# HG changeset patch # User IBBoard # Date 1665259094 -3600 # Node ID 8421eb25c3296430015727ea7c9495bd90df16ed # Parent a5d1f34a7d3fcf51c1e6639547ff2931b913c9d8 Fix PHP extension loading CentOS numbers the files, and the Puppet module doesn't clear out the old values, so we double-loaded. After deleting, it only puts specific ones back and so we need to specify more now rather than relying on the installers diff -r a5d1f34a7d3f -r 8421eb25c329 manifests/templates.pp --- a/manifests/templates.pp Sat Oct 08 16:00:06 2022 +0100 +++ b/manifests/templates.pp Sat Oct 08 20:58:14 2022 +0100 @@ -422,7 +422,11 @@ $php_suffix = '' $variant_prefix = 'php-' $extra_prefix = 'pecl-' - $extra_extras = { 'process' => {} } + $extra_extras = { + 'posix' => { + ini_prefix => '20-', + } + } if versioncmp($operatingsystemrelease, '8') >= 0 { yumrepo { 'remirepo-safe': mirrorlist => 'http://cdn.remirepo.net/enterprise/$releasever/safe/$basearch/mirror', @@ -481,21 +485,72 @@ suffix => $php_suffix, module => ($operatingsystem == 'CentOS' and versioncmp($operatingsystemrelease, '8') >= 0) ? { true => 'remi-7.4', default => undef }, extras => { - 'intl' => {}, - "${extra_prefix}imagick" => { - package_prefix => $variant_prefix + 'bcmath' => { + ini_prefix => '20-', + }, + 'curl' => { + ini_prefix => '20-', + }, + 'dom' => { + ini_prefix => '20-', + }, + 'enchant' => { + ini_prefix => '20-', + }, + 'exif' => { + ini_prefix => '20-', }, - 'bcmath' => {}, - "${extra_prefix}zip" => { - package_prefix => $variant_prefix + 'fileinfo' => { + ini_prefix => '20-', + }, + 'gmp' => { + ini_prefix => '20-', + }, + 'intl' => { + ini_prefix => '20-', + }, + 'json' => { + ini_prefix => '20-', + }, + 'mysqlnd' => { + ini_prefix => '20-', + }, + 'pdo' => { + ini_prefix => '20-', }, - 'json' => {}, - "${extra_prefix}apcu" => { - package_prefix => $variant_prefix + 'simplexml' => { + ini_prefix => '20-', + }, + 'sodium' => { + ini_prefix => '20-', + }, + 'soap' => { + ini_prefix => '20-', + }, + 'xmlwriter' => { + ini_prefix => '20-', + }, + 'mysqli' => { + ini_prefix => '30-', }, - 'gmp' => {}, - 'enchant' => {}, - 'soap' => {}, + 'pdo_mysql' => { + ini_prefix => '30-', + }, + 'xmlreader' => { + ini_prefix => '30-', + }, + 'zip' => { + ini_prefix => '30-', + package_prefix => "${variant_prefix}${extra_prefix}" + }, + 'apcu' => { + ini_prefix => '40-', + package_prefix => "${variant_prefix}${extra_prefix}" + }, + 'imagick' => { + ini_prefix => '40-', + package_prefix => "${variant_prefix}${extra_prefix}" + }, } + $extra_extras, } @@ -665,6 +720,10 @@ proxy_4to6_ip => $proxy_4to6_ip, force_no_index => false, ssl_ca_chain => '', + csp_override => { + "report-uri" => "https://ibboard.report-uri.com/r/d/csp/enforce", + "img-src" => "'self' data:", + }, custom_fragment => template("privat/apache/admin.fragment"), } if $osfamily == 'RedHat' { @@ -727,7 +786,7 @@ "frame-ancestors" => "'self'" }, csp_report_override => { - "report-uri" => "https://ibboard.report-uri.com/r/d/csp/enforce", + "report-uri" => "https://ibboard.report-uri.com/r/d/csp/reportOnly", "font-src" => "'self' https://fonts.gstatic.com/ data:", # TODO: What's generating it? "img-src" => "'self' https://secure.gravatar.com/ data:", "style-src" => "'self' https://fonts.googleapis.com/ 'nonce-%{CSP_NONCE}e' 'unsafe-hashes' 'sha256-anQSeQoEnQnBulZOQkDOFf+e6xBIGmqh7M8YFT992co=' 'sha256-zJDyuABAg68wtWDFyIh+RRe+6Vm/r+BLwaNRCGNVyXI=' 'sha256-qMalr/MPLUDW4lX/rq/cGp1Eu/H0cu0Yg98pdu69Jxs=' 'sha256-mshqJ+hidJMRDeNLHknuDAeYLOPg2OTIIA3nZmHgi9U=' 'sha256-YnRUd/QjP/NuFgfjMHhNfMCqXh0RQIGdvQfMCOf6qkw=' 'sha256-EwdiFJgqhefinoeAymrWxOYW4kza2Ekos5MY0PlXYI0=' 'sha256-G4K9vh8e+37+l69S+lHTyX3CfcK95mQUgyxYPCb7uME=' 'sha256-t6oewASd7J1vBg5mQtX4hl8bg8FeegYFM3scKLIhYUc=' 'sha256-mAQYxa3mIYqoLBrm1zLu6sLajr8vUHVFLYNpl6dAakM=' 'sha256-A8foknjCsFBi1PlRehOrHq0pVySigUurqAUgZ2y2U8c=' 'sha256-biLFinpqYMtWHmXfkA1BPeCY0/fNt46SAZ+BBk5YUog=' 'sha256-WzSByVQ8yW/DKrr77TWVt7WEMzueRcfJZImOkjTBKmc='", diff -r a5d1f34a7d3f -r 8421eb25c329 modules/website/manifests/php.pp --- a/modules/website/manifests/php.pp Sat Oct 08 16:00:06 2022 +0100 +++ b/modules/website/manifests/php.pp Sat Oct 08 20:58:14 2022 +0100 @@ -48,11 +48,19 @@ 'Data/date.timezone' => 'UTC', }, extensions => { - gd => {}, - mbstring => {}, + gd => { + ini_prefix => '20-', + }, + iconv => { + ini_prefix => '20-', + }, + mbstring => { + ini_prefix => '20-', + }, opcache => { + ini_prefix => '10-', + zend => true, settings => { - 'zend_extension' => 'opcache.so', 'opcache.enable' => 1, 'opcache.enable_cli' => 1, 'opcache.interned_strings_buffer' => 8, @@ -62,7 +70,9 @@ 'opcache.revalidate_freq' => 1, } }, - xml => {}, + xml => { + ini_prefix => '20-', + }, } + $extras, } apache::custom_config { "php.conf":