diff --git a/CHANGELOG.md b/CHANGELOG.md index 8236c283..f39a886e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -76,6 +76,7 @@ The **patch** part changes incrementally at each release. * nagios-nrpe: change default haproxy socket path * nagios-nrpe: check_mode per cpu dynamically * nodejs: change default version to 12 (new LTS) +* packweb-apache: Do the install & conffigure phpContainer script (instead of evoadmin-web role) * php: By default, allow 128M for OpCache (instead of 64M) * php: Don't set a chroot for the default fpm pool * php: Make sure the default pool we define can be fully functionnal witout debian's default pool file diff --git a/packweb-apache/files/multiphp-sudoers b/packweb-apache/files/multiphp-sudoers new file mode 100644 index 00000000..8bd0f446 --- /dev/null +++ b/packweb-apache/files/multiphp-sudoers @@ -0,0 +1,3 @@ + +Defaults env_keep += "LOGNAME PWD" +ALL ALL = NOPASSWD: /usr/local/bin/phpContainer diff --git a/packweb-apache/files/phpContainer b/packweb-apache/files/phpContainer new file mode 100644 index 00000000..9c9425c1 --- /dev/null +++ b/packweb-apache/files/phpContainer @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +# If this script isn't run as root, then, re-run it with sudo. +if [ "$EUID" -ne 0 ]; then + sudo $(readlink -f ${BASH_SOURCE[0]}) ${*@Q} + exit 0; +fi; + +PHPVersion=$(grep SetHandler /etc/apache2/sites-enabled/$LOGNAME.conf 2>/dev/null | grep -m 1 -o 'fpm[0-9][0-9]' | head -n 1 | sed 's/php//g' | sed 's/fpm//g') + +if [ "$PHPVersion" != "" ]; then + lxc-attach -n php$PHPVersion -- su - $LOGNAME -c "cd \"${PWD@E}\" && php ${*@Q}" +else + # TODO: fallback? + # command php $* + echo "ERROR - Could not determine \$PHPVersion - Are you a web account ?" + exit 1 +fi diff --git a/packweb-apache/tasks/main.yml b/packweb-apache/tasks/main.yml index 575c885d..9c36c888 100644 --- a/packweb-apache/tasks/main.yml +++ b/packweb-apache/tasks/main.yml @@ -90,3 +90,6 @@ name: "ProFTPd directory size caching" special_time: daily job: "/usr/share/scripts/evoadmin/stats.sh" + +- include: multiphp.yml + when: packweb_multiphp_versions | length > 0 diff --git a/packweb-apache/tasks/multiphp.yml b/packweb-apache/tasks/multiphp.yml new file mode 100644 index 00000000..9d290450 --- /dev/null +++ b/packweb-apache/tasks/multiphp.yml @@ -0,0 +1,34 @@ +--- + +- name: Enable proxy_fcgi + apache2_module: + state: present + name: proxy_fcgi + notify: restart apache2 + +- include_role: + name: remount-usr + +- name: Copy phpContainer script + copy: + src: phpContainer + dest: /usr/local/bin/phpContainer + mode: 0700 + +# - name: Copy php shim to call phpContainer when the user is a web user +# copy: +# src: multiphp-shim +# dest: /usr/local/bin/php +# mode: 0755 + +# - name: Modify bashrc skel file +# lineinfile: +# dest: /etc/skel/.bashrc +# line: "alias php='sudo /usr/local/bin/phpContainer'" + +- name: Add multiphp sudoers file + copy: + src: multiphp-sudoers + dest: /etc/sudoers.d/multiphp + mode: "0600" + validate: "visudo -cf %s" diff --git a/webapps/evoadmin-web/files/phpContainer b/webapps/evoadmin-web/files/phpContainer deleted file mode 100644 index 9d8a6e28..00000000 --- a/webapps/evoadmin-web/files/phpContainer +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash -evolixContainerVersion=$(grep SetHandler /etc/apache2/sites-enabled/$LOGNAME.conf 2>/dev/null | grep -m 1 -o 'fpm[0-9][0-9]' | head -n 1 | sed 's/php//g' | sed 's/fpm//g') -if [ "$evolixContainerVersion" != "" ]; then - lxc-attach -n php$evolixContainerVersion -- su - $LOGNAME -c "cd \"${PWD@E}\" && php ${*@Q}" -else - # TODO: fallback? - # command php $* - echo "could not determine \$evolixContainerVersion" - exit 1 -fi diff --git a/webapps/evoadmin-web/tasks/config.yml b/webapps/evoadmin-web/tasks/config.yml index b6384f3b..689a217e 100644 --- a/webapps/evoadmin-web/tasks/config.yml +++ b/webapps/evoadmin-web/tasks/config.yml @@ -29,10 +29,3 @@ - "templates/evoadmin-web/web-mail.tpl.j2" - "web-mail.tpl.j2" register: evoadmin_mail_tpl_template - -- name: Copy multi php-cli script - copy: - src: phpContainer - dest: /usr/local/bin/phpContainer - mode: 0700 - when: packweb_multiphp_versions is defined diff --git a/webapps/evoadmin-web/tasks/user.yml b/webapps/evoadmin-web/tasks/user.yml index f12a4feb..5aa6c29c 100644 --- a/webapps/evoadmin-web/tasks/user.yml +++ b/webapps/evoadmin-web/tasks/user.yml @@ -116,9 +116,3 @@ - "templates/evoadmin-web/sudoers.j2" - "sudoers.j2" register: evoadmin_sudoers_conf - -- name: Modify bashrc skel file - lineinfile: - dest: /etc/skel/.bashrc - line: "alias php='sudo /usr/local/bin/phpContainer'" - when: packweb_multiphp_versions is defined diff --git a/webapps/evoadmin-web/tasks/web.yml b/webapps/evoadmin-web/tasks/web.yml index e756fde2..cafccc72 100644 --- a/webapps/evoadmin-web/tasks/web.yml +++ b/webapps/evoadmin-web/tasks/web.yml @@ -84,10 +84,3 @@ - "templates/evoadmin-web/config.local.php.j2" - "config.local.php.j2" register: evoadmin_config_local_php_template - -- name: Enable proxy_fcgi - apache2_module: - state: present - name: proxy_fcgi - notify: restart apache2 - when: packweb_multiphp_versions is defined diff --git a/webapps/evoadmin-web/templates/sudoers.j2 b/webapps/evoadmin-web/templates/sudoers.j2 index 9b7cfa54..7926b5f3 100644 --- a/webapps/evoadmin-web/templates/sudoers.j2 +++ b/webapps/evoadmin-web/templates/sudoers.j2 @@ -1,7 +1,3 @@ User_Alias EVOADMIN = www-evoadmin Cmnd_Alias EVOADMIN_WEB = {{ evoadmin_scripts_dir | mandatory }}/web-*.sh, {{ evoadmin_scripts_dir | mandatory }}/ftpadmin.sh, {{ evoadmin_scripts_dir | mandatory }}/dbadmin.sh EVOADMIN ALL=NOPASSWD: EVOADMIN_WEB -{% if packweb_multiphp_versions is defined %} -Defaults env_keep += "LOGNAME PWD" -ALL ALL = NOPASSWD: /usr/local/bin/phpContainer -{% endif %}