evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity

lxc-php: extract variables

Browse source
This commit is contained in:
Jérémy Lecour 2023-03-19 11:50:58 +01:00 committed by Jérémy Lecour
parent 09d3f606cd
commit 1d03e73a62
11 changed files with 47 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lxc-php/tasks/mail_opensmtpd.yml
View file

@ -8,7 +8,7 @@
- name: "{{ lxc_php_version }} - Configure opensmtpd (in the container)"
template:
src: smtpd.conf.j2
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/smtpd.conf"
dest: "{{ lxc_rootfs }}/etc/smtpd.conf"
mode: "0644"
notify: "Restart opensmtpd"
when: lxc_php_container_releases[lxc_php_version] in ["jessie", "stretch", "buster"]
@ -17,7 +17,7 @@
- name: "{{ lxc_php_version }} - Configure opensmtpd (in the container)"
template:
src: smtpd.conf.bullseye.j2
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/smtpd.conf"
dest: "{{ lxc_rootfs }}/etc/smtpd.conf"
mode: "0644"
notify: "Restart opensmtpd"
when: not lxc_php_container_releases[lxc_php_version] in ["jessie", "stretch", "buster"]

2
lxc-php/tasks/mail_ssmtp.yml
View file

@ -8,5 +8,5 @@
- name: "{{ lxc_php_version }} - Configure ssmtp"
template:
src: ssmtp.conf.j2
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/ssmtp/ssmtp.conf"
dest: "{{ lxc_rootfs }}/etc/ssmtp/ssmtp.conf"
mode: "0644"

4
lxc-php/tasks/main.yml
View file

@ -12,6 +12,10 @@
- { name: "{{ lxc_php_version }}", release: "{{ lxc_php_container_releases[lxc_php_version] }}" }
when: lxc_php_version is defined
- name: set LXC rootfs
ansible.builtin.set_fact:
lxc_rootfs: "/var/lib/lxc/{{ lxc_php_version }}/rootfs"
- name: "Update APT cache in container {{ lxc_php_version }}"
lxc_container:
name: "{{ lxc_php_version }}"

6
lxc-php/tasks/misc.yml
View file

@ -4,18 +4,18 @@
copy:
remote_src: yes
src: "/etc/timezone"
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/timezone"
dest: "{{ lxc_rootfs }}/etc/timezone"
- name: "{{ lxc_php_version }} - Ensure container's root directory is 755"
file:
path: "/var/lib/lxc/{{ lxc_php_version }}/rootfs"
path: "{{ lxc_rootfs }}"
state: directory
mode: '0755'
- name: "{{ lxc_php_version }} - Configure mailname for the container"
copy:
content: "{{ evolinux_hostname }}.{{ evolinux_domain }}\n"
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/mailname"
dest: "{{ lxc_rootfs }}/etc/mailname"
notify: "Restart opensmtpd"
- name: "{{ lxc_php_version }} - Install misc packages"

4
lxc-php/tasks/php56.yml
View file

@ -12,8 +12,8 @@
mode: "0644"
notify: "Reload {{ lxc_php_version }}-fpm"
loop:
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php5/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php5/cli/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php5/fpm/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php5/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

4
lxc-php/tasks/php70.yml
View file

@ -12,8 +12,8 @@
mode: "0644"
notify: "Reload {{ lxc_php_version }}-fpm"
loop:
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

4
lxc-php/tasks/php73.yml
View file

@ -12,8 +12,8 @@
mode: "0644"
notify: "Reload {{ lxc_php_version }}-fpm"
loop:
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.3/cli/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/7.3/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

6
lxc-php/tasks/php74.yml
View file

@ -7,7 +7,7 @@
- name: "{{ lxc_php_version }} - fix bullseye repository"
replace:
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list"
dest: "{{ lxc_rootfs }}/etc/apt/sources.list"
regexp: 'bullseye/updates'
replace: 'bullseye-security'
@ -18,8 +18,8 @@
mode: "0644"
notify: "Reload {{ lxc_php_version }}-fpm"
loop:
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.4/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.4/cli/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/7.4/fpm/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/7.4/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

