{"id":19174590,"url":"https://github.com/equalitie/eqpress","last_synced_at":"2025-07-24T21:19:45.137Z","repository":{"id":31939565,"uuid":"35509181","full_name":"equalitie/eqpress","owner":"equalitie","description":"Managed Wordpress Hosting - Secure \u0026 Open Source","archived":false,"fork":false,"pushed_at":"2025-05-31T06:55:25.000Z","size":3994,"stargazers_count":30,"open_issues_count":13,"forks_count":12,"subscribers_count":14,"default_branch":"master","last_synced_at":"2025-06-08T02:07:29.499Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://equalit.ie/eqpress","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/equalitie.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2015-05-12T19:47:54.000Z","updated_at":"2025-06-02T22:36:16.000Z","dependencies_parsed_at":"2024-05-31T14:46:54.096Z","dependency_job_id":"ee92cb29-ad1d-4c34-8add-a57a843903e8","html_url":"https://github.com/equalitie/eqpress","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/equalitie/eqpress","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/equalitie%2Feqpress","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/equalitie%2Feqpress/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/equalitie%2Feqpress/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/equalitie%2Feqpress/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/equalitie","download_url":"https://codeload.github.com/equalitie/eqpress/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/equalitie%2Feqpress/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261066572,"owners_count":23104773,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-09T10:18:26.820Z","updated_at":"2025-06-21T05:08:18.544Z","avatar_url":"https://github.com/equalitie.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"### Installing\nA host with a working Ansible installation is required. Read this:\n\n\thttp://docs.ansible.com/ansible/intro_installation.html\n\nFor Debian 9+\n\n\tapt-get install ansible\n\nClone this repo:\n\n\tgit clone https://github.com/equalitie/eqpress.git\n\n#### Environment Initialization\nInitializing the ansible environment is required before any other playbooks can be executed. Change into the equpress directory, create the inventory file and then run the init playbook:\n\n\tcd eqpress \n\ttouch hosts\n\tvi hosts (add your target hosts including localhost)\n\nExample inventory\n\t\n\t[local]\n\tlocalhost ansible_connection=local\n\n\t[production]\n\teqwp1.equalit.ie\n\teqwp2.equalit.ie\n\n\t[masters]\n\teqwp1.equalit.ie\n\n\t[slaves]\n\teqwp2.equalit.ie\n\n\t[eqwp]\n\teqwp1.equalit.ie\n\teqwp2.equalit.ie\n\t\nPlay to run\n\t\n\tansible-playbook -i hosts play-init-env.yml -v\n\nThe following settings can be specified. Accepting the defaults are enough to configure the environment so the other playbooks will work but making them unique to your environment is best.\n\nSSL/TLS certificate attributes are required to generate the self-signed certificates used for MySQL replication.\n\n* **Enter organization name**\n* **Root certificate country**\n* **Root certificate state/province**\n* **Root certificate city**\n* **Root certificate orginazational unit**\n* **Root certificate common name**\n* **Root certificate email address**\n\nMandrill and Sendgrid are email delivery services offering free accounts for moderate levels of email traffic. These are not required but recommended for reliable email delivery.\n\n* **Mandrill username** - Sign up for an account [here](https://mandrill.com/signup/). Free plan allows 12,000 sent emails per month.\n* **Mandrill password**\n* **Sendgrid username** - Sign up for a free account [here](https://sendgrid.com/user/signup). Free plan allows 400 sent emails per day.\n* **Sendgrid password**\n* **Default email service**\n* **Monitoring email address** - Where all alerts are sent to.\n* **Timezone**\n* **Use DNS lookup for host IP assignment** - y or n\n\n\"y\" if you want to use dns lookup for IP and \"n\" to use ansible gathered facts for IP \n\nNote: If your VM or server has a private interal IP address and a network server supplies your public IP address (floating IP), choose \"y\" or your IP addresses will be the private addresses and in most cases will not work.\n\n#### Server Configuration Initialization\nTo build a redundant pair of servers there are some ansible variables that need to be set for the playbooks to work. Run the initialization playbook to create the group and host variables:\n\n\tansible-playbook -i hosts play-init-servers.yml -v\n\nThe following settings must be specified:\n\n* **Nginx worker processes** - Should equal c - 2 where c is number of CPU cores. If c is \u003c 4 then worker procs should equal 2\n.\n* **PHP-FPM max children** - default is typically fine\n* **PHP-FPM start servers** - default is typically fine\n* **PHP-FPM min spare** - default is typically fine\n* **PHP-FPM max spare** - default is typically fine\n* **PHP-FPM max requests** - default prevents processes from eating too much RAM. Increase to 64 if server is very busy.