From c9d3635cf80d41453c358910520990d439bc45c3 Mon Sep 17 00:00:00 2001 From: Ludovic Poujol Date: Fri, 18 Oct 2019 16:43:43 +0200 Subject: [PATCH 1/3] php: Make sure the default pool we define can be fully functionnal witout debian's default pool file --- CHANGELOG.md | 1 + php/tasks/config_fpm.yml | 5 +++++ php/tasks/main_buster.yml | 1 + php/tasks/main_jessie.yml | 1 + php/tasks/main_stretch.yml | 1 + 5 files changed, 9 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b4bde08d..25ee4096 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -54,6 +54,7 @@ The **patch** part changes incrementally at each release. * nagios-nrpe: update check_redis_instances (same as redis role) * php: By default, allow 128M for OpCache (instead of 64M) * php: Don't set a chroot for the default fpm pool +* php: Make sure the default pool we define can be fully functionnal witout debian's default pool file * rbenv: install Ruby 2.6.5 by default * squid: Remove wait time when we turn off squid * squid: compatibility wit Debian 10 diff --git a/php/tasks/config_fpm.yml b/php/tasks/config_fpm.yml index d225c520..67071cc8 100644 --- a/php/tasks/config_fpm.yml +++ b/php/tasks/config_fpm.yml @@ -44,6 +44,11 @@ mode: "0644" create: yes with_items: + - { option: "user", value: "www-data" } + - { option: "group", value: "www-data" } + - { option: "listen", value: "{{ php_fpm_default_pool_socket }}" } + - { option: "listen.owner", value: "www-data" } + - { option: "listen.group", value: "www-data" } - { option: "pm", value: "ondemand" } - { option: "pm.max_children", value: "100" } - { option: "pm.process_idle_timeout", value: "10s" } diff --git a/php/tasks/main_buster.yml b/php/tasks/main_buster.yml index 8254deab..4430576d 100644 --- a/php/tasks/main_buster.yml +++ b/php/tasks/main_buster.yml @@ -10,6 +10,7 @@ php_fpm_custom_ini_file: /etc/php/7.3/fpm/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_conf_file: /etc/php/7.3/fpm/pool.d/z-evolinux-defaults.conf php_fpm_custom_conf_file: /etc/php/7.3/fpm/pool.d/zzz-evolinux-custom.conf + php_fpm_default_pool_socket: /var/run/php/php7.3-fpm.sock php_fpm_service_name: php7.3-fpm # Packages diff --git a/php/tasks/main_jessie.yml b/php/tasks/main_jessie.yml index 9d3b1deb..8e01dded 100644 --- a/php/tasks/main_jessie.yml +++ b/php/tasks/main_jessie.yml @@ -10,6 +10,7 @@ php_fpm_custom_ini_file: /etc/php5/fpm/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_conf_file: /etc/php5/fpm/pool.d/z-evolinux-defaults.conf php_fpm_custom_conf_file: /etc/php5/fpm/pool.d/zzz-evolinux-custom.conf + php_fpm_default_pool_socket: /var/run/php/php5-fpm.sock php_fpm_service_name: php5-fpm # Packages diff --git a/php/tasks/main_stretch.yml b/php/tasks/main_stretch.yml index d9d2a6ae..7445cf79 100644 --- a/php/tasks/main_stretch.yml +++ b/php/tasks/main_stretch.yml @@ -10,6 +10,7 @@ php_fpm_custom_ini_file: /etc/php/7.0/fpm/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_conf_file: /etc/php/7.0/fpm/pool.d/z-evolinux-defaults.conf php_fpm_custom_conf_file: /etc/php/7.0/fpm/pool.d/zzz-evolinux-custom.conf + php_fpm_default_pool_socket: /var/run/php/php7.0-fpm.sock php_fpm_service_name: php7.0-fpm # Packages From ef5ed6911eb63c7321db20c665c10002c7d1aca2 Mon Sep 17 00:00:00 2001 From: Ludovic Poujol Date: Tue, 12 Nov 2019 12:14:36 +0100 Subject: [PATCH 2/3] php: Change the default pool names to something more explicit (and same for the variables names) Because it's more than just pure configuration, but a fpm pool definition, I've changed the following variables in Ansible : - php_fpm_defaults_conf_file to replaced by php_fpm_default_pool_file - php_fpm_custom_conf_file to php_fpm_default_pool_custom_file. On the FPM side, I've also changed the files names of the pool to make them more explicit. No more z and zzz. It's the www pool, so let's put www in the file name for coherence : - z-evolinux-defaults.conf changes to www-evolinux-defaults.conf - zzz-evolinux-custom.conf changes to www-evolinux-zcustom.conf --- CHANGELOG.md | 1 + php/tasks/config_fpm.yml | 4 ++-- php/tasks/main_buster.yml | 4 ++-- php/tasks/main_jessie.yml | 4 ++-- php/tasks/main_stretch.yml | 4 ++-- 5 files changed, 9 insertions(+), 8 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 25ee4096..00da6528 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -55,6 +55,7 @@ The **patch** part changes incrementally at each release. * php: By default, allow 128M for OpCache (instead of 64M) * php: Don't set a chroot for the default fpm pool * php: Make sure the default pool we define can be fully functionnal witout debian's default pool file +* php: Change the default pool names to something more explicit (and same for the variables names) * rbenv: install Ruby 2.6.5 by default * squid: Remove wait time when we turn off squid * squid: compatibility wit Debian 10 diff --git a/php/tasks/config_fpm.yml b/php/tasks/config_fpm.yml index 67071cc8..7bad5f7d 100644 --- a/php/tasks/config_fpm.yml +++ b/php/tasks/config_fpm.yml @@ -37,7 +37,7 @@ - name: Set default PHP FPM values ini_file: - dest: "{{ php_fpm_defaults_conf_file }}" + dest: "{{ php_fpm_default_pool_file }}" section: www option: "{{ item.option }}" value: "{{ item.value }}" @@ -61,7 +61,7 @@ - name: Custom PHP FPM values copy: - dest: "{{ php_fpm_custom_conf_file }}" + dest: "{{ php_fpm_default_pool_custom_file }}" content: | ; Put customized values here. ; default_charset = "ISO-8859-1" diff --git a/php/tasks/main_buster.yml b/php/tasks/main_buster.yml index 4430576d..586e698a 100644 --- a/php/tasks/main_buster.yml +++ b/php/tasks/main_buster.yml @@ -8,8 +8,8 @@ php_apache_custom_ini_file: /etc/php/7.3/apache2/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_ini_file: /etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini php_fpm_custom_ini_file: /etc/php/7.3/fpm/conf.d/zzz-evolinux-custom.ini - php_fpm_defaults_conf_file: /etc/php/7.3/fpm/pool.d/z-evolinux-defaults.conf - php_fpm_custom_conf_file: /etc/php/7.3/fpm/pool.d/zzz-evolinux-custom.conf + php_fpm_default_pool_file: /etc/php/7.3/fpm/pool.d/www-evolinux-defaults.conf + php_fpm_default_pool_custom_file: /etc/php/7.3/fpm/pool.d/www-evolinux-zcustom.conf php_fpm_default_pool_socket: /var/run/php/php7.3-fpm.sock php_fpm_service_name: php7.3-fpm diff --git a/php/tasks/main_jessie.yml b/php/tasks/main_jessie.yml index 8e01dded..1c76cfc7 100644 --- a/php/tasks/main_jessie.yml +++ b/php/tasks/main_jessie.yml @@ -8,8 +8,8 @@ php_apache_custom_ini_file: /etc/php5/apache2/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_ini_file: /etc/php5/fpm/conf.d/z-evolinux-defaults.ini php_fpm_custom_ini_file: /etc/php5/fpm/conf.d/zzz-evolinux-custom.ini - php_fpm_defaults_conf_file: /etc/php5/fpm/pool.d/z-evolinux-defaults.conf - php_fpm_custom_conf_file: /etc/php5/fpm/pool.d/zzz-evolinux-custom.conf + php_fpm_default_pool_file: /etc/php5/fpm/pool.d/www-evolinux-defaults.conf + php_fpm_default_pool_custom_file: /etc/php5/fpm/pool.d/www-evolinux-zcustom.conf php_fpm_default_pool_socket: /var/run/php/php5-fpm.sock php_fpm_service_name: php5-fpm diff --git a/php/tasks/main_stretch.yml b/php/tasks/main_stretch.yml index 7445cf79..cbbc16f6 100644 --- a/php/tasks/main_stretch.yml +++ b/php/tasks/main_stretch.yml @@ -8,8 +8,8 @@ php_apache_custom_ini_file: /etc/php/7.0/apache2/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_ini_file: /etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini php_fpm_custom_ini_file: /etc/php/7.0/fpm/conf.d/zzz-evolinux-custom.ini - php_fpm_defaults_conf_file: /etc/php/7.0/fpm/pool.d/z-evolinux-defaults.conf - php_fpm_custom_conf_file: /etc/php/7.0/fpm/pool.d/zzz-evolinux-custom.conf + php_fpm_default_pool_file: /etc/php/7.0/fpm/pool.d/www-evolinux-defaults.conf + php_fpm_default_pool_custom_file: /etc/php/7.0/fpm/pool.d/www-evolinux-zcustom.conf php_fpm_default_pool_socket: /var/run/php/php7.0-fpm.sock php_fpm_service_name: php7.0-fpm From 31df2d2fbc8696256a866e203db70100d68fc521 Mon Sep 17 