Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • ansible/roles/php
  • ericzillmann/php
2 results
Show changes
Commits on Source (89)
Showing with 1162 additions and 695 deletions
php_install_redis: true ---
php_version: 7.0
php_version_main: 7
php_fpm: yes
php_fpm_socket: no
php_install_redis: yes
php_hold_version: no
php_repositories: [] php_repositories: []
php_packages: php_packages:
- php-apc - php-apc
- php-imagick
- php-pear - php-pear
- php-soap - php-soap
- php-uploadprogress
- php5 - php5
- php5-cgi - php5-cgi
- php5-cli
- php5-curl - php5-curl
- php5-dev - php5-dev
- php5-fpm - php5-fpm
- php5-gd - php5-gd
- php5-imagick
- php5-imap - php5-imap
- php5-mcrypt - php5-mcrypt
- php5-mysql - php5-mysql
- php5-xdebug - php5-xdebug
- php5-xmlrpc - php5-xmlrpc
- imagemagick
php_base_dir: 'php5' php_base_dir: php5
php_conf_dir: 'conf.d' php_conf_dir: conf.d
php_allow_call_time_pass_reference: 'on' php_allow_call_time_pass_reference: 'on'
php_browscap: false php_browscap: no
php_date_timezone: 'Europe/Berlin' php_date_timezone: Europe/Berlin
php_display_errors: 'Off' php_display_errors: 'Off'
php_display_startup_errors: 'Off' php_display_startup_errors: 'Off'
php_error_reporting: 'E_ALL & ~E_NOTICE' php_error_reporting: E_ALL & ~E_NOTICE
php_expose_php: 'Off' php_expose_php: 'Off'
php_filter_default: 'unsafe_raw' php_filter_default: unsafe_raw
php_html_errors: 'Off' php_html_errors: 'Off'
php_log_errors: 'On' php_log_errors: 'On'
php_magic_quotes_gpc: 'On' php_magic_quotes_gpc: 'On'
php_max_execution_time: '30' php_max_execution_time: 30
php_max_input_vars: '1000' php_max_file_uploads: 20
php_memory_limit: '32M' php_max_input_time: 60
php_needs_oci8: false php_max_input_vars: 1000
php_post_max_size: '32M' php_memory_limit: 32M
php_needs_mcrypt: no
php_needs_msodbc: no
php_needs_oci8: no
php_output_buffering: 4096
php_post_max_size: 32M
php_register_globals: 'Off' php_register_globals: 'Off'
php_register_long_arrays: 'On' php_register_long_arrays: 'On'
php_sendmail_path: '/usr/sbin/sendmail -t -i' php_sendmail_path: /usr/sbin/sendmail -t -i
php_session_cache_expire: '180' php_session_cache_expire: 180
php_session_cookie_lifetime: '0' php_session_cookie_lifetime: 0
php_session_gc_divisor: '1000' php_session_gc_divisor: 1000
php_session_gc_maxlifetime: '1440' php_session_gc_maxlifetime: 1440
php_short_open_tag: 'Off' php_short_open_tag: 'Off'
php_upload_max_filesize: '2M' php_upload_max_filesize: 2M
php_zend_assertions: '-1' php_zend_assertions: -1
# PHP FPM
php_fpm_max_children: 10
php_fpm_start_servers: 4
php_fpm_min_spare_servers: 2
php_fpm_max_spare_servers: 6
php_fpm_max_requests: 2000
# apc.ini # apc.ini
apc_rfc1867: '1' apc_rfc1867: 1
apc_shm_size: '256M' apc_shm_size: 32M
apc_shm_segments: '1' apc_shm_segments: 1
apc_num_files_hint: '0' apc_num_files_hint: 0
apc_ttl: '7200' apc_ttl: 7200
apc_user_ttl: '7200' apc_user_ttl: 7200
apc_gc_ttl: '3600' apc_gc_ttl: 3600
# opcache.ini # opcache.ini
opcache_memory_consumption: '128' opcache_memory_consumption: 128
opcache_max_accelerated_files: '7963' opcache_max_accelerated_files: 7963
opcache_revalidate_freq: '30' opcache_revalidate_freq: 30
opcache_interned_strings_buffer: '16' opcache_interned_strings_buffer: 16
# php 5.3 # php 5.3
php53: php53:
libraries: libraries:
- file: 'libgd.so.2.0.0' - file: libgd.so.2.0.0
link: 'libgd.so.2' link: libgd.so.2
- file: 'liblcms.so.1.0.19' - file: liblcms.so.1.0.19
link: 'liblcms.so.1' link: liblcms.so.1
- file: 'libMagickCore.so.4.0.1' - file: libMagickCore.so.4.0.1
link: 'libMagickCore.so.4' link: libMagickCore.so.4
- file: 'libMagickWand.so.4.0.1' - file: libMagickWand.so.4.0.1
link: 'libMagickWand.so.4' link: libMagickWand.so.4
- file: 'libt1.so.5.1.2' - file: libt1.so.5.1.2
link: 'libt1.so.5' link: libt1.so.5
