lxc-php: An almost complete rewrite ** BREAKING **

This is a breaking change as lxc-php should now be called for *each* php 
containers we want, with the correct lxc_php_version variable.

Current valid values are : 
- php56
- php70
- php73

Other changes includes : 
- LXC Containers are created by calling lxc as a dependency of the role.
- Relying on lxc_container module to do commands into the container 
(instead of the command module)
- PHP 7.3 container is now a Debian Buster container
- All containers will have opensmtpd to relay emails to postfix on the 
host system.
This commit is contained in:
Ludovic Poujol 2019-11-14 16:36:44 +01:00
parent 8ef94a9798
commit e6f2bbb331
9 changed files with 114 additions and 63 deletions

View File

@ -6,3 +6,10 @@ php_conf_log_errors: "On"
php_conf_html_errors: "Off"
php_conf_allow_url_fopen: "Off"
php_conf_disable_functions: "exec,shell-exec,system,passthru,putenv,popen"
lxc_php_version: Null
lxc_php_container_releases:
php56: "jessie"
php70: "stretch"
php73: "buster"

View File

@ -1,9 +1,20 @@
---
- name: Reload php56-fpm
command: "lxc-attach -n php56 -- systemctl reload php5-fpm"
- name: Reload php73-fpm
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "systemctl reload php7.3-fpm"
- name: Reload php70-fpm
command: "lxc-attach -n php70 -- systemctl reload php7.0-fpm"
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "systemctl reload php7.0-fpm"
- name: Reload php73-fpm
command: "lxc-attach -n php73 -- systemctl reload php7.3-fpm"
- name: Reload php70-fpm
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "systemctl reload php5-fpm"
- name: Restart opensmtpd
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "systemctl restart opensmtpd"

23
lxc-php/meta/main.yml Normal file
View File

@ -0,0 +1,23 @@
galaxy_info:
author: Evolix
description: Creation of LXC Containers & Setting up PHP-FPM for a multiphp setup
issue_tracker_url: https://gitea.evolix.org/evolix/ansible-roles/issues
license: GPLv2
min_ansible_version: 2.2
platforms:
- name: Debian
versions:
- stretch
- buster
allow_duplicates: yes
dependencies:
- { role: lxc,
lxc_containers: [ { name: "{{ lxc_php_version }}", release: "{{ lxc_php_container_releases[lxc_php_version] }}" } ],
when: lxc_php_version is defined
}

View File

@ -1,24 +1,27 @@
---
<<<<<<< HEAD
- name: LXC configuration
include_role:
name: evolix/lxc
=======
- name: "Ensure that lxc_php_version is defined"
fail:
msg: Please configure var lxc_php_version
when: lxc_php_version is none
>>>>>>> lxc-php: An almost complete rewrite ** BREAKING **
- name: Update APT cache
command: "lxc-attach -n {{name}} -- apt-get update"
- name: "Update APT cache in container {{lxc_php_version}}"
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "apt-get update"
- include: "php56.yml"
with_items:
- "{{ lxc_containers }}"
when: name == "php56"
when: lxc_php_version == "php56"
- include: "php70.yml"
with_items:
- "{{ lxc_containers }}"
when: name == "php70"
when: lxc_php_version == "php70"
- include: "php73.yml"
with_items:
- "{{ lxc_containers }}"
when: name == "php73"
when: lxc_php_version == "php73"
- include: "misc.yml"

View File

@ -1,24 +1,26 @@
---
- name: Configure ssmtp
replace:
name: "/var/lib/lxc/{{name}}/rootfs/etc/ssmtp/ssmtp.conf"
regexp: "{{ item.regexp }}"
replace: "{{ item.replace }}"
with_dict:
- { regexp: "^mailhub=.*$", replace: "mailhub=127.0.0.1"}
- { regexp: "^#FromLineOverride=.*$", replace: "FromLineOverride=YES"}
- { regexp: "^hostname=.*", replace: "hostname={{ansible_fqdn}}"}
- name: Configure opensmtpd
template:
src: smtpd.conf.j2
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/smtpd.conf"
mode: "0644"
notify: "Restart opensmtpd"
- name: Copy using inline content
copy:
content: "{{ evolinux_hostname }}.{{ evolinux_domain }}\n"
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/mailname"
notify: "Restart opensmtpd"
- name: Configure timezone
copy:
dest: "/var/lib/lxc/{{name}}/rootfs/etc/timezone"
content: "Europe/Paris\n"
remote_src: yes
src: "/etc/timezone"
dest: "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/timezone"
- name: Ensure containers root directory is 755
file:
path: "/var/lib/lxc/{{ item.name }}/rootfs"
path: "/var/lib/lxc/{{ lxc_php_version }}/rootfs"
state: directory
mode: '0755'
with_items:
- "{{ lxc_containers }}"

