diff -r a2342f26c9de -r b0b56e0f8c7f dev/provisioning/playbook.yml
--- a/dev/provisioning/playbook.yml	Fri Jan 15 15:27:56 2016 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,387 +0,0 @@
----
-- hosts: all
-
-  vars:
-
-    # These are the Wordpress database settings
-    db_name: corpus
-    db_user: corpus
-    db_password: md5bf687edf8c06f3f1aa3759c82c1217a0
-
-  tasks:
-#   - name: install language pack
-#     command: localedef -v -c -i en_US -f UTF-8 en_US.UTF-8
-
-    - name: set hostname
-      hostname: name={{site_name}}
-    - name: set hosts IPv4
-      lineinfile:
-        dest: /etc/hosts
-        line: 127.0.0.1   corpus-parole corpus-parole.local
-    - name: set hosts IPv6
-      lineinfile:
-        dest: /etc/hosts
-        line: ::1         corpus-parole corpus-parole.local
-
-    - name: ensure correct locale LC_ALL
-      lineinfile: dest=/etc/sysconfig/i18n regexp=^LC_ALL= line=LC_ALL="en_US.UTF-8"
-    - name: ensure correct locale LANG
-      lineinfile: dest=/etc/sysconfig/i18n regexp=^LANG= line=LANG="en_US.UTF-8"
-
-    # - name: set .bashrc
-    #   copy: src=files/.bashrc dest=/home/vagrant/.bashrc force=yes
-    # - name: set .profile
-    #   copy: src=files/.profile dest=/home/vagrant/.profile force=yes
-
-    - name: check yum base last update
-      stat: path=/var/cache/yum/x86_64/6/base/cachecookie
-      register: yum_cache_stat_base
-
-    - name: yum update
-      yum: name=* update_cache=yes state=latest
-#      when: ansible_date_time.epoch|float - yum_cache_stat_base.stat.mtime > 60*60*12*24
-
-    - name: repo ignore outdated postgres base
-      ini_file:
-        dest: /etc/yum.repos.d/CentOS-Base.repo
-        section: base
-        option: exclude=postgresql*
-
-    - name: repo ignore outdated postgres update
-      ini_file:
-        dest: /etc/yum.repos.d/CentOS-Base.repo
-        section: updates
-        option: exclude=postgresql*
-
-    - name: additional repos install
-      yum: name={{item}} state=latest
-      with_items:
-        - epel-release
-        - centos-release-SCL
-
-    # Remi yum repository.
-    - stat: path=/etc/yum.repos.d/remi.repo
-      register: remi_repo
-
-    - name: Download Remi repo.
-      get_url: url=http://rpms.famillecollet.com/enterprise/remi-release-6.rpm dest=/tmp/
-      when: remi_repo.stat.exists == False
-
-    - name: Install Remi repo.
-      command: rpm -Uvh --force /tmp/remi-release-6.rpm creates=/etc/yum.repos.d/remi.repo
-      when: remi_repo.stat.exists == False
-
-    - name : delete remi rpm
-      file: path=/tmp/remi-release-6.rpm state=absent
-
-    # postgres yum repository.
-    - stat: path=/etc/yum.repos.d/pgdg-94-centos.repo
-      register: postgres_repo
-
-    - name: Download Postgres repo.
-      get_url: url=http://yum.postgresql.org/9.4/redhat/rhel-6-x86_64/pgdg-centos94-9.4-1.noarch.rpm dest=/tmp/
-      when: postgres_repo.stat.exists == False
-
-    - name: Install postgres repo.
