evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 19 Releases 33 Wiki Activity

php: clarify configuration

Browse source 
* Variables for config file names are normalized* With Sury, Evolix configs are linked to regular 7.0 paths
This commit is contained in:
Jérémy Lecour 2018-06-11 14:22:42 +02:00 committed by Jérémy Lecour
parent b50ea62572
commit 17d0c9c6bf
10 changed files with 199 additions and 187 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -21,6 +21,7 @@ The **patch** part changes incrementally at each release.
* evolinux-users: add sudo permission for bkctld check
* minifirewall: the tail file can be overwritten, or not (default: `True`)
* nagios-nrpe: use bkctld internal check instead of nrpe plugin
* php: reorganization of the role for Sury overrides and more clear configuration
* rbenv: change default Ruby version (2.5.1)
* rbenv: switch from copy to lineinfile for default gems
* squid: add a few news sites to the whitelist

34
php/tasks/apache.yml → php/tasks/config_apache.yml
View file

@ -1,35 +1,5 @@
---
- name: "Install mod_php packages (jessie)"
apt:
name: '{{ item }}'
state: present
with_items:
- libapache2-mod-php5
- php5
when: ansible_distribution_release == "jessie"
- name: "Install mod_php packages (Debian 9 or later)"
apt:
name: '{{ item }}'
state: present
with_items:
- libapache2-mod-php
- php
when: ansible_distribution_major_version | version_compare('9', '>=')
- name: "Set php.ini config for apache2 (jessie)"
set_fact:
php_apache_defaults_ini_file: /etc/php5/apache2/conf.d/z-evolinux-defaults.ini
php_apache_custom_ini_file: /etc/php5/apache2/conf.d/zzz-evolinux-custom.ini
when: ansible_distribution_release == "jessie"
- name: "Set php.ini config for apache2 (Debian 9 or later)"
set_fact:
php_apache_defaults_ini_file: /etc/php/7.0/apache2/conf.d/z-evolinux-defaults.ini
php_apache_custom_ini_file: /etc/php/7.0/apache2/conf.d/zzz-evolinux-custom.ini
when: ansible_distribution_major_version | version_compare('9', '>=')
- name: Set default values for PHP
ini_file:
dest: "{{ php_apache_defaults_ini_file }}"
@ -56,7 +26,7 @@
- name: Custom php.ini
copy:
dest: "{{ php_apache_custom_file }}"
dest: "{{ php_apache_custom_ini_file }}"
content: |
; Put customized values here.
; default_charset = "ISO-8859-1"
@ -65,7 +35,7 @@
- name: "Set custom values for PHP to enable Symfony"
ini_file:
dest: "{{ php_apache_custom_file }}"
dest: "{{ php_apache_custom_ini_file }}"
section: PHP
option: "{{ item.option }}"
value: "{{ item.value }}"

34
php/tasks/php_jessie.yml → php/tasks/config_cli.yml
View file

@ -1,31 +1,7 @@
---
- name: "Install PHP packages (jessie)"
apt:
name: '{{ item }}'
state: present
with_items:
- php5-cli
- php5-gd
- php5-imap
- php5-ldap
- php5-mcrypt
- php5-mysql
- php5-pgsql
- php-gettext
- php5-intl
- php5-curl
- php5-ssh2
- libphp-phpmailer
- name: "Set php.ini config for CLI (jessie)"
set_fact:
phpini_cli_defaults_file: /etc/php5/cli/conf.d/z-evolinux-defaults.ini
phpini_cli_custom_file: /etc/php5/cli/conf.d/zzz-evolinux-custom.ini
- name: "Set default php.ini values for CLI (jessie)"
ini_file:
dest: "{{ phpini_cli_defaults_file }}"
dest: "{{ php_cli_defaults_ini_file }}"
section: PHP
option: "{{ item.option }}"
value: "{{ item.value }}"
@ -41,14 +17,14 @@
- name: "Disable PHP functions for CLI (jessie)"
ini_file:
dest: "{{ phpini_cli_defaults_file }}"
dest: "{{ php_cli_defaults_ini_file }}"
section: PHP
option: disable_functions
value: "exec,shell-exec,system,passthru,putenv,popen"
- name: Custom php.ini for CLI (jessie)
copy:
dest: "{{ phpini_cli_custom_file }}"
dest: "{{ php_cli_custom_ini_file }}"
content: |
; Put customized values here.
force: no
@ -57,12 +33,12 @@
# because "force: no" prevents any fix after the fact
- name: "Permissions for custom php.ini for CLI (jessie)"
file:
dest: "{{ phpini_cli_custom_file }}"
dest: "{{ php_cli_custom_ini_file }}"
mode: "0644"
- name: "Set custom values for PHP to enable Symfony (jessie)"
ini_file:
dest: "{{ phpini_cli_custom_file }}"
dest: "{{ php_cli_custom_ini_file }}"
section: PHP
option: "{{ item.option }}"
value: "{{ item.value }}"

