Merge branch 'unstable' of gitea.evolix.org:evolix/ansible-roles into unstable
This commit is contained in:
commit
6906c41818
|
@ -69,6 +69,7 @@ The **patch** part changes incrementally at each release.
|
||||||
* lxc: remove useless loop in apt execution
|
* lxc: remove useless loop in apt execution
|
||||||
* lxc: update our default template to be compatible with Debian 10
|
* lxc: update our default template to be compatible with Debian 10
|
||||||
* lxc-php: refactor tasks for better maintainability
|
* lxc-php: refactor tasks for better maintainability
|
||||||
|
* lxc-php: Use OpenSMTPD for Stretch/Buster containers, and ssmtp for Jessie containers
|
||||||
* lxc-solr: changed default Solr version to 8.4.1
|
* lxc-solr: changed default Solr version to 8.4.1
|
||||||
* minifirewall: better alert5 activation
|
* minifirewall: better alert5 activation
|
||||||
* minifirewall: no http filtering by default
|
* minifirewall: no http filtering by default
|
||||||
|
@ -76,6 +77,7 @@ The **patch** part changes incrementally at each release.
|
||||||
* nagios-nrpe: change default haproxy socket path
|
* nagios-nrpe: change default haproxy socket path
|
||||||
* nagios-nrpe: check_mode per cpu dynamically
|
* nagios-nrpe: check_mode per cpu dynamically
|
||||||
* nodejs: change default version to 12 (new LTS)
|
* nodejs: change default version to 12 (new LTS)
|
||||||
|
* packweb-apache: Do the install & conffigure phpContainer script (instead of evoadmin-web role)
|
||||||
* php: By default, allow 128M for OpCache (instead of 64M)
|
* php: By default, allow 128M for OpCache (instead of 64M)
|
||||||
* php: Don't set a chroot for the default fpm pool
|
* php: Don't set a chroot for the default fpm pool
|
||||||
* php: Make sure the default pool we define can be fully functionnal witout debian's default pool file
|
* php: Make sure the default pool we define can be fully functionnal witout debian's default pool file
|
||||||
|
@ -92,6 +94,8 @@ The **patch** part changes incrementally at each release.
|
||||||
### Fixed
|
### Fixed
|
||||||
* etc-git: fix warnings ansible-lint
|
* etc-git: fix warnings ansible-lint
|
||||||
* evoadmin-web: Put the php config at the right place for Buster
|
* evoadmin-web: Put the php config at the right place for Buster
|
||||||
|
* lxc: Don't stop the container if it already exists
|
||||||
|
* lxc: Fix container existance check to be able to run in check_mode
|
||||||
* lxc-php: Don't remove the default pool
|
* lxc-php: Don't remove the default pool
|
||||||
* minifirewall: fix warnings ansible-lint
|
* minifirewall: fix warnings ansible-lint
|
||||||
* nginx: fix munin fcgi not working (missing chmod 660 on logs)
|
* nginx: fix munin fcgi not working (missing chmod 660 on logs)
|
||||||
|
@ -104,6 +108,11 @@ The **patch** part changes incrementally at each release.
|
||||||
* webapps/evoadmin-web: Set default evoadmin_mail_tpl_force to True to fix a regression where the mail template would not get updated because the file is created before the role is first run.
|
* webapps/evoadmin-web: Set default evoadmin_mail_tpl_force to True to fix a regression where the mail template would not get updated because the file is created before the role is first run.
|
||||||
* minifirewall: Backport changes from minifirewall (properly open outgoing smtp(s))
|
* minifirewall: Backport changes from minifirewall (properly open outgoing smtp(s))
|
||||||
* minifirewall: Properly detect alert5.sh to turn on firewall at boot
|
* minifirewall: Properly detect alert5.sh to turn on firewall at boot
|
||||||
|
* packweb-apache: Add missing dependency to evoacme role
|
||||||
|
* php: Chose the debian version repo archive for packages.sury.org
|
||||||
|
* php: update surry_post.yml to match current latest PHP release
|
||||||
|
* packweb-apache: Don't try to install PHPMyAdmin on Buster as it's not available
|
||||||
|
*
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
* clamav : do not install the zoo package anymore
|
* clamav : do not install the zoo package anymore
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
Alias /.well-known/acme-challenge {{ certbot_work_dir }}/.well-known/acme-challenge
|
<IfModule jk_module>
|
||||||
<Directory "{{ certbot_work_dir }}/.well-known/acme-challenge">
|
SetEnvIf Request_URI "/.well-known/acme-challenge/*" no-jk
|
||||||
|
</IfModule>
|
||||||
|
<IfModule proxy_module>
|
||||||
|
ProxyPass /.well-known/acme-challenge/ !
