Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • ansible/roles/php
  • ericzillmann/php
2 results
Show changes
Commits on Source (80)
Showing with 1149 additions and 739 deletions
php_install_redis: true ---
php_hold_version: false
php_version: 7.0
php_version_main: 7
php_fpm: yes
php_fpm_socket: no
php_install_redis: yes
php_hold_version: no
php_repositories: [] php_repositories: []
php_packages: php_packages:
- php-apc - php-apc
- php-imagick
- php-pear - php-pear
- php-soap - php-soap
- php-uploadprogress
- php5 - php5
- php5-cgi - php5-cgi
- php5-cli - php5-cli
...@@ -17,84 +27,94 @@ php_packages: ...@@ -17,84 +27,94 @@ php_packages:
- php5-mysql - php5-mysql
- php5-xdebug - php5-xdebug
- php5-xmlrpc - php5-xmlrpc
- imagemagick
php_base_dir: 'php5' php_base_dir: php5
php_conf_dir: 'conf.d' php_conf_dir: conf.d
php_allow_call_time_pass_reference: 'on' php_allow_call_time_pass_reference: 'on'
php_browscap: false php_browscap: no
php_date_timezone: 'Europe/Berlin' php_date_timezone: Europe/Berlin
php_display_errors: 'Off' php_display_errors: 'Off'
php_display_startup_errors: 'Off' php_display_startup_errors: 'Off'
php_error_reporting: 'E_ALL & ~E_NOTICE' php_error_reporting: E_ALL & ~E_NOTICE
php_expose_php: 'Off' php_expose_php: 'Off'
php_filter_default: 'unsafe_raw' php_filter_default: unsafe_raw
php_html_errors: 'Off' php_html_errors: 'Off'
php_log_errors: 'On' php_log_errors: 'On'
php_magic_quotes_gpc: 'On' php_magic_quotes_gpc: 'On'
php_max_execution_time: '30' php_max_execution_time: 30
php_max_file_uploads: '20' php_max_file_uploads: 20
php_max_input_vars: '1000' php_max_input_time: 60
php_memory_limit: '32M' php_max_input_vars: 1000
php_needs_oci8: false php_memory_limit: 32M
php_post_max_size: '32M' php_needs_mcrypt: no
php_needs_msodbc: no
php_needs_oci8: no
php_output_buffering: 4096
php_post_max_size: 32M
php_register_globals: 'Off' php_register_globals: 'Off'
php_register_long_arrays: 'On' php_register_long_arrays: 'On'
php_sendmail_path: '/usr/sbin/sendmail -t -i' php_sendmail_path: /usr/sbin/sendmail -t -i
php_session_cache_expire: '180' php_session_cache_expire: 180
php_session_cookie_lifetime: '0' php_session_cookie_lifetime: 0
php_session_gc_divisor: '1000' php_session_gc_divisor: 1000
php_session_gc_maxlifetime: '1440' php_session_gc_maxlifetime: 1440
php_short_open_tag: 'Off' php_short_open_tag: 'Off'
php_upload_max_filesize: '2M' php_upload_max_filesize: 2M
php_zend_assertions: '-1' php_zend_assertions: -1
# PHP FPM
php_fpm_max_children: 10
php_fpm_start_servers: 4
php_fpm_min_spare_servers: 2
php_fpm_max_spare_servers: 6
php_fpm_max_requests: 2000
# apc.ini # apc.ini
apc_rfc1867: '1' apc_rfc1867: 1
apc_shm_size: '256M' apc_shm_size: 32M
apc_shm_segments: '1' apc_shm_segments: 1
apc_num_files_hint: '0' apc_num_files_hint: 0
apc_ttl: '7200' apc_ttl: 7200
apc_user_ttl: '7200' apc_user_ttl: 7200
apc_gc_ttl: '3600' apc_gc_ttl: 3600
# opcache.ini # opcache.ini
opcache_memory_consumption: '128' opcache_memory_consumption: 128
opcache_max_accelerated_files: '7963' opcache_max_accelerated_files: 7963
opcache_revalidate_freq: '30' opcache_revalidate_freq: 30
opcache_interned_strings_buffer: '16' opcache_interned_strings_buffer: 16
# php 5.3 # php 5.3
php53: php53:
libraries: libraries:
- file: 'libgd.so.2.0.0' - file: libgd.so.2.0.0
link: 'libgd.so.2' link: libgd.so.2
- file: 'liblcms.so.1.0.19' - file: liblcms.so.1.0.19
link: 'liblcms.so.1' link: liblcms.so.1
- file: 'libMagickCore.so.4.0.1' - file: libMagickCore.so.4.0.1
link: 'libMagickCore.so.4' link: libMagickCore.so.4
- file: 'libMagickWand.so.4.0.1' - file: libMagickWand.so.4.0.1
link: 'libMagickWand.so.4' link: libMagickWand.so.4
- file: 'libt1.so.5.1.2' - file: libt1.so.5.1.2
link: 'libt1.so.5' link: libt1.so.5
liblinks: liblinks:
- src: '/lib/x86_64-linux-gnu/libpng12.so.0' - src: /lib/x86_64-linux-gnu/libpng12.so.0
link: 'libpng12.so.0' link: libpng12.so.0
modules: modules:
- 'apc' - apc
- 'curl' - curl
- 'gd' - gd
- 'imagick' - imagick
- 'imap' - imap
#- 'json' # - json
- 'mcrypt' - mcrypt
#- 'memcached' # - memcached
- 'mysql' - mysql
- 'mysqli' - mysqli
- 'pdo_mysql' - pdo_mysql
#- 'readline' # - readline
- 'redis' - redis
- 'xmlrpc' - xmlrpc
extdir: '/usr/local/lib/php/extensions/no-debug-non-zts-20090626' extdir: /usr/local/lib/php/extensions/no-debug-non-zts-20090626
libdir: '/usr/lib/x86_64-linux-gnu' libdir: /usr/lib/x86_64-linux-gnu
This diff is collapsed.