46
php/tasks/fpm.yml → php/tasks/config_fpm.yml
View file

@ -1,42 +1,8 @@
---
- name: "Install PHP FPM packages (jessie)"
apt:
name: '{{ item }}'
state: present
with_items:
- php5-fpm
- php5
when: ansible_distribution_release == "jessie"
- name: "Install PHP FPM packages (Debian 9 or later)"
apt:
name: '{{ item }}'
state: present
with_items:
- php-fpm
- php
when: ansible_distribution_major_version | version_compare('9', '>=')
- name: "Set config files for FPM (jessie)"
set_fact:
phpini_fpm_defaults_file: /etc/php5/fpm/conf.d/z-evolinux-defaults.ini
phpini_fpm_custom_file: /etc/php5/fpm/conf.d/zzz-evolinux-custom.ini
php_fpm_defaults_file: /etc/php5/fpm/pool.d/z-evolinux-defaults.conf
php_fpm_custom_file: /etc/php5/fpm/pool.d/zzz-evolinux-custom.conf
when: ansible_distribution_release == "jessie"
- name: "Set config files for FPM (Debian 9 or later)"
set_fact:
phpini_fpm_defaults_file: /etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini
phpini_fpm_custom_file: /etc/php/7.0/fpm/conf.d/zzz-evolinux-custom.ini
php_fpm_defaults_file: /etc/php/7.0/fpm/pool.d/z-evolinux-defaults.conf
php_fpm_custom_file: /etc/php/7.0/fpm/pool.d/zzz-evolinux-custom.conf
when: ansible_distribution_major_version | version_compare('9', '>=')
- name: Set default php.ini values for FPM
ini_file:
dest: "{{ phpini_fpm_defaults_file }}"
dest: "{{ php_fpm_defaults_ini_file }}"
section: PHP
option: "{{ item.option }}"
value: "{{ item.value }}"
@ -53,7 +19,7 @@
- name: Disable PHP functions for FPM
ini_file:
dest: "{{ phpini_fpm_defaults_file }}"
dest: "{{ php_fpm_defaults_ini_file }}"
section: PHP
option: disable_functions
value: "exec,shell-exec,system,passthru,putenv,popen"
@ -61,7 +27,7 @@
- name: Custom php.ini for FPM
copy:
dest: "{{ phpini_fpm_custom_file }}"
dest: "{{ php_fpm_custom_ini_file }}"
content: |
; Put customized values here.
force: no
@ -69,7 +35,7 @@
- name: Set default PHP FPM values
ini_file:
dest: "{{ php_fpm_defaults_file }}"
dest: "{{ php_fpm_defaults_conf_file }}"
section: www
option: "{{ item.option }}"
value: "{{ item.value }}"
@ -89,7 +55,7 @@
- name: Custom PHP FPM values
copy:
dest: "{{ php_fpm_custom_file }}"
dest: "{{ php_fpm_custom_conf_file }}"
content: |
; Put customized values here.
; default_charset = "ISO-8859-1"
@ -99,7 +65,7 @@
- name: "Set custom values for PHP to enable Symfony"
ini_file:
dest: "{{ phpini_cli_custom_file }}"
dest: "{{ php_cli_custom_ini_file }}"
section: PHP
option: "{{ item.option }}"
value: "{{ item.value }}"

14
php/tasks/main.yml
View file

@ -5,18 +5,8 @@
when:
- ansible_distribution != "Debian" or ansible_distribution_major_version | version_compare('8', '<')
- include: php_jessie.yml
- include: main_jessie.yml
when: ansible_distribution_release == "jessie"
- include: php_stretch_sury.yml
when: ansible_distribution_major_version | version_compare('9', '>=') and php_sury_enable
- include: php_stretch.yml
- include: main_stretch.yml
when: ansible_distribution_major_version | version_compare('9', '>=')
- include: fpm.yml
when: php_fpm_enable
- include: apache.yml
when: php_apache_enable

