From e8c7d2c3e367ed0bb555ea08818f206fcd87070d Mon Sep 17 00:00:00 2001 From: Brice Waegeneire Date: Mon, 20 Mar 2023 18:00:22 +0100 Subject: [PATCH] lxc-php: add support for PHP 8.2 container --- CHANGELOG.md | 1 + evolinux-users/templates/sudoers_stretch.j2 | 1 + lxc-php/defaults/main.yml | 6 +-- lxc-php/handlers/main.yml | 5 ++ lxc-php/tasks/main.yml | 4 +- lxc-php/tasks/php82.yml | 53 +++++++++++++++++---- 6 files changed, 56 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4afd0a00..1528a40d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ The **patch** part changes is incremented if multiple releases happen the same m * graylog: new role * Patroni: new role for install Patroni cluster +* lxc-php: add support for PHP 8.2 container ### Changed diff --git a/evolinux-users/templates/sudoers_stretch.j2 b/evolinux-users/templates/sudoers_stretch.j2 index 287483d9..29a22da7 100644 --- a/evolinux-users/templates/sudoers_stretch.j2 +++ b/evolinux-users/templates/sudoers_stretch.j2 @@ -14,6 +14,7 @@ nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_phpfpm_multi nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_phpfpm_multi /var/lib/lxc/php74/rootfs/etc/php/7.4/fpm/pool.d/ nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_phpfpm_multi /var/lib/lxc/php80/rootfs/etc/php/8.0/fpm/pool.d/ nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_phpfpm_multi /var/lib/lxc/php81/rootfs/etc/php/8.1/fpm/pool.d/ +nagios ALL = NOPASSWD: /usr/local/lib/nagios/plugins/check_phpfpm_multi /var/lib/lxc/php82/rootfs/etc/php/8.2/fpm/pool.d/ nagios ALL = NOPASSWD: /usr/sbin/megaclisas-status --nagios nagios ALL = NOPASSWD: /usr/lib/nagios/plugins/check_ipmi_sensor nagios ALL = NOPASSWD: /sbin/dmsetup status --noflush diff --git a/lxc-php/defaults/main.yml b/lxc-php/defaults/main.yml index d27f60f2..17af05cf 100644 --- a/lxc-php/defaults/main.yml +++ b/lxc-php/defaults/main.yml @@ -21,7 +21,7 @@ lxc_php_container_releases: php74: "bullseye" php80: "bullseye" php81: "bullseye" - # php82: "bookworm" + php82: "bullseye" lxc_php_services: php56: 'php5-fpm.service' @@ -30,6 +30,6 @@ lxc_php_services: php74: 'php7.4-fpm.service' php80: 'php8.0-fpm.service' php81: 'php8.1-fpm.service' - # php82: 'php8.2-fpm.service' + php82: 'php8.2-fpm.service' -apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}" \ No newline at end of file +apt_keyring_dir: "{{ ansible_distribution_major_version is version('12', '<') | ternary('/etc/apt/trusted.gpg.d', '/etc/apt/keyrings') }}" diff --git a/lxc-php/handlers/main.yml b/lxc-php/handlers/main.yml index 1a2d7a6e..b703933b 100644 --- a/lxc-php/handlers/main.yml +++ b/lxc-php/handlers/main.yml @@ -10,6 +10,11 @@ name: "{{ lxc_php_version }}" container_command: "systemctl restart {{ lxc_php_services[lxc_php_version] }}" +- name: Reload php82-fpm + community.general.lxc_container: + name: "{{ lxc_php_version }}" + container_command: "systemctl reload php8.2-fpm" + - name: Reload php81-fpm community.general.lxc_container: name: "{{ lxc_php_version }}" diff --git a/lxc-php/tasks/main.yml b/lxc-php/tasks/main.yml index c3d58eba..035bfe15 100644 --- a/lxc-php/tasks/main.yml +++ b/lxc-php/tasks/main.yml @@ -39,8 +39,8 @@ - ansible.builtin.import_tasks: "php81.yml" when: lxc_php_version == "php81" -# - ansible.builtin.import_tasks: "php82.yml" -# when: lxc_php_version == "php82" +- ansible.builtin.import_tasks: "php82.yml" + when: lxc_php_version == "php82" - ansible.builtin.import_tasks: "umask.yml" diff --git a/lxc-php/tasks/php82.yml b/lxc-php/tasks/php82.yml index a83207c8..1fb81851 100644 --- a/lxc-php/tasks/php82.yml +++ b/lxc-php/tasks/php82.yml @@ -2,21 +2,56 @@ - name: set APT keyring ansible.builtin.set_fact: - lxc_apt_keyring_dir: /etc/apt/keyrings + lxc_apt_keyring_dir: /etc/apt/trusted.gpg.d + +- name: "{{ lxc_php_version }} - Install dependency packages" + community.general.lxc_container: + name: "{{ lxc_php_version }}" + container_command: "DEBIAN_FRONTEND=noninteractive apt install -y wget apt-transport-https gnupg" + +- name: "{{ lxc_php_version }} - fix bullseye repository" + ansible.builtin.replace: + dest: "{{ lxc_rootfs }}/etc/apt/sources.list" + regexp: 'bullseye/updates' + replace: 'bullseye-security' + +- name: "{{ lxc_php_version }} - Add sury repo" + ansible.builtin.lineinfile: + dest: "{{ lxc_rootfs }}/etc/apt/sources.list.d/sury.list" + line: "{{ item }}" + state: present + create: yes + mode: "0644" + loop: + - "deb [signed-by={{ apt_keyring_dir }}/sury.gpg] https://packages.sury.org/php/ bullseye main" + - "deb [signed-by={{ apt_keyring_dir }}/pub_evolix.asc] http://pub.evolix.org/evolix bullseye-php82 main" + +- name: copy pub.evolix.net GPG key + ansible.builtin.copy: + src: pub_evolix.asc + dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs{{ apt_keyring_dir }}/pub_evolix.asc + mode: "0644" + owner: root + group: root + +- name: copy packages.sury.org GPG Key + ansible.builtin.copy: + src: sury.gpg + dest: /var/lib/lxc/{{ lxc_php_version }}/rootfs{{ apt_keyring_dir }}/sury.gpg + mode: "0644" + owner: root + group: root + +- name: "{{ lxc_php_version }} - Update APT cache" + community.general.lxc_container: + name: "{{ lxc_php_version }}" + container_command: "DEBIAN_FRONTEND=noninteractive apt update" - name: "{{ lxc_php_version }} - Install PHP packages" community.general.lxc_container: name: "{{ lxc_php_version }}" container_command: "DEBIAN_FRONTEND=noninteractive apt install -y php-fpm php-cli php-gd php-intl php-imap php-ldap php-mysql php-pgsql php-sqlite3 php-curl php-zip php-mbstring php-xml php-zip composer libphp-phpmailer" -# TODO : adapt to Bookworm and deb822 format - -- name: "{{ lxc_php_version }} - fix bookworm repository" - ansible.builtin.replace: - dest: "{{ lxc_rootfs }}/etc/apt/sources.list" - regexp: 'bullseye/updates' - replace: 'bullseye-security' - - name: "{{ lxc_php_version }} - Copy evolinux PHP configuration" ansible.builtin.template: src: z-evolinux-defaults.ini.j2