Skip to content

Commit

Permalink
Install and configure PHP automatically
Browse files Browse the repository at this point in the history
Fixes #3
  • Loading branch information
bviktor committed Nov 18, 2023
1 parent b30ecdb commit ac585b4
Show file tree
Hide file tree
Showing 10 changed files with 150 additions and 3 deletions.
5 changes: 5 additions & 0 deletions handlers/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,8 @@
- name: Reload nginx # noqa no-changed-when
shell:
cmd: nginx -t && systemctl restart nginx.service

- name: Reload PHP
systemd_service:
name: "{{ noobient_nginx_php_unit }}"
state: restarted
8 changes: 7 additions & 1 deletion tasks/main.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
---
- include_tasks: install.yml
- include_