitHub Actions workflows and Ansible roles.</p> <p>But we won’t stop at just automation. We’ll delve into crucial aspects like securely managing secrets and variables, ensuring that your deployment pipeline is not only efficient but also adheres to the highest security standards. Whether you’re a seasoned DevOps engineer or a PHP developer looking to streamline your workflow, this guide will equip you with the tools and knowledge to master modern deployment strategies.</p> <p>Ready to transform your PHP application deployments from time-consuming manual processes to streamlined, automated workflows? Let’s dive in and explore the world of DevOps mastery!</p> <p>Let’s understand how our process looks like from the figures below</p> <p>Figure 1: Overview of our automated PHP application deployment pipeline, from code push to server configuration.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr6y0md7da7apyy2u97ic.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr6y0md7da7apyy2u97ic.png" alt="Image description" width="800" height="573"></a></p> <p>Figure 2: Detailed view of the AWS infrastructure created by our CloudFormation template, including VPC, subnets, and security groups.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8ppgift02q46evcxffc6.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F8ppgift02q46evcxffc6.png" alt="Image description" width="800" height="642"></a></p> <p>Figure 3: Flowchart of our GitHub Actions workflow, showing the steps from initial setup to deployment of infrastructure and application.</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffygq61prl9smhjjhw10c.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffygq61prl9smhjjhw10c.png" alt="Image description" width="800" height="2059"></a></p> <h2> Why Automate SuiteCRM Deployment? </h2> <p>Automating SuiteCRM deployment offers numerous benefits:</p> <ol> <li>Consistency across deployments</li> <li>Rapid deployment and updates</li> <li>Scalability for growing businesses</li> <li>Version control for infrastructure and configuration</li> <li>Reduced human error</li> <li>Cost-effectiveness in the long run</li> <li>Improved security through standardized processes</li> <li>Easier application of updates and patches</li> </ol> <h2> Overview of the Automation Stack </h2> <p>Our automation stack consists of:</p> <ol> <li>GitHub Actions for CI/CD pipeline</li> <li>AWS CloudFormation for infrastructure as code</li> <li>Ansible for configuration management and application deployment</li> </ol> <h2> Step-by-Step Tutorial </h2> <h3> 1. Setting Up the GitHub Repository </h3> <p>Create a GitHub repository with the following structure:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>. ├── .github │ └── workflows │ ├── main.yaml │ ├── infra.yaml │ └── crm.yaml ├── infrastructure │ ├── prod.yaml │ └── common │ ├── vpc │ │ ├── vpc.yaml │ │ └── eip.yaml │ └── ec2 │ └── ec2.yaml └── crm └── ansible ├── ansible.cfg ├── main.yml └── roles ├── apache2 ├── php ├── sql └── suitecrm </code></pre> </div> <h3> 2. Setting Up AWS IAM Roles </h3> <p>Create two IAM roles in AWS:</p> <ol> <li>A role for GitHub Actions with permissions to manage CloudFormation, EC2, S3, and Route53.</li> <li>A role for CloudFormation with permissions to create and manage AWS resources.</li> </ol> <h3> 3. Configuring GitHub Secrets and Variables </h3> <p>In your GitHub repository settings, add the following:</p> <p>Secrets:</p> <ul> <li> <code>AWS_ROLE_TO_ASSUME</code>: ARN of the GitHub Actions IAM role</li> <li> <code>CLOUDFORMATION_ROLE_ARN</code>: ARN of the CloudFormation IAM role</li> <li> <code>CRM_KEY</code>: SSH key for EC2 access</li> </ul> <p>Variables:</p> <ul> <li> <code>PROD_STACK_NAME</code>: Name for your CloudFormation stack</li> <li> <code>PROD_CFN_S3_BUCKET</code>: S3 bucket for CloudFormation templates</li> <li> <code>CHANGE_SET_NAME</code>: Name for CloudFormation change sets</li> <li> <code>HOSTED_ZONE_ID</code>: Your Route 53 hosted zone ID</li> <li> <code>CRM_DomainName</code>: Domain for your SuiteCRM installation</li> </ul> <h3> 4. Setting Up GitHub Actions Workflows </h3> <p>Create the following workflow files in the <code>.github/workflows/</code> directory:</p> <h4> main.yaml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Main Class File</span> <span class="na">on</span><span class="pi">:</span> <span class="na">workflow_call</span><span class="pi">:</span> <span class="na">inputs</span><span class="pi">:</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="na">required</span><span class="pi">:</span> <span class="kc">false</span> <span class="na">type</span><span class="pi">:</span> <span class="s">string</span> <span class="na">default</span><span class="pi">:</span> <span class="s1">'</span><span class="s">us-east-1'</span> <span class="na">role-session-name</span><span class="pi">:</span> <span class="na">required</span><span class="pi">:</span> <span class="kc">false</span> <span class="na">type</span><span class="pi">:</span> <span class="s">string</span> <span class="na">default</span><span class="pi">:</span> <span class="s1">'</span><span class="s">GitHubActions'</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">AWS_ROLE_TO_ASSUME</span><span