-      command: rpm -Uvh --force /tmp/pgdg-centos94-9.4-1.noarch.rpm creates=/etc/yum.repos.d/pgdg-94-centos.repo
-      when: postgres_repo.stat.exists == False
-
-    - name : delete postgres rpm
-      file: path=/tmp/pgdg-centos94-9.4-1.noarch.rpm state=absent
-
-    - name: additional repos install epel
-      ini_file:
-        dest: /etc/yum.repos.d/epel.repo
-        section: epel
-        option: enabled
-        value: 1
-
-    - name: check yum epel last update
-      stat: path=/var/cache/yum/x86_64/6/epel/cachecookie
-      register: yum_cache_stat_epel
-
-    - name: yum update after repos
-      yum: name=* update_cache=yes state=latest
-#      when: ansible_date_time.epoch|float - yum_cache_stat_epel.stat.mtime > 60*60*12*24
-
-    #TODO install alternative packages
-    - name: install libs
-      yum: name={{item}} state=latest enablerepo=remi
-      with_items:
-        - nginx
-        - postgresql94-server
-        - python-psycopg2
-        - htop
-        - openssl
-        - php56
-        - php56-php-fpm
-        - php56-php-mbstring
-        - php56-php-mcrypt
-        - php56-php-gd
-        - php56-php-pgsql
-        - java-1.8.0-openjdk
-        - tomcat
-
-
-## php-fpm config
-
-# set fpm user to nginx
-# authorize /var/log/php-fpm
-    - name: copy sysconfig for php-fpm
-      copy: src=files/sysconfig_php-fpm dest=/opt/remi/php56/root/etc/sysconfig/php-fpm
-    - name: set /opt/remi/php56/root/var/log/php-fpm permission
-      file: path=/opt/remi/php56/root/var/log/php-fpm/ state=directory owner=nginx group=nginx
-
-    - name: set php-fpm listen to socket
-      lineinfile:
-        dest: /opt/remi/php56/root/etc/php-fpm.d/www.conf
-        regexp: '^listen\s*='
-        line: 'listen = /opt/remi/php56/root/var/run/php-fpm/php-fpm.sock'
-        state: present
-
-    - name: set php-fpm user
-      lineinfile:
-        dest: /opt/remi/php56/root/etc/php-fpm.d/www.conf
-        regexp: '^user\s*='
-        line: 'user = nginx'
-        state: present
-
-    - name: set php-fpm group
-      lineinfile:
-        dest: /opt/remi/php56/root/etc/php-fpm.d/www.conf
-        regexp: '^group\s*='
-        line: 'group = nginx'
-        state: present
-
-    - name: set php-fpm user
-      lineinfile:
-        dest: /opt/remi/php56/root/etc/php-fpm.d/www.conf
-        regexp: '^;listen.owner\s*='
-        line: 'listen.owner = nginx'
-        state: present
-
-    - name: set php-fpm group
-      lineinfile:
-        dest: /opt/remi/php56/root/etc/php-fpm.d/www.conf
-        regexp: '^;listen.group\s*='
-        line: 'listen.group = nginx'
-        state: present
-
-    - name: set php-fpm permission
-      lineinfile:
-        dest: /opt/remi/php56/root/etc/php-fpm.d/www.conf
-        regexp: '^;listen.mode\s*='
-        line: 'listen.mode = 0660'
-        state: present
-
-    - name: add link to php56 fpm log
-      file: path=/var/log/php56-php-fpm src=/opt/remi/php56/root/var/log/php-fpm state=link
-
-    - name: restart php-fpm
-      service: name=php56-php-fpm state=restarted enabled=yes
-
-
-## nginx config
-
-    - name: create ssl folder
-      file: path=/etc/nginx/ssl state=directory mode=0700
-    - name: generate ssl key
-      command: openssl genrsa -out "/etc/nginx/ssl/{{ site_name }}.key" 1024
-      args:
-        creates: /etc/nginx/ssl/{{ site_name }}.key
-    - name: generate ssl csr