|
||||||
|
</IfModule>
|
||||||
|
Alias /.well-known/acme-challenge /var/lib/letsencrypt/.well-known/acme-challenge
|
||||||
|
<Directory "/var/lib/letsencrypt/.well-known/acme-challenge">
|
||||||
Options -Indexes
|
Options -Indexes
|
||||||
Allow from all
|
Allow from all
|
||||||
Require all granted
|
Require all granted
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
readonly PROGNAME=$(basename "$0")
|
readonly PROGNAME=$(basename "$0")
|
||||||
|
# shellcheck disable=SC2124,SC2034
|
||||||
readonly ARGS=$@
|
readonly ARGS=$@
|
||||||
|
|
||||||
readonly VERBOSE=${VERBOSE:-"0"}
|
readonly VERBOSE=${VERBOSE:-"0"}
|
||||||
|
@ -17,6 +18,7 @@ debug() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ -n "$(pidof apache2)" ]; then
|
if [ -n "$(pidof apache2)" ]; then
|
||||||
|
# shellcheck disable=SC2091
|
||||||
if $($(command -v apache2ctl) -t 2> /dev/null); then
|
if $($(command -v apache2ctl) -t 2> /dev/null); then
|
||||||
debug "Apache detected... reloading"
|
debug "Apache detected... reloading"
|
||||||
service apache2 reload
|
service apache2 reload
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
readonly PROGNAME=$(basename "$0")
|
readonly PROGNAME=$(basename "$0")
|
||||||
|
# shellcheck disable=SC2124,SC2034
|
||||||
readonly ARGS=$@
|
readonly ARGS=$@
|
||||||
|
|
||||||
readonly VERBOSE=${VERBOSE:-"0"}
|
readonly VERBOSE=${VERBOSE:-"0"}
|
||||||
|
@ -17,7 +18,9 @@ debug() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ -n "$(pidof dovecot)" ]; then
|
if [ -n "$(pidof dovecot)" ]; then
|
||||||
|
# shellcheck disable=SC2091
|
||||||
if $($(command -v doveconf) > /dev/null); then
|
if $($(command -v doveconf) > /dev/null); then
|
||||||
|
# shellcheck disable=SC2091
|
||||||
if $($(command -v doveconf)|grep -E "^ssl_cert[^_]"|grep -q "letsencrypt"); then
|
if $($(command -v doveconf)|grep -E "^ssl_cert[^_]"|grep -q "letsencrypt"); then
|
||||||
debug "Dovecot detected... reloading"
|
debug "Dovecot detected... reloading"
|
||||||
service dovecot reload
|
service dovecot reload
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
readonly PROGNAME=$(basename "$0")
|
readonly PROGNAME=$(basename "$0")
|
||||||
|
# shellcheck disable=SC2124,SC2034
|
||||||
readonly ARGS=$@
|
readonly ARGS=$@
|
||||||
|
|
||||||
readonly VERBOSE=${VERBOSE:-"0"}
|
readonly VERBOSE=${VERBOSE:-"0"}
|
||||||
|
@ -17,6 +18,7 @@ debug() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ -n "$(pidof nginx)" ]; then
|
if [ -n "$(pidof nginx)" ]; then
|
||||||
|
# shellcheck disable=SC2091
|
||||||
if $($(command -v nginx) -t 2> /dev/null); then
|
if $($(command -v nginx) -t 2> /dev/null); then
|
||||||
debug "Nginx detected... reloading"
|
debug "Nginx detected... reloading"
|
||||||
service nginx reload
|
service nginx reload
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
readonly PROGNAME=$(basename "$0")
|
readonly PROGNAME=$(basename "$0")
|
||||||
|
# shellcheck disable=SC2124,SC2034
|
||||||
readonly ARGS=$@
|
readonly ARGS=$@
|
||||||
|
|
||||||
readonly VERBOSE=${VERBOSE:-"0"}
|
readonly VERBOSE=${VERBOSE:-"0"}
|
||||||
|
@ -17,7 +18,9 @@ debug() {
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ -n "$(pidof master)" ]; then
|
if [ -n "$(pidof master)" ]; then
|
||||||
|
# shellcheck disable=SC2091
|
||||||
if $($(command -v postconf) > /dev/null); then
|
if $($(command -v postconf) > /dev/null); then
|
||||||
|
# shellcheck disable=SC2091
|
||||||
if $($(command -v postconf)|grep -E "^smtpd_tls_cert_file"|grep -q "letsencrypt"); then
|
if $($(command -v postconf)|grep -E "^smtpd_tls_cert_file"|grep -q "letsencrypt"); then
|
||||||
debug "Postfix detected... reloading"
|
debug "Postfix detected... reloading"
|
||||||
service postfix reload
|
service postfix reload
|
||||||
|
|
|
@ -6,3 +6,10 @@ php_conf_log_errors: "On"
|
||||||
php_conf_html_errors: "Off"
|
php_conf_html_errors: "Off"
|
||||||
php_conf_allow_url_fopen: "Off"
|
php_conf_allow_url_fopen: "Off"
|
||||||
php_conf_disable_functions: "exec,shell-exec,system,passthru,putenv,popen"
|
php_conf_disable_functions: "exec,shell-exec,system,passthru,putenv,popen"
|
||||||
|
|
||||||
|
lxc_php_version: Null
|
||||||
|
|
||||||
|
lxc_php_container_releases:
|
||||||
|
php56: "jessie"
|
||||||
|
php70: "stretch"
|
||||||
|
php73: "buster"
|
||||||
|
|
|
@ -1,9 +1,20 @@
|
||||||
---
|
---
|
||||||
- name: Reload php56-fpm
|
- name: Reload php73-fpm
|
||||||
command: "lxc-attach -n php56 -- systemctl reload php5-fpm"
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "systemctl reload php7.3-fpm"
|
||||||
|
|
||||||
- name: Reload php70-fpm
|
- name: Reload php70-fpm
|
||||||
command: "lxc-attach -n php70 -- systemctl reload php7.0-fpm"
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "systemctl reload php7.0-fpm"
|
||||||
|
|
||||||
- name: Reload php73-fpm
|
- name: Reload php56-fpm
|
||||||
command: "lxc-attach -n php73 -- systemctl reload php7.3-fpm"
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "systemctl reload php5-fpm"
|
||||||
|
|
||||||
|
- name: Restart opensmtpd
|
||||||
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "systemctl restart opensmtpd"
|
||||||
|
|
23
lxc-php/meta/main.yml
Normal file
23
lxc-php/meta/main.yml
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
galaxy_info:
