Release 22.12 #165
|
@ -14,6 +14,7 @@ The **patch** part changes is incremented if multiple releases happen the same m
|
|||
|
||||
* all: Use proper keyrings directory for APT version
|
||||
* all: Add signed-by option for additional APT sources
|
||||
* all: preliminary work to support Debian 12
|
||||
* evolinux-base: replace regular kernel by cloud kernel on virtual servers
|
||||
* nagios-nrpe: check_haproxy_stats supports DRAIN status
|
||||
* lxc-php: set php-fpm umask to 007
|
||||
|
|
5
apt/templates/bookworm_basics.list.j2
Normal file
5
apt/templates/bookworm_basics.list.j2
Normal file
|
@ -0,0 +1,5 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
deb http://mirror.evolix.org/debian bookworm {{ apt_basics_components | mandatory }}
|
||||
deb http://mirror.evolix.org/debian/ bookworm-updates {{ apt_basics_components | mandatory }}
|
||||
deb http://security.debian.org/debian-security bookworm-security {{ apt_basics_components | mandatory }}
|
|
@ -4,44 +4,44 @@
|
|||
set_fact:
|
||||
mysql_restart_handler_name: "{{ mysql_restart_if_needed | bool | ternary('restart mysql', 'restart mysql (noop)') }}"
|
||||
|
||||
- include: packages_stretch.yml
|
||||
- include_tasks: packages_stretch.yml
|
||||
when: ansible_distribution_major_version is version('9', '>=')
|
||||
|
||||
- include: packages_jessie.yml
|
||||
- include_tasks: packages_jessie.yml
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
## There is nothing to do with users on Debian 11 - yet we need a /root/.my.cnf for compatibility
|
||||
- include: users_bullseye.yml
|
||||
when: ansible_distribution_release == "bullseye"
|
||||
## There is nothing to do with users on Debian 11+ - yet we need a /root/.my.cnf for compatibility
|
||||
- include_tasks: users_bullseye.yml
|
||||
when: ansible_distribution_major_version is version('11', '>=')
|
||||
|
||||
- include: users_buster.yml
|
||||
- include_tasks: users_buster.yml
|
||||
when: ansible_distribution_release == "buster"
|
||||
|
||||
- include: users_stretch.yml
|
||||
- include_tasks: users_stretch.yml
|
||||
when: ansible_distribution_release == "stretch"
|
||||
|
||||
- include: users_jessie.yml
|
||||
- include_tasks: users_jessie.yml
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
- include: config_stretch.yml
|
||||
- include_tasks: config_stretch.yml
|
||||
when: ansible_distribution_major_version is version('9', '>=')
|
||||
|
||||
- include: config_jessie.yml
|
||||
- include_tasks: config_jessie.yml
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
- include: replication.yml
|
||||
- include_tasks: replication.yml
|
||||
when: mysql_replication | bool
|
||||
|
||||
- include: datadir.yml
|
||||
- include_tasks: datadir.yml
|
||||
|
||||
- include: logdir.yml
|
||||
- include_tasks: logdir.yml
|
||||
|
||||
- include: tmpdir.yml
|
||||
- include_tasks: tmpdir.yml
|
||||
|
||||
- include: nrpe.yml
|
||||
- include_tasks: nrpe.yml
|
||||
|
||||
- include: munin.yml
|
||||
- include_tasks: munin.yml
|
||||
|
||||
- include: log2mail.yml
|
||||
- include_tasks: log2mail.yml
|
||||
|
||||
- include: utils.yml
|
||||
- include_tasks: utils.yml
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
|
||||
# mytop
|
||||
|
||||
- name: "Install mytop (Debian 9)"
|
||||
- name: "Install mytop (Debian 8)"
|
||||
apt:
|
||||
name: mytop
|
||||
state: present
|
||||
|
@ -43,14 +43,23 @@
|
|||
- libterm-readkey-perl
|
||||
when: ansible_distribution_release == "buster"
|
||||
|
||||
- name: "Install dependencies for mytop (Debian 11 or later)"
|
||||
- name: "Install dependencies for mytop (Debian 11)"
|
||||
apt:
|
||||
name:
|
||||
- mariadb-client-10.5
|
||||
- libconfig-inifiles-perl
|
||||
- libterm-readkey-perl
|
||||
- libdbd-mariadb-perl
|
||||
when: ansible_distribution_major_version is version('11', '>=')
|
||||
when: ansible_distribution_release == "bullseye"
|
||||
|
||||
