From cdca48e1d0f81445c434b01b85de8d8d2bb88ff4 Mon Sep 17 00:00:00 2001 From: Sohan Yadav Date: Sat, 24 Aug 2019 17:57:14 +0530 Subject: [PATCH] initial commit --- .gitignore | 4 + .pre-commit-config.yaml | 21 ++ LICENSE | 21 ++ Makefile | 3 + README.md | 133 +++++++ README.yaml | 74 ++++ defaults/main.yml | 14 + handlers/main.yml | 23 ++ meta/main.yml | 29 ++ tasks/composer.yml | 22 ++ tasks/configure.yml | 85 +++++ tasks/install.yml | 74 ++++ tasks/main.yml | 9 + templates/config/mods-available/apcu.ini | 24 ++ templates/config/mods-available/mongodb.ini | 4 + templates/config/php.ini | 385 ++++++++++++++++++++ templates/config/pool.d/queue.conf | 43 +++ templates/config/pool.d/upstream.conf | 43 +++ templates/config/pool.d/www.conf | 56 +++ vars/main.yml | 2 + 20 files changed, 1069 insertions(+) create mode 100644 .gitignore create mode 100644 .pre-commit-config.yaml create mode 100644 LICENSE create mode 100644 Makefile create mode 100644 README.md create mode 100644 README.yaml create mode 100644 defaults/main.yml create mode 100644 handlers/main.yml create mode 100644 meta/main.yml create mode 100644 tasks/composer.yml create mode 100644 tasks/configure.yml create mode 100644 tasks/install.yml create mode 100644 tasks/main.yml create mode 100644 templates/config/mods-available/apcu.ini create mode 100644 templates/config/mods-available/mongodb.ini create mode 100644 templates/config/php.ini create mode 100644 templates/config/pool.d/queue.conf create mode 100644 templates/config/pool.d/upstream.conf create mode 100644 templates/config/pool.d/www.conf create mode 100644 vars/main.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..031aa23 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +# ignored files +.idea +*.iml +*.zip diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..49a2d36 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,21 @@ +--- +repos: + + - repo: https://github.com/pre-commit/pre-commit-hooks.git + rev: v2.2.3 + hooks: + - id: end-of-file-fixer + - id: trailing-whitespace + - id: mixed-line-ending + - id: check-byte-order-marker + - id: check-executables-have-shebangs + - id: check-merge-conflict + - id: debug-statements + - id: check-yaml + - id: check-added-large-files + + - repo: https://github.com/ansible/ansible-lint.git + rev: v4.1.0 + hooks: + - id: ansible-lint + files: \.(yaml|yml)$ diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..136d77d --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2019 Cloud Drove + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..f0eef15 --- /dev/null +++ b/Makefile @@ -0,0 +1,3 @@ +export GENIE_PATH ?= $(shell 'pwd')/../../../genie + +include $(GENIE_PATH)/Makefile diff --git a/README.md b/README.md new file mode 100644 index 0000000..3b34238 --- /dev/null +++ b/README.md @@ -0,0 +1,133 @@ + + + +

+ +

+ Ansible Role PHP +

+ +

+ This ansible role is used to install PHP server on Debian. +

+ +

+ + + Ansible + + + Licence + + + Distribution + + + Distribution + + + +

+

+ + + + + + + + + + + +

+