|
||||||
|
author: Evolix
|
||||||
|
description: Creation of LXC Containers & Setting up PHP-FPM for a multiphp setup
|
||||||
|
|
||||||
|
issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
|
||||||
|
|
||||||
|
license: GPLv2
|
||||||
|
|
||||||
|
min_ansible_version: 2.2
|
||||||
|
|
||||||
|
platforms:
|
||||||
|
- name: Debian
|
||||||
|
versions:
|
||||||
|
- stretch
|
||||||
|
- buster
|
||||||
|
|
||||||
|
allow_duplicates: yes
|
||||||
|
|
||||||
|
dependencies:
|
||||||
|
- { role: evolix/lxc,
|
||||||
|
lxc_containers: [ { name: "{{ lxc_php_version }}", release: "{{ lxc_php_container_releases[lxc_php_version] }}" } ],
|
||||||
|
when: lxc_php_version is defined
|
||||||
|
}
|
13
lxc-php/tasks/mail_opensmtpd.yml
Normal file
13
lxc-php/tasks/mail_opensmtpd.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: "{{ lxc_php_version }} - Install opensmtpd"
|
||||||
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y ssmtp"
|
||||||
|
|
||||||
|
- name: "{{ lxc_php_version }} - Configure opensmtpd (in the container)"
|
||||||
|
template:
|
||||||
|
src: smtpd.conf.j2
|
||||||
|
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/smtpd.conf"
|
||||||
|
mode: "0644"
|
||||||
|
notify: "Restart opensmtpd"
|
12
lxc-php/tasks/mail_ssmtp.yml
Normal file
12
lxc-php/tasks/mail_ssmtp.yml
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: "{{ lxc_php_version }} - Install ssmtp"
|
||||||
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y ssmtp"
|
||||||
|
|
||||||
|
- name: "{{ lxc_php_version }} - Configure ssmtp"
|
||||||
|
template:
|
||||||
|
src: ssmtp.conf.j2
|
||||||
|
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/ssmtp/ssmtp.conf"
|
||||||
|
mode: "0644"
|
|
@ -1,24 +1,21 @@
|
||||||
---
|
---
|
||||||
- name: LXC configuration
|
- name: "Ensure that lxc_php_version is defined"
|
||||||
include_role:
|
fail:
|
||||||
name: evolix/lxc
|
msg: Please configure var lxc_php_version
|
||||||
|
when: lxc_php_version is none
|
||||||
|
|
||||||
- name: Update APT cache
|
- name: "Update APT cache in container {{lxc_php_version}}"
|
||||||
command: "lxc-attach -n {{name}} -- apt-get update"
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "apt-get update"
|
||||||
|
|
||||||
- include: "php56.yml"
|
- include: "php56.yml"
|
||||||
with_items:
|
when: lxc_php_version == "php56"
|
||||||
- "{{ lxc_containers }}"
|
|
||||||
when: name == "php56"
|
|
||||||
|
|
||||||
- include: "php70.yml"
|
- include: "php70.yml"
|
||||||
with_items:
|
when: lxc_php_version == "php70"
|
||||||
- "{{ lxc_containers }}"
|
|
||||||
when: name == "php70"
|
|
||||||
|
|
||||||
- include: "php73.yml"
|
- include: "php73.yml"
|
||||||
with_items:
|
when: lxc_php_version == "php73"
|
||||||
- "{{ lxc_containers }}"
|
|
||||||
when: name == "php73"
|
|
||||||
|
|
||||||
- include: "misc.yml"
|
- include: "misc.yml"
|
||||||
|
|
|
@ -1,24 +1,25 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Configure ssmtp
|
- name: "{{ lxc_php_version }} - Configure timezone for the container"
|
||||||
replace:
|
|
||||||
name: "/var/lib/lxc/{{name}}/rootfs/etc/ssmtp/ssmtp.conf"
|
|
||||||
regexp: "{{ item.regexp }}"
|
|
||||||
replace: "{{ item.replace }}"
|
|
||||||
with_dict:
|
|
||||||
- { regexp: "^mailhub=.*$", replace: "mailhub=127.0.0.1"}
|
|
||||||
- { regexp: "^#FromLineOverride=.*$", replace: "FromLineOverride=YES"}
|
|
||||||
- { regexp: "^hostname=.*", replace: "hostname={{ansible_fqdn}}"}
|
|
||||||
|
|
||||||
- name: Configure timezone
|
|
||||||
copy:
|
copy:
|
||||||
dest: "/var/lib/lxc/{{name}}/rootfs/etc/timezone"
|
remote_src: yes
|
||||||
content: "Europe/Paris\n"
|
src: "/etc/timezone"
|
||||||
|
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/timezone"
|
||||||
|
|
||||||
- name: Ensure containers root directory is 755
|
- name: "{{ lxc_php_version }} - Ensure container's root directory is 755"
|
||||||
file:
|
file:
|
||||||
path: "/var/lib/lxc/{{ item.name }}/rootfs"
|
path: "/var/lib/lxc/{{ lxc_php_version }}/rootfs"
|
||||||
state: directory
|
state: directory
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
with_items:
|
|
||||||
- "{{ lxc_containers }}"
|
- name: "{{ lxc_php_version }} - Configure mailname for the container"
|
||||||
|
copy:
|
||||||
|
content: "{{ evolinux_hostname }}.{{ evolinux_domain }}\n"
|
||||||
|
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/mailname"
|
||||||
|
notify: "Restart opensmtpd"
|
||||||
|
|
||||||
|
|
||||||
|
- name: "{{ lxc_php_version }} - Install misc packages"
|
||||||
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y cron logrotate git zip unzip"
|
||||||
|
|
|
@ -1,16 +1,20 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Install PHP packages
|
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||||
command: "lxc-attach -n {{name}} -- apt-get install -y php5-fpm php5-cli php5-gd php5-imap php5-ldap php5-mcrypt php5-mysql php5-pgsql php-gettext php5-intl php5-curl php5-ssh2 libphp-phpmailer ssmtp git zip unzip"
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php5-fpm php5-cli php5-gd php5-imap php5-ldap php5-mcrypt php5-mysql php5-pgsql php-gettext php5-intl php5-curl php5-ssh2 libphp-phpmailer ssmtp"
|
||||||
|
|
||||||
- name: Copy evolinux PHP 5.6 configuration
|
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||||