--- ---
# file: roles/php/handlers/main.yml # file: roles/php/handlers/main.yml
- name: "Restart PHP-FPM" - name: Restart PHP-FPM
service: service:
name: '{{ phpFpmService|default("php7.0-fpm") }}' name: '{{ phpFpmService }}'
state: 'restarted' state: restarted
- name: Initial Logrotate
shell: logrotate -f /etc/logrotate.d/php{{ phpLogRotatePrefix }}-fpm
...@@ -2,3 +2,4 @@ ...@@ -2,3 +2,4 @@
dependencies: dependencies:
- { role: apache } - { role: apache }
- { role: imagemagick }
...@@ -5,17 +5,36 @@ ...@@ -5,17 +5,36 @@
--- ---
# file: roles/php/tasks/main.yml # file: roles/php/tasks/main.yml
- name: "PHP Role" - name: PHP Role
set_fact: role_php_started=true set_fact:
tags: always role_php_started: yes
tags:
- always
- block: - block:
- include: php.yml - name: Include variables
when: role_php_completed is not defined include_tasks: variables.yml
tags:
- always
- name: 'PHP | Remember that this role had been run' - name: Import php
set_fact: role_php_completed=true import_tasks: php.yml
tags: always
when: '"php" not in excluded_roles' - name: Link PhpEnMod for PHP 5.3
file:
dest: /usr/local/bin/php{{ item }}
src: /usr/sbin/php5{{ item }}
state: link
with_items:
- enmod
- dismod
when: php_version|default("5.5") == "5.3"
- name: PHP | Remember that this role had been run
set_fact:
role_php_completed: yes
tags:
- always
when: (not excluded_roles or "php" not in excluded_roles) and role_php_completed is not defined
---
# file: roles/php/tasks/mcrypt-7.2.yml
- name: Check MCrypt Requirement
stat:
path: /usr/lib/php/20170718/mcrypt.so
register: mcrypt_file
- block:
- name: Enable MCrypt for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- mcrypt
- name: Install packages
apt:
pkg: '{{ packages }}'
state: present
update_cache: yes
vars:
packages:
- libmcrypt-dev
- libreadline-dev
- name: Install PECL packages
shell: pecl install --soft --ignore-errors mcrypt-1.0.1
when: php_version_main|default(7) == 7
ignore_errors: yes
- name: Enable extension
shell: phpenmod {{ item }}
with_items:
- mcrypt
notify:
- Restart Apache
when: not mcrypt_file.stat.exists
---
# file: roles/php/tasks/msodbc.yml
- name: Apt Key
apt_key:
keyring: /etc/apt/trusted.gpg.d/microsoft.gpg
url: 'https://packages.microsoft.com/keys/microsoft.asc'
state: present
- name: Apt Repository
apt_repository:
repo: 'deb [arch=amd64] https://packages.microsoft.com/ubuntu/18.04/prod {{ ansible_distribution_release }} main'
state: present
mode: 0644
- name: Accept licenses
debconf:
name: "{{ item }}-installer"
question: "{{ item }}/accept_eula"
value: "true"
vtype: "select"
with_items:
- mssql-tools
- name: Install Packages
apt:
pkg: '{{ packages }}'
state: present
update_cache: yes
vars:
packages:
- mssql-tools
- unixodbc-dev
notify:
- Restart Apache
- name: PHP | Install PECL packages
shell: pecl install --soft {{ item }}
with_items:
- sqlsrv
- pdo_sqlsrv
when: false
- name: Configuration files
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- sqlsrv
- pdo_sqlsrv
notify:
- Restart Apache
when: false
- name: Enable extensions
shell: phpenmod {{ item }}
with_items:
- sqlsrv
- pdo_sqlsrv
notify:
- Restart Apache
when: false
---
# file: roles/php/tasks/oci-5.3.yml
#
# @see OCI8 Install: https://help.ubuntu.com/community/PHPOracle
# Better:
# @see PDO_OCI Install: https://drupal.org/comment/5572626#comment-5572626
- name: PHP | Check OCI Requirement
stat:
path: /usr/lib/php5/20090626/pdo_oci.so
register: oci_file
- block:
- name: PHP | OCI | Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- pdo_oci
- name: PHP | OCI | Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so
- oracle_x64_11_2_0_3_0_pdo_oci_so
- name: PHP | OCI | Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so
- oracle_x64_11_2_0_3_0_pdo_oci_so
- name: PHP | OCI | Remove /usr/local/lib/instantclient_11_2
file:
path: /usr/local/lib/instantclient_11_2
state: absent
- name: PHP | OCI | Move Oracle InstantClient to /usr/local/lib