+ + + +We eat, drink, sleep and most importantly love **DevOps**. DevOps always promotes automation and standardisation. While setting up various environments like local, dev, testing, production, etc. it is critical to maintain the same environment across. This can easily be achieved using automating the environment setup & installation with the help of ansible-playbooks. + +Smaller roles are created for each environment elements; which also include tasks & tests. These roles can then be grouped together in [ansible-playbook](https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html) to achieve the desired yet consistent results. + + + +## Prerequisites + +This module has a few dependencies: + +- [Ansible2.8](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) +- [Python](https://www.python.org/downloads) + + + + +## What Includes + +Followiing things includes in this role: +- Php-7.3 +- Php-fpm +- Pecl +- Composer + + + + + + + +## Example Playbook + +**IMPORTANT:** Since the `master` branch used in `source` varies based on new modifications, we suggest that you use the release versions [here](https://github.com/clouddrove/ansible-role-php/releases). + + +```yaml +- hosts: localhost + remote_user: ubuntu + become: true + roles: + - clouddrove.ansible_role_php +``` + + +## Variables + +```yaml + php_version: 7.3 + php_dir: "/etc/php/{{ php_version }}" + php_fpm_dir: "/etc/php/{{ php_version }}/fpm" + log_path: /var/log/php + state: present + is_web_server_is_apache: true +``` + + +## Installation + +```console + $ ansible-galaxy install clouddrove.ansible_role_php +``` + + + + + + +## Feedback +If you come accross a bug or have any feedback, please log it in our [issue tracker](https://github.com/clouddrove/ansible-role-php/issues), or feel free to drop us an email at [hello@clouddrove.com](mailto:hello@clouddrove.com). + +If you have found it worth your time, go ahead and give us a ★ on [our GitHub](https://github.com/clouddrove/ansible-role-php)! + +## About us + +At [CloudDrove][website], we offer expert guidance, implementation support and services to help organisations accelerate their journey to the cloud. Our services include docker and container orchestration, cloud migration and adoption, infrastructure automation, application modernisation and remediation, and performance engineering. + +

We are The Cloud Experts!

+
+

We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.

+ + [website]: https://clouddrove.com + [github]: https://github.com/clouddrove + [linkedin]: https://cpco.io/linkedin + [twitter]: https://twitter.com/clouddrove/ + [email]: https://clouddrove.com/contact-us.html + [terraform_modules]: https://github.com/clouddrove?utf8=%E2%9C%93&q=terraform-&type=&language= diff --git a/README.yaml b/README.yaml new file mode 100644 index 0000000..4c84d2a --- /dev/null +++ b/README.yaml @@ -0,0 +1,74 @@ +--- +# +# This is the canonical configuration for the `README.md` +# Run `make readme` to rebuild the `README.md` +# + +# Name of this project +name: Ansible Role PHP + +# License of this project +license: "MIT" + +# Canonical GitHub repo +github_repo: clouddrove/ansible-role-php + +# Badges to display +badges: + - name: "Ansible" + image: "https://img.shields.io/badge/Ansible-2.8-green?style=flat&logo=ansible" + url: "https://www.ansible.com" + - name: "Licence" + image: "https://img.shields.io/badge/License-MIT-blue.svg" + url: "LICENSE.md" + - name: "Distribution" + image: "https://img.shields.io/badge/ubuntu-16.x-orange?style=flat&logo=ubuntu" + url: "https://ubuntu.com/" + - name: "Distribution" + image: "https://img.shields.io/badge/ubuntu-18.x-orange?style=flat&logo=ubuntu" + url: "https://ubuntu.com/" + +# Prerequesties to display +# yamllint disable +prerequesties: + - name: "Ansible2.8" + url: "https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html" + - name: "Python" + url: "https://www.python.org/downloads" +# yamllint enable +# What Includes to display +what_includes: + - name: "Php-7.3" + - name: "Php-fpm" + - name: "Pecl" + - name: "Composer" + +# description of this project +description: |- + This ansible role is used to install PHP server on Debian. + +# How to use this project +usage: |- + ```yaml + - hosts: localhost + remote_user: ubuntu + become: true + roles: + - clouddrove.ansible_role_php + ``` +# Variables use in the project +variables: |- + ```yaml + php_version: 7.3 + php_dir: "/etc/php/{{ php_version }}" + php_fpm_dir: "/etc/php/{{ php_version }}/fpm" + log_path: /var/log/php + state: present + is_web_server_is_apache: true + ``` + +# How to install project +installation: |- + ```console + $ ansible-galaxy install clouddrove.ansible_role_php + ``` diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..bc3c525 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,14 @@ +--- +# php versions supported versions 7.0> +php_version: 7.3 + +# configurations +php_dir: "/etc/php/{{ php_version }}" +php_fpm_dir: "/etc/php/{{ php_version }}/fpm" +log_path: /var/log/php + +# state +state: present + +# install php for apache web server +is_web_server_is_apache: true diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..92d9b96 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,23 @@ +--- + +- name: start php-fpm + service: + name: "php{{ php_version }}-fpm" + state: started + +- name: reload php-fpm + service: + name: "php{{ php_version }}-fpm" + state: reloaded + when: state == "present" + + +- name: restart php-fpm + service: + name: "php{{ php_version }}-fpm" + state: restarted + +- name: restart apache2 + service: + name: apache2 + state: restarted diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..20d164d --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,29 @@ +--- + +dependencies: [] + +galaxy_info: + author: clouddrove + description: This ansible role for install php. + company: "CloudDrove, LLC" + license: "license (BSD, MIT)" + min_ansible_version: 2.4 + platforms: + - name: Debian + versions: + - jessie + - stretch + - name: Ubuntu + versions: + - trusty + - xenial + - bionic + galaxy_tags: + - server + - php + - composer + - apache + - linux + - ubuntu + - debian + - fpm diff --git a/tasks/composer.yml b/tasks/composer.yml new file mode 100644 index 0000000..50e516d --- /dev/null +++ b/tasks/composer.yml @@ -0,0 +1,22 @@ +--- + +- name: download composer + get_url: + url: http://getcomposer.org/installer + force: true + dest: /tmp/composer + mode: 0755 + +# yamllint disable +- name: install composer + command: php /tmp/composer --install-dir=/usr/local/bin creates=/usr/local/bin/composer + +- name: rename composer.phar to composer + command: mv /usr/local/bin/composer.phar /usr/local/bin/composer creates=/usr/local/bin/composer +# yamllint enable + +- name: make composer executable + file: + path: /usr/local/bin/composer + mode: a+x + state: file diff --git a/tasks/configure.yml b/tasks/configure.yml new file mode 100644 index 0000000..187570c --- /dev/null +++ b/tasks/configure.yml @@ -0,0 +1,85 @@ +--- + +- name: create phpfpm log is enabled + file: + path: "{{ log_path }}" + mode: 0755 + state: directory + +- name: create phpfpm log is enabled + changed_when: false + file: + path: "{{ item }}" + mode: 0644 + state: touch + with_items: + - "{{ log_path }}/php-pool-upstream-error.log" + - "{{ log_path }}/php-ini-error.log" + - "{{ log_path }}/php-pool-www-error.log" + +- name: transfer pool.d php-fpm configuration + template: + src: "{{ item }}" + dest: "{{ php_fpm_dir }}/pool.d/{{ item | basename }}" + force: true + with_fileglob: + - ../templates/config/pool.d/*.conf + +- name: transfer mods-available php configuration + template: + src: "{{ item }}" + dest: "{{ php_dir }}/mods-available/{{ item | basename }}" + force: true + with_fileglob: + - ../templates/config/mods-available/*.ini + +- name: transfer php.ini php-fpm configuration + template: + src: config/php.ini + dest: "{{ php_fpm_dir }}/php.ini" + force: true + +- name: copy pecl extensions .ini files + template: + src: "{{ item }}" + dest: "{{ php_dir }}/mods-available/{{ item | basename }}" + force: true + with_fileglob: + - ../templates/config/mods-available/*.ini + +- name: transfer php.ini apache configuration + template: + src: config/php.ini + dest: "{{ php_dir }}/apache2/php.ini" + force: true + when: is_web_server_is_apache + notify: + - restart apache2 + +- name: change php-fpm ownership + file: + path: "{{ php_dir }}" + state: directory + owner: root + group: root + recurse: true + changed_when: "False" + +- name: set is default inslled version + changed_when: false + command: update-alternatives --set php /usr/bin/php{{ php_version }} + become: true + +- name: set is default inslled version for apache2 + changed_when: false + command: a2enmod php{{ php_version }} + when: is_web_server_is_apache + become: true + notify: + - restart apache2 + +- name: restart php + changed_when: false + command: /bin/true + notify: + - restart php-fpm diff --git a/tasks/install.yml b/tasks/install.yml new file mode 100644 index 0000000..2173182 --- /dev/null +++ b/tasks/install.yml @@ -0,0 +1,74 @@ +--- + +- name: add php {{ php_version }} repo + apt_repository: + repo: 'ppa:ondrej/php' + update_cache: true + validate_certs: false + +- name: install/remove php-fpm and packages + apt: + name: [ + 'php{{ php_version }}-fpm', + 'php{{ php_version }}', + 'php{{ php_version }}-common', + 'php{{ php_version }}-cli', + 'php{{ php_version }}-curl', + 'php{{ php_version }}-gd', + 'php{{ php_version }}-gmp', + 'php{{ php_version }}-imap', + 'php{{ php_version }}-intl', + 'php{{ php_version }}-readline', + 'php{{ php_version }}-opcache', + 'php{{ php_version }}-mysql', + 'php{{ php_version }}-json', + 'php{{ php_version }}-apcu', + 'php-redis', + 'php{{ php_version }}-apcu', + 'php{{ php_version }}-bz2', + 'php{{ php_version }}-bcmath', + 'php{{ php_version }}-mbstring', + 'php{{ php_version }}-soap', + 'php{{ php_version }}-xml', + 'php{{ php_version }}-zip', + 'php{{ php_version }}-dev', + 'php{{ php_version }}-mongodb', + 'php{{ php_version }}-sqlite3', + 'pkg-config', + 'libssl-dev', + 'libpcre3-dev', + 'libsasl2-dev', + 'libmcrypt-dev' + ] + state: "{{ state }}" + update_cache: true + cache_valid_time: 5400 + register: phpfpm_result + notify: + - reload php-fpm + +- name: enable php enable with apache + apt: + name: "libapache2-mod-php{{ php_version }}" + state: "{{ state }}" + update_cache: true + when: is_web_server_is_apache + notify: + - reload php-fpm + +- name: update pecl channel + changed_when: false + command: pecl update-channels + become: true + when: state == "present" + +- name: enable pecl extensions + pear: + name: "pecl/{{ item }}" + state: "{{ state }}" + ignore_errors: true + with_items: + - mongodb + - apcu + - mcrypt-1.0.2 + - redis diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..c87097d --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,9 @@ +--- + +- import_tasks: install.yml + +- import_tasks: composer.yml + when: state == "present" + +- import_tasks: configure.yml + when: state == "present" diff --git a/templates/config/mods-available/apcu.ini b/templates/config/mods-available/apcu.ini