Mercurial > repos > other > Puppet
diff modules/website/manifests/php.pp @ 390:df5ad1612af7
Adapt configs to support Ubuntu
This is prep for running a VPS on a Mythic Beasts Raspberry Pi
* Switch paths where necessary
* Add optional modules that only apply on some OSes
* Change usernames and groups
* Don't do RPM-based stuff in Ubuntu
* Switch to using some of the new modules
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Mon, 03 Jan 2022 18:37:16 +0000 |
| parents | ff228d581972 |
| children | 2c6065b5be5e |
line wrap: on
line diff
--- a/modules/website/manifests/php.pp Mon Jan 03 17:16:21 2022 +0000 +++ b/modules/website/manifests/php.pp Mon Jan 03 18:37:16 2022 +0000 @@ -3,6 +3,78 @@ $module = undef, $extras = [], ) { + if $osfamily == 'RedHat' { + $listener_user = 'apache' + $listener_group = 'apache' + # Work around SELinux "denied execmem" warnings from preg_match JITing + $pcre_jit = 0 + } + else { + $listener_user = 'www-data' + $listener_group = 'www-data' + $pcre_jit = 1 + } + class { '::php': + ensure => present, + manage_repos => false, + fpm => true, + fpm_pools => { + 'www' => { + 'listen' => '/run/php-fpm/www.sock', + 'listen_owner' => $listener_user, + 'listen_group' => $listener_group, + 'slowlog' => '/var/log/php-fpm/www-slow.log', + 'security_limit_extensions' => ['.php', '.html'], + 'php_admin_value' => { + 'memory_limit' => '256M', + }, + 'php_value' => { +# 'session.save_path' => '/var/lib/php/session' # Ubuntu uses plural, CentOS uses singular + }, + }, + }, + dev => false, + composer => false, + pear => false, + settings => { + 'PHP/default_charset' => 'UTF-8', + 'PHP/pcre.jit' => $pcre_jit, + # Space isn't scarce these days - increase default sizes + 'PHP/upload_max_filesize' => "8M", + 'PHP/post_max_size' => "8M", + 'Data/date.timezone' => 'UTC', + }, + extensions => { + gd => {}, + mbstring => {}, + opcache => { + settings => { + 'zend_extension' => 'opcache.so', + 'opcache.enable' => 1, + 'opcache.enable_cli' => 1, + 'opcache.interned_strings_buffer' => 8, + 'opcache.max_accelerated_files' => 10000, + 'opcache.memory_consumption' => 128, + 'opcache.save_comments' => 1, + 'opcache.revalidate_freq' => 1, + } + }, + xml => {}, + }, + } + apache::custom_config { "php.conf": + ensure => present, + source => "puppet:///modules/website/php.conf" + } + class { ['apache::mod::proxy', 'apache::mod::proxy_fcgi']:} + + $extras.each |String $extra| { + ::php::extension { $extra: + ensure => present + } + } + +if false { Package <| tag == 'php-package' |> -> File <| tag == 'php-file' |> ~> Service['php-fpm'] ~> Service['httpd'] $php_core = ($module != undef) ? { true => "php", default => "php${suffix}" } @@ -13,7 +85,19 @@ tag => 'php-package', } - package { 'mod_fcgid': + if $osfamily == 'RedHat' { + $php_conf_dir = '/etc/php.d/' + $php_fpm_conf_dir = '/etc/php-fpm.d/' + $mod_fcgid_package = 'mod_fcgid' + } + elsif $osfamily == 'Debian' { + # FIXME: This hard-codes the version number, which isn't great + $php_conf_dir = '/etc/php/7.4/fpm/conf.d/' + $php_fpm_conf_dir = $php_conf_dir + $mod_fcgid_package = 'libapache2-mod-fcgid' + } + + package { $mod_fcgid_package: ensure => installed, } class { ['apache::mod::proxy', 'apache::mod::proxy_fcgi']:} @@ -31,6 +115,12 @@ website::php::extra { $extras: } + file { '/etc/php.d/datetime.ini': + ensure => present, + source => "puppet:///modules/website/datetime.ini", + require => Class['apache'], + notify => Service['httpd']; + } file { '/etc/php-fpm.d/www.conf': ensure => present, source => 'puppet:///modules/website/php-fpm-www.conf', @@ -63,3 +153,4 @@ tag => 'php-file', } } +}