-      command: openssl req -new -key /etc/nginx/ssl/{{ site_name }}.key -out /etc/nginx/ssl/{{ site_name }}.csr -subj "/CN={{ site_name }}/O=MCC/C=FR"
-      args:
-        creates: /etc/nginx/ssl/{{ site_name }}.csr
-    - name: generate ssl certificate
-      command: openssl x509 -req -days 365 -in /etc/nginx/ssl/{{ site_name }}.csr -signkey /etc/nginx/ssl/{{ site_name }}.key -out /etc/nginx/ssl/{{ site_name }}.crt
-      args:
-        creates: /etc/nginx/ssl/{{ site_name }}.crt
-
-    - name: change nginx default
-      template: src=files/site.j2 dest=/etc/nginx/nginx.conf mode=0644 force=yes
-
-    - name: restart nginx
-      service: name=nginx state=restarted enabled=yes
-
-
-## postgres
-    - name: set postgresql to start
-      service: name=postgresql-9.4 enabled=yes
-
-    - name: postgresql initdb
-      command: service postgresql-9.4 initdb
-      args:
-        creates: /var/lib/pgsql/9.4/data/postgresql.conf
-
-## configure tomcat
-
-    - name: set JAVA_HOME
-      lineinfile:
-        dest: /etc/tomcat/tomcat.conf
-        regexp: '^\#?JAVA_HOME='
-        line: JAVA_HOME="/etc/alternatives/jre_1.8.0"
-        state: present
-
-    - name: set parseBodyMethods to add POST
-      lineinfile:
-        dest: /etc/tomcat/server.xml
-        regexp: '^\s+\<Connector\s+port=\"8080\"\s+protocol=\"HTTP\/1.1\"\s*$'
-        line: '    <Connector port="8080" protocol="HTTP/1.1" parseBodyMethods="POST,PUT"'
-        state: present
-
-## Install sesame
-    - stat: path=/var/lib/tomcat/webapps/openrdf-sesame.war
-      register: sesame_jar
-
-    - name: download sesame
-      get_url: url=http://sourceforge.net/projects/sesame/files/Sesame%204/4.0.0/openrdf-sesame-4.0.0-sdk.tar.gz/download dest=/tmp/openrdf-sesame-4.0.0-sdk.tar.gz
-      when: sesame_jar.stat.exists == False
-
-    - name: create sesame untar dest
-      file: path=/tmp/openrdf-sesame-4.0.0-sdk state=directory
-      when: sesame_jar.stat.exists == False
-
-    - name: unarchive sesame
-      unarchive: src=/tmp/openrdf-sesame-4.0.0-sdk.tar.gz dest=/tmp/openrdf-sesame-4.0.0-sdk copy=false
-      when: sesame_jar.stat.exists == False
-
-    - name: deploy sesame jar
-      shell: cp /tmp/openrdf-sesame-4.0.0-sdk/openrdf-sesame-4.0.0/war/*.war /var/lib/tomcat/webapps/
-      when: sesame_jar.stat.exists == False
-
-    - name: create sesame data folder
-      file: path=/var/lib/sesame/data state=directory owner=tomcat group=tomcat
-      when: sesame_jar.stat.exists == False
-
-    - name: update tomcat config
-      lineinfile:
-        dest: /etc/tomcat/tomcat.conf
-        line: 'JAVA_OPTS=\"${JAVA_OPTS} -Dinfo.aduna.platform.appdata.basedir=/var/lib/sesame/data -Xms512m -Xmx512m\"'
-        state: present
-      when: sesame_jar.stat.exists == False
-
-    - name: restart tomcat
-      service: name=tomcat state=restarted enabled=yes
-      when: sesame_jar.stat.exists == False
-
-    - name : delete sesame archive
-      file: path=/tmp/openrdf-sesame-4.0.0-sdk.tar.gz state=absent
-
-    - name : delete sesame untar
-      file: path=/tmp/openrdf-sesame-4.0.0-sdk state=absent
-
-
-#set postgresql local access to trust
-    - name: add trust access for postgresql user
-      lineinfile:
-        dest: /var/lib/pgsql/9.4/data/pg_hba.conf
-        regexp: '^host\s+all\s+postgres\s+.127\.0\.0\.1\/32\s+trust$'
-        insertafter: '^#\sIPv4\slocal.+'
-        line: 'host   all             postgres        127.0.0.1/32            trust'
-
