The following blog posts mark my experience using Ansible to provision a LAMP server and run websites off it.

  1. Install Ansible on Mac OS
  2. Provision LAMP
  3. Install sites using Git
  4. Configure sites
  5. Setting up a Postfix mail server
  6. Installing a firewall

I have taken the Ansible route because I find setting up a server tedious and the hope was to achieve the following:

  1. Make it easier
  2. Enable me to alter configurations and reinstall components
  3. Provide clear documentation of what I have installed
The proof of the Ansible pudding remains to be seen and I won't know for sure until next time I provision a server, which from now on, will be every year at least.  In the past it was too easy to install and configure components and finally get them working but only then to realise that I have no record of the path I took.  With Ansible, the tasks are clearly detailed in code and I have found that you can make changes and rerun tasks with no apparent side effects, so long as individual commands and such are written in a way that does not keep appending stuff to the server.  The use of tags enables me to run only some tasks in a playbook such as:
ansible-playbook -i ansible_lamp/hosts ansible-ispmail-jessie/ispmail.yml  --tags "postfix,dovecot" -vvvv;

which runs only the postfix and dovecot tasks.  I ran this a number of times while troubleshooting mail problems (the -vvvv gives me verbose output).  The mailserver has always been a tricky task and it has certainly helped to have a full record of all the steps needed to set it up.  If Ansible installs the mail server without a problem next time I use it that would be great but even if it doesn't I have a full record of what I needed to do to get it going this time.

It has also occurred to me that it might be helpful to occasionally reset the mysql password.  As explained in another post, I now keep my password in php.ini, and use get_config_var() to obtain it from my php scripts, so now I can change it easily and flawlessly simply by running a tag:

ansible-playbook -i ansible_lamp/hosts ansible_lamp/site.yml  --tags "mysql" -vvvv;

In conclusion, at this early stage of Ansible use, I would say it is a great application to use and would recommend it to others.

User login