00:00:00 2001 From: Ludovic Poujol Date: Tue, 12 Nov 2019 12:17:44 +0100 Subject: [PATCH 3/3] php: Add a task to remove Debian's default FPM pool file (off by default) Can be triggered by switching php_fpm_remove_default_pool to True. --- CHANGELOG.md | 1 + php/defaults/main.yml | 2 ++ php/tasks/config_fpm.yml | 7 +++++++ php/tasks/main_buster.yml | 1 + php/tasks/main_jessie.yml | 1 + php/tasks/main_stretch.yml | 1 + 6 files changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 00da6528..1f7792ff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -56,6 +56,7 @@ The **patch** part changes incrementally at each release. * php: Don't set a chroot for the default fpm pool * php: Make sure the default pool we define can be fully functionnal witout debian's default pool file * php: Change the default pool names to something more explicit (and same for the variables names) +* php: Add a task to remove Debian's default FPM pool file (off by default) * rbenv: install Ruby 2.6.5 by default * squid: Remove wait time when we turn off squid * squid: compatibility wit Debian 10 diff --git a/php/defaults/main.yml b/php/defaults/main.yml index 52717e4b..19040baf 100644 --- a/php/defaults/main.yml +++ b/php/defaults/main.yml @@ -6,3 +6,5 @@ php_apache_enable: False php_symfony_requirements: False php_modules_mysqlnd: False + +php_fpm_remove_default_pool: False diff --git a/php/tasks/config_fpm.yml b/php/tasks/config_fpm.yml index 7bad5f7d..4c6c855e 100644 --- a/php/tasks/config_fpm.yml +++ b/php/tasks/config_fpm.yml @@ -80,3 +80,10 @@ - { option: "date.timezone", value: "Europe/Paris" } notify: "restart {{ php_fpm_service_name }}" when: php_symfony_requirements + +- name: Delete debian default pool + file: + path: "{{ php_fpm_debian_default_pool_file }}" + state: absent + notify: "restart {{ php_fpm_service_name }}" + when: php_fpm_remove_default_pool diff --git a/php/tasks/main_buster.yml b/php/tasks/main_buster.yml index 586e698a..240f9b54 100644 --- a/php/tasks/main_buster.yml +++ b/php/tasks/main_buster.yml @@ -8,6 +8,7 @@ php_apache_custom_ini_file: /etc/php/7.3/apache2/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_ini_file: /etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini php_fpm_custom_ini_file: /etc/php/7.3/fpm/conf.d/zzz-evolinux-custom.ini + php_fpm_debian_default_pool_file: /etc/php/7.3/fpm/pool.d/www.conf php_fpm_default_pool_file: /etc/php/7.3/fpm/pool.d/www-evolinux-defaults.conf php_fpm_default_pool_custom_file: /etc/php/7.3/fpm/pool.d/www-evolinux-zcustom.conf php_fpm_default_pool_socket: /var/run/php/php7.3-fpm.sock diff --git a/php/tasks/main_jessie.yml b/php/tasks/main_jessie.yml index 1c76cfc7..fdeed8c8 100644 --- a/php/tasks/main_jessie.yml +++ b/php/tasks/main_jessie.yml @@ -8,6 +8,7 @@ php_apache_custom_ini_file: /etc/php5/apache2/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_ini_file: /etc/php5/fpm/conf.d/z-evolinux-defaults.ini php_fpm_custom_ini_file: /etc/php5/fpm/conf.d/zzz-evolinux-custom.ini + php_fpm_debian_default_pool_file: /etc/php5/fpm/pool.d/www.conf php_fpm_default_pool_file: /etc/php5/fpm/pool.d/www-evolinux-defaults.conf php_fpm_default_pool_custom_file: /etc/php5/fpm/pool.d/www-evolinux-zcustom.conf php_fpm_default_pool_socket: /var/run/php/php5-fpm.sock diff --git a/php/tasks/main_stretch.yml b/php/tasks/main_stretch.yml index cbbc16f6..75f69ab0 100644 --- a/php/tasks/main_stretch.yml +++ b/php/tasks/main_stretch.yml @@ -8,6 +8,7 @@ php_apache_custom_ini_file: /etc/php/7.0/apache2/conf.d/zzz-evolinux-custom.ini php_fpm_defaults_ini_file: /etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini php_fpm_custom_ini_file: /etc/php/7.0/fpm/conf.d/zzz-evolinux-custom.ini + php_fpm_debian_default_pool_file: /etc/php/7.0/fpm/pool.d/www.conf php_fpm_default_pool_file: /etc/php/7.0/fpm/pool.d/www-evolinux-defaults.conf php_fpm_default_pool_custom_file: /etc/php/7.0/fpm/pool.d/www-evolinux-zcustom.conf php_fpm_default_pool_socket: /var/run/php/php7.0-fpm.sock