- name: "Install dependencies for mytop (Debian 12 or later)"
|
||||
apt:
|
||||
name:
|
||||
- mariadb-client-10.6
|
||||
- libconfig-inifiles-perl
|
||||
- libterm-readkey-perl
|
||||
- libdbd-mariadb-perl
|
||||
when: ansible_distribution_major_version is version('12', '=')
|
||||
|
||||
- name: Read debian-sys-maint password (Debian < 11)
|
||||
shell: 'cat /etc/mysql/debian.cnf | grep -m1 "password = .*" | cut -d" " -f3'
|
||||
|
|
|
@ -4,17 +4,20 @@
|
|||
that:
|
||||
- ansible_distribution == "Debian"
|
||||
- ansible_distribution_major_version is version('8', '>=')
|
||||
- ansible_distribution_major_version is version('11', '<=')
|
||||
msg: This is only compatible with Debian 8 → 11
|
||||
- ansible_distribution_major_version is version('12', '<=')
|
||||
msg: This is only compatible with Debian 8 → 12
|
||||
|
||||
- include: main_jessie.yml
|
||||
- include_tasks: main_jessie.yml
|
||||
when: ansible_distribution_release == "jessie"
|
||||
|
||||
- include: main_stretch.yml
|
||||
- include_tasks: main_stretch.yml
|
||||
when: ansible_distribution_release == "stretch"
|
||||
|
||||
- include: main_buster.yml
|
||||
- include_tasks: main_buster.yml
|
||||
when: ansible_distribution_release == "buster"
|
||||
|
||||
- include: main_bullseye.yml
|
||||
- include_tasks: main_bullseye.yml
|
||||
when: ansible_distribution_release == "bullseye"
|
||||
|
||||
- include_tasks: main_bookworm.yml
|
||||
when: ansible_distribution_release == "bookworm"
|
||||
|
|
108
php/tasks/main_bookworm.yml
Normal file
108
php/tasks/main_bookworm.yml
Normal file
|
@ -0,0 +1,108 @@
|
|||
---
|
||||
|
||||
- name: "Set php version to 8.1 (Debian 12)"
|
||||
set_fact:
|
||||
php_version: "8.1"
|
||||
|
||||
- name: "Set php config directories (Debian 12)"
|
||||
set_fact:
|
||||
php_cli_conf_dir: "/etc/php/{{ php_version }}/cli/conf.d"
|
||||
php_apache_conf_dir: "/etc/php/{{ php_version }}/apache2/conf.d"
|
||||
php_fpm_conf_dir: "/etc/php/{{ php_version }}/fpm/conf.d"
|
||||
php_fpm_pool_dir: "/etc/php/{{ php_version }}/fpm/pool.d"
|
||||
|
||||
- name: "Set php config files (Debian 12)"
|
||||
set_fact:
|
||||
php_cli_defaults_ini_file: "{{ php_cli_conf_dir }}/z-evolinux-defaults.ini"
|
||||
php_cli_custom_ini_file: "{{ php_cli_conf_dir }}/zzz-evolinux-custom.ini"
|
||||
php_apache_defaults_ini_file: "{{ php_apache_conf_dir }}/z-evolinux-defaults.ini"
|
||||
php_apache_custom_ini_file: "{{ php_apache_conf_dir }}/zzz-evolinux-custom.ini"
|
||||
php_fpm_defaults_ini_file: "{{ php_fpm_conf_dir }}/z-evolinux-defaults.ini"
|
||||
php_fpm_custom_ini_file: "{{ php_fpm_conf_dir }}/zzz-evolinux-custom.ini"
|
||||
php_fpm_debian_default_pool_file: "{{ php_fpm_pool_dir}}/www.conf"
|
||||
php_fpm_default_pool_file: "{{ php_fpm_pool_dir}}/www-evolinux-defaults.conf"
|
||||
php_fpm_default_pool_custom_file: "{{ php_fpm_pool_dir}}/www-evolinux-zcustom.conf"
|
||||
php_fpm_default_pool_socket: "/var/run/php/php{{ php_version }}-fpm.sock"
|
||||
php_fpm_service_name: "php{{ php_version }}-fpm"
|
||||
|
||||
# Packages
|
||||
|
||||
- name: "Set package list (Debian 12)"
|
||||
set_fact:
|
||||
php_stretch_packages:
|
||||
- php-cli
|
||||
- php-gd
|
||||
- php-intl
|
||||
- php-imap
|
||||
- php-ldap
|
||||
- php-mysql
|
||||
# php-mcrypt is no longer packaged for PHP 7.2
|
||||
- php-pgsql
|
||||
- php-sqlite3
|
||||
- php-curl
|
||||
- php-ssh2
|
||||
- php-xml
|
||||
- php-zip
|
||||
- composer
|
||||
- libphp-phpmailer
|
||||
|
||||
- include: sury_pre.yml
|
||||
when: php_sury_enable
|
||||
|
||||
- name: "Install PHP packages (Debian 12)"
|
||||
apt:
|
||||
name: '{{ php_stretch_packages }}'
|
||||
state: present
|
||||
|
||||
- name: "Install mod_php packages (Debian 12)"
|
||||
apt:
|
||||
name:
|
||||
- libapache2-mod-php
|
||||
- php
|
||||
state: present
|
||||
when: php_apache_enable
|
||||
|
||||
- name: "Install PHP FPM packages (Debian 12)"
|
||||
apt:
|
||||
name:
|
||||
- php-fpm
|
||||
