packweb-apache: Do the install & conffigure phpContainer script (instead of evoadmin-web role)

3 years ago · bd63e7037f
parent 7fc260a17b
commit bd63e7037f
10 changed files with 59 additions and 34 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -76,6 +76,7 @@ The **patch** part changes incrementally at each release.
 * nagios-nrpe: change default haproxy socket path
 * nagios-nrpe: check_mode per cpu dynamically
 * nodejs: change default version to 12 (new LTS)
+* packweb-apache: Do the install & conffigure phpContainer script (instead of evoadmin-web role)
 * php: By default, allow 128M for OpCache (instead of 64M)
 * php: Don't set a chroot for the default fpm pool
 * php: Make sure the default pool we define can be fully functionnal witout debian's default pool file
--- a/packweb-apache/files/multiphp-sudoers
+++ b/packweb-apache/files/multiphp-sudoers
@ -0,0 +1,3 @@
+
+Defaults        env_keep += "LOGNAME PWD"
+ALL ALL = NOPASSWD: /usr/local/bin/phpContainer
--- a/packweb-apache/files/phpContainer
+++ b/packweb-apache/files/phpContainer
@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+# If this script isn't run as root, then, re-run it with sudo.
+if [ "$EUID" -ne 0 ]; then
+  sudo $(readlink -f  ${BASH_SOURCE[0]}) ${*@Q}
+  exit 0;
+fi;
+
+PHPVersion=$(grep SetHandler /etc/apache2/sites-enabled/$LOGNAME.conf 2>/dev/null | grep -m 1 -o 'fpm[0-9][0-9]' | head -n 1 | sed 's/php//g' | sed 's/fpm//g')
+
+if [ "$PHPVersion" != "" ]; then
+    lxc-attach -n php$PHPVersion -- su - $LOGNAME -c "cd \"${PWD@E}\" && php ${*@Q}"
+else
+    # TODO: fallback?
+    # command php $*
+    echo "ERROR - Could not determine \$PHPVersion - Are you a web account ?"
+    exit 1
+fi
--- a/packweb-apache/tasks/main.yml
+++ b/packweb-apache/tasks/main.yml
@ -90,3 +90,6 @@
    name: "ProFTPd directory size caching"
    special_time: daily
    job: "/usr/share/scripts/evoadmin/stats.sh"
+
+- include: multiphp.yml
+  when: packweb_multiphp_versions | length > 0
--- a/packweb-apache/tasks/multiphp.yml
+++ b/packweb-apache/tasks/multiphp.yml
@ -0,0 +1,34 @@
+---
+
+- name: Enable proxy_fcgi
+  apache2_module:
+    state: present
+    name: proxy_fcgi
+  notify: restart apache2
+
+- include_role:
+    name: remount-usr
+
+- name: Copy phpContainer script
+  copy:
+    src: phpContainer
+    dest: /usr/local/bin/phpContainer
+    mode: 0700
+
+# - name: Copy php shim to call phpContainer when the user is a web user
+#   copy:
+#     src: multiphp-shim
+#     dest: /usr/local/bin/php
+#     mode: 0755
+
+# - name: Modify bashrc skel file
+#   lineinfile:
+#     dest: /etc/skel/.bashrc
+#     line: "alias php='sudo /usr/local/bin/phpContainer'"
+
+- name: Add multiphp sudoers file
+  copy:
+    src: multiphp-sudoers
+    dest: /etc/sudoers.d/multiphp
+    mode: "0600"
+    validate: "visudo -cf %s"
--- a/webapps/evoadmin-web/files/phpContainer
+++ b/webapps/evoadmin-web/files/phpContainer
@ -1,10 +0,0 @@
-#!/usr/bin/env bash
-evolixContainerVersion=$(grep SetHandler /etc/apache2/sites-enabled/$LOGNAME.conf 2>/dev/null | grep -m 1 -o 'fpm[0-9][0-9]' | head -n 1 | sed 's/php//g' | sed 's/fpm//g')                                                                                                                                                  
-if [ "$evolixContainerVersion" != "" ]; then
-    lxc-attach -n php$evolixContainerVersion -- su - $LOGNAME -c "cd \"${PWD@E}\" && php ${*@Q}"
-else
-    # TODO: fallback?
-    # command php $*
-    echo "could not determine \$evolixContainerVersion"
-    exit 1
-fi
--- a/webapps/evoadmin-web/tasks/config.yml
+++ b/webapps/evoadmin-web/tasks/config.yml
@ -29,10 +29,3 @@
    - "templates/evoadmin-web/web-mail.tpl.j2"
    - "web-mail.tpl.j2"
  register: evoadmin_mail_tpl_template
-
- name: Copy multi php-cli script
-  copy:
-    src: phpContainer
-    dest: /usr/local/bin/phpContainer
-    mode: 0700
-  when: packweb_multiphp_versions is defined
--- a/webapps/evoadmin-web/tasks/user.yml
+++ b/webapps/evoadmin-web/tasks/user.yml
@ -116,9 +116,3 @@
    - "templates/evoadmin-web/sudoers.j2"
    - "sudoers.j2"
  register: evoadmin_sudoers_conf
-
- name: Modify bashrc skel file
-  lineinfile:
-    dest: /etc/skel/.bashrc
-    line: "alias php='sudo /usr/local/bin/phpContainer'"
-  when: packweb_multiphp_versions is defined
--- a/webapps/evoadmin-web/tasks/web.yml
+++ b/webapps/evoadmin-web/tasks/web.yml
@ -84,10 +84,3 @@
    - "templates/evoadmin-web/config.local.php.j2"
    - "config.local.php.j2"
  register: evoadmin_config_local_php_template
-
- name: Enable proxy_fcgi
-  apache2_module:
-    state: present
-    name: proxy_fcgi
-  notify: restart apache2
-  when: packweb_multiphp_versions is defined
--- a/webapps/evoadmin-web/templates/sudoers.j2
+++ b/webapps/evoadmin-web/templates/sudoers.j2
@ -1,7 +1,3 @@
 User_Alias EVOADMIN = www-evoadmin
 Cmnd_Alias EVOADMIN_WEB = {{ evoadmin_scripts_dir | mandatory }}/web-*.sh, {{ evoadmin_scripts_dir | mandatory }}/ftpadmin.sh, {{ evoadmin_scripts_dir | mandatory }}/dbadmin.sh
 EVOADMIN ALL=NOPASSWD: EVOADMIN_WEB
-{% if packweb_multiphp_versions is defined %}
-Defaults        env_keep += "LOGNAME PWD"
-ALL ALL = NOPASSWD: /usr/local/bin/phpContainer
-{% endif %}