class="pi">:</span> <span class="na">required</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">outputs</span><span class="pi">:</span> <span class="na">cache-hit</span><span class="pi">:</span> <span class="na">description</span><span class="pi">:</span> <span class="s2">"</span><span class="s">Whether</span><span class="nv"> </span><span class="s">the</span><span class="nv"> </span><span class="s">cache</span><span class="nv"> </span><span class="s">was</span><span class="nv"> </span><span class="s">hit"</span> <span class="na">value</span><span class="pi">:</span> <span class="s">${{ jobs.setup.outputs.cache-hit }}</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">setup</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">outputs</span><span class="pi">:</span> <span class="na">cache-hit</span><span class="pi">:</span> <span class="s">${{ steps.cache.outputs.cache-hit }}</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v3</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Cache AWS configuration and custom scripts</span> <span class="na">id</span><span class="pi">:</span> <span class="s">cache</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/cache@v3</span> <span class="na">with</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">~/.aws</span> <span class="s">~/.local/bin</span> <span class="na">key</span><span class="pi">:</span> <span class="s">${{ runner.os }}-aws-config-${{ hashFiles('**/package-lock.json', '**/requirements.txt') }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Configure AWS Credentials</span> <span class="na">if</span><span class="pi">:</span> <span class="s">steps.cache.outputs.cache-hit != 'true'</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">aws-actions/configure-aws-credentials@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">role-to-assume</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ROLE_TO_ASSUME }}</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">${{ inputs.aws-region }}</span> <span class="na">role-session-name</span><span class="pi">:</span> <span class="s">${{ inputs.role-session-name }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install aws cli and other packages</span> <span class="na">if</span><span class="pi">:</span> <span class="s">steps.cache.outputs.cache-hit != 'true'</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">sudo apt-get update</span> <span class="s">sudo apt-get install -y unzip zip curl awscli net-tools ansible</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Save environment variables</span> <span class="na">if</span><span class="pi">:</span> <span class="s">steps.cache.outputs.cache-hit != 'true'</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">env | grep -E "AWS_|ANSIBLE_" &gt; $GITHUB_ENV</span> </code></pre> </div> <h4> infra.yaml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Deploy or Update SuiteCRM</span> <span class="na">permissions</span><span class="pi">:</span> <span class="na">id-token</span><span class="pi">:</span> <span class="s">write</span> <span class="na">contents</span><span class="pi">:</span> <span class="s">read</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">main</span> <span class="na">paths</span><span class="pi">:</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">infrastructure/**'</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">setup</span><span class="pi">:</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">./.github/workflows/main.yaml</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">AWS_ROLE_TO_ASSUME</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ROLE_TO_ASSUME }}</span> <span class="na">with</span><span class="pi">:</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">us-east-1</span> <span class="na">role-session-name</span><span class="pi">:</span> <span class="s1">'</span><span class="s">InfraDeployment'</span> <span class="na">deploy</span><span class="pi">:</span> <span class="na">needs</span><span class="pi">:</span> <span class="s">setup</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v3</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Configure AWS Credentials</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">aws-actions/configure-aws-credentials@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">role-to-assume</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ROLE_TO_ASSUME }}</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">us-east-1</span> <span class="na">role-session-name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">SuiteCRM"</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Package the CloudFormation template</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">aws cloudformation package --debug \</span> <span class="s">--template-file prod.yaml \</span> <span class="s">--output-template-file ${{ vars.PROD_STACK_NAME }}-packaged.template \</span> <span class="s">--s3-bucket ${{ vars.PROD_CFN_S3_BUCKET }} \</span> <span class="s">--s3-prefix ${{ vars.PROD_STACK_NAME }}</span> <span class="na">working-directory</span><span class="pi">:</span> <span class="s">infrastructure</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Deploy the CloudFormation