Easiest option, probably. Here’s a workaround, given your slightly unusual usage of Trellis (i.e., not provisioning with Trellis; deploying only).
- Adjust the
Reload php-fpmtask to know that it needs to provide your password. Indentation onbecomeparameter matters; is the same asname,shell, andargs.
- name: Reload php-fpm
shell: sudo service php7.1-fpm reload
args:
warn: false
+ become: yes
- Provide user’s sudo password when deploying:
(or use-Kas the short version of--ask-become-pass)
ansible-playbook deploy.yml -e env=stating -e site=example.com --ask-become-pass
It will prompt you to enter your user’s sudo password.
Assumptions. The above assumes the following:
service --status-all | grep php(on server) outputs onlyphp7.1-fpm- you are able to ssh as
web_user(astackettzI think) andsudo service php7.1-fpm reloadsuccessfully, by providing a password
Passwordless sudo. If you choose to try to fix the problem instead of using the workaround above, there are some helpful notes on the related thread you already saw, especially this post.
You will probably have to coordinate with your IT department because it sounds like they have a specific user management strategy for this server. As a simple example, I expect your server would need an /etc/sudoers file where the last line is
#includedir /etc/sudoers.d
The server would also need a file such as /etc/sudoers.d/tackettz-services with the following:
tackettz ALL=(root) NOPASSWD: /usr/sbin/service php7.1-fpm *
where the permissions are like this
$ ls -alh /etc/sudoers.d
-r--r----- 1 root root 75 Feb 1 02:25 tackettz-services
PHP versions.
The php that runs on the cli is completely separate, as far as I know, and is not relevant.