template:
|
template:
|
||||||
src: z-evolinux-defaults.ini.j2
|
src: z-evolinux-defaults.ini.j2
|
||||||
dest: "{{ line_item }}"
|
dest: "{{ line_item }}"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: "Reload {{name}}-fpm"
|
notify: "Reload {{ lxc_php_version }}-fpm"
|
||||||
with_items:
|
with_items:
|
||||||
- "/var/lib/lxc/{{name}}/rootfs/etc/php5/fpm/conf.d/z-evolinux-defaults.ini"
|
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php5/fpm/conf.d/z-evolinux-defaults.ini"
|
||||||
- "/var/lib/lxc/{{name}}/rootfs/etc/php5/cli/conf.d/z-evolinux-defaults.ini"
|
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php5/cli/conf.d/z-evolinux-defaults.ini"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: line_item
|
loop_var: line_item
|
||||||
|
|
||||||
|
- include: "mail_ssmtp.yml"
|
||||||
|
|
|
@ -1,16 +1,20 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Install PHP packages
|
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||||
command: "lxc-attach -n {{name}} -- apt-get install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mcrypt php-mysql php-pgsql php-gettext php-curl php-ssh2 composer libphp-phpmailer ssmtp git zip unzip php-zip"
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mcrypt php-mysql php-pgsql php-gettext php-curl php-ssh2 php-zip php-mbstring composer libphp-phpmailer"
|
||||||
|
|
||||||
- name: Copy evolinux PHP 7.0 configuration
|
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||||
template:
|
template:
|
||||||
src: z-evolinux-defaults.ini.j2
|
src: z-evolinux-defaults.ini.j2
|
||||||
dest: "{{ line_item }}"
|
dest: "{{ line_item }}"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: "Reload {{name}}-fpm"
|
notify: "Reload {{ lxc_php_version }}-fpm"
|
||||||
with_items:
|
with_items:
|
||||||
- "/var/lib/lxc/{{name}}/rootfs/etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini"
|
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini"
|
||||||
- "/var/lib/lxc/{{name}}/rootfs/etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini"
|
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: line_item
|
loop_var: line_item
|
||||||
|
|
||||||
|
- include: "mail_opensmtpd.yml"
|
||||||
|
|
|
@ -1,31 +1,20 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Install requirements for sury repository
|
- name: "{{ lxc_php_version }} - Install PHP packages"
|
||||||
command: "lxc-attach -n {{name}} -- apt-get install -y --no-install-recommends wget apt-transport-https ca-certificates gnupg"
|
lxc_container:
|
||||||
|
name: "{{ lxc_php_version }}"
|
||||||
|
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-gettext php-curl php-ssh2 php-zip php-mbstring php-zip composer libphp-phpmailer"
|
||||||
|
|
||||||
- name: Add sury APT repository
|
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
|
||||||
copy:
|
|
||||||
content: "deb https://packages.sury.org/php/ stretch main"
|
|
||||||
dest: "/var/lib/lxc/{{name}}/rootfs/etc/apt/sources.list.d/sury.list"
|
|
||||||
mode: "0644"
|
|
||||||
|
|
||||||
- name: Add sury GPG key
|
|
||||||
shell: "wget -O- https://packages.sury.org/php/apt.gpg |lxc-attach -n {{name}} -- apt-key add -"
|
|
||||||
|
|
||||||
- name: Update APT cache
|
|
||||||
command: "lxc-attach -n {{name}} -- apt-get update"
|
|
||||||
|
|
||||||
- name: Install PHP packages
|
|
||||||
command: "lxc-attach -n {{name}} -- apt-get install -y php7.3 php7.3-fpm php7.3-cli php7.3-curl php7.3-mysql php7.3-pgsql php7.3-ldap php7.3-imap php7.3-gd php-ssh2 php-gettext composer libphp-phpmailer ssmtp git zip unzip php7.3-zip"
|
|
||||||
|
|
||||||
- name: Copy evolinux PHP 7.3 configuration
|
|
||||||
template:
|
template:
|
||||||
src: z-evolinux-defaults.ini.j2
|
src: z-evolinux-defaults.ini.j2
|
||||||
dest: "{{ line_item }}"
|
dest: "{{ line_item }}"
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
notify: "Reload {{name}}-fpm"
|
notify: "Reload {{ lxc_php_version }}-fpm"
|
||||||
with_items:
|
with_items:
|
||||||
- "/var/lib/lxc/{{name}}/rootfs/etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini"
|
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini"
|
||||||
- "/var/lib/lxc/{{name}}/rootfs/etc/php/7.3/cli/conf.d/z-evolinux-defaults.ini"
|
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.3/cli/conf.d/z-evolinux-defaults.ini"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: line_item
|
loop_var: line_item
|
||||||
|
|
||||||
|
- include: "mail_opensmtpd.yml"
|
||||||
|
|
14
lxc-php/templates/smtpd.conf.j2
Normal file
14
lxc-php/templates/smtpd.conf.j2
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
# This is the smtpd server system-wide configuration file.
|
||||||
|
# See smtpd.conf(5) for more information.
|
||||||
|
|
||||||
|
# To accept external mail, replace with: listen on all
|
||||||
|
#listen on localhost
|
||||||
|
|
||||||
|
# If you edit the file, you have to run "smtpctl update table aliases"
|
||||||
|
table aliases file:/etc/aliases
|
||||||
|
|
||||||
|
# Uncomment the following to accept external mail for domain "example.org"
|
||||||
|
#accept from any for domain "example.org" alias <aliases> deliver to mbox
|
||||||
|
|
||||||
|
accept for local alias <aliases> deliver to mbox
|
||||||
|
accept for any relay via "smtp://127.0.0.1"