new file mode 100644 index 0000000..7aa8805 --- /dev/null +++ b/templates/config/mods-available/apcu.ini @@ -0,0 +1,24 @@ +; {{ansible_managed}} +extension=apcu.so + +apc.enabled = 1 +apc.enable_cli = 1 +apc.stat = 0 +apc.max_file_size = 4M +apc.localcache = 1 +apc.localcache.size = 512 +apc.shm_segments = 1 +apc.ttl = 3600 +apc.user_ttl = 7200 +apc.gc_ttl = 3600 +apc.cache_by_default = 1 +apc.write_lock = 1 +apc.num_files_hint = 0 +apc.user_entries_hint = 0 +apc.shm_size = 512M +apc.mmap_file_mask =/tmp/apc.XXXXXX +apc.include_once_override = 0 +apc.file_update_protection = 2 +apc.canonicalize = 1 +apc.report_autofilter = 0 +apc.stat_ctime = 0 diff --git a/templates/config/mods-available/mongodb.ini b/templates/config/mods-available/mongodb.ini new file mode 100644 index 0000000..36aba95 --- /dev/null +++ b/templates/config/mods-available/mongodb.ini @@ -0,0 +1,4 @@ +; {{ansible_managed}} +extension=mongodb.so +mongo.allow_empty_keys=1 +mongodb.allow_empty_keys=1 diff --git a/templates/config/php.ini b/templates/config/php.ini new file mode 100644 index 0000000..e7b87f3 --- /dev/null +++ b/templates/config/php.ini @@ -0,0 +1,385 @@ +;{{ ansible_managed }} +[PHP] + +;;;;;;;;;;;;;;;;;;; +; About this file ; +;;;;;;;;;;;;;;;;;;; +; PHP comes packaged with two INI files. One that is recommended to be used +; in production environments and one that is recommended to be used in +; development environments. + +; php.ini-production contains settings which hold security, performance and +; best practices at its core. But please be aware, these settings may break +; compatibility with older or less security conscience applications. We +; recommending using the production ini in production and testing environments. + +; php.ini-development is very similar to its production variant, except it is +; much more verbose when it comes to errors. We recommend using the +; development version only in development environments, as errors shown to +; application users can inadvertently leak otherwise secure information. + +; This is the php.ini-production INI file. + +;;;;;;;;;;;;;;;;;;;; +; php.ini Options ; +;;;;;;;;;;;;;;;;;;;; +;user_ini.filename = ".user.ini" +;user_ini.filename = +;user_ini.cache_ttl = 300 + +;;;;;;;;;;;;;;;;;;;; +; Language Options ; +;;;;;;;;;;;;;;;;;;;; +engine = On +short_open_tag = Off +precision = 14 +output_buffering = 4096 +zlib.output_compression = Off +disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals, +disable_classes = +implicit_flush = Off +unserialize_callback_func = +serialize_precision = -1 +zend.enable_gc = On +;zlib.output_compression_level = -1 +;zlib.output_handler = +;open_basedir = +;highlight.string = #DD0000 +;highlight.comment = #FF9900 +;highlight.keyword = #007700 +;highlight.default = #0000BB +;highlight.html = #000000 +;ignore_user_abort = On +;realpath_cache_size = 4096k +;realpath_cache_ttl = 120 +;;;;;;;;;;;;;;;;; +; Miscellaneous ; +;;;;;;;;;;;;;;;;; +expose_php = Off + +;;;;;;;;;;;;;;;;;;; +; Resource Limits ; +;;;;;;;;;;;;;;;;;;; +max_execution_time = 600 +max_input_time = -1 +max_input_vars = 5000 +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +; Error handling and logging ; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT +display_errors = Off +display_startup_errors = Off +log_errors = On +log_errors_max_len = 1024 +ignore_repeated_errors = Off +ignore_repeated_source = Off +report_memleaks = On +;report_zend_debug = 0 +;xmlrpc_errors = 0 +xmlrpc_error_number = 0 +html_errors = On + +;;;;;;;;;;;;;;;;; +; Data