stack</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">MY_IP=$(curl -s https://ifconfig.me)</span> <span class="s">MY_IP_CIDR="${MY_IP}/32"</span> <span class="s">aws cloudformation deploy \</span> <span class="s">--s3-bucket ${{ vars.PROD_CFN_S3_BUCKET }} \</span> <span class="s">--s3-prefix ${{ vars.PROD_STACK_NAME }} \</span> <span class="s">--template-file ${{ vars.PROD_STACK_NAME }}-packaged.template \</span> <span class="s">--stack-name ${{ vars.PROD_STACK_NAME }} \</span> <span class="s">--capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND \</span> <span class="s">--role-arn ${{ secrets.CLOUDFORMATION_ROLE_ARN }} \</span> <span class="s">--parameter-overrides \</span> <span class="s">MyIp=$MY_IP_CIDR \</span> <span class="s">HostedZoneId=${{ vars.HOSTED_ZONE_ID }} \</span> <span class="s">CRMDomainName=${{ vars.CRM_DomainName }} \</span> <span class="s">--no-fail-on-empty-changeset</span> <span class="na">working-directory</span><span class="pi">:</span> <span class="s">infrastructure</span> </code></pre> </div> <h4> crm.yaml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Configure SuiteCRM</span> <span class="na">permissions</span><span class="pi">:</span> <span class="na">id-token</span><span class="pi">:</span> <span class="s">write</span> <span class="na">contents</span><span class="pi">:</span> <span class="s">read</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">main</span> <span class="na">paths</span><span class="pi">:</span> <span class="pi">-</span> <span class="s1">'</span><span class="s">crm/**'</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">setup</span><span class="pi">:</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">./.github/workflows/main.yaml</span> <span class="na">secrets</span><span class="pi">:</span> <span class="na">AWS_ROLE_TO_ASSUME</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ROLE_TO_ASSUME }}</span> <span class="na">with</span><span class="pi">:</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">us-east-1</span> <span class="na">role-session-name</span><span class="pi">:</span> <span class="s1">'</span><span class="s">InfraDeployment'</span> <span class="na">deploy</span><span class="pi">:</span> <span class="na">needs</span><span class="pi">:</span> <span class="s">setup</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v3</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Configure AWS Credentials</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">aws-actions/configure-aws-credentials@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">role-to-assume</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ROLE_TO_ASSUME }}</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">us-east-1</span> <span class="na">role-session-name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">SuiteCRM"</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Get CloudFormation Outputs</span> <span class="na">id</span><span class="pi">:</span> <span class="s">cfn_outputs</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">OUTPUTS=$(aws cloudformation describe-stacks --stack-name ${{ vars.PROD_STACK_NAME }} --query "Stacks[0].Outputs" --output json)</span> <span class="s">echo "Outputs: $OUTPUTS"</span> <span class="s">echo "::set-output name=elastic_ip::$(echo $OUTPUTS | jq -r '.[] | select(.OutputKey == "ElasticIp") | .OutputValue')"</span> <span class="s">echo "::set-output name=domain_name::$(echo $OUTPUTS | jq -r '.[] | select(.OutputKey == "Route53DomainName") | .OutputValue')"</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Create Ansible Inventory File</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">echo "[crm]" &gt; inventory.ini</span> <span class="s">echo "${{ steps.cfn_outputs.outputs.elastic_ip }} ansible_user=ubuntu ansible_ssh_private_key_file=id_rsa" &gt;&gt; inventory.ini</span> <span class="na">working-directory</span><span class="pi">:</span> <span class="s">crm/ansible</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Get ssh keys</span> <span class="na">env</span><span class="pi">:</span> <span class="na">CRM_KEY</span><span class="pi">:</span> <span class="s">${{ secrets.CRM_KEY }}</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">echo "$CRM_KEY" &gt; id_rsa</span> <span class="s">chmod 400 id_rsa</span> <span class="na">working-directory</span><span class="pi">:</span> <span class="s">crm/ansible</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Run Ansible Playbook</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">ansible-galaxy install mahdi22.mariadb_install</span> <span class="s">ansible-playbook -i inventory.ini main.yml --extra-vars "domain_name=${{ steps.cfn_outputs.outputs.domain_name }}"</span> <span class="na">working-directory</span><span class="pi">:</span> <span class="s">crm/ansible</span> </code></pre> </div> <h3> 5. Creating Ansible Roles </h3> <p>Create the following Ansible roles in the <code>crm/ansible/roles/</code> directory:</p> <h4> apache2/tasks/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="c1"># tasks file for apache2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Update the Cache</span> <span class="na">apt</span><span