|
21
lxc-php/templates/ssmtp.conf.j2
Normal file
21
lxc-php/templates/ssmtp.conf.j2
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
#
|
||||||
|
# Config file for sSMTP sendmail
|
||||||
|
#
|
||||||
|
# The person who gets all mail for userids < 1000
|
||||||
|
# Make this empty to disable rewriting.
|
||||||
|
root=postmaster
|
||||||
|
|
||||||
|
# The place where the mail goes. The actual machine name is required no
|
||||||
|
# MX records are consulted. Commonly mailhosts are named mail.domain.com
|
||||||
|
mailhub=127.0.0.1
|
||||||
|
|
||||||
|
# Where will the mail seem to come from?
|
||||||
|
#rewriteDomain=
|
||||||
|
|
||||||
|
# The full hostname
|
||||||
|
hostname={{ ansible_fqdn }}
|
||||||
|
|
||||||
|
# Are users allowed to set their own From: address?
|
||||||
|
# YES - Allow the user to specify their own From: address
|
||||||
|
# NO - Use the system generated From: address
|
||||||
|
FromLineOverride=YES
|
17
lxc/meta/main.yml
Normal file
17
lxc/meta/main.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
galaxy_info:
|
||||||
|
author: Evolix
|
||||||
|
description: Creation of LXC Containers
|
||||||
|
|
||||||
|
issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
|
||||||
|
|
||||||
|
license: GPLv2
|
||||||
|
|
||||||
|
min_ansible_version: 2.2
|
||||||
|
|
||||||
|
platforms:
|
||||||
|
- name: Debian
|
||||||
|
versions:
|
||||||
|
- stretch
|
||||||
|
- buster
|
||||||
|
|
||||||
|
allow_duplicates: yes
|
|
@ -1,34 +1,36 @@
|
||||||
---
|
---
|
||||||
- name: "Check if container {{ name }} exists"
|
- name: "Check if container {{ name }} exists"
|
||||||
command: "lxc-ls {{name}}"
|
command: "lxc-ls {{ name }}"
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
check_mode: no
|
||||||
register: container_exists
|
register: container_exists
|
||||||
|
|
||||||
- name: "Create container {{ name }}"
|
- name: "Create container {{ name }}"
|
||||||
lxc_container:
|
lxc_container:
|
||||||
name: "{{name}}"
|
name: "{{ name }}"
|
||||||
container_log: true
|
container_log: true
|
||||||
template: debian
|
template: debian
|
||||||
state: stopped
|
state: stopped
|
||||||
template_options: "--arch amd64 --release {{release}}"
|
template_options: "--arch amd64 --release {{ release }}"
|
||||||
|
when: container_exists.stdout_lines == []
|
||||||
|
|
||||||
- name: "Disable network configuration inside container {{ name }}"
|
- name: "Disable network configuration inside container {{ name }}"
|
||||||
replace:
|
replace:
|
||||||
name: "/var/lib/lxc/{{name}}/rootfs/etc/default/networking"
|
name: "/var/lib/lxc/{{ name }}/rootfs/etc/default/networking"
|
||||||
regexp: "^#CONFIGURE_INTERFACES=yes"
|
regexp: "^#CONFIGURE_INTERFACES=yes"
|
||||||
replace: CONFIGURE_INTERFACES=no
|
replace: CONFIGURE_INTERFACES=no
|
||||||
when: lxc_network_type == "none"
|
when: lxc_network_type == "none"
|
||||||
|
|
||||||
- name: "Disable interface shut down on halt inside container {{ name }} (Jessie container)"
|
- name: "Disable interface shut down on halt inside container {{ name }} (Jessie container)"
|
||||||
lineinfile:
|
lineinfile:
|
||||||
name: "/var/lib/lxc/{{name}}/rootfs/etc/default/halt"
|
name: "/var/lib/lxc/{{ name }}/rootfs/etc/default/halt"
|
||||||
line: "NETDOWN=no"
|
line: "NETDOWN=no"
|
||||||
when: lxc_network_type == "none" and release == "jessie"
|
when: lxc_network_type == "none" and release == "jessie"
|
||||||
|
|
||||||
- name: "Make the container {{ name }} poweroff on SIGPWR sent by lxc-stop (Jessie container)"
|
- name: "Make the container {{ name }} poweroff on SIGPWR sent by lxc-stop (Jessie container)"
|
||||||
file:
|
file:
|
||||||
src: /lib/systemd/system/poweroff.target
|
src: /lib/systemd/system/poweroff.target
|
||||||
dest: "/var/lib/lxc/{{name}}/rootfs/etc/systemd/system/sigpwr.target"
|
dest: "/var/lib/lxc/{{ name }}/rootfs/etc/systemd/system/sigpwr.target"
|
||||||
state: link
|
state: link
|
||||||
when: release == 'jessie'
|
when: release == 'jessie'
|
||||||
|
|
||||||
|
@ -36,21 +38,21 @@
|
||||||
copy:
|
copy:
|
||||||
remote_src: yes
|
remote_src: yes
|
||||||
src: /etc/resolv.conf
|
src: /etc/resolv.conf
|
||||||
dest: "/var/lib/lxc/{{name}}/rootfs/etc/"
|
dest: "/var/lib/lxc/{{ name }}/rootfs/etc/"
|
||||||
|
|
||||||
- name: "Add hostname in /etc/hosts for container {{ name }}"
|
- name: "Add hostname in /etc/hosts for container {{ name }}"
|
||||||
lineinfile:
|
lineinfile:
|
||||||
name: "/var/lib/lxc/{{name}}/rootfs/etc/hosts"
|
name: "/var/lib/lxc/{{ name }}/rootfs/etc/hosts"
|
||||||
line: "127.0.0.1 {{name}}"
|
line: "127.0.0.1 {{ name }}"
|
||||||
|
|
||||||
- name: "Fix permission on /dev for container {{ name }}"
|
- name: "Fix permission on /dev for container {{ name }}"
|
||||||
lineinfile:
|
lineinfile:
|
||||||
name: "/var/lib/lxc/{{name}}/rootfs/etc/rc.local"
|
name: "/var/lib/lxc/{{ name }}/rootfs/etc/rc.local"
|
||||||
line: "chmod 755 /dev"
|
line: "chmod 755 /dev"
|
||||||
insertbefore: "^exit 0$"
|
insertbefore: "^exit 0$"
|
||||||
when: release == 'jessie'
|
when: release == 'jessie'
|
||||||
|
|
||||||
- name: "Ensure that {{name}} container is running"
|
- name: "Ensure that {{ name }} container is running"
|
||||||
lxc_container:
|
lxc_container:
|
||||||
name: "{{name}}"
|
name: "{{ name }}"
|
||||||
state: started
|
state: started
|
||||||
|
|
|
@ -7,9 +7,11 @@
|
||||||
- xz-utils
|
- xz-utils
|
||||||
- python-lxc
|
- python-lxc
|
||||||
|
|
||||||
- name: Install lxc-templates on Buster
|
- name: Install additional packages on Buster
|
||||||
apt:
|
apt:
|
||||||
name: lxc-templates
|
name:
|
||||||
|
- apparmor
|
||||||
|
- lxc-templates
|
||||||
when: ansible_distribution_major_version is version('10', '>=')
|
when: ansible_distribution_major_version is version('10', '>=')
|
||||||
|
|
||||||
- name: Copy LXC default containers configuration
|
- name: Copy LXC default containers configuration
|
||||||
|
@ -34,5 +36,5 @@
|
||||||
include: create-container.yml
|
include: create-container.yml
|
||||||
vars:
|
vars:
|
||||||
name: "{{ item.name }}"
|
name: "{{ item.name }}"
|
||||||
release: "{{item.release}}"
|
release: "{{ item.release }}"
|
||||||
with_items: "{{lxc_containers}}"
|
loop: "{{ lxc_containers }}"
|
||||||
|
|
|
@ -11,3 +11,5 @@ packweb_phpmyadmin_suffix: ""
|
||||||
packweb_phpmyadmin_suffix_file: "/etc/evolinux/phpmyadmin_suffix"
|
packweb_phpmyadmin_suffix_file: "/etc/evolinux/phpmyadmin_suffix"
|
||||||
|
|
||||||
packweb_mysql_variant: "debian"
|
packweb_mysql_variant: "debian"
|
||||||
|
|
||||||
|
packweb_multiphp_versions: []
|
||||||
|
|
3
packweb-apache/files/multiphp-sudoers
Normal file
3
packweb-apache/files/multiphp-sudoers
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
|
||||||
|
Defaults env_keep += "LOGNAME PWD"
|
||||||
|
ALL ALL = NOPASSWD: /usr/local/bin/phpContainer
|
18
packweb-apache/files/phpContainer
Normal file
18
packweb-apache/files/phpContainer
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# If this script isn't run as root, then, re-run it with sudo.