liblinks: liblinks:
- src: '/lib/x86_64-linux-gnu/libpng12.so.0' - src: /lib/x86_64-linux-gnu/libpng12.so.0
link: 'libpng12.so.0' link: libpng12.so.0
modules: modules:
- 'apc' - apc
- 'curl' - curl
- 'gd' - gd
- 'imagick' - imagick
- 'imap' - imap
#- 'json' # - json
- 'mcrypt' - mcrypt
#- 'memcached' # - memcached
- 'mysql' - mysql
- 'mysqli' - mysqli
- 'pdo_mysql' - pdo_mysql
#- 'readline' # - readline
- 'redis' - redis
- 'xmlrpc' - xmlrpc
extdir: '/usr/local/lib/php/extensions/no-debug-non-zts-20090626' extdir: /usr/local/lib/php/extensions/no-debug-non-zts-20090626
libdir: '/usr/lib/x86_64-linux-gnu' libdir: /usr/lib/x86_64-linux-gnu
This diff is collapsed.
---
# file: roles/php/handlers/main.yml
- name: Restart PHP-FPM
service:
name: '{{ phpFpmService }}'
state: restarted
- name: Initial Logrotate
shell: logrotate -f /etc/logrotate.d/php{{ phpLogRotatePrefix }}-fpm
...@@ -2,3 +2,4 @@ ...@@ -2,3 +2,4 @@
dependencies: dependencies:
- { role: apache } - { role: apache }
- { role: imagemagick }
...@@ -5,17 +5,36 @@ ...@@ -5,17 +5,36 @@
--- ---
# file: roles/php/tasks/main.yml # file: roles/php/tasks/main.yml
- name: "PHP Role" - name: PHP Role
set_fact: role_php_started=true set_fact:
tags: always role_php_started: yes
tags:
- always
- block: - block:
- include: php.yml - name: Include variables
when: role_php_completed is not defined include_tasks: variables.yml
tags:
- always
- name: 'PHP | Remember that this role had been run' - name: Import php
set_fact: role_php_completed=true import_tasks: php.yml
tags: always
when: '"php" not in excluded_roles' - name: Link PhpEnMod for PHP 5.3
file:
dest: /usr/local/bin/php{{ item }}
src: /usr/sbin/php5{{ item }}
state: link
with_items:
- enmod
- dismod
when: php_version|default("5.5") == "5.3"
- name: PHP | Remember that this role had been run
set_fact:
role_php_completed: yes
tags:
- always
when: (not excluded_roles or "php" not in excluded_roles) and role_php_completed is not defined
---
# file: roles/php/tasks/mcrypt-7.2.yml
- name: Check MCrypt Requirement
stat:
path: /usr/lib/php/20170718/mcrypt.so
register: mcrypt_file
- block:
- name: Enable MCrypt for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- mcrypt
- name: Install packages
apt:
pkg: '{{ packages }}'
state: present
update_cache: yes
vars:
packages:
- libmcrypt-dev
- libreadline-dev
- name: Install PECL packages
shell: pecl install --soft --ignore-errors mcrypt-1.0.1
when: php_version_main|default(7) == 7
ignore_errors: yes
- name: Enable extension
shell: phpenmod {{ item }}
with_items:
- mcrypt
notify:
- Restart Apache
when: not mcrypt_file.stat.exists
---
# file: roles/php/tasks/msodbc.yml
- name: Apt Key
apt_key:
keyring: /etc/apt/trusted.gpg.d/microsoft.gpg
url: 'https://packages.microsoft.com/keys/microsoft.asc'
state: present
- name: Apt Repository
apt_repository:
repo: 'deb [arch=amd64] https://packages.microsoft.com/ubuntu/18.04/prod {{ ansible_distribution_release }} main'
state: present
mode: 0644
- name: Accept licenses
debconf:
name: "{{ item }}-installer"
question: "{{ item }}/accept_eula"
value: "true"
vtype: "select"
with_items:
- mssql-tools
- name: Install Packages
apt:
pkg: '{{ packages }}'
state: present
update_cache: yes
vars:
packages:
- mssql-tools
- unixodbc-dev
notify:
- Restart Apache
- name: PHP | Install PECL packages
shell: pecl install --soft {{ item }}
with_items:
- sqlsrv
- pdo_sqlsrv
when: false
- name: Configuration files
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- sqlsrv
- pdo_sqlsrv
notify:
- Restart Apache
when: false
- name: Enable extensions
shell: phpenmod {{ item }}
with_items:
- sqlsrv
- pdo_sqlsrv
notify:
- Restart Apache
when: false
---
# file: roles/php/tasks/oci-5.3.yml
#
# @see OCI8 Install: https://help.ubuntu.com/community/PHPOracle
# Better:
# @see PDO_OCI Install: https://drupal.org/comment/5572626#comment-5572626
- name: PHP | Check OCI Requirement