class="pi">:</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="s">yes</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install Apache2</span> <span class="na">apt</span><span class="pi">:</span> <span class="s">name=apache2 state=present</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Start Apache2</span> <span class="na">service</span><span class="pi">:</span> <span class="s">name=apache2 state=started enabled=yes</span> </code></pre> </div> <h4> php/tasks/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="c1"># tasks file for php</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Add PHP PPA repository</span> <span class="na">apt_repository</span><span class="pi">:</span> <span class="na">repo</span><span class="pi">:</span> <span class="s">ppa:ondrej/php</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Update the Cache</span> <span class="na">apt</span><span class="pi">:</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="s">yes</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install PHP Packages</span> <span class="na">apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">{{</span><span class="nv"> </span><span class="s">item</span><span class="nv"> </span><span class="s">}}"</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">loop</span><span class="pi">:</span> <span class="s2">"</span><span class="s">{{</span><span class="nv"> </span><span class="s">packages</span><span class="nv"> </span><span class="s">}}"</span> <span class="na">tags</span><span class="pi">:</span> <span class="s">packages</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set upload_max_filesize to 100M</span> <span class="na">lineinfile</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/etc/php/{{ php_version }}/apache2/php.ini</span> <span class="na">regexp</span><span class="pi">:</span> <span class="s1">'</span><span class="s">^upload_max_filesize</span><span class="nv"> </span><span class="s">='</span> <span class="na">line</span><span class="pi">:</span> <span class="s1">'</span><span class="s">upload_max_filesize</span><span class="nv"> </span><span class="s">=</span><span class="nv"> </span><span class="s">100M'</span> <span class="na">notify</span><span class="pi">:</span> <span class="s">Restart Apache</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set post_max_size to 100M</span> <span class="na">lineinfile</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/etc/php/{{ php_version }}/apache2/php.ini</span> <span class="na">regexp</span><span class="pi">:</span> <span class="s1">'</span><span class="s">^post_max_size</span><span class="nv"> </span><span class="s">='</span> <span class="na">line</span><span class="pi">:</span> <span class="s1">'</span><span class="s">post_max_size</span><span class="nv"> </span><span class="s">=</span><span class="nv"> </span><span class="s">100M'</span> <span class="na">notify</span><span class="pi">:</span> <span class="s">Restart Apache</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set memory_limit to 500M</span> <span class="na">lineinfile</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/etc/php/{{ php_version }}/apache2/php.ini</span> <span class="na">regexp</span><span class="pi">:</span> <span class="s1">'</span><span class="s">^memory_limit</span><span class="nv"> </span><span class="s">='</span> <span class="na">line</span><span class="pi">:</span> <span class="s1">'</span><span class="s">memory_limit</span><span class="nv"> </span><span class="s">=</span><span class="nv"> </span><span class="s">500M'</span> <span class="na">notify</span><span class="pi">:</span> <span class="s">Restart Apache</span> </code></pre> </div> <h4> php/vars/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="na">packages</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">php8.1</span> <span class="pi">-</span> <span class="s">php8.1-cli</span> <span class="pi">-</span> <span class="s">php8.1-common</span> <span class="pi">-</span> <span class="s">php8.1-imap</span> <span class="pi">-</span> <span class="s">php8.1-redis</span> <span class="pi">-</span> <span class="s">php8.1-snmp</span> <span class="pi">-</span> <span class="s">php8.1-xml</span> <span class="pi">-</span> <span class="s">php8.1-zip</span> <span class="pi">-</span> <span class="s">php8.1-mbstring</span> <span class="pi">-</span> <span class="s">php8.1-curl</span> <span class="pi">-</span> <span class="s">libapache2-mod-php8.1</span> <span class="pi">-</span> <span class="s">php8.1-gd</span> <span class="pi">-</span> <span class="s">php8.1-intl</span> <span class="pi">-</span> <span class="s">php8.1-mysql</span> <span class="pi">-</span> <span class="s">php8.1-ldap</span> <span class="pi">-</span> <span class="s">php8.1-soap</span> <span class="na">php_version</span><span class="pi">:</span> <span class="s2">"</span><span class="s">8.1"</span> </code></pre> </div> <h4> sql/tasks/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install MariaDB packages</span> <span class="na">apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">mariadb-server</span> <span class="pi">-</span> <span class="s">python3-pymysql</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">update_cache</span><span class="pi">:</span> <span