60
php/tasks/main_jessie.yml Normal file
View file

@ -0,0 +1,60 @@
---
- name: "Set config files paths (jessie)"
set_fact:
php_cli_defaults_ini_file: /etc/php5/cli/conf.d/z-evolinux-defaults.ini
php_cli_custom_ini_file: /etc/php5/cli/conf.d/zzz-evolinux-custom.ini
php_apache_defaults_ini_file: /etc/php5/apache2/conf.d/z-evolinux-defaults.ini
php_apache_custom_ini_file: /etc/php5/apache2/conf.d/zzz-evolinux-custom.ini
php_fpm_defaults_ini_file: /etc/php5/fpm/conf.d/z-evolinux-defaults.ini
php_fpm_custom_ini_file: /etc/php5/fpm/conf.d/zzz-evolinux-custom.ini
php_fpm_defaults_conf_file: /etc/php5/fpm/pool.d/z-evolinux-defaults.conf
php_fpm_custom_conf_file: /etc/php5/fpm/pool.d/zzz-evolinux-custom.conf
# Packages
- name: "Install PHP packages (jessie)"
apt:
name: '{{ item }}'
state: present
with_items:
- php5-cli
- php5-gd
- php5-imap
- php5-ldap
- php5-mcrypt
- php5-mysql
- php5-pgsql
- php-gettext
- php5-intl
- php5-curl
- php5-ssh2
- libphp-phpmailer
- name: "Install mod_php packages (jessie)"
apt:
name: '{{ item }}'
state: present
with_items:
- libapache2-mod-php5
- php5
when: php_apache_enable
- name: "Install PHP FPM packages (jessie)"
apt:
name: '{{ item }}'
state: present
with_items:
- php5-fpm
- php5
when: php_fpm_enable
# Configuration
- include: config_cli.yml
- include: config_fpm.yml
when: php_fpm_enable
- include: config_apache.yml
when: php_apache_enable

71
php/tasks/main_stretch.yml Normal file
View file

@ -0,0 +1,71 @@
---
- name: "Set config files paths (Debian 9 or later)"
set_fact:
php_cli_defaults_ini_file: /etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini
php_cli_custom_ini_file: /etc/php/7.0/cli/conf.d/zzz-evolinux-custom.ini
php_apache_defaults_ini_file: /etc/php/7.0/apache2/conf.d/z-evolinux-defaults.ini
php_apache_custom_ini_file: /etc/php/7.0/apache2/conf.d/zzz-evolinux-custom.ini
php_fpm_defaults_ini_file: /etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini
php_fpm_custom_ini_file: /etc/php/7.0/fpm/conf.d/zzz-evolinux-custom.ini
php_fpm_defaults_conf_file: /etc/php/7.0/fpm/pool.d/z-evolinux-defaults.conf
php_fpm_custom_conf_file: /etc/php/7.0/fpm/pool.d/zzz-evolinux-custom.conf
# Packages
- name: "Set package list (Debian 9 or later)"
set_fact:
php_stretch_packages:
- php-cli
- php-gd
- php-intl
- php-imap
- php-ldap
- php-mysql
# php-mcrypt is no longer packaged for PHP 7.2
- php-pgsql
- php-gettext
- php-curl
- php-ssh2
- composer
- libphp-phpmailer
- include: sury_pre.yml
when: php_sury_enable
- name: "Install PHP packages (Debian 9 or later)"
apt:
name: '{{ item }}'
state: present
with_items: "{{ php_stretch_packages }}"
- name: "Install mod_php packages (Debian 9 or later)"
apt:
name: '{{ item }}'
state: present
with_items:
- libapache2-mod-php
- php
when: php_apache_enable
- name: "Install PHP FPM packages (Debian 9 or later)"
apt:
name: '{{ item }}'
state: present
with_items:
- php-fpm
- php
when: php_fpm_enable
# Configuration
- include: config_cli.yml
- include: config_fpm.yml
when: php_fpm_enable
- include: config_apache.yml
when: php_apache_enable
- include: sury_post.yml
when: php_sury_enable