|
||||||
|
if [ "$EUID" -ne 0 ]; then
|
||||||
|
sudo $(readlink -f ${BASH_SOURCE[0]}) "$@"
|
||||||
|
exit 0;
|
||||||
|
fi;
|
||||||
|
|
||||||
|
PHPVersion=$(grep SetHandler /etc/apache2/sites-enabled/$LOGNAME.conf 2>/dev/null | grep -m 1 -o 'fpm[0-9][0-9]' | head -n 1 | sed 's/php//g' | sed 's/fpm//g')
|
||||||
|
|
||||||
|
if [ "$PHPVersion" != "" ]; then
|
||||||
|
lxc-attach -n php$PHPVersion -- su - $LOGNAME -c "cd \"${PWD@E}\" && php ${*@Q}"
|
||||||
|
else
|
||||||
|
# TODO: fallback?
|
||||||
|
# command php $*
|
||||||
|
echo "ERROR - Could not determine \$PHPVersion - Are you a web account ?"
|
||||||
|
exit 1
|
||||||
|
fi
|
|
@ -13,12 +13,19 @@ galaxy_info:
|
||||||
versions:
|
versions:
|
||||||
- jessie
|
- jessie
|
||||||
- stretch
|
- stretch
|
||||||
|
- buster
|
||||||
|
|
||||||
|
allow_duplicates: true
|
||||||
|
|
||||||
dependencies:
|
dependencies:
|
||||||
- { role: evolix/apache }
|
- { role: evolix/apache }
|
||||||
- { role: evolix/php, php_apache_enable: True, when: packweb_apache_modphp }
|
- { role: evolix/php, php_apache_enable: True, when: packweb_apache_modphp }
|
||||||
- { role: evolix/php, php_fpm_enable: True, when: packweb_apache_fpm }
|
- { role: evolix/php, php_fpm_enable: True, when: packweb_apache_fpm }
|
||||||
|
- { role: evolix/lxc-php, lxc_php_version: php56, when: "'php56' in packweb_multiphp_versions" }
|
||||||
|
- { role: evolix/lxc-php, lxc_php_version: php70, when: "'php70' in packweb_multiphp_versions" }
|
||||||
|
- { role: evolix/lxc-php, lxc_php_version: php73, when: "'php73' in packweb_multiphp_versions" }
|
||||||
- { role: evolix/squid, squid_localproxy_enable: True }
|
- { role: evolix/squid, squid_localproxy_enable: True }
|
||||||
- { role: evolix/mysql, when: packweb_mysql_variant == "debian" }
|
- { role: evolix/mysql, when: packweb_mysql_variant == "debian" }
|
||||||
- { role: evolix/mysql-oracle, when: packweb_mysql_variant == "oracle" }
|
- { role: evolix/mysql-oracle, when: packweb_mysql_variant == "oracle" }
|
||||||
- { role: evolix/webapps/evoadmin-web, evoadmin_enable_vhost: "{{ packweb_enable_evoadmin_vhost }}" }
|
- { role: evolix/webapps/evoadmin-web, evoadmin_enable_vhost: "{{ packweb_enable_evoadmin_vhost }}", evoadmin_multiphp_versions: "{{ packweb_multiphp_versions }}" }
|
||||||
|
- { role: evolix/evoacme }
|
||||||
|
|
|
@ -78,6 +78,7 @@
|
||||||
- include: apache.yml
|
- include: apache.yml
|
||||||
|
|
||||||
- include: phpmyadmin.yml
|
- include: phpmyadmin.yml
|
||||||
|
when: ansible_distribution_release != "buster"
|
||||||
|
|
||||||
- include: awstats.yml
|
- include: awstats.yml
|
||||||
|
|
||||||
|
@ -89,3 +90,6 @@
|
||||||
name: "ProFTPd directory size caching"
|
name: "ProFTPd directory size caching"
|
||||||
special_time: daily
|
special_time: daily
|
||||||
job: "/usr/share/scripts/evoadmin/stats.sh"
|
job: "/usr/share/scripts/evoadmin/stats.sh"
|
||||||
|
|
||||||
|
- include: multiphp.yml
|
||||||
|
when: packweb_multiphp_versions | length > 0
|
||||||
|
|
34
packweb-apache/tasks/multiphp.yml
Normal file
34
packweb-apache/tasks/multiphp.yml
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: Enable proxy_fcgi
|
||||||
|
apache2_module:
|
||||||
|
state: present
|
||||||
|
name: proxy_fcgi
|
||||||
|
notify: restart apache2
|
||||||
|
|
||||||
|
- include_role:
|
||||||
|
name: remount-usr
|
||||||
|
|
||||||
|
- name: Copy phpContainer script
|
||||||
|
copy:
|
||||||
|
src: phpContainer
|
||||||
|
dest: /usr/local/bin/phpContainer
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
|
# - name: Copy php shim to call phpContainer when the user is a web user
|
||||||
|
# copy:
|
||||||
|
# src: multiphp-shim
|
||||||
|
# dest: /usr/local/bin/php
|
||||||
|
# mode: 0755
|
||||||
|
|
||||||
|
# - name: Modify bashrc skel file
|
||||||
|
# lineinfile:
|
||||||
|
# dest: /etc/skel/.bashrc
|
||||||
|
# line: "alias php='sudo /usr/local/bin/phpContainer'"
|
||||||
|
|
||||||
|
- name: Add multiphp sudoers file
|
||||||
|
copy:
|
||||||
|
src: multiphp-sudoers
|
||||||
|
dest: /etc/sudoers.d/multiphp
|
||||||
|
mode: "0600"
|
||||||
|
validate: "visudo -cf %s"
|
|
@ -1,52 +1,52 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Symlink Evolix CLI config files from 7.3 to 7.0
|
- name: Symlink Evolix CLI config files from 7.4 to 7.0
|
||||||
file:
|
file:
|
||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ item.dest }}"
|
dest: "{{ item.dest }}"
|
||||||
force: yes
|
force: yes
|
||||||
state: link
|
state: link
|
||||||
with_items:
|
with_items:
|
||||||
- { src: "{{ php_cli_defaults_ini_file }}", dest: "/etc/php/7.3/cli/conf.d/z-evolinux-defaults.ini" }
|