23
lxc-php/tasks/php80.yml
View file

@ -1,31 +1,36 @@
---
- name: set APT keyring
ansible.builtin.set_fact:
lxc_apt_keyring_dir: /etc/apt/trusted.gpg.d
- name: "{{ lxc_php_version }} - Install dependency packages"
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget apt-transport-https gnupg"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget gnupg"
- name: "{{ lxc_php_version }} - fix bullseye repository"
replace:
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list"
dest: "{{ lxc_rootfs }}/etc/apt/sources.list"
regexp: 'bullseye/updates'
replace: 'bullseye-security'
- name: "{{ lxc_php_version }} - Add sury repo"
lineinfile:
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list.d/sury.list"
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/sury.list"
line: "{{ item }}"
state: present
create: yes
mode: "0644"
loop:
- "deb [signed-by={{ apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ bullseye main"
- "deb [signed-by={{ apt_keyring_dir }}/pub_evolix.asc] http://pub.evolix.org/evolix bullseye-php80 main"
- "deb [signed-by={{ lxc_apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ bullseye main"
- "deb [signed-by={{ lxc_apt_keyring_dir }}/pub_evolix.asc] http://pub.evolix.org/evolix bullseye-php80 main"
- name: copy pub.evolix.net GPG key
copy:
src: pub_evolix.asc
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs{{ apt_keyring_dir }}/pub_evolix.asc
dest: "{{ lxc_rootfs }}{{ lxc_apt_keyring_dir }}/pub_evolix.asc"
mode: "0644"
owner: root
group: root
@ -33,7 +38,7 @@
- name: copy packages.sury.org GPG Key
copy:
src: sury.gpg
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs{{ apt_keyring_dir }}/sury.gpg
dest: "{{ lxc_rootfs }}{{ lxc_apt_keyring_dir }}/sury.gpg"
mode: "0644"
owner: root
group: root
@ -55,8 +60,8 @@
mode: "0644"
notify: "Reload {{ lxc_php_version }}-fpm"
loop:
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/8.0/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/8.0/cli/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/8.0/fpm/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/8.0/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

22
lxc-php/tasks/php81.yml
View file

@ -1,31 +1,35 @@
---
- name: set APT keyring
ansible.builtin.set_fact:
lxc_apt_keyring_dir: /etc/apt/trusted.gpg.d
- name: "{{ lxc_php_version }} - Install dependency packages"
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget apt-transport-https gnupg"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget gnupg"
- name: "{{ lxc_php_version }} - fix bullseye repository"
replace:
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list"
dest: "{{ lxc_rootfs }}/etc/apt/sources.list"
regexp: 'bullseye/updates'
replace: 'bullseye-security'
- name: "{{ lxc_php_version }} - Add sury repo"
lineinfile:
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/apt/sources.list.d/sury.list"
dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/sury.list"
line: "{{ item }}"
state: present
create: yes
mode: "0644"
loop:
- "deb [signed-by={{ apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ bullseye main"
- "deb [signed-by={{ apt_keyring_dir }}/pub_evolix.asc] http://pub.evolix.org/evolix bullseye-php81 main"
- "deb [signed-by={{ lxc_apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ bullseye main"
- "deb [signed-by={{ lxc_apt_keyring_dir }}/pub_evolix.asc] http://pub.evolix.org/evolix bullseye-php81 main"
- name: copy pub.evolix.net GPG key
copy:
src: pub_evolix.asc
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs{{ apt_keyring_dir }}/pub_evolix.asc
dest: "{{ lxc_rootfs }}{{ lxc_apt_keyring_dir }}/pub_evolix.asc"
mode: "0644"
owner: root
group: root
@ -33,7 +37,7 @@
- name: copy packages.sury.org GPG Key
copy:
src: sury.gpg
dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs{{ apt_keyring_dir }}/sury.gpg
dest: "{{ lxc_rootfs }}{{ lxc_apt_keyring_dir }}/sury.gpg"
mode: "0644"
owner: root
group: root
@ -55,8 +59,8 @@
mode: "0644"
notify: "Reload {{ lxc_php_version }}-fpm"
loop:
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/8.1/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/8.1/cli/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/8.1/fpm/conf.d/z-evolinux-defaults.ini"
- "{{ lxc_rootfs }}/etc/php/8.1/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

6
lxc-php/tasks/umask.yml
View file

@ -2,13 +2,9 @@
# dans /etc/systemd/system/phpX.X-fpm.service.d/evolinux.conf
---
- name: "Définis le chemin du système de fichiers du conteneur LXC."
set_fact:
lxc_rootfs_path: "/var/lib/lxc/{{ lxc_php_version }}/rootfs"
- name: "Crée des répertoires (si absents) pour surcharger la config des services PHP dans les conteneurs LXC."
ansible.builtin.file:
path: "{{ lxc_rootfs_path }}/etc/systemd/system/{{ lxc_php_services[lxc_php_version] }}.d"
path: "{{ lxc_rootfs }}/etc/systemd/system/{{ lxc_php_services[lxc_php_version] }}.d"
state: directory
register: systemd_path