class="s">yes</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Start MariaDB service</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">mariadb</span> <span class="na">state</span><span class="pi">:</span> <span class="s">started</span> <span class="na">enabled</span><span class="pi">:</span> <span class="s">yes</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Copy MariaDB configuration file</span> <span class="na">template</span><span class="pi">:</span> <span class="na">src</span><span class="pi">:</span> <span class="s">mariadb.cnf.j2</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/etc/mysql/mariadb.conf.d/50-server.cnf</span> <span class="na">notify</span><span class="pi">:</span> <span class="s">Restart MariaDB</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Check if .my.cnf file exists</span> <span class="na">stat</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/root/.my.cnf</span> <span class="na">register</span><span class="pi">:</span> <span class="s">mycnf_file</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Attempt to access MariaDB as root</span> <span class="na">command</span><span class="pi">:</span> <span class="s">mysql -u root -e "SELECT 1"</span> <span class="na">register</span><span class="pi">:</span> <span class="s">mysql_access</span> <span class="na">ignore_errors</span><span class="pi">:</span> <span class="s">yes</span> <span class="na">changed_when</span><span class="pi">:</span> <span class="kc">false</span> <span class="na">when</span><span class="pi">:</span> <span class="s">not mycnf_file.stat.exists</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Reset MariaDB root password (Ubuntu)</span> <span class="na">block</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Stop MariaDB</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">mariadb</span> <span class="na">state</span><span class="pi">:</span> <span class="s">stopped</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Start MariaDB with skip-grant-tables</span> <span class="na">shell</span><span class="pi">:</span> <span class="s">mysqld_safe --skip-grant-tables &amp;</span> <span class="na">async</span><span class="pi">:</span> <span class="m">45</span> <span class="na">poll</span><span class="pi">:</span> <span class="m">0</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Wait for MariaDB to start</span> <span class="na">wait_for</span><span class="pi">:</span> <span class="na">port</span><span class="pi">:</span> <span class="m">3306</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Update root password</span> <span class="na">shell</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">mysql -e "FLUSH PRIVILEGES; ALTER USER 'root'@'localhost' IDENTIFIED BY '{{ mariadb_root_password }}'; FLUSH PRIVILEGES;"</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Stop MariaDB</span> <span class="na">shell</span><span class="pi">:</span> <span class="s">mysqladmin -u root -p'{{ mariadb_root_password }}' shutdown</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Start MariaDB normally</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">mariadb</span> <span class="na">state</span><span class="pi">:</span> <span class="s">started</span> <span class="na">when</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">mysql_access is failed</span> <span class="pi">-</span> <span class="s">not mycnf_file.stat.exists</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Create .my.cnf file with root credentials</span> <span class="na">template</span><span class="pi">:</span> <span class="na">src</span><span class="pi">:</span> <span class="s">my.cnf.j2</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/root/.my.cnf</span> <span class="na">mode</span><span class="pi">:</span> <span class="s1">'</span><span class="s">0600'</span> <span class="na">when</span><span class="pi">:</span> <span class="s">not mycnf_file.stat.exists</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Create MariaDB database</span> <span class="na">mysql_db</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">{{</span><span class="nv"> </span><span class="s">mariadb_db</span><span class="nv"> </span><span class="s">}}"</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">login_unix_socket</span><span class="pi">:</span> <span class="s">/var/run/mysqld/mysqld.sock</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Create MariaDB user</span> <span class="na">mysql_user</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">{{</span><span class="nv"> </span><span class="s">mariadb_user</span><span class="nv"> </span><span class="s">}}"</span> <span class="na">password</span><span class="pi">:</span> <span class="s2">"</span><span class="s">{{</span><span class="nv"> </span><span class="s">mariadb_password</span><span class="nv"> </span><span class="s">}}"</span> <span class="na">priv</span><span class="pi">:</span> <span class="s2">"</span><span class="s">{{</span><span class="nv"> </span><span class="s">mariadb_db</span><span class="nv"> </span><span class="s">}}.