\n* **PHP-FPM opcache memory size** - increase default if more than 20 sites are hosted on the same server\n* **MySQL root user password** - [click here for long random strings](https://www.random.org/passwords/?num=5\u0026len=23\u0026format=html\u0026rnd=new) \n* **MySQL InnoDB buffer pool size** - default good for servers with RAM \u003c= 1GB. Set to 1536M for servers with 4GB RAM. Don't forget the K, M or G after the number\n* **MySQL InnoDB log file size** - default is fine for servers \u003c 4GB RAM\n* **MySQL replication user password - [click here for long random strings](https://www.random.org/passwords/?num=5\u0026len=23\u0026format=html\u0026rnd=new)\n* **MySQL Admin user password** - mysqladmin user has process rights for monitoring replication status. [click here for long random strings](https://www.random.org/passwords/?num=5\u0026len=23\u0026format=html\u0026rnd=new)\n* **MySQL webstats user password** - webstats user writes to webstats DB to store HTTP access log data. [click here for long random strings](https://www.random.org/passwords/?num=5\u0026len=23\u0026format=html\u0026rnd=new)\n* **MySQL Server ID for master** - must be unique, don't accept the default\n* **MySQL Server ID for slave** - must be unique, don't accept the default\n* **Master server hostname** - using a fully qualified domain name is best.\n* **Slave server hostname** - using a fully qualified domain name is best.\n* **Ansible group name** - the group that these hosts will be uniquely identified by within the hosts file and variables stored in a file in the group_vars directory\n\n\n\n### Building a Replicated Pair of Servers\n\n#### Minimum Requirements\n##### Managed Nodes\n* The servers that will be used for creating the replicated pair must be running Debian 7 (Wheezy).\n* The debian packages python and python-simplejson must be installed for ansible to work.\n\nPlay to run\n\n\tansible-playbook -i hosts play-fullstack.yml -u root -l eqwp\n\nWhen the servers are ready for production then it's time to deploy the cron jobs\n\n\tansible-playbook -i hosts play-go-live.yml -u root -l eqwp\n\n#### Manual Host and Group Configuration\nYou can build the host and group files manually instead of running the play-init-servers.yml playbook. Create an alias in the ansible hosts file with the names of the new server pairs below:\n\n\t[eqpress-test]\n\teqpress-test1.equalit.ie  \n\teqpress-test2.equalit.ie\n\nCreate a group YAML file in the group_vars directory (copy an existing one). Name the group file the same as the alias entered in the ansible hosts file:\n\n\tgroup_vars/eqpress-test.yml\n\nEdit this new group file and minimally change the following variables:\n\n\teasypress_server_id\n\tmysql_root_db_pass\n\tmysql_repl_creds: password\n\tmysql_admin_user: password\n\tmysql_webstats: password\n\t\nCreate a host YAML file in the host_vars directory (copy an existing primary and replica). Name the host files the same as what was entered in the ansible hosts file:\n\n\thost_vars/eqpress-test1.equalit.ie.yml\n\thost_vars/eqpress-test2.equalit.ie.yml\n\nEdit these new host files and minmally change the following variables:\n\n\tmysql_server_id\n\tmysql_repl_slave\n\tmysql_repl_master\n\n#### Ansible Plays\n\n*   ansible-playbook -i hosts play-fullstack.yml -u root -l eqpress-test\n\nWhen the servers are ready for production then it's time to deploy the cron jobs\n\n*   ansible-playbook -i hosts play-go-live.yml -u root -l eqpress-test\n\n\n#### Common Failures and Remedies\n\n* MySQL fails to start\n    1. Check if mysql is running on the host\n    1. Re-run the play using the mysql or slaveon tag  \n`ansible-playbook -i hosts play-fullstack.yml -u root -l eqpress-test --tags slaveon`  \n`ansible-playbook -i hosts play-fullstack.yml -u root -l eqpress-test --tags mysql`  \n\n### Role based updates\n\nUpdate nginx and php-fpm config\n\n*   ansible-playbook -i hosts play-fullstack.yml -u root -l eph --tags=\"nginx,php\"\n\n### Console\n\nDeploy changes to the easyPress Console must-use plugin and proxy code\n\n*   ansible-playbook -i hosts play-fullstack.yml -u root -v -l production --tags console\n\nDeploy easyPress console must-use plugin to all sites\n\n*   ansible -i hosts masters -m command -a \"/usr/local/sbin/ep_install_console.sh all\" -u root\n\n#### Testing New Console Code\n\nansible-playbook -i hosts play-fullstack.yml -u root -l jester.easypress.ca --tags console \u0026\u0026 ansible -i hosts jester.easypress.ca -m command -a \"/usr/local/sbin/ep_install_console.sh wtj.boreal321.com\" -u root\n\n\n### Add or Update System Users\n\n*   ansible-playbook -i hosts play-fullstack.yml -u root -l production --tags users\n*  ansible-playbook -i hosts play-add-user.yml -u root -l eqpress-test1.boreal321.com\n\n### Update nginx configs\n\nAll configs and reload nginx\n\n*   ansible-playbook -i hosts play-fullstack.yml -u root -l masters --tags nginx_config\n\n### WordPress and plugin updates\n\nUpdate a specific plugin on all master servers\n\n*   ansible -i hosts masters -m command -a \"/usr/local/sbin/wp_update_plugins.sh wordpress-seo\" -u root -v\n\n###[Auto-Provision Documentation](https://github.com/equalitie/eqpress/tree/master/roles/init-auto-provision#wordpress-auto-provision-system)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fequalitie%2Feqpress","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fequalitie%2Feqpress","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fequalitie%2Feqpress/lists"}