74
php/tasks/php_stretch.yml
View file

@ -1,74 +0,0 @@
---
- name: "Install PHP packages (Debian 9 or later)"
apt:
name: '{{ item }}'
state: present
with_items:
- php-cli
- php-gd
- php-intl
- php-imap
- php-ldap
- php-mcrypt
- php-mysql
- php-pgsql
- php-gettext
- php-curl
- php-ssh2
- composer
- libphp-phpmailer
- name: "Set php.ini config for CLI (Debian 9 or later)"
set_fact:
phpini_cli_defaults_file: /etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini
phpini_cli_custom_file: /etc/php/7.0/cli/conf.d/zzz-evolinux-custom.ini
- name: "Set default php.ini values for CLI (Debian 9 or later)"
ini_file:
dest: "{{ phpini_cli_defaults_file }}"
section: PHP
option: "{{ item.option }}"
value: "{{ item.value }}"
mode: "0644"
create: yes
with_items:
- { option: "short_open_tag", value: "Off" }
- { option: "expose_php", value: "Off" }
- { option: "display_errors", value: "Off" }
- { option: "log_errors", value: "On" }
- { option: "html_errors", value: "Off" }
- { option: "allow_url_fopen", value: "Off" }
- name: "Disable PHP functions for CLI (Debian 9 or later)"
ini_file:
dest: "{{ phpini_cli_defaults_file }}"
section: PHP
option: disable_functions
value: "exec,shell-exec,system,passthru,putenv,popen"
- name: "Custom php.ini for CLI (Debian 9 or later)"
copy:
dest: "{{ phpini_cli_custom_file }}"
content: |
; Put customized values here.
; default_charset = "ISO-8859-1"
force: no
# This task is not merged with the above copy
# because "force: no" prevents any fix after the fact
- name: "Permissions for custom php.ini for CLI (Debian 9 or later)"
file:
dest: "{{ phpini_cli_custom_file }}"
mode: "0644"
- name: "Set custom values for PHP to enable Symfony (Debian 9 or later)"
ini_file:
dest: "{{ phpini_cli_custom_file }}"
section: PHP
option: "{{ item.option }}"
value: "{{ item.value }}"
mode: "0644"
with_items:
- { option: "date.timezone", value: "Europe/Paris" }
when: php_symfony_requirements

35
php/tasks/sury_post.yml Normal file
View file

@ -0,0 +1,35 @@
---
- name: Symlink Evolix CLI config files from 7.2 to 7.0
file:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
force: yes
state: link
with_items:
- { src: "{{ php_cli_defaults_ini_file }}", dest: "/etc/php/7.2/cli/conf.d/z-evolinux-defaults.ini" }
- { src: "{{ php_cli_custom_ini_file }}", dest: "/etc/php/7.2/cli/conf.d/zzz-evolinux-custom.ini" }
- name: Symlink Evolix Apache config files from 7.2 to 7.0
file:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
force: yes
state: link
with_items:
- { src: "{{ php_apache_defaults_ini_file }}", dest: "/etc/php/7.2/apache2/conf.d/z-evolinux-defaults.ini" }
- { src: "{{ php_apache_custom_ini_file }}", dest: "/etc/php/7.2/apache2/conf.d/zzz-evolinux-custom.ini" }
when: php_apache_enable
- name: Symlink Evolix FPM config files from 7.2 to 7.0
file:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
force: yes
state: link
with_items:
- { src: "{{ php_fpm_defaults_ini_file }}", dest: "/etc/php/7.2/fpm/conf.d/z-evolinux-defaults.ini" }
- { src: "{{ php_fpm_custom_ini_file }}", dest: "/etc/php/7.2/fpm/conf.d/zzz-evolinux-custom.ini" }
- { src: "{{ php_fpm_defaults_conf_file }}", dest: "/etc/php/7.2/fpm/pool.d/z-evolinux-defaults.conf" }
- { src: "{{ php_fpm_custom_conf_file }}", dest: "/etc/php/7.2/fpm/pool.d/zzz-evolinux-custom.conf" }
when: php_fpm_enable

17
php/tasks/php_stretch_sury.yml → php/tasks/sury_pre.yml
View file

@ -21,3 +21,20 @@
repo: "deb https://packages.sury.org/php/ stretch main"
filename: sury
state: present
- name: "Override package list for Sury (Debian 9 or later)"
set_fact:
php_stretch_packages:
- php-cli
- php-gd
- php-intl
- php-imap
- php-ldap
- php-mysql
# php-mcrypt is no longer packaged for PHP 7.2
- php-pgsql
- php-gettext
- php-curl
- php-ssh2
- composer
- libphp-phpmailer