command: mv /tmp/instantclient_11_2 /usr/local/lib/
- name: PHP | OCI | Move oci8 to /usr/lib/php5
command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so /usr/lib/php5/20090626/oci8.so
- name: PHP | OCI | Move pdo_oci to /usr/lib/php5
command: mv /tmp/oracle_x64_11_2_0_3_0_pdo_oci_so /usr/lib/php5/20090626/pdo_oci.so
- name: PHP | OCI | Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /usr/local/lib/instantclient_11_2
- name: Ensure log directories
file:
path: /usr/local/lib/instantclient_11_2/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /usr/local/lib/instantclient_11_2/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: PHP | OCI | Make available libclntsh.so
file:
src: /usr/local/lib/instantclient_11_2/libclntsh.so.11.1
dest: /usr/local/lib/instantclient_11_2/libclntsh.so
state: link
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci-5.5.yml
- debug: msg="OCI8 for PHP 5.5 not implemented yet"
---
# file: roles/php/tasks/oci-5.6.yml
- name: Check OCI Requirement
stat:
path: /usr/lib/php/20131226/oci8.so
register: oci_file
- block:
- name: Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- name: Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so_php_5_6
- name: Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so_php_5_6
- name: Remove /usr/local/lib/instantclient_11_2
file:
path: /usr/local/lib/instantclient_11_2
state: absent
- name: Move Oracle InstantClient to /usr/local/lib
command: mv /tmp/instantclient_11_2 /usr/local/lib/
- name: Move oci8 to /usr/lib/php
command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so_php_4_5 /usr/lib/php/20131226/oci8.so
- name: Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /usr/local/lib/instantclient_11_2
- name: Ensure log directories
file:
path: /usr/local/lib/instantclient_11_2/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /usr/local/lib/instantclient_11_2/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: Make available libclntsh.so
file:
src: /usr/local/lib/instantclient_11_2/libclntsh.so.11.1
dest: /usr/local/lib/instantclient_11_2/libclntsh.so
state: link
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci-7.0.yml
- name: Check OCI Requirement
stat:
path: /usr/lib/php/20151012/oci8.so
register: oci_file
- block:
- name: Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- name: Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so_php_7
- name: Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so_php_7
- name: Remove /usr/local/lib/instantclient_11_2
file:
path: /usr/local/lib/instantclient_11_2
state: absent
- name: Move Oracle InstantClient to /usr/local/lib
command: mv /tmp/instantclient_11_2 /usr/local/lib/
- name: Move oci8 to /usr/lib/php
command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so_php_7 /usr/lib/php/20151012/oci8.so
- name: Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /usr/local/lib/instantclient_11_2
- name: Ensure log directories
file:
path: /usr/local/lib/instantclient_11_2/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /usr/local/lib/instantclient_11_2/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: Make available libclntsh.so
file:
src: /usr/local/lib/instantclient_11_2/libclntsh.so.11.1
dest: /usr/local/lib/instantclient_11_2/libclntsh.so
state: link
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci-7.1.yml
- debug: msg="OCI8 for PHP 7.1 not implemented yet"
---
# file: roles/php/tasks/oci-7.2.yml
#
# https://gist.github.com/Yukibashiri/cebaeaccbe531665a5704b1b34a3498e
- name: Check OCI Requirement
stat:
path: /usr/lib/php/20170718/oci8.so
register: oci_file
- block:
- name: Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- name: Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_18_5
- oracle_x64_18_5_0_0_0_oci8_so_php_7
- name: Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_18_5
- oracle_x64_18_5_0_0_0_oci8_so_php_7
- name: Remove /opt/oracle/instantclient_18_5
file:
path: /opt/oracle/instantclient_18_5
state: absent
- name: Ensure directory /opt/oracle
file:
path: /opt/oracle
state: directory
- name: Move Oracle InstantClient to /opt/oracle
command: mv /tmp/instantclient_18_5 /opt/oracle/instantclient_18_5
- name: Move oci8 to /usr/lib/php
command: mv /tmp/oracle_x64_18_5_0_0_0_oci8_so_php_7 /usr/lib/php/20170718/oci8.so
- name: Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /opt/oracle/instantclient_18_5
- name: Ensure log directories
file:
path: /opt/oracle/instantclient_18_5/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /opt/oracle/instantclient_18_5/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: Create symlinks
file:
src: /opt/oracle/instantclient_18_5/{{ item }}.so.18.1
dest: /opt/oracle/instantclient_18_5/{{ item }}.so
state: link
with_items:
- libclntsh
- libocci
- name: Configure libraries
template:
src: etc-ld-oracle
dest: /etc/ld.so.conf.d/oracle-instantclient.conf
owner: root
group: root
mode: 0644
- name: Update libraries
command: ldconfig
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci-7.3.yml
- debug: msg="OCI8 for PHP 7.3 not implemented yet"
---
# file: roles/php/tasks/oci-7.4.yml
#
# https://gist.github.com/Yukibashiri/cebaeaccbe531665a5704b1b34a3498e
- name: Check OCI Requirement
stat:
path: /usr/lib/php/20190902/oci8.so
register: oci_file
- block:
- name: Enable OCI for PHP
copy:
content: extension={{ item }}.so
dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner: root
group: root
mode: 0644
with_items:
- oci8
- name: Remove possible components in /tmp
file:
path: /tmp/{{ item }}
state: absent
with_items:
- instantclient_18_5
- oracle_x64_18_5_0_0_0_oci8_so_php_7
- name: Make available Oracle InstantClient
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_18_5
- oracle_x64_18_5_0_0_0_oci8_so_php_7_4
- name: Remove /opt/oracle/instantclient_18_5
file:
path: /opt/oracle/instantclient_18_5
state: absent
- name: Ensure directory /opt/oracle
file:
path: /opt/oracle
state: directory
- name: Move Oracle InstantClient to /opt/oracle
command: mv /tmp/instantclient_18_5 /opt/oracle/instantclient_18_5
- name: Move oci8 to /usr/lib/php
command: mv /tmp/oracle_x64_18_5_0_0_0_oci8_so_php_7_4 /usr/lib/php/20190902/oci8.so
- name: Change ownership for Oracle InstantClient
file:
path: '{{ item }}'
owner: root
group: root
recurse: yes
follow: no
with_items:
- /opt/oracle/instantclient_18_5
- name: Ensure log directories
file:
path: /opt/oracle/instantclient_18_5/log/diag/clients
owner: www-data
group: root
state: directory
mode: 0775
follow: no
- name: Set permissions in log directories
file:
path: /opt/oracle/instantclient_18_5/log
owner: www-data
group: root
mode: 0775
recurse: yes
follow: no
- name: Create symlinks
file:
src: /opt/oracle/instantclient_18_5/{{ item }}.so.18.1
dest: /opt/oracle/instantclient_18_5/{{ item }}.so
state: link
with_items:
- libclntsh
- libocci
- name: Configure libraries
template:
src: etc-ld-oracle
dest: /etc/ld.so.conf.d/oracle-instantclient.conf
owner: root
group: root
mode: 0644
- name: Update libraries
command: ldconfig
when: not oci_file.stat.exists
---
# file: roles/php/tasks/oci8.yml
#
# @see OCI8 Install: https://help.ubuntu.com/community/PHPOracle
# Better:
# @see PDO_OCI Install: https://drupal.org/comment/5572626#comment-5572626
- name: "PHP | OCI | Enable OCI for PHP"
copy:
content='extension={{ item }}.so'
dest=/etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner=root
group=root
mode='644'
with_items:
- oci8
- pdo_oci
- name: "PHP | OCI | Remove possible components in /tmp"
command: rm -Rf /tmp/{{ item }}
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so
- oracle_x64_11_2_0_3_0_pdo_oci_so
- name: "PHP | OCI | Make available Oracle InstantClient"
command: scp -r {{ repository }}{{ item }} /tmp/
become: no
with_items:
- instantclient_11_2
- oracle_x64_11_2_0_3_0_oci8_so
- oracle_x64_11_2_0_3_0_pdo_oci_so