Handling ; +;;;;;;;;;;;;;;;;; +variables_order = "GPCS" +request_order = "GP" +register_argc_argv = Off +auto_globals_jit = On +post_max_size = 300M +auto_prepend_file = +auto_append_file = +default_mimetype = "text/html" +default_charset = "UTF-8" +doc_root = +user_dir = +enable_dl = Off +;arg_separator.output = "&" +;arg_separator.input = ";&" + +;;;;;;;;;;;;;;;; +; File Uploads ; +;;;;;;;;;;;;;;;; +file_uploads = On +upload_max_filesize = 500M +max_file_uploads = 300 + +;;;;;;;;;;;;;;;;;; +; Fopen wrappers ; +;;;;;;;;;;;;;;;;;; +allow_url_fopen = On +allow_url_include = On +default_socket_timeout = 60 +;auto_detect_line_endings = Off + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; + +[CLI Server] +; Whether the CLI web server uses ANSI color coding in its terminal output. +cli_server.color = On + +[Date] +;date.timezone = +;date.default_latitude = 31.7667 +;date.default_longitude = 35.2333 +;date.sunrise_zenith = 90.583333 +;date.sunset_zenith = 90.583333 +[filter] +;filter.default = unsafe_raw +;filter.default_flags = + +[iconv] +;iconv.input_encoding +;iconv.internal_encoding = +;iconv.output_encoding = + +[imap] +;imap.enable_insecure_rsh=0 + +[intl] +;intl.default_locale = +;intl.error_level = E_WARNING +;intl.use_exceptions = 0 + +[sqlite3] +;sqlite3.extension_dir = +;sqlite3.defensive = 1 + +[Pcre] +;pcre.backtrack_limit=100000 +;pcre.recursion_limit=100000 +;pcre.jit=1 + +[Pdo] +;pdo_odbc.connection_pooling=strict +;pdo_odbc.db2_instance_name + +[Pdo_mysql] +pdo_mysql.default_socket= + +[Phar] +;phar.readonly = On +;phar.require_hash = On +;phar.cache_list = + +[mail function] + +SMTP = localhost +smtp_port = 25 +mail.add_x_header = Off +;sendmail_from = me@example.com +;sendmail_path = +;mail.force_extra_parameters = +;mail.log = +;mail.log = syslog + +[ODBC] +odbc.allow_persistent = On +odbc.check_persistent = On +odbc.max_persistent = -1 +odbc.max_links = -1 +odbc.defaultlrl = 4096 +odbc.defaultbinmode = 1 +;odbc.default_db = Not yet implemented +;odbc.default_user = Not yet implemented +;odbc.default_pw = Not yet implemented +;odbc.default_cursortype + +[Interbase] +ibase.allow_persistent = 1 +ibase.max_persistent = -1 +ibase.max_links = -1 +ibase.timestampformat = "%Y-%m-%d %H:%M:%S" +ibase.dateformat = "%Y-%m-%d" +ibase.timeformat = "%H:%M:%S" +;ibase.default_db = +;ibase.default_user = +;ibase.default_password = +;ibase.default_charset = + + +[MySQLi] +mysqli.max_persistent = -1 +mysqli.allow_persistent = On +mysqli.max_links = -1 +mysqli.default_port = 3306 +mysqli.default_socket = +mysqli.default_host = +mysqli.default_user = +mysqli.default_pw = +mysqli.reconnect = Off +;mysqli.allow_local_infile = On + + +[mysqlnd] +mysqlnd.collect_statistics = On +mysqlnd.collect_memory_statistics = Off +sha256_server_public_key = +;mysqlnd.debug = +;mysqlnd.log_mask = 0 +;mysqlnd.mempool_default_size = 16000 +;mysqlnd.net_cmd_buffer_size = 2048 +;mysqlnd.net_read_buffer_size = 32768 +;mysqlnd.net_read_timeout = 31536000 + +[OCI8] +;oci8.privileged_connect = Off +;oci8.max_persistent = -1 +;oci8.persistent_timeout = -1 +;oci8.ping_interval = 60 +;oci8.connection_class = +;oci8.events = Off +;oci8.statement_cache_size = 20 +;oci8.default_prefetch = 100 +;oci8.old_oci_close_semantics = Off + +[PostgreSQL] +pgsql.allow_persistent = On +pgsql.auto_reset_persistent = Off +pgsql.max_persistent = -1 +pgsql.max_links = -1 +pgsql.ignore_notice = 0 +pgsql.log_notice = 0 + +[bcmath] +bcmath.scale = 0 + +[browscap] +;browscap = extra/browscap.ini + +[Session] +session.save_handler = files +session.sid_bits_per_character = 5 +session.use_strict_mode = 0 +session.use_cookies = 1 +session.use_only_cookies = 1 +session.name = PHPSESSID +session.auto_start = 0 +session.cookie_lifetime = 0 +session.cookie_path = / +session.cookie_domain = +session.cookie_httponly = +session.cookie_samesite = +session.serialize_handler = php +session.gc_probability = 0 +session.gc_divisor = 1000 +session.gc_maxlifetime = 1440 +session.referer_check = +session.cache_limiter = nocache +session.cache_expire = 180 +session.use_trans_sid = 0 +session.sid_length = 26 +session.trans_sid_tags = "a=href,area=href,frame=src,form=" +;session.save_path = "/var/lib/php/sessions" +;session.cookie_secure = +;session.trans_sid_hosts="" +;session.upload_progress.enabled = On +;session.upload_progress.cleanup = On +;session.upload_progress.prefix = "upload_progress_" +;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" +;session.upload_progress.freq = "1%" +;session.upload_progress.min_freq = "1" +;session.lazy_write = On + +[Assertion] +zend.assertions = -1 +;assert.active = On +;assert.exception = On +;assert.warning = On +;assert.bail = Off +;assert.callback = 0 +;assert.quiet_eval = 0 + +[COM] +;com.typelib_file = +;com.allow_dcom = true +;com.autoregister_typelib = true +;com.autoregister_casesensitive = false +;com.autoregister_verbose = true +;com.code_page= + +[mbstring] +;mbstring.language = Japanese +;mbstring.internal_encoding = +;mbstring.http_input = +;mbstring.http_output = +;mbstring.encoding_translation = Off +;mbstring.detect_order = auto +;mbstring.substitute_character = none +;mbstring.func_overload = 0 +;mbstring.strict_detection = On +;mbstring.http_output_conv_mimetype= +;mbstring.regex_stack_limit=100000 + +[gd] +;gd.jpeg_ignore_warning = 1 + +[exif] +;exif.encode_unicode = ISO-8859-15 +;exif.decode_unicode_motorola = UCS-2BE +;exif.decode_unicode_intel = UCS-2LE +;exif.encode_jis = +;exif.decode_jis_motorola = JIS +;exif.decode_jis_intel = JIS + +[Tidy] +tidy.clean_output = Off + +[soap] +soap.wsdl_cache_enabled=1 +soap.wsdl_cache_dir="/tmp" +soap.wsdl_cache_ttl=86400 +soap.wsdl_cache_limit = 5 + +[sysvshm] +;sysvshm.init_mem = 10000 + +[ldap] +ldap.max_links = -1 + +[dba] +;dba.default_handler= + +[opcache] +;opcache.enable=1 +;opcache.enable_cli=0 +;opcache.memory_consumption=128 +;opcache.interned_strings_buffer=8 +;opcache.max_accelerated_files=10000 +;opcache.max_wasted_percentage=5 +;opcache.use_cwd=1 +;opcache.validate_timestamps=1 +;opcache.revalidate_freq=2 +;opcache.revalidate_path=0 +;opcache.save_comments=1 +;opcache.enable_file_override=0 +;opcache.optimization_level=0x7FFFBFFF +;opcache.dups_fix=0 +;opcache.blacklist_filename= +;opcache.max_file_size=0 +;opcache.consistency_checks=0 +;opcache.force_restart_timeout=180 +;opcache.error_log= +;opcache.log_verbosity_level=1 +;opcache.preferred_memory_model= +;opcache.protect_memory=0 +;opcache.restrict_api= +;opcache.mmap_base= +;opcache.file_cache= +;opcache.file_cache_only=0 +;opcache.file_cache_consistency_checks=1 +;opcache.file_cache_fallback=1 +;opcache.huge_code_pages=1 +;opcache.validate_permission=0 +;opcache.validate_root=0 +;opcache.opt_debug_level=0 + +[curl] +;curl.cainfo = + +[openssl] +;openssl.cafile= +;openssl.capath= +; End: diff --git a/templates/config/pool.d/queue.conf b/templates/config/pool.d/queue.conf new file mode 100644 index 0000000..97f24b3 --- /dev/null +++ b/templates/config/pool.d/queue.conf @@ -0,0 +1,43 @@ +;{{ansible_managed}} +[queue] +; if we send this to /proc/self/fd/1, it