stat:
path: /usr/lib/php5/20090626/pdo_oci.so
register: oci_file
- block:
- name: PHP | OCI | Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- pdo_oci
- name: PHP | OCI | Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so
- oracle_x64_11_2_0_3_0_pdo_oci_so
- name: PHP | OCI | Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so
- oracle_x64_11_2_0_3_0_pdo_oci_so
- name: PHP | OCI | Remove /usr/local/lib/instantclient_11_2
file:
path: /usr/local/lib/instantclient_11_2
state: absent
- name: PHP | OCI | Move Oracle InstantClient to /usr/local/lib
command: mv /tmp/instantclient_11_2 /usr/local/lib/
- name: PHP | OCI | Move oci8 to /usr/lib/php5
command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so /usr/lib/php5/20090626/oci8.so
- name: PHP | OCI | Move pdo_oci to /usr/lib/php5
command: mv /tmp/oracle_x64_11_2_0_3_0_pdo_oci_so /usr/lib/php5/20090626/pdo_oci.so
- name: PHP | OCI | Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /usr/local/lib/instantclient_11_2
- name: Ensure log directories
file:
path: /usr/local/lib/instantclient_11_2/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /usr/local/lib/instantclient_11_2/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: PHP | OCI | Make available libclntsh.so
file:
src: /usr/local/lib/instantclient_11_2/libclntsh.so.11.1
dest: /usr/local/lib/instantclient_11_2/libclntsh.so
state: link
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci-5.5.yml
- debug: msg="OCI8 for PHP 5.5 not implemented yet"
---
# file: roles/php/tasks/oci-5.6.yml
- name: Check OCI Requirement
stat:
path: /usr/lib/php/20131226/oci8.so
register: oci_file
- block:
- name: Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- name: Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so_php_5_6
- name: Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so_php_5_6
- name: Remove /usr/local/lib/instantclient_11_2
file:
path: /usr/local/lib/instantclient_11_2
state: absent
- name: Move Oracle InstantClient to /usr/local/lib
command: mv /tmp/instantclient_11_2 /usr/local/lib/
- name: Move oci8 to /usr/lib/php
command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so_php_4_5 /usr/lib/php/20131226/oci8.so
- name: Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /usr/local/lib/instantclient_11_2
- name: Ensure log directories
file:
path: /usr/local/lib/instantclient_11_2/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /usr/local/lib/instantclient_11_2/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: Make available libclntsh.so
file:
src: /usr/local/lib/instantclient_11_2/libclntsh.so.11.1
dest: /usr/local/lib/instantclient_11_2/libclntsh.so
state: link
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci-7.0.yml
- name: Check OCI Requirement
stat:
path: /usr/lib/php/20151012/oci8.so
register: oci_file
- block:
- name: Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- name: Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so_php_7
- name: Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so_php_7
- name: Remove /usr/local/lib/instantclient_11_2
file:
path: /usr/local/lib/instantclient_11_2
state: absent
- name: Move Oracle InstantClient to /usr/local/lib
command: mv /tmp/instantclient_11_2 /usr/local/lib/
- name: Move oci8 to /usr/lib/php
command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so_php_7 /usr/lib/php/20151012/oci8.so
- name: Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /usr/local/lib/instantclient_11_2
- name: Ensure log directories
file:
path: /usr/local/lib/instantclient_11_2/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /usr/local/lib/instantclient_11_2/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: Make available libclntsh.so