- php
|
||||
state: present
|
||||
when: php_fpm_enable
|
||||
|
||||
# Configuration
|
||||
|
||||
- name: "Enforce permissions on PHP directory (Debian 12)"
|
||||
file:
|
||||
dest: "{{ item }}"
|
||||
mode: "0755"
|
||||
with_items:
|
||||
- /etc/php
|
||||
- /etc/php/{{ php_version }}
|
||||
|
||||
- include: config_cli.yml
|
||||
- name: "Enforce permissions on PHP cli directory (Debian 12)"
|
||||
file:
|
||||
dest: /etc/php/{{ php_version }}/cli
|
||||
mode: "0755"
|
||||
|
||||
- include: config_fpm.yml
|
||||
when: php_fpm_enable
|
||||
|
||||
- name: "Enforce permissions on PHP fpm directory (Debian 12)"
|
||||
file:
|
||||
dest: /etc/php/{{ php_version }}/fpm
|
||||
mode: "0755"
|
||||
when: php_fpm_enable
|
||||
|
||||
- include: config_apache.yml
|
||||
when: php_apache_enable
|
||||
|
||||
- name: "Enforce permissions on PHP apache2 directory (Debian 12)"
|
||||
file:
|
||||
dest: /etc/php/{{ php_version }}/apache2
|
||||
mode: "0755"
|
||||
when: php_apache_enable
|
||||
|
||||
- include: sury_post.yml
|
||||
when: php_sury_enable
|
16
postgresql/tasks/packages_bookworm.yml
Normal file
16
postgresql/tasks/packages_bookworm.yml
Normal file
|
@ -0,0 +1,16 @@
|
|||
---
|
||||
|
||||
- name: "Set variables (Debian 12)"
|
||||
set_fact:
|
||||
postgresql_version: '15'
|
||||
when: postgresql_version is none or postgresql_version | length == 0
|
||||
|
||||
- include: pgdg-repo.yml
|
||||
when: postgresql_version != '15'
|
||||
|
||||
- name: Install postgresql package
|
||||
apt:
|
||||
name:
|
||||
- "postgresql-{{postgresql_version}}"
|
||||
- pgtop
|
||||
- libdbd-pg-perl
|
|
@ -34,7 +34,7 @@
|
|||
group: root
|
||||
mode: "0755"
|
||||
force: yes
|
||||
when: ansible_distribution_major_version is version('11', '==')
|
||||
when: ansible_distribution_major_version is version('11', '>=')
|
||||
|
||||
- name: check_rabbitmq is available for NRPE
|
||||
lineinfile:
|
||||
|
|
|
@ -17,6 +17,14 @@
|
|||
- 'http://mirror.evolix.org/debian/pool/main/p/php-log/php-log_1.12.9-2_all.deb'
|
||||
when: ansible_distribution_major_version is version('10', '=')
|
||||
|
||||
- name: Install PHP packages from sid (Debian 12)
|
||||
apt:
|
||||
deb: '{{ item }}'
|
||||
state: present
|
||||
loop:
|
||||
- 'http://mirror.evolix.org/debian/pool/main/p/php-log/php-log_1.13.2-1_all.deb'
|
||||
when: ansible_distribution_major_version is version('12', '=')
|
||||
|
||||
- name: Install PHP packages
|
||||
apt:
|
||||
name:
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
option: "disable_functions"
|
||||
value: "shell-exec,system,passthru,putenv,popen"
|
||||
notify: reload apache2
|
||||
when: ansible_distribution_major_version is version('9', '=')
|
||||
when: ansible_distribution_release == "stretch"
|
||||
|
||||
- name: "Set custom values for PHP config (Debian 10)"
|
||||
ini_file:
|
||||
|
@ -25,7 +25,7 @@
|
|||
option: "disable_functions"
|
||||
value: "shell-exec,system,passthru,putenv,popen"
|
||||
notify: reload apache2
|
||||
when: ansible_distribution_major_version is version('10', '=')
|
||||
when: ansible_distribution_release == "buster"
|
||||
|
||||
- name: "Set custom values for PHP config (Debian 11)"
|
||||
ini_file:
|
||||
|
@ -34,7 +34,16 @@
|
|||
option: "disable_functions"
|
||||
value: "shell-exec,system,passthru,putenv,popen"
|
||||
notify: reload apache2
|
||||
when: ansible_distribution_major_version is version('11', '=')
|
||||
when: ansible_distribution_release == "bullseye"
|
||||
|
||||
- name: "Set custom values for PHP config (Debian 11)"
|
||||
ini_file:
|
||||
dest: /etc/php/8.1/apache2/conf.d/zzz-evolinux-custom.ini
|
||||
section: PHP
|
||||
option: "disable_functions"
|
||||
value: "shell-exec,system,passthru,putenv,popen"
|
||||
notify: reload apache2
|
||||
when: ansible_distribution_release == "bookworm"
|
||||
|
||||
- name: Install evoadmin VHost
|
||||
template:
|
||||
|
|
Loading…
Reference in a new issue