added config file template

install from the cli
create the database
add admin user
create librenms group
set right mode for directories

playbook/example.yml

     mysql_db:
       name: "{{librenms_db_name}}"
       state: present
+      collation: utf8_unicode_ci
       login_unix_socket: /var/run/mysqld/mysqld.sock
 
   - name: create mysql db user

tasks/main.yml

     name: "{{librenms_deb_packages}}"
     state: present
 
+- name: create librenms group
+  group:
+    name: "{{librenms_group}}"
+    state: present
+    system: yes
+
 - name: create librenms user
   user:
     name: "{{librenms_user}}"
     comment: "LibreNMS system user"
-    shell: /bin/bash
+    shell: /sbin/nologin
     password_lock: yes
     home: "{{librenms_home}}"
-    group: www-data
+    group: "{{librenms_group}}"
     system: yes
 
+- name: add apache user to librenms group
+  user:
+    name: www-data
+    groups: "{{librenms_group}}"
+    append: yes
+
 - name: download librenms
   unarchive:
     src: "https://github.com/librenms/librenms/archive/{{librenms_version}}.zip"
     dest: /tmp
     remote_src: yes
     creates: "/tmp/librenms-{{librenms_version}}/README.md"
+  become: yes
+  become_user: "{{librenms_user}}"
 
 - name: move librenms to its home
   copy:
     remote_src: yes
     src: "/tmp/librenms-{{librenms_version}}/"
     dest: "{{librenms_home}}"
+  become: yes
+  become_user: "{{librenms_user}}"
 
-- name: set www-data as owner
+- name: set directory owner
   file:
     dest: "{{librenms_home}}"
     owner: "{{librenms_user}}"
-    group: www-data
-    recurse: yes
+    group: "{{librenms_group}}"
+    mode: 0770
 
-- name: grant directory access
+- name: Set the appropriate permissions
   file:
-    mode: 0770
-    dest: "{{librenms_home}}/{{item}}"
+    path: "{{librenms_home}}"
+    owner: "{{librenms_user}}"
+    group: "{{librenms_group}}"
+    mode: g+w
+    recurse: true
+
+- name: Set the appropriate acl
+  acl:
+    path: "{{librenms_home}}/{{item}}"
+    etype: group
+    permissions: rwx
+    recursive: true
+    default: true
+    state: present
   loop:
-    - logs
     - rrd
+    - logs
     - storage
-    - bootstrap/cache
+    - bootstrap/cache/
 
 - name: clean tmp
   debug: msg="TBD"
   become: yes
   become_user: "{{librenms_user}}"
 
+- name: setup config file
+  template:
+    src: config.php.j2
+    dest: "{{librenms_home}}/config.php"
+    owner: "{{librenms_user}}"
+    group: "{{librenms_group}}"
+
+- name: setup database
+  command: php build-base.php
+  args:
+    chdir: "{{librenms_home}}"
+  become: true
+  become_user: "{{librenms_user}}"
+
+- name: create admin account
+  command: php adduser.php {{librenms_admin_user}} {{librenms_admin_pass}} 10
+  args:
+    chdir: "{{librenms_home}}"
+  become: true
+  become_user: "{{librenms_user}}"
+
 - name: enable apache modules
   apache2_module:
     state: present
   notify:
     - restart apache
 
-- name: run composer
-  debug: msg="TBD"
+- name: setup cron and logrotate
+  copy:
+    src: "{{librenms_home}}/{{ item.src }}"
+    dest: "{{item.dest}}"
+    remote_src: true
+  loop:
+    - { src: librenms.nonroot.cron, dest: /etc/cron.d/librenms }
+    - { src: misc/librenms.logrotate, dest: /etc/logrotate.d/librenms }
 
 - name: configure snmpd
   debug: msg="TBD"
-
-- name: configure cron
-  debug: msg="TBD"
-
-- name: configure logrotate
-  debug: msg="TBD"

templates/config.php.j2

+?php
+## Have a look in defaults.inc.php for examples of settings you can set here. DO NOT EDIT defaults.inc.php!
+
+### Database config
+$config['db_host'] = '{{librenms_db_host}}';
+$config['db_port'] = '{{librenms_db_port}}';
+$config['db_user'] = '{{librenms_db_user}}';
+$config['db_pass'] = '{{librenms_db_pass}}';
+$config['db_name'] = '{{librenms_db_name}}';
+$config['db_socket'] = '';
+
+// This is the user LibreNMS will run as
+//Please ensure this user is created and has the correct permissions to your install
+$config['user'] = '{{librenms_user}}';
+
+### Locations - it is recommended to keep the default
+#$config['install_dir']  = "{{librenms_home}}";
+
+### This should *only* be set if you want to *force* a particular hostname/port
+### It will prevent the web interface being usable form any other hostname
+#$config['base_url']        = "http://librenms.company.com";
+
+### Enable this to use rrdcached. Be sure rrd_dir is within the rrdcached dir
+### and that your web server has permission to talk to rrdcached.
+#$config['rrdcached']    = "unix:/var/run/rrdcached.sock";
+
+### Default community
+$config['snmp']['community'] = array("public");
+
+### Authentication Model
+$config['auth_mechanism'] = "mysql"; # default, other options: ldap, http-auth
+#$config['http_auth_guest'] = "guest"; # remember to configure this user if you use http-auth
+
+### List of RFC1918 networks to allow scanning-based discovery
+#$config['nets'][] = "10.0.0.0/8";
+#$config['nets'][] = "172.16.0.0/12";
+#$config['nets'][] = "192.168.0.0/16";
+
+# Update configuration
+#$config['update_channel'] = 'release';  # uncomment to follow the monthly release channel
+#$config['update'] = 0;  # uncomment to completely disable updates
+