*:ALL"</span> <span class="na">host</span><span class="pi">:</span> <span class="s1">'</span><span class="s">localhost'</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="na">login_unix_socket</span><span class="pi">:</span> <span class="s">/var/run/mysqld/mysqld.sock</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> </code></pre> </div> <h4> suitecrm/tasks/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="c1"># tasks file for suitecrm</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install unzip</span> <span class="na">apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">unzip</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Download SuiteCRM</span> <span class="na">get_url</span><span class="pi">:</span> <span class="na">url</span><span class="pi">:</span> <span class="s">https://suitecrm.com/download/147/suite86/564202/suitecrm-8-6-2.zip</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/tmp/suitecrm.zip</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Unzip SuiteCRM</span> <span class="na">unarchive</span><span class="pi">:</span> <span class="na">src</span><span class="pi">:</span> <span class="s">/tmp/suitecrm.zip</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/var/www/html</span> <span class="na">remote_src</span><span class="pi">:</span> <span class="s">yes</span> <span class="na">mode</span><span class="pi">:</span> <span class="s1">'</span><span class="s">0755'</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set ownership of /var/www/html to www-data</span> <span class="na">file</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/var/www/html</span> <span class="na">state</span><span class="pi">:</span> <span class="s">directory</span> <span class="na">recurse</span><span class="pi">:</span> <span class="s">yes</span> <span class="na">owner</span><span class="pi">:</span> <span class="s">www-data</span> <span class="na">group</span><span class="pi">:</span> <span class="s">www-data</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Create SuiteCRM Apache config file</span> <span class="na">template</span><span class="pi">:</span> <span class="na">src</span><span class="pi">:</span> <span class="s">suitecrm.conf.j2</span> <span class="na">dest</span><span class="pi">:</span> <span class="s">/etc/apache2/sites-available/suitecrm.conf</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Enable SuiteCRM site</span> <span class="na">command</span><span class="pi">:</span> <span class="s">a2ensite suitecrm.conf</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install Certbot and python3-certbot-apache</span> <span class="na">apt</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">certbot</span> <span class="pi">-</span> <span class="s">python3-certbot-apache</span> <span class="na">state</span><span class="pi">:</span> <span class="s">present</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Obtain SSL certificate using Certbot for SuiteCRM</span> <span class="na">command</span><span class="pi">:</span> <span class="s">certbot --apache -d {{ domain_name }} --non-interactive --agree-tos --email {{ email }}</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Reload Apache to apply SSL certificate</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">apache2</span> <span class="na">state</span><span class="pi">:</span> <span class="s">reloaded</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set permissions for directories to </span><span class="m">755</span> <span class="na">find</span><span class="pi">:</span> <span class="na">paths</span><span class="pi">:</span> <span class="s">/var/www/html</span> <span class="na">recurse</span><span class="pi">:</span> <span class="s">yes</span> <span class="na">file_type</span><span class="pi">:</span> <span class="s">directory</span> <span class="na">register</span><span class="pi">:</span> <span class="s">directories</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Apply 755 permissions to directories</span> <span class="na">file</span><span class="pi">:</span> <span class="na">path</span><span class="pi">:</span> <span class="s">/var/www/html</span> <span class="na">mode</span><span class="pi">:</span> <span class="s1">'</span><span class="s">0755'</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Reload Apache with SSL configuration</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">apache2</span> <span class="na">state</span><span class="pi">:</span> <span class="s">reloaded</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> </code></pre> </div> <h4> suitecrm/templates/suitecrm.conf.j2 </h4> <div class="highlight js-code-highlight"> <pre class="highlight apache"><code><span class="p">&lt;</span><span class="nl">VirtualHost</span><span class="sr"> *:80</span><span class="p">&gt; </span><span class="nc">ServerName</span> {{ domain_name }} <span class="nc">DocumentRoot</span> /var/www/html/public <span class="p">&lt;</span><span class="nl">Directory</span><span class="sr"> /var/www/html/public</span><span class="p">&gt; </span><span class="nc">AllowOverride</span> <span class="ss">All</span> <span class="p">&lt;/</span><span class="nl">Directory</span><span class="p">&gt; </span> <span class="nc">ErrorLog</span> ${APACHE_LOG_DIR}/error.log <span class="nc">CustomLog</span> ${APACHE_LOG_DIR}/access.log combined <span class="p">&lt;/</span><span class="nl">VirtualHost</span><span