Getting started

Default host customization

The role provides the run-wp-cron Bash script which can be used to execute the WP Cron tasks via the command line or cron service.

A special daily cron job is enabled by default; it looks for the wp-config.php files in the /home and /srv directories and changes their permissions to 0600 if they are world-readable. This is done because WordPress installer creates these files with 0666 permissions, which is a security risk in shared hosting environments.

Example inventory

To install the WP-CLI framework on a host, the host needs to be added to the [debops_service_wpcli] Ansible inventory group. This will also install the PHP environment required to use the script.


Example playbook

If you are using this role without DebOps, here's an example Ansible playbook that uses the debops.wpcli role:


- name: Install WP-CLI framework
  collections: [ 'debops.debops', 'debops.roles01',
                 'debops.roles02', 'debops.roles03' ]
  hosts: [ 'debops_service_wpcli' ]
  become: True

  environment: '{{ inventory__environment | d({})
                   | combine(inventory__group_environment | d({}))
                   | combine(inventory__host_environment  | d({})) }}'


    - name: Apply keyring configuration for php environment
        name: 'keyring'
          - '{{ php__keyring__dependent_apt_keys }}'
          - '{{ wpcli__keyring__dependent_gpg_keys }}'
      tags: [ 'role::keyring', 'skip::keyring', 'role::php', 'role::wpcli' ]

    - name: Prepare php environment
        name: 'php'
        tasks_from: 'main_env'
      tags: [ 'role::php', 'role::php:env', 'role::logrotate' ]


    - role: apt_preferences
      tags: [ 'role::apt_preferences', 'skip::apt_preferences' ]
        - '{{ php__apt_preferences__dependent_list }}'

    - role: cron
      tags: [ 'role::cron', 'skip::cron' ]

    - role: logrotate
      tags: [ 'role::logrotate', 'skip::logrotate' ]
        - '{{ php__logrotate__dependent_config }}'

    - role: php
      tags: [ 'role::php', 'skip::php' ]
        - '{{ wpcli__php__dependent_packages }}'

    - role: wpcli
      tags: [ 'role::wpcli', 'skip::wpcli' ]

Ansible tags

You can use Ansible --tags or --skip-tags parameters to limit what tasks are performed during Ansible run. This can be used after a host was first configured to speed up playbook execution, when you are sure that most of the configuration is already in the desired state.

Available role tags:

Main role tag, should be used in the playbook to execute all of the role tasks as well as role dependencies.