file:
src: /usr/local/lib/instantclient_11_2/libclntsh.so.11.1
dest: /usr/local/lib/instantclient_11_2/libclntsh.so
state: link
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci-7.1.yml
- debug: msg="OCI8 for PHP 7.1 not implemented yet"
---
# file: roles/php/tasks/oci-7.2.yml
#
# https://gist.github.com/Yukibashiri/cebaeaccbe531665a5704b1b34a3498e
- name: Check OCI Requirement
stat:
path: /usr/lib/php/20170718/oci8.so
register: oci_file
- block:
- name: Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- name: Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_18_5
- oracle_x64_18_5_0_0_0_oci8_so_php_7
- name: Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_18_5
- oracle_x64_18_5_0_0_0_oci8_so_php_7
- name: Remove /opt/oracle/instantclient_18_5
file:
path: /opt/oracle/instantclient_18_5
state: absent
- name: Ensure directory /opt/oracle
file:
path: /opt/oracle
state: directory
- name: Move Oracle InstantClient to /opt/oracle
command: mv /tmp/instantclient_18_5 /opt/oracle/instantclient_18_5
- name: Move oci8 to /usr/lib/php
command: mv /tmp/oracle_x64_18_5_0_0_0_oci8_so_php_7 /usr/lib/php/20170718/oci8.so
- name: Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /opt/oracle/instantclient_18_5
- name: Ensure log directories
file:
path: /opt/oracle/instantclient_18_5/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /opt/oracle/instantclient_18_5/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: Create symlinks
file:
src: /opt/oracle/instantclient_18_5/{{ item }}.so.18.1
dest: /opt/oracle/instantclient_18_5/{{ item }}.so
state: link
with_items:
- libclntsh
- libocci
- name: Configure libraries
template:
src: etc-ld-oracle
dest: /etc/ld.so.conf.d/oracle-instantclient.conf
owner: root
group: root
mode: 0644
- name: Update libraries
command: ldconfig
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci-7.3.yml
- debug: msg="OCI8 for PHP 7.3 not implemented yet"
---
# file: roles/php/tasks/oci-7.4.yml
#
# https://gist.github.com/Yukibashiri/cebaeaccbe531665a5704b1b34a3498e
- name: Check OCI Requirement
stat:
path: /usr/lib/php/20190902/oci8.so
register: oci_file
- block:
- name: Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- name: Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_18_5
- oracle_x64_18_5_0_0_0_oci8_so_php_7
- name: Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_18_5
- oracle_x64_18_5_0_0_0_oci8_so_php_7_4
- name: Remove /opt/oracle/instantclient_18_5
file:
path: /opt/oracle/instantclient_18_5
state: absent
- name: Ensure directory /opt/oracle
file:
path: /opt/oracle
state: directory
- name: Move Oracle InstantClient to /opt/oracle
command: mv /tmp/instantclient_18_5 /opt/oracle/instantclient_18_5
- name: Move oci8 to /usr/lib/php
command: mv /tmp/oracle_x64_18_5_0_0_0_oci8_so_php_7_4 /usr/lib/php/20190902/oci8.so
- name: Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /opt/oracle/instantclient_18_5
- name: Ensure log directories
file:
path: /opt/oracle/instantclient_18_5/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /opt/oracle/instantclient_18_5/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: Create symlinks
file:
src: /opt/oracle/instantclient_18_5/{{ item }}.so.18.1
dest: /opt/oracle/instantclient_18_5/{{ item }}.so
state: link
with_items:
- libclntsh
- libocci
- name: Configure libraries
template:
src: etc-ld-oracle
dest: /etc/ld.so.conf.d/oracle-instantclient.conf
owner: root
group: root
mode: 0644
- name: Update libraries
command: ldconfig
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci8.yml
#
# @see OCI8 Install: https://help.ubuntu.com/community/PHPOracle
# Better:
# @see PDO_OCI Install: https://drupal.org/comment/5572626#comment-5572626
- name: "PHP | OCI | Enable OCI for PHP"
copy:
content='extension={{ item }}.so'
dest=/etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner=root
group=root
mode=0644
with_items:
- oci8
- pdo_oci
- name: "PHP | OCI | Remove possible components in /tmp"
command: rm -Rf /tmp/{{ item }}
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so
- oracle_x64_11_2_0_3_0_pdo_oci_so
- name: "PHP | OCI | Make available Oracle InstantClient"
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so
- oracle_x64_11_2_0_3_0_pdo_oci_so
- name: "PHP | OCI | Remove /usr/local/lib/instantclient_11_2"
command: rm -Rf /usr/local/lib/instantclient_11_2
- name: "PHP | OCI | Move Oracle InstantClient to /usr/local/lib"
command: mv /tmp/instantclient_11_2 /usr/local/lib/
- name: "PHP | OCI | Move oci8 to /usr/lib/php5"
command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so /usr/lib/php5/20090626/oci8.so
- name: "PHP | OCI | Move pdo_oci to /usr/lib/php5"
command: mv /tmp/oracle_x64_11_2_0_3_0_pdo_oci_so /usr/lib/php5/20090626/pdo_oci.so
- name: "PHP | OCI | Change ownership for Oracle InstantClient"
file:
path="{{ item }}"
owner="root"
group="root"
recurse=yes
with_items:
- /usr/local/lib/instantclient_11_2
- /usr/lib/php5/20090626/oci8.so
- /usr/lib/php5/20090626/pdo_oci.so
- name: "PHP | OCI | Make available libclntsh.so"
file:
src=/usr/local/lib/instantclient_11_2/libclntsh.so.11.1
dest=/usr/local/lib/instantclient_11_2/libclntsh.so
state=link
--- ---
# file: roles/php/tasks/php.yml # file: roles/php/tasks/php.yml
- name: "PHP | Apt Repository" - name: Apt Repository
apt_repository: apt_repository:
repo='{{ item }}' repo: '{{ item }}'
state='present' state: present
mode=644 mode: 0644
with_items: '{{ php_repositories }}' with_items: '{{ php_repositories }}'
- name: "PHP | Install required packages." - name: Install required packages.
apt: apt:
pkg={{ item }} pkg: '{{ php_packages }}'
state=installed state: present
with_items: '{{ php_packages }}' force: yes
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- name: "PHP | Install PECL packages" - name: Hold em all
shell: 'pecl install oauth' shell: dpkg --get-selections | grep ^sed s/install/hold/g | sudo dpkg --set-selections
when: php_hold_version
- name: "PHP | Ensure Apache config directory" - name: Install PECL packages
shell: pecl install --soft imagick-3.3.0
when: php_version_main|default(7) != 7
ignore_errors: yes
# NOTE: If oauth is already installed and we install a new PHP 7 version then this fails and we need --force as well
- name: Install PECL packages
shell: pecl install --soft --force oauth
when: php_version_main|default(7) == 7
ignore_errors: yes
- name: Ensure Apache config directory
file: file:
dest=/etc/{{ php_base_dir }}/apache2 dest: /etc/{{ php_base_dir }}/apache2
state=directory state: directory
owner=root owner: root
group=root group: root
mode=0755 mode: 0755
- name: "PHP | Configuration file, php.ini" - name: Configuration file, php.ini
template: template:
src=etc-php5-apache2-php.ini src: etc-php5-apache2-php.ini
dest=/etc/{{ php_base_dir }}/apache2/php.ini dest: /etc/{{ php_base_dir }}/apache2/php.ini
owner=root owner: root
group=root group: root
mode=0644 mode: 0644
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- include: php53.yml - name: Import php53
import_tasks: php53.yml
when: php_version|default('5.5') == '5.3' when: php_version|default('5.5') == '5.3'
- name: "PHP | Configuration file, fcgid.conf" - name: Configuration file, fcgid.conf
template: template:
src=fcgid.conf src: fcgid.conf
dest=/etc/apache2/mods-available/fcgid.conf dest: /etc/apache2/mods-available/fcgid.conf
owner=root owner: root
group=root group: root
mode=0644 mode: 0644
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- name: "PHP | Cache configuration file, opcache.ini" - name: Configuration files
template: template:
src=etc-php5-conf-d-opcache.ini src: etc-php5-conf-d-{{ item }}.ini
dest=/etc/{{ php_base_dir }}/{{ php_conf_dir }}/opcache.ini dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner=root owner: root
group=root group: root
mode=0644 mode: 0644
with_items:
- apcu
- opcache
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- name: "PHP | Create extra directory for browscap" - name: Create extra directory for browscap
file: file:
dest=/etc/{{ php_base_dir }}/apache2/extra dest: /etc/{{ php_base_dir }}/apache2/extra
state=directory state: directory
owner=root owner: root
group=root group: root
when: php_browscap when: php_browscap
- name: "PHP | browscap.ini" - name: browscap.ini
copy: copy:
src=browscap.ini src: browscap.ini
dest=/etc/{{ php_base_dir }}/apache2/extra/browscap.ini dest: /etc/{{ php_base_dir }}/apache2/extra/browscap.ini
owner=root owner: root
group=root group: root
when: php_browscap when: php_browscap
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- name: "PHP | Enable PHP modules"
shell: php5enmod {{ item }}
with_items:
- mcrypt
- imap
- imagick
when: php_version|default('5.5') != '7' and php_conf_dir == 'mods-available'
notify:
- "Apache | Restart Apache"
- name: "PHP | Create htdocs directory for apc status" - name: Create htdocs directory for apc status
file: file:
dest=/var/www/apc dest: /var/www/apc
state=directory state: directory
owner=www-data owner: www-data
group=www-data group: www-data
- name: "PHP | Copy APC status php script" - name: Copy APC status php script
copy: copy:
src=apc.php src: apc.php
dest=/var/www/apc dest: /var/www/apc
owner=www-data owner: www-data
group=www-data group: www-data
- name: "PHP | Check OCI Requirement" - name: Include oci version
shell: ls /usr/lib/php5/20090626/pdo_oci.so include_tasks: oci-{{ php_version|default('5.5') }}.yml
register: oci_available when: repository is defined and php_needs_oci8
when: php_needs_oci8
ignore_errors: yes - name: Include mcrypt
changed_when: oci_available.stdout != '/usr/lib/php5/20090626/pdo_oci.so' include_tasks: mcrypt-7.2.yml
notify: when: php_version|default('5.5') == '7.2' and php_needs_mcrypt
- "Apache | Restart Apache"
- name: Import msodbc
- include: oci.yml import_tasks: msodbc.yml
when: repository is defined and php_needs_oci8 and oci_available.stdout != '/usr/lib/php5/20090626/pdo_oci.so' when: php_needs_msodbc
- name: "PHP | Ensure ImageMagick config directory" - block:
file:
dest=/etc/ImageMagick - name: Apache FPM Socket Configuration
state=directory template:
owner=root src: etc-apache2-conf-available-php-fpm
group=root dest: /etc/apache2/{{ apache_conf_dir }}/php{{ php_version_main }}-fpm.conf
mode=0755 owner: root
group: root
- name: "PHP | ImageMagick Policy File" mode: 0644
notify:
- Restart Apache
- name: Enable Apache PHP FPM Configuration
command: a2enconf php{{ php_version_main }}-fpm
args:
creates: /etc/apache2/conf-enabled/php{{ php_version_main }}-fpm{{ apache_conf_ext }}
notify:
- Restart Apache
when: php_fpm_socket
- name: FPM Default Pool Configuration
template: template:
src=etc-imagemagick-policy.xml src: php_pool.conf
dest=/etc/ImageMagick/policy.xml dest: /etc/{{ php_base_dir }}/fpm/pool.d/default.conf
owner=root owner: root
group=root group: root
mode=0644 mode: 0644
when: (php_version_main|default(7) == 7) and php_fpm and apache_server_default
notify:
- Restart PHP-FPM
- block:
- name: Set facts for PHP 7
set_fact:
phpLogRotatePrefix: '{{php_version|default("7.0")}}'
phpLibPrefix: ''
when: php_version_main|default(7) == 7
- name: Set facts for PHP 5
set_fact:
phpLogRotatePrefix: '5'
phpLibPrefix: '5'
when: php_version_main|default(7) != 7
- name: Install logrotate script
template:
src: etc-logrotate-php
dest: /etc/logrotate.d/php{{ phpLogRotatePrefix }}-fpm
owner: root