-    - name: postgresql start
-      service: name=postgresql-9.4 state=started
-
-    - name: Create database user
-      postgresql_user: name={{ db_user }} password={{ db_password }} state=present
-      sudo: yes
-      sudo_user: postgres
-
-    - name: create database
-      postgresql_db: name={{ db_name }} encoding=utf8 owner={{ db_user }} state=present
-      sudo: yes
-      sudo_user: postgres
-
-    - name: restart postgres
-      service: name=postgresql-9.4 state=restarted
-
-## Install dev dependencies
-
-    - name: install dev tools
-      yum: name="{{item}}" state=latest
-      with_items:
-        - "@Development tools"
-
-    #install composer
-    - stat: path=/usr/local/bin/composer
-      register: composer_bin
-
-    - name: install composer
-      shell: curl -sS https://getcomposer.org/installer | scl enable php56 'php -- --install-dir=/usr/local/bin'
-      when: composer_bin.stat.exists == False
-    - name: link composer
-      file: path=/usr/local/bin/composer src=/usr/local/bin/composer.phar state=link
-      when: composer_bin.stat.exists == False
-
-    #install node
-    - stat: path=/usr/bin/node
-      register: node_bin
-
-    - name: install node rpm
-      shell: curl -sL https://rpm.nodesource.com/setup | bash -
-      when: node_bin.stat.exists == False
-    - name: install node
-      yum: name=nodejs state=latest
-      when: node_bin.stat.exists == False
-
-## open ports
-    - name: get iptables rules
-      shell: iptables -L
-      register: iptablesrules
-      always_run: yes
-      sudo: true
-
-    - name: add nginx http iptable rule
-      command: /sbin/iptables -I INPUT 1 -p tcp --dport http -j ACCEPT -m comment --comment "nginx 80"
-      sudo: true
-      when: iptablesrules.stdout.find("nginx 80") == -1
-
-    - name: add nginx http iptable rule
-      command: /sbin/iptables -I INPUT 1 -p tcp --dport https -j ACCEPT -m comment --comment "nginx 443"
-      sudo: true
-      when: iptablesrules.stdout.find("nginx 443") == -1
-
-    - name: add postgresql iptable rule
-      command: /sbin/iptables -I INPUT 1 -p tcp --dport 5432 -j ACCEPT -m comment --comment "postgresql"
-      sudo: true
-      when: iptablesrules.stdout.find("postgresql") == -1
-
-    - name: add tomcat iptable rule
-      command: /sbin/iptables -I INPUT 1 -p tcp --dport 8080 -j ACCEPT -m comment --comment "tomcat"
-      sudo: true
-      when: iptablesrules.stdout.find("tomcat") == -1
-
-    - name: save iptables
-      command: service iptables save
-      sudo: true
-
-    - name: restart iptables
-      service: name=iptables state=restarted
-      sudo: true
-
-# - name: install nginx
-#   apt: name=nginx
-#
-# - name: change nginx default
-#   copy: src=files/default dest=/etc/nginx/sites-available/ mode=0644 force=yes
-#
-# - name: install software-properties-common
-#   apt: name=software-properties-common
-#
-# - name: add repo
-#   copy: src=files/mariadb.list dest=/etc/apt/sources.list.d/
-#   register: mariadb_repo_present
-#
-# - name: add repokey
-#   command: apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db
-#   when: mariadb_repo_present.changed
-#
-# - name: apt install mariadb
-#   apt: name={{item}} update_cache=yes
-#   with_items:
-#     - mysql-common=5.1.67-mariadb122~precise
-#     - libmariadbclient16=5.1.67-mariadb122~precise
-#     - mariadb-client-core-5.1=5.1.67-mariadb122~precise
-#     -
-#     - mariadb-server