- name: "PHP | OCI | Remove /usr/local/lib/instantclient_11_2"
command: rm -Rf /usr/local/lib/instantclient_11_2
- name: "PHP | OCI | Move Oracle InstantClient to /usr/local/lib"
command: mv /tmp/instantclient_11_2 /usr/local/lib/
- name: "PHP | OCI | Move oci8 to /usr/lib/php5"
command: mv /tmp/oracle_x64_11_2_0_3_0_oci8_so /usr/lib/php5/20090626/oci8.so
- name: "PHP | OCI | Move pdo_oci to /usr/lib/php5"
command: mv /tmp/oracle_x64_11_2_0_3_0_pdo_oci_so /usr/lib/php5/20090626/pdo_oci.so
- name: "PHP | OCI | Change ownership for Oracle InstantClient"
file:
path="{{ item }}"
owner="root"
group="root"
recurse=yes
with_items:
- /usr/local/lib/instantclient_11_2
- /usr/lib/php5/20090626/oci8.so
- /usr/lib/php5/20090626/pdo_oci.so
- name: "PHP | OCI | Make available libclntsh.so"
file:
src=/usr/local/lib/instantclient_11_2/libclntsh.so.11.1
dest=/usr/local/lib/instantclient_11_2/libclntsh.so
state=link
--- ---
# file: roles/php/tasks/php.yml # file: roles/php/tasks/php.yml
- name: "PHP | Apt Repository" - name: Apt Repository
apt_repository: apt_repository:
repo='{{ item }}' repo: '{{ item }}'
state='present' state: present
mode='644' mode: 0644
with_items: '{{ php_repositories }}' with_items: '{{ php_repositories }}'
- name: "PHP | Install required packages." - name: Install required packages.
apt: apt:
pkg={{ item }} pkg: '{{ php_packages }}'
state=installed state: present
force=yes force: yes
with_items: '{{ php_packages }}'
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- name: "PHP | Hold em all" - name: Hold em all
shell: dpkg --get-selections | grep ^php | sed s/install/hold/g | sudo dpkg --set-selections shell: dpkg --get-selections | grep ^sed s/install/hold/g | sudo dpkg --set-selections
when: php_hold_version when: php_hold_version
- name: "PHP | Install PECL packages" - name: Install PECL packages
shell: 'pecl install --soft imagick-3.3.0' shell: pecl install --soft imagick-3.3.0
when: php_version|default('5.5') != '7' when: php_version_main|default(7) != 7
ignore_errors: true ignore_errors: yes
- name: "PHP | Install PECL packages" # NOTE: If oauth is already installed and we install a new PHP 7 version then this fails and we need --force as well
shell: 'pecl install --soft oauth' - name: Install PECL packages
when: php_version|default('5.5') == '7' shell: pecl install --soft --force oauth
ignore_errors: true when: php_version_main|default(7) == 7
ignore_errors: yes
- name: "PHP | Ensure Apache config directory" - name: Ensure Apache config directory
file: file:
dest=/etc/{{ php_base_dir }}/apache2 dest: /etc/{{ php_base_dir }}/apache2
state=directory state: directory
owner=root owner: root
group=root group: root
mode='755' mode: 0755
- name: "PHP | Configuration file, php.ini" - name: Configuration file, php.ini
template: template:
src=etc-php5-apache2-php.ini src: etc-php5-apache2-php.ini
dest=/etc/{{ php_base_dir }}/apache2/php.ini dest: /etc/{{ php_base_dir }}/apache2/php.ini
owner=root owner: root
group=root group: root
mode='644' mode: 0644
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- include: php53.yml - name: Import php53
import_tasks: php53.yml
when: php_version|default('5.5') == '5.3' when: php_version|default('5.5') == '5.3'
- name: "PHP | Configuration file, fcgid.conf" - name: Configuration file, fcgid.conf
template: template:
src=fcgid.conf src: fcgid.conf
dest=/etc/apache2/mods-available/fcgid.conf dest: /etc/apache2/mods-available/fcgid.conf
owner=root owner: root
group=root group: root
mode='644' mode: 0644
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- name: "PHP | Cache configuration file, opcache.ini" - name: Configuration files
template: template:
src=etc-php5-conf-d-opcache.ini src: etc-php5-conf-d-{{ item }}.ini
dest=/etc/{{ php_base_dir }}/{{ php_conf_dir }}/opcache.ini dest: /etc/{{ php_base_dir }}/{{ php_conf_dir }}/{{ item }}.ini
owner=root owner: root
group=root group: root
mode='644' mode: 0644
with_items:
- apcu