- { src: "{{ php_cli_defaults_ini_file }}", dest: "/etc/php/7.4/cli/conf.d/z-evolinux-defaults.ini" }
|
||||||
- { src: "{{ php_cli_custom_ini_file }}", dest: "/etc/php/7.3/cli/conf.d/zzz-evolinux-custom.ini" }
|
- { src: "{{ php_cli_custom_ini_file }}", dest: "/etc/php/7.4/cli/conf.d/zzz-evolinux-custom.ini" }
|
||||||
|
|
||||||
- name: Enforce permissions on PHP 7.3/cli directory
|
- name: Enforce permissions on PHP 7.4/cli directory
|
||||||
file:
|
file:
|
||||||
dest: /etc/php/7.3/cli
|
dest: /etc/php/7.4/cli
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
|
|
||||||
- name: Symlink Evolix Apache config files from 7.3 to 7.0
|
- name: Symlink Evolix Apache config files from 7.4 to 7.0
|
||||||
file:
|
file:
|
||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ item.dest }}"
|
dest: "{{ item.dest }}"
|
||||||
force: yes
|
force: yes
|
||||||
state: link
|
state: link
|
||||||
with_items:
|
with_items:
|
||||||
- { src: "{{ php_apache_defaults_ini_file }}", dest: "/etc/php/7.3/apache2/conf.d/z-evolinux-defaults.ini" }
|
- { src: "{{ php_apache_defaults_ini_file }}", dest: "/etc/php/7.4/apache2/conf.d/z-evolinux-defaults.ini" }
|
||||||
- { src: "{{ php_apache_custom_ini_file }}", dest: "/etc/php/7.3/apache2/conf.d/zzz-evolinux-custom.ini" }
|
- { src: "{{ php_apache_custom_ini_file }}", dest: "/etc/php/7.4/apache2/conf.d/zzz-evolinux-custom.ini" }
|
||||||
when: php_apache_enable
|
when: php_apache_enable
|
||||||
|
|
||||||
- name: Enforce permissions on PHP 7.3/cli directory
|
- name: Enforce permissions on PHP 7.4/cli directory
|
||||||
file:
|
file:
|
||||||
dest: /etc/php/7.3/apache2
|
dest: /etc/php/7.4/apache2
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_apache_enable
|
when: php_apache_enable
|
||||||
|
|
||||||
- name: Symlink Evolix FPM config files from 7.3 to 7.0
|
- name: Symlink Evolix FPM config files from 7.4 to 7.0
|
||||||
file:
|
file:
|
||||||
src: "{{ item.src }}"
|
src: "{{ item.src }}"
|
||||||
dest: "{{ item.dest }}"
|
dest: "{{ item.dest }}"
|
||||||
force: yes
|
force: yes
|
||||||
state: link
|
state: link
|
||||||
with_items:
|
with_items:
|
||||||
- { src: "{{ php_fpm_defaults_ini_file }}", dest: "/etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini" }
|
- { src: "{{ php_fpm_defaults_ini_file }}", dest: "/etc/php/7.4/fpm/conf.d/z-evolinux-defaults.ini" }
|
||||||
- { src: "{{ php_fpm_custom_ini_file }}", dest: "/etc/php/7.3/fpm/conf.d/zzz-evolinux-custom.ini" }
|
- { src: "{{ php_fpm_custom_ini_file }}", dest: "/etc/php/7.4/fpm/conf.d/zzz-evolinux-custom.ini" }
|
||||||
- { src: "{{ php_fpm_defaults_conf_file }}", dest: "/etc/php/7.3/fpm/pool.d/z-evolinux-defaults.conf" }
|
- { src: "{{ php_fpm_defaults_conf_file }}", dest: "/etc/php/7.4/fpm/pool.d/z-evolinux-defaults.conf" }
|
||||||
- { src: "{{ php_fpm_custom_conf_file }}", dest: "/etc/php/7.3/fpm/pool.d/zzz-evolinux-custom.conf" }
|
- { src: "{{ php_fpm_custom_conf_file }}", dest: "/etc/php/7.4/fpm/pool.d/zzz-evolinux-custom.conf" }
|
||||||
when: php_fpm_enable
|
when: php_fpm_enable
|
||||||
|
|
||||||
- name: Enforce permissions on PHP 7.3/cli directory
|
- name: Enforce permissions on PHP 7.4/cli directory
|
||||||
file:
|
file:
|
||||||
dest: /etc/php/7.3/fpm
|
dest: /etc/php/7.4/fpm
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
when: php_fpm_enable
|
when: php_fpm_enable
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
|
|
||||||
- name: Setup deb.sury.org repository - Add source list
|
- name: Setup deb.sury.org repository - Add source list
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: "deb https://packages.sury.org/php/ stretch main"
|
repo: "deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main"
|
||||||
filename: sury
|
filename: sury
|
||||||
state: present
|
state: present
|
||||||
|
|
||||||
|
|
|
@ -10,7 +10,7 @@ evoadmin_scripts_dir: /usr/share/scripts/evoadmin
|
||||||
evoadmin_host: "evoadmin.{{ ansible_fqdn }}"
|
evoadmin_host: "evoadmin.{{ ansible_fqdn }}"
|
||||||
evoadmin_username: evoadmin
|
evoadmin_username: evoadmin
|
||||||
|
|
||||||
evoadmin_multi_php: False
|
evoadmin_multiphp_versions: []
|
||||||
evoadmin_enable_vhost: True
|
evoadmin_enable_vhost: True
|
||||||
|
|
||||||
evoadmin_force_vhost: False
|
evoadmin_force_vhost: False
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
evolixContainerVersion=$(grep SetHandler /etc/apache2/sites-enabled/$LOGNAME.conf 2>/dev/null | grep -m 1 -o 'fpm[0-9][0-9]' | head -n 1 | sed 's/php//g' | sed 's/fpm//g')
|
|
||||||
if [ "$evolixContainerVersion" != "" ]; then
|
|
||||||
lxc-attach -n php$evolixContainerVersion -- su - $LOGNAME -c "cd \"${PWD@E}\" && php ${*@Q}"