never appears +; access.log = /proc/self/fd/2 + +clear_env = no + +; Ensure worker stdout and stderr are sent to the main error log. +catch_workers_output = yes + +user = www-data +group = www-data + +listen = [::]:9003 + +listen.backlog = -1 + +pm = dynamic +pm.max_children = 30 +pm.start_servers = 2 +pm.min_spare_servers = 2 +pm.max_spare_servers = 20 +pm.max_requests = 10000 +pm.status_path = /queue-php71-status + +ping.path = /ping-queue + +ping.response = pong-queue + +rlimit_core = 0 + +; Default Value: clean env +env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp + +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/php-pool-queue.error.log +php_admin_flag[log_errors] = on +php_admin_value[memory_limit] = 2048M diff --git a/templates/config/pool.d/upstream.conf b/templates/config/pool.d/upstream.conf new file mode 100644 index 0000000..64aee8a --- /dev/null +++ b/templates/config/pool.d/upstream.conf @@ -0,0 +1,43 @@ +;{{ ansible_managed }} +[upstream] +; if we send this to /proc/self/fd/1, it never appears +; access.log = /proc/self/fd/2 + +clear_env = no + +; Ensure worker stdout and stderr are sent to the main error log. +catch_workers_output = yes + +user = www-data +group = www-data + +listen = [::]:9002 + +listen.backlog = -1 + +pm = dynamic +pm.max_children = 200 +pm.start_servers = 4 +pm.min_spare_servers = 4 +pm.max_spare_servers = 180 +pm.max_requests = 10000 +pm.status_path = /upstream-php71-status + +ping.path = /ping-upstream + +ping.response = pong-upstream + +rlimit_core = 0 + +; Default Value: clean env +env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp + +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +;php_admin_value[error_log] = /var/log/php-pool-upstream.error.log +php_admin_flag[log_errors] = on +php_admin_value[memory_limit] = 2048M diff --git a/templates/config/pool.d/www.conf b/templates/config/pool.d/www.conf new file mode 100644 index 0000000..d04fa2f --- /dev/null +++ b/templates/config/pool.d/www.conf @@ -0,0 +1,56 @@ +;{{ansible_managed}} +; Start a new pool named 'www'. +; the variable $pool can we used in any directive and will be replaced by the +; pool name ('www' here) + +[www] +;prefix = /path/to/pools/$pool +user = www-data +group = www-data +listen = 127.0.0.1:9000 +listen.backlog = -1 +listen.owner = www-data +listen.group = www-data +;listen.mode = 0660 +;listen.acl_users = +;listen.acl_groups = +;listen.allowed_clients = 127.0.0.1 +; process.priority = -19 + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 4 +pm.min_spare_servers = 4 +pm.max_spare_servers = 40 +;pm.process_idle_timeout = 10s; +pm.max_requests = 1000 +pm.status_path = /www-php71-status + +;ping.path = /ping +;ping.response = pong + +;access.log = log/$pool.access.log +access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" +;slowlog = log/$pool.log.slow +;request_slowlog_timeout = 0 +;request_terminate_timeout = 0 +;request_terminate_timeout = 300 +rlimit_files = 131072 +rlimit_core = 0 +;chroot = +;chdir = /var/www +; catch_workers_output = yes +;clear_env = no +;security.limit_extensions = .php .php3 .php4 .php5 .php7 + +env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp + +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +;php_flag[display_errors] = off +php_admin_value[error_log] = /var/log/php-pool-www.error.log +php_admin_flag[log_errors] = on +php_admin_value[memory_limit] = 2048M diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..2c53c75 --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for ansible-role-php