View File

@ -1,16 +1,18 @@
---
- name: Install PHP packages
command: "lxc-attach -n {{name}} -- apt-get install -y php5-fpm php5-cli php5-gd php5-imap php5-ldap php5-mcrypt php5-mysql php5-pgsql php-gettext php5-intl php5-curl php5-ssh2 libphp-phpmailer ssmtp git zip unzip"
- name: "{{ lxc_php_version }} - Install PHP packages"
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php5-fpm php5-cli php5-gd php5-imap php5-ldap php5-mcrypt php5-mysql php5-pgsql php-gettext php5-intl php5-curl php5-ssh2 php5-zip php5-mbstring libphp-phpmailer opensmtpd git zip unzip"
- name: Copy evolinux PHP 5.6 configuration
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
template:
src: z-evolinux-defaults.ini.j2
dest: "{{ line_item }}"
mode: "0644"
notify: "Reload {{name}}-fpm"
notify: "Reload {{ lxc_php_version }}-fpm"
with_items:
- "/var/lib/lxc/{{name}}/rootfs/etc/php5/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{name}}/rootfs/etc/php5/cli/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php5/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php5/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

View File

@ -1,16 +1,18 @@
---
- name: Install PHP packages
command: "lxc-attach -n {{name}} -- apt-get install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mcrypt php-mysql php-pgsql php-gettext php-curl php-ssh2 composer libphp-phpmailer ssmtp git zip unzip php-zip"
- name: "{{ lxc_php_version }} - Install PHP packages"
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mcrypt php-mysql php-pgsql php-gettext php-curl php-ssh2 php-mbstring composer libphp-phpmailer opensmtpd git zip unzip php-zip"
- name: Copy evolinux PHP 7.0 configuration
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
template:
src: z-evolinux-defaults.ini.j2
dest: "{{ line_item }}"
mode: "0644"
notify: "Reload {{name}}-fpm"
notify: "Reload {{ lxc_php_version }}-fpm"
with_items:
- "/var/lib/lxc/{{name}}/rootfs/etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{name}}/rootfs/etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.0/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.0/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

View File

@ -1,31 +1,18 @@
---
- name: Install requirements for sury repository
command: "lxc-attach -n {{name}} -- apt-get install -y --no-install-recommends wget apt-transport-https ca-certificates gnupg"
- name: "{{ lxc_php_version }} - Install PHP packages"
lxc_container:
name: "{{ lxc_php_version }}"
container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-gettext php-curl php-ssh2 php-mbstring composer libphp-phpmailer opensmtpd git zip unzip php-zip"
- name: Add sury APT repository
copy:
content: "deb https://packages.sury.org/php/ stretch main"
dest: "/var/lib/lxc/{{name}}/rootfs/etc/apt/sources.list.d/sury.list"
mode: "0644"
- name: Add sury GPG key
shell: "wget -O- https://packages.sury.org/php/apt.gpg |lxc-attach -n {{name}} -- apt-key add -"
- name: Update APT cache
command: "lxc-attach -n {{name}} -- apt-get update"
- name: Install PHP packages
command: "lxc-attach -n {{name}} -- apt-get install -y php7.3 php7.3-fpm php7.3-cli php7.3-curl php7.3-mysql php7.3-pgsql php7.3-ldap php7.3-imap php7.3-gd php-ssh2 php-gettext composer libphp-phpmailer ssmtp git zip unzip php7.3-zip"
- name: Copy evolinux PHP 7.3 configuration
- name: "{{ lxc_php_version }} - Copy evolinux PHP configuration"
template:
src: z-evolinux-defaults.ini.j2
dest: "{{ line_item }}"
mode: "0644"
notify: "Reload {{name}}-fpm"
notify: "Reload {{ lxc_php_version }}-fpm"
with_items:
- "/var/lib/lxc/{{name}}/rootfs/etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{name}}/rootfs/etc/php/7.3/cli/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.3/fpm/conf.d/z-evolinux-defaults.ini"
- "/var/lib/lxc/{{ lxc_php_version }}/rootfs/etc/php/7.3/cli/conf.d/z-evolinux-defaults.ini"
loop_control:
loop_var: line_item

View File

@ -0,0 +1,14 @@
# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.
# To accept external mail, replace with: listen on all
#listen on localhost
# If you edit the file, you have to run "smtpctl update table aliases"
table aliases file:/etc/aliases
# Uncomment the following to accept external mail for domain "example.org"
#accept from any for domain "example.org" alias <aliases> deliver to mbox
accept for local alias <aliases> deliver to mbox
accept for any relay via "smtp://127.0.0.1"