|
|
||||||
else
|
|
||||||
# TODO: fallback?
|
|
||||||
# command php $*
|
|
||||||
echo "could not determine \$evolixContainerVersion"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
|
@ -29,10 +29,3 @@
|
||||||
- "templates/evoadmin-web/web-mail.tpl.j2"
|
- "templates/evoadmin-web/web-mail.tpl.j2"
|
||||||
- "web-mail.tpl.j2"
|
- "web-mail.tpl.j2"
|
||||||
register: evoadmin_mail_tpl_template
|
register: evoadmin_mail_tpl_template
|
||||||
|
|
||||||
- name: Copy multi php-cli script
|
|
||||||
copy:
|
|
||||||
src: phpContainer
|
|
||||||
dest: /usr/local/bin/phpContainer
|
|
||||||
mode: 0700
|
|
||||||
when: evoadmin_multi_php
|
|
||||||
|
|
|
@ -116,9 +116,3 @@
|
||||||
- "templates/evoadmin-web/sudoers.j2"
|
- "templates/evoadmin-web/sudoers.j2"
|
||||||
- "sudoers.j2"
|
- "sudoers.j2"
|
||||||
register: evoadmin_sudoers_conf
|
register: evoadmin_sudoers_conf
|
||||||
|
|
||||||
- name: Modify bashrc skel file
|
|
||||||
lineinfile:
|
|
||||||
dest: /etc/skel/.bashrc
|
|
||||||
line: "alias php='sudo /usr/local/bin/phpContainer'"
|
|
||||||
when: evoadmin_multi_php
|
|
||||||
|
|
|
@ -84,10 +84,3 @@
|
||||||
- "templates/evoadmin-web/config.local.php.j2"
|
- "templates/evoadmin-web/config.local.php.j2"
|
||||||
- "config.local.php.j2"
|
- "config.local.php.j2"
|
||||||
register: evoadmin_config_local_php_template
|
register: evoadmin_config_local_php_template
|
||||||
|
|
||||||
- name: Enable proxy_fcgi
|
|
||||||
apache2_module:
|
|
||||||
state: present
|
|
||||||
name: proxy_fcgi
|
|
||||||
notify: restart apache2
|
|
||||||
when: evoadmin_multi_php
|
|
||||||
|
|
|
@ -7,9 +7,11 @@ $localconf['superadmin'] = array();
|
||||||
$localconf['script_path'] = '{{ evoadmin_scripts_dir }}';
|
$localconf['script_path'] = '{{ evoadmin_scripts_dir }}';
|
||||||
$localconf['cluster'] = FALSE;
|
$localconf['cluster'] = FALSE;
|
||||||
// auth (sha256 hashs) / echo -n YourPass | sha256sum
|
// auth (sha256 hashs) / echo -n YourPass | sha256sum
|
||||||
|
|
||||||
$oriconf['logins'] = array();
|
$oriconf['logins'] = array();
|
||||||
//$oriconf['logins']['foo'] = 'd5d3c723fb82cb0078f399888af78204234535ec2ef3da56710fdd51f90d2477';
|
//$oriconf['logins']['foo'] = 'd5d3c723fb82cb0078f399888af78204234535ec2ef3da56710fdd51f90d2477';
|
||||||
//$oriconf['logins']['bar'] = '7938c84d6e43d1659612a7ea7c1101ed02e52751bb64597a8c20ebaba8ba4303';
|
//$oriconf['logins']['bar'] = '7938c84d6e43d1659612a7ea7c1101ed02e52751bb64597a8c20ebaba8ba4303';
|
||||||
{% if evoadmin_multi_php %}
|
|
||||||
$localconf['php_versions'] = array(56, 70, 73);
|
{% if evoadmin_multiphp_versions != [] %}
|
||||||
|
$localconf['php_versions'] = array( {{ evoadmin_multiphp_versions | join(', ') | replace('php', '') }} );
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
|
@ -1,7 +1,3 @@
|
||||||
User_Alias EVOADMIN = www-evoadmin
|
User_Alias EVOADMIN = www-evoadmin
|
||||||
Cmnd_Alias EVOADMIN_WEB = {{ evoadmin_scripts_dir | mandatory }}/web-*.sh, {{ evoadmin_scripts_dir | mandatory }}/ftpadmin.sh, {{ evoadmin_scripts_dir | mandatory }}/dbadmin.sh
|
Cmnd_Alias EVOADMIN_WEB = {{ evoadmin_scripts_dir | mandatory }}/web-*.sh, {{ evoadmin_scripts_dir | mandatory }}/ftpadmin.sh, {{ evoadmin_scripts_dir | mandatory }}/dbadmin.sh
|
||||||
EVOADMIN ALL=NOPASSWD: EVOADMIN_WEB
|
EVOADMIN ALL=NOPASSWD: EVOADMIN_WEB
|
||||||
{% if evoadmin_multi_php %}
|
|
||||||
Defaults env_keep += "LOGNAME PWD"
|
|
||||||
ALL ALL = NOPASSWD: /usr/local/bin/phpContainer
|
|
||||||
{% endif %}
|
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
CONTACT_MAIL="{{ evoadmin_contact_email or general_alert_email | mandatory }}"
|
CONTACT_MAIL="{{ evoadmin_contact_email or general_alert_email | mandatory }}"
|
||||||
WWWBOUNCE_MAIL="{{ evoadmin_bounce_email or general_alert_email | mandatory }}"
|
WWWBOUNCE_MAIL="{{ evoadmin_bounce_email or general_alert_email | mandatory }}"
|
||||||
{% if evoadmin_multi_php %}
|
|
||||||
PHP_VERSIONS=(56 70 73)
|
{% if evoadmin_multiphp_versions != [] %}
|
||||||
|
PHP_VERSIONS=({{ evoadmin_multiphp_versions | join(' ') | replace('php', '') }});
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
Loading…
Reference in a new issue