group: root
mode: 0644
notify:
- Initial Logrotate
- name: Adjust apache config for default site
lineinfile:
dest: /etc/apache2/sites-available/{{ apache_conf_default_prefix }}default{{ apache_conf_ext }}
regexp: '{{ item.regexp }}'
line: '{{ item.line }}'
backrefs: yes
with_items:
- regexp: 'ProxyPassMatch'
line: ' ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:{{ php_fpm_port|default(9999) }}/var/www{{apache_server_default_root}}/$1'
- regexp: '<Proxy fcgi'
line: ' <Proxy fcgi://127.0.0.1:{{ php_fpm_port|default(9999) }}>'
when: apache_server_default
notify:
- Restart PHP-FPM
- Restart Apache
when: php_fpm
tags:
- logrotate
- name: Explicitly set PHP version for CLI
alternatives:
name: php
path: /usr/bin/php{{ php_version }}
...@@ -3,142 +3,161 @@ ...@@ -3,142 +3,161 @@
--- ---
# file: roles/php/tasks/php53.yml # file: roles/php/tasks/php53.yml
- name: "Ensure PHP53 config directory" - name: Ensure PHP53 config directory
file: file:
dest='{{ item }}' dest: '{{ item }}'
state='directory' state: directory
with_items: with_items:
- '/etc/{{ php_base_dir }}/fpm/pool.d/' - /etc/{{ php_base_dir }}/fpm/pool.d/
- name: "Check PHP 5.3 Requirement" - name: Check PHP 5.3 Requirement
shell: php --version shell: php --version
register: php_version_available register: php_version_available
changed_when: false changed_when: no
- block: - block:
- name: "Package Preferences" - name: Package Preferences
template: template:
src='preferences/{{ item }}' src: preferences/{{ item }}
dest='/etc/apt/preferences.d/{{ item }}-pin' dest: /etc/apt/preferences.d/{{ item }}-pin
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: with_items:
- 'openssl' - openssl
- 'libssl' - libssl
- name: "Install Packages" - name: Install Packages
apt: apt:
pkg={{ item }} pkg: '{{ packages }}'
state=installed state: present
with_items: vars:
- 'build-essential' packages:
- 'libfcgi-dev' - autoconf2.13
- 'libfcgi0ldbl' - automake1.4
- 'libjpeg62-dbg' - build-essential
- 'libmcrypt-dev' - libc-client2007e
- 'libssl-dev' - libc-client2007e-dev
- 'libc-client2007e' - libfcgi-dev
- 'libc-client2007e-dev' - libfcgi0ldbl
- 'libxml2-dev' - libfreetype6-dev
- 'libcurl4-openssl-dev' - libgif-dev
- 'libpng-dev' - libgif4
- 'libjpeg-progs' - libjpeg-progs
- 'autoconf2.13' - libjpeg62-dbg
- 'automake1.4' - libjpeg8
- libjpeg8-dev
- name: "Link Client Lib" - libmcrypt-dev
file: - libmysqlclient-dev
src='/usr/lib/x86_64-linux-gnu/libc-client.a' - libpcre++-dev
dest='/usr/lib/libc-client.a' - libpcre3-dev
state='link' - libpng-dev
force=yes - libssl-dev
- libx11-dev
- name: "Make sure an empty directory /tmp/php53 exists" - libxau-dev
file: - libxcb1-dev
path='/tmp/php53' - libxdmcp-dev
state='{{ item }}' - libxml2-dev
with_items: - libxml2-dev
- absent - libxpm-dev
- directory - x11proto-core-dev
- x11proto-input-dev
- name: "Download PHP 5.3" - x11proto-kb-dev
get_url: - xtrans-dev
url='http://in1.php.net/distributions/php-5.3.29.tar.bz2'
dest='/tmp/php-5.3.29.tar.bz2' - name: Link Client Lib
file:
- name: "Unpack PHP 5.3" src: /usr/lib/libc-client.a
unarchive: dest: /usr/lib/x86_64-linux-gnu/libc-client.a
src='/tmp/php-5.3.29.tar.bz2' state: link
dest='/tmp/php53'
copy=no - name: Make sure an empty directory /tmp/php53 exists
file:
- name: "Compile PHP 5.3" path: /tmp/php53
shell: "{{ item }} chdir=/tmp/php53/php-5.3.29" state: '{{ item }}'
with_items: with_items:
- ./configure --with-libdir=/lib/x86_64-linux-gnu --enable-fpm --enable-mbstring --enable-sockets --with-zlib --enable-zip --with-imap-ssl --with-imap --with-curl --with-mcrypt --with-gd --with-mysql --with-pdo-mysql --with-mysqli --with-gettext --with-jpeg-dir=/usr --with-png-dir=/usr --with-kerberos --with-openssl --disable-cgi - absent
- make - directory
- make install
- name: Download PHP 5.3