- opcache
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- name: "PHP | Create extra directory for browscap" - name: Create extra directory for browscap
file: file:
dest=/etc/{{ php_base_dir }}/apache2/extra dest: /etc/{{ php_base_dir }}/apache2/extra
state=directory state: directory
owner=root owner: root
group=root group: root
when: php_browscap when: php_browscap
- name: "PHP | browscap.ini" - name: browscap.ini
copy: copy:
src=browscap.ini src: browscap.ini
dest=/etc/{{ php_base_dir }}/apache2/extra/browscap.ini dest: /etc/{{ php_base_dir }}/apache2/extra/browscap.ini
owner=root owner: root
group=root group: root
when: php_browscap when: php_browscap
notify: notify:
- "Apache | Restart Apache" - Restart Apache
- name: "PHP | Enable PHP modules" - name: Create htdocs directory for apc status
shell: php5enmod {{ item }}
with_items:
- mcrypt
- imap
- imagick
when: php_version|default('5.5') != '7' and php_conf_dir == 'mods-available'
notify:
- "Apache | Restart Apache"
- name: "PHP | Create htdocs directory for apc status"
file: file:
dest=/var/www/apc dest: /var/www/apc
state=directory state: directory
owner=www-data owner: www-data
group=www-data group: www-data
- name: "PHP | Copy APC status php script" - name: Copy APC status php script
copy: copy:
src=apc.php src: apc.php
dest=/var/www/apc dest: /var/www/apc
owner=www-data owner: www-data
group=www-data group: www-data
- name: "PHP | Check OCI Requirement"
shell: ls /usr/lib/php5/20090626/pdo_oci.so
register: oci_available
when: php_needs_oci8
ignore_errors: yes
changed_when: oci_available.stdout != '/usr/lib/php5/20090626/pdo_oci.so'
notify:
- "Apache | Restart Apache"
- include: oci.yml - name: Include oci version
when: repository is defined and php_needs_oci8 and oci_available.stdout != '/usr/lib/php5/20090626/pdo_oci.so' include_tasks: oci-{{ php_version|default('5.5') }}.yml
when: repository is defined and php_needs_oci8
- name: "PHP | Ensure ImageMagick config directory" - name: Include mcrypt
file: include_tasks: mcrypt-7.2.yml
dest=/etc/ImageMagick when: php_version|default('5.5') == '7.2' and php_needs_mcrypt
state=directory
owner=root - name: Import msodbc
group=root import_tasks: msodbc.yml
mode='755' when: php_needs_msodbc
- name: "PHP | ImageMagick Policy File" - block:
- name: Apache FPM Socket Configuration
template:
src: etc-apache2-conf-available-php-fpm
dest: /etc/apache2/{{ apache_conf_dir }}/php{{ php_version_main }}-fpm.conf
owner: root
group: root
mode: 0644
notify:
- Restart Apache
- name: Enable Apache PHP FPM Configuration
command: a2enconf php{{ php_version_main }}-fpm
args:
creates: /etc/apache2/conf-enabled/php{{ php_version_main }}-fpm{{ apache_conf_ext }}
notify:
- Restart Apache
when: php_fpm_socket
- name: FPM Default Pool Configuration
template: template:
src=etc-imagemagick-policy.xml src: php_pool.conf
dest=/etc/ImageMagick/policy.xml dest: /etc/{{ php_base_dir }}/fpm/pool.d/default.conf
owner=root owner: root
group=root group: root
mode='644' mode: 0644
when: (php_version_main|default(7) == 7) and php_fpm and apache_server_default
notify:
- Restart PHP-FPM
- block: - block:
- set_fact: - name: Set facts for PHP 7
phpLogRotatePrefix='7.0' set_fact:
phpLibPrefix='' phpLogRotatePrefix: '{{php_version|default("7.0")}}'
when: php_version|default('5.5') == '7' phpLibPrefix: ''
- set_fact: when: php_version_main|default(7) == 7
phpLogRotatePrefix='5' - name: Set facts for PHP 5
phpLibPrefix='5' set_fact:
when: php_version|default('5.5') != '7' phpLogRotatePrefix: '5'
phpLibPrefix: '5'
- name: "Install logrotate script" when: php_version_main|default(7) != 7
template:
src=etc-logrotate-php - name: Install logrotate script
dest=/etc/logrotate.d/php{{ phpLogRotatePrefix }}-fpm template:
owner=root src: etc-logrotate-php
group=root dest: /etc/logrotate.d/php{{ phpLogRotatePrefix }}-fpm
mode='644' owner: root
tags: 'logrotate' group: root
mode: 0644
notify:
- Initial Logrotate
- name: Adjust apache config for default site
lineinfile:
dest: /etc/apache2/sites-available/{{ apache_conf_default_prefix }}default{{ apache_conf_ext }}
regexp: '{{ item.regexp }}'
line: '{{ item.line }}'
backrefs: yes
with_items:
- regexp: 'ProxyPassMatch'
line: ' ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:{{ php_fpm_port|default(9999) }}/var/www{{apache_server_default_root}}/$1'
- regexp: '<Proxy fcgi'
line: ' <Proxy fcgi://127.0.0.1:{{ php_fpm_port|default(9999) }}>'
when: apache_server_default
notify:
- Restart PHP-FPM
- Restart Apache
when: php_fpm
tags:
- logrotate
- name: Explicitly set PHP version for CLI
alternatives:
name: php
path: /usr/bin/php{{ php_version }}
...@@ -3,159 +3,161 @@ ...@@ -3,159 +3,161 @@
--- ---
# file: roles/php/tasks/php53.yml # file: roles/php/tasks/php53.yml
- name: "Ensure PHP53 config directory" - name: Ensure PHP53 config directory
file: file:
dest='{{ item }}' dest: '{{ item }}'
state='directory' state: directory
with_items: with_items:
- '/etc/{{ php_base_dir }}/fpm/pool.d/' - /etc/{{ php_base_dir }}/fpm/pool.d/
- name: "Check PHP 5.3 Requirement" - name: Check PHP 5.3 Requirement
shell: php --version shell: php --version
register: php_version_available register: php_version_available
changed_when: false changed_when: no
- block: - block:
- name: "Package Preferences" - name: Package Preferences
template: template:
src='preferences/{{ item }}' src: preferences/{{ item }}
dest='/etc/apt/preferences.d/{{ item }}-pin' dest: /etc/apt/preferences.d/{{ item }}-pin
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: with_items:
- 'openssl' - openssl
- 'libssl' - libssl
- name: "Install Packages" - name: Install Packages
apt: apt:
pkg={{ item }} pkg: '{{ packages }}'
state=installed state: present
with_items: vars:
- 'autoconf2.13' packages:
- 'automake1.4' - autoconf2.13
- 'build-essential' - automake1.4
- 'libc-client2007e' - build-essential
- 'libc-client2007e-dev' - libc-client2007e
- 'libcurl4-openssl-dev' - libc-client2007e-dev
- 'libfcgi-dev' - libfcgi-dev
- 'libfcgi0ldbl' - libfcgi0ldbl
- 'libfreetype6-dev' - libfreetype6-dev
- 'libgif-dev' - libgif-dev
- 'libgif4' - libgif4
- 'libjpeg-progs' - libjpeg-progs
- 'libjpeg62-dbg' - libjpeg62-dbg
- 'libjpeg8' - libjpeg8
- 'libjpeg8-dev' - libjpeg8-dev
- 'libmcrypt-dev' - libmcrypt-dev
- 'libmysqlclient-dev' - libmysqlclient-dev
- 'libpcre++-dev' - libpcre++-dev
- 'libpcre3-dev' - libpcre3-dev
- 'libpng-dev' - libpng-dev
- 'libssl-dev' - libssl-dev
- 'libx11-dev' - libx11-dev
- 'libxau-dev' - libxau-dev
- 'libxcb1-dev' - libxcb1-dev
- 'libxdmcp-dev' - libxdmcp-dev
- 'libxml2-dev' - libxml2-dev
- 'libxml2-dev' - libxml2-dev
- 'libxpm-dev' - libxpm-dev
- 'x11proto-core-dev' - x11proto-core-dev
- 'x11proto-input-dev' - x11proto-input-dev
- 'x11proto-kb-dev' - x11proto-kb-dev
- 'xtrans-dev' - xtrans-dev
- name: "Link Client Lib" - name: Link Client Lib
file: file:
src='/usr/lib/libc-client.a' src: /usr/lib/libc-client.a
dest='/usr/lib/x86_64-linux-gnu/libc-client.a' dest: /usr/lib/x86_64-linux-gnu/libc-client.a
state='link' state: link
- name: "Make sure an empty directory /tmp/php53 exists" - name: Make sure an empty directory /tmp/php53 exists
file: file:
path='/tmp/php53' path: /tmp/php53
state='{{ item }}' state: '{{ item }}'
with_items: with_items:
- absent - absent
- directory - directory
- name: "Download PHP 5.3" - name: Download PHP 5.3
get_url: get_url:
url='http://in1.php.net/distributions/php-5.3.29.tar.bz2' url: 'http://in1.php.net/distributions/php-5.3.29.tar.bz2'
dest='/tmp/php-5.3.29.tar.bz2' dest: /tmp/php-5.3.29.tar.bz2
- name: "Unpack PHP 5.3" - name: Unpack PHP 5.3
unarchive: unarchive:
src='/tmp/php-5.3.29.tar.bz2' src: /tmp/php-5.3.29.tar.bz2
dest='/tmp/php53' dest: /tmp/php53
copy=no copy: no
- name: "Compile PHP 5.3" - name: Compile PHP 5.3
shell: "{{ item }} chdir=/tmp/php53/php-5.3.29" shell: '{{ item }}'
with_items: args:
- ./configure --with-libdir=/lib/x86_64-linux-gnu --enable-fpm --enable-mbstring --enable-sockets --with-zlib --enable-zip --with-imap-ssl --with-imap --with-curl --with-mcrypt --with-gd --with-mysql --with-pdo-mysql --with-mysqli --with-gettext --with-jpeg-dir=/usr --with-png-dir=/usr --with-kerberos --with-openssl --disable-cgi chdir: /tmp/php53/php-5.3.29
- make with_items:
- make install - ./configure --with-libdir=/lib/x86_64-linux-gnu --enable-fpm --enable-mbstring --enable-sockets --with-zlib --enable-zip --with-imap-ssl --with-imap --with-curl --with-mcrypt --with-gd --with-mysql --with-pdo-mysql --with-mysqli --with-gettext --with-jpeg-dir=/usr --with-png-dir=/usr --with-kerberos --with-openssl --disable-cgi
- make
- name: "Create PHP53 Start Script" - make install
template:
src='etc-init-d-php53-fpm' - name: Create PHP53 Start Script
dest='/etc/init.d/php-fpm' template:
owner='root' src: etc-init-d-php53-fpm
group='root' dest: /etc/init.d/php-fpm
mode='755' owner: root
group: root
- name: "Add PHP-FPM to Boot-List" mode: 0755
command: update-rc.d php-fpm defaults
- name: Add PHP-FPM to Boot-List
when: '"PHP 5.3.29" not in php_version_available.stdout' command: update-rc.d php-fpm defaults
- name: "Copy PHP53 Libraries" when: php_version_available and 'PHP 5.3.29' not in php_version_available.stdout
- name: Copy PHP53 Libraries
copy: copy:
src='php53/libs/{{ item.file }}' src: php53/libs/{{ item.file }}
dest='{{ php53.libdir }}/{{ item.file }}' dest: '{{ php53.libdir }}/{{ item.file }}'
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: '{{ php53.libraries }}' with_items: '{{ php53.libraries }}'
- name: "Ensure PHP53 Library Links" - name: Ensure PHP53 Library Links
file: file:
src='{{ php53.libdir }}/{{ item.file }}' src: '{{ php53.libdir }}/{{ item.file }}'
dest='{{ php53.libdir }}/{{ item.link }}' dest: '{{ php53.libdir }}/{{ item.link }}'
state='link' state: link
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: '{{ php53.libraries }}' with_items: '{{ php53.libraries }}'
- name: "Ensure extra Library Links" - name: Ensure extra Library Links
file: file:
src='{{ item.src }}' src: '{{ item.src }}'
dest='{{ php53.libdir }}/{{ item.link }}' dest: '{{ php53.libdir }}/{{ item.link }}'
state='link' state: link
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: '{{ php53.liblinks }}' with_items: '{{ php53.liblinks }}'
- name: "Copy PHP53 Modules" - name: Copy PHP53 Modules
copy: copy:
src='php53/{{ item }}.so' src: php53/{{ item }}.so
dest='{{ php53.extdir }}/{{ item }}.so' dest: '{{ php53.extdir }}/{{ item }}.so'
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: '{{ php53.modules }}' with_items: '{{ php53.modules }}'
- name: "Create PHP53 INI Files" - name: Create PHP53 INI Files
template: template:
src='etc-php5-apache2-php.ini' src: etc-php5-apache2-php.ini
dest='/etc/{{ php_base_dir }}/{{ item }}/php.ini' dest: /etc/{{ php_base_dir }}/{{ item }}/php.ini
owner='root' owner: root
group='root' group: root
mode='644' mode: 0644
with_items: with_items:
- 'cgi53' - cgi53
- 'cli53' - cli53
- 'fpm' - fpm
---
# file: roles/php/tasks/variables.yml
- block:
- name: Set default facts
set_fact:
phpFpmService: php5-fpm
- name: Set facts for PHP 5
set_fact:
phpFpmService: php-fpm
when: php_version_main|default(7) == 5
- name: Set facts for PHP 7
set_fact:
phpFpmService: php{{php_version|default("7.0")}}-fpm
when: php_version_main|default(7) == 7
tags:
- always
<IfModule mod_fastcgi.c>
AddHandler php{{ php_version_main }}-fcgi .php
Action php{{ php_version_main }}-fcgi /php{{ php_version_main }}-fcgi
Alias /php{{ php_version_main }}-fcgi /usr/lib/cgi-bin/php{{ php_version_main }}-fcgi
FastCgiExternalServer /usr/lib/cgi-bin/php{{ php_version_main }}-fcgi -socket /var/run/php{{ php_version_main }}-fpm.sock -pass-header Authorization
<Directory /usr/lib/cgi-bin>
Include /etc/apache2/{{ apache_conf_dir }}/global-deny.conf
</Directory>
</IfModule>