class website::php(
    $suffix = '',
    $module = undef,
    $extras = [],
    ) {
  Package <| tag == 'php-package' |> -> File <| tag == 'php-file' |> ~> Service['php-fpm'] ~> Service['httpd']

  $php_core = ($module != undef) ? { true => "php", default => "php${suffix}" }

  package { $php_core:
    provider => ($module != undef) ? { true => 'dnfmodule', default => undef },
    ensure => ($module != undef) ? { true => $module, default => installed },
    tag => 'php-package',
  }

  package { 'mod_fcgid':
    ensure => installed,
  }
  class { ['apache::mod::proxy', 'apache::mod::proxy_fcgi']:}

  $packages = [ "php${suffix}-mbstring", "php${suffix}-xml", "php${suffix}-gd", "php${suffix}-fpm" ]
  package { $packages:
    ensure => installed,
    tag => 'php-package',
  }

  service { 'php-fpm':
    ensure => 'running',
    enable => true,
  }

  website::php::extra { $extras: }

  file { '/etc/php.d/custom-lockdown.ini':
    ensure => present,
    content => 'allow_url_fopen = \'off\'
    expose_php = Off',
    tag => 'php-file',
  }
  file { '/etc/php.d/custom-php.ini':
    ensure => present,
    source => 'puppet:///modules/website/custom-php.ini',
    tag => 'php-file',
  }

  package { "php${suffix}-opcache":
    ensure => installed,
    require => Package[$php_core],
    tag => 'php-package',
  }
  # Use Remi's (and the OS's) naming convention
  file { '/etc/php.d/opcache.ini':
    ensure => absent,
  }
  file { '/etc/php.d/10-opcache.ini':
    ensure => present,
    source => "puppet:///modules/website/opcache.ini",
    tag => 'php-file',
  }
}