class="p">&gt; </span></code></pre> </div> <h4> suitecrm/vars/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="c1"># vars file for suitecrm</span> <span class="na">domain_name</span><span class="pi">:</span> <span class="s2">"</span><span class="s">crm.thebudgetbuys.com"</span> <span class="na">email</span><span class="pi">:</span> <span class="s2">"</span><span class="s">rijalnitesh78@gmail.com"</span> </code></pre> </div> <h3> 6. Additional Configuration Files </h3> <h4> ansible.cfg </h4> <p>Create this file in the <code>crm/ansible/</code> directory:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ini"><code><span class="nn">[defaults]</span> <span class="py">host_key_checking</span> <span class="p">=</span> <span class="s">False</span> </code></pre> </div> <h4> crm/ansible/main.yml </h4> <p>This is the main Ansible playbook that orchestrates the roles:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">hosts</span><span class="pi">:</span> <span class="s">crm</span> <span class="na">become</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">roles</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">role</span><span class="pi">:</span> <span class="s">sql</span> <span class="pi">-</span> <span class="na">role</span><span class="pi">:</span> <span class="s">apache2</span> <span class="pi">-</span> <span class="na">role</span><span class="pi">:</span> <span class="s">php</span> <span class="pi">-</span> <span class="na">role</span><span class="pi">:</span> <span class="s">suitecrm</span> </code></pre> </div> <h4> roles/sql/defaults/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="c1"># defaults file for sql</span> <span class="na">mariadb_root_password</span><span class="pi">:</span> <span class="s2">"</span><span class="s">suitecrm"</span> <span class="na">mariadb_db</span><span class="pi">:</span> <span class="s2">"</span><span class="s">suitecrm"</span> <span class="na">mariadb_user</span><span class="pi">:</span> <span class="s2">"</span><span class="s">suitecrm"</span> <span class="na">mariadb_password</span><span class="pi">:</span> <span class="s2">"</span><span class="s">suitecrm"</span> </code></pre> </div> <h4> roles/sql/vars/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="c1"># vars file for sql</span> <span class="na">mariadb_root_password</span><span class="pi">:</span> <span class="s">suitecrm</span> <span class="na">mariadb_database</span><span class="pi">:</span> <span class="s">suitecrm</span> <span class="na">mariadb_user</span><span class="pi">:</span> <span class="s">suitecrm</span> <span class="na">mariadb_password</span><span class="pi">:</span> <span class="s">suitecrm</span> <span class="na">ansible_python_interpreter</span><span class="pi">:</span> <span class="s">/usr/bin/python3</span> </code></pre> </div> <h4> roles/sql/handlers/main.yml </h4> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="nn">---</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Restart MariaDB</span> <span class="na">service</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">mariadb</span> <span class="na">state</span><span class="pi">:</span> <span class="s">restarted</span> </code></pre> </div> <h4> roles/sql/templates/mariadb.cnf.j2 </h4> <div class="highlight js-code-highlight"> <pre class="highlight ini"><code><span class="nn">[mysqld]</span> <span class="py">datadir</span><span class="p">=</span><span class="s">/var/lib/mysql</span> <span class="py">socket</span><span class="p">=</span><span class="s">/var/run/mysqld/mysqld.sock</span> <span class="py">bind-address</span><span class="p">=</span><span class="s">0.0.0.0</span> <span class="py">port</span><span class="p">=</span><span class="s">3306</span> <span class="c"># InnoDB settings </span><span class="py">innodb_buffer_pool_size</span><span class="p">=</span><span class="s">1G</span> <span class="py">innodb_log_file_size</span><span class="p">=</span><span class="s">256M</span> <span class="py">innodb_flush_log_at_trx_commit</span><span class="p">=</span><span class="s">1</span> <span class="py">innodb_flush_method</span><span class="p">=</span><span class="s">O_DIRECT</span> <span class="c"># MyISAM settings </span><span class="py">key_buffer_size</span><span class="p">=</span><span class="s">256M</span> <span class="c"># Query cache </span><span class="py">query_cache_size</span><span class="p">=</span><span class="s">0</span> <span class="py">query_cache_type</span><span class="p">=</span><span class="s">0</span> <span class="c"># Logging </span><span class="py">general_log_file</span><span class="p">=</span><span class="s">/var/log/mysql/mysql.log</span> <span class="py">log_error</span><span class="p">=</span><span class="s">/var/log/mysql/error.log</span> <span class="c"># Character set </span><span class="py">character-set-server</span><span class="p">=</span><span class="s">utf8mb4</span> <span class="py">collation-server</span><span class="p">=</span><span class="s">utf8mb4_general_ci</span> <span class="nn">[mysql]</span> <span class="py">default-character-set</span><span class="p">=</span><span class="s">utf8mb4</span> <span class="nn">[client]</span> <span class="py">default-character-set</span><span class="p">=</span><span class="s">utf8mb4</span> </code></pre> </div> <h4> roles/sql/templates/my.cnf.j2 </h4> <div class="highlight js-code-highlight"> <pre class="highlight ini"><code><span class="nn">[client]</span> <span class="py">user</span><span class="p">=</span><span class="s">root</span> <span class="py">password</span><span class="p">=</span><span class="s">{{ mariadb_root_password }}</span> </code></pre> </div> <h3> 7. Deployment Process </h3> <p>With all these files in place, the automated deployment process works as follows:</p> <ol> <li> <p>When changes are pushed to the <code>infrastructure/</code> directory, the <code>infra.yaml</code> workflow is triggered.