- name: "Create PHP53 Start Script" get_url:
template: url: 'http://in1.php.net/distributions/php-5.3.29.tar.bz2'
src='etc-init-d-php53-fpm' dest: /tmp/php-5.3.29.tar.bz2
dest='/etc/init.d/php-fpm'
owner='root' - name: Unpack PHP 5.3
group='root' unarchive:
mode='755' src: /tmp/php-5.3.29.tar.bz2
dest: /tmp/php53
- name: "Add PHP-FPM to Boot-List" copy: no
command: update-rc.d php-fpm defaults
- name: Compile PHP 5.3
when: '"PHP 5.3.29" not in php_version_available.stdout' shell: '{{ item }}'
args:
- name: "Copy PHP53 Libraries" chdir: /tmp/php53/php-5.3.29
with_items:
- ./configure --with-libdir=/lib/x86_64-linux-gnu --enable-fpm --enable-mbstring --enable-sockets --with-zlib --enable-zip --with-imap-ssl --with-imap --with-curl --with-mcrypt --with-gd --with-mysql --with-pdo-mysql --with-mysqli --with-gettext --with-jpeg-dir=/usr --with-png-dir=/usr --with-kerberos --with-openssl --disable-cgi
- make
- make install
- name: Create PHP53 Start Script
template:
src: etc-init-d-php53-fpm
dest: /etc/init.d/php-fpm
owner: root
group: root
mode: 0755
- name: Add PHP-FPM to Boot-List
command: update-rc.d php-fpm defaults
when: php_version_available and 'PHP 5.3.29' not in php_version_available.stdout
- name: Copy PHP53 Libraries
copy: copy:
src='php53/libs/{{ item.file }}' src: php53/libs/{{ item.file }}
dest='{{ php53.libdir }}/{{ item.file }}' dest: '{{ php53.libdir }}/{{ item.file }}'
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: '{{ php53.libraries }}' with_items: '{{ php53.libraries }}'
- name: "Ensure PHP53 Library Links" - name: Ensure PHP53 Library Links
file: file:
src='{{ php53.libdir }}/{{ item.file }}' src: '{{ php53.libdir }}/{{ item.file }}'
dest='{{ php53.libdir }}/{{ item.link }}' dest: '{{ php53.libdir }}/{{ item.link }}'
state='link' state: link
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: '{{ php53.libraries }}' with_items: '{{ php53.libraries }}'
- name: "Ensure extra Library Links" - name: Ensure extra Library Links
file: file:
src='{{ item.src }}' src: '{{ item.src }}'
dest='{{ php53.libdir }}/{{ item.link }}' dest: '{{ php53.libdir }}/{{ item.link }}'
state='link' state: link
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: '{{ php53.liblinks }}' with_items: '{{ php53.liblinks }}'
- name: "Copy PHP53 Modules" - name: Copy PHP53 Modules
copy: copy:
src='php53/{{ item }}.so' src: php53/{{ item }}.so
dest='{{ php53.extdir }}/{{ item }}.so' dest: '{{ php53.extdir }}/{{ item }}.so'
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: '{{ php53.modules }}' with_items: '{{ php53.modules }}'
- name: "Create PHP53 INI Files" - name: Create PHP53 INI Files
template: template:
src='etc-php5-apache2-php.ini' src: etc-php5-apache2-php.ini
dest='/etc/{{ php_base_dir }}/{{ item }}/php.ini' dest: /etc/{{ php_base_dir }}/{{ item }}/php.ini
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: with_items:
- 'cgi53' - cgi53
- 'cli53' - cli53
- 'fpm' - fpm
---
# file: roles/php/tasks/variables.yml
- block:
- name: Set default facts
set_fact:
phpFpmService: php5-fpm
- name: Set facts for PHP 5
set_fact:
phpFpmService: php-fpm
when: php_version_main|default(7) == 5
- name: Set facts for PHP 7
set_fact:
phpFpmService: php{{php_version|default("7.0")}}-fpm
when: php_version_main|default(7) == 7
tags:
- always
<IfModule mod_fastcgi.c>
AddHandler php{{ php_version_main }}-fcgi .php
Action php{{ php_version_main }}-fcgi /php{{ php_version_main }}-fcgi
Alias /php{{ php_version_main }}-fcgi /usr/lib/cgi-bin/php{{ php_version_main }}-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php{{ php_version_main }}-fcgi -socket /var/run/php{{ php_version_main }}-fpm.sock -pass-header Authorization
<Directory /usr/lib/cgi-bin>
Include /etc/apache2/{{ apache_conf_dir }}/global-deny.conf
</Directory>
</IfModule>