</p> <ul> <li>This workflow deploys or updates the AWS infrastructure using CloudFormation.</li> </ul> </li> <li> <p>When changes are pushed to the <code>crm/</code> directory, the <code>crm.yaml</code> workflow is triggered.</p> <ul> <li>This workflow runs the Ansible playbook, which: <ul> <li>Installs and configures MariaDB</li> <li>Installs and configures Apache2</li> <li>Installs and configures PHP</li> <li>Downloads and sets up SuiteCRM</li> <li>Configures SSL using Certbot</li> </ul> </li> </ul> </li> <li><p>After the playbook runs successfully, SuiteCRM should be accessible at the specified domain (<a href="https://crm.thebudgetbuys.com" rel="noopener noreferrer">https://crm.thebudgetbuys.com</a> in this case).</p></li> </ol> <h2> Benefits of This Approach </h2> <ol> <li> <strong>Infrastructure as Code (IaC)</strong>: All AWS resources are defined in CloudFormation templates, allowing for version control and easy replication.</li> <li> <strong>Configuration as Code</strong>: Ansible roles define the exact configuration of the server and application, ensuring consistency across deployments.</li> <li> <strong>Automated Testing</strong>: You can easily add testing steps in the GitHub Actions workflows to ensure quality before deployment.</li> <li> <strong>Easy Rollbacks</strong>: If an issue occurs, you can quickly roll back to a previous version of either the infrastructure or the application configuration.</li> <li> <strong>Scalability</strong>: This setup can be easily adapted to deploy multiple environments or multiple instances of SuiteCRM.</li> <li> <strong>Audit Trail</strong>: All changes to infrastructure and configuration are tracked in Git, providing a clear audit trail.</li> <li> <strong>Reduced Downtime</strong>: Automated deployments are faster and can be scheduled during off-peak hours to minimize disruption.</li> <li> <strong>Knowledge Sharing</strong>: New team members can quickly understand the entire setup by reviewing the code in the repository.</li> </ol> <h2> Conclusion </h2> <p>This comprehensive setup provides a fully automated deployment pipeline for SuiteCRM. By leveraging GitHub Actions, AWS CloudFormation, and Ansible, we've created a robust, scalable, and maintainable solution that can significantly streamline the deployment and management of SuiteCRM instances.</p> <p>Remember to regularly update your dependencies, review security best practices, and continuously improve your automation scripts to keep your SuiteCRM deployment efficient and secure.</p> devops ansible aws githubactions Open Sourcing LinBy UI: Streamline Your DevOps Setup with Automated Jenkins Integration Nitesh Rijal Fri, 03 Nov 2023 18:54:27 +0000 https://dev.to/neetesshhr/open-sourcing-linby-ui-streamline-your-devops-setup-with-automated-jenkins-integration-3ko5 https://dev.to/neetesshhr/open-sourcing-linby-ui-streamline-your-devops-setup-with-automated-jenkins-integration-3ko5 <p>Hey everyone! 👋<br> I'm super excited to share something I've been working on that I hope can be of value to the DevOps community. I've just open-sourced my project <strong>LinBy UI</strong>!<br> LinBy UI is a tool designed with the intention to make the lives of DevOps professionals and system admins a lot easier. The main feature at the moment is the automation of setting up Jenkins - which I know can be a bit of a hassle sometimes. But that's just the start. The vision is to create a user-friendly interface that allows for easy deployment and management of various DevOps tools all in one place.<br> Here's what you can expect from LinBy UI:</p> <ul> <li> <strong>Automated Jenkins Setup</strong>: Get Jenkins up and running without manual setup hassles.</li> <li> <strong>Expandable to Other Tools</strong>: The architecture is built to support more tools in the future.</li> <li> <strong>Community-Driven Development</strong>: Looking for feedback, suggestions, and contributions! The project is in its early stages, and there's plenty of room for improvement and additional features. I believe that with the community's insights and contributions, LinBy UI can grow into an even more versatile and powerful tool. If you're interested in contributing or just want to check it out, you can find the repo here: <a href="https://github.com/neetesshhr/linby-ui/">Link</a> Whether you're interested in contributing code, documentation, suggestions, or bug reports - all forms of contributions are welcome. Let's build something great together! Thanks for reading, and I'm looking forward to any questions or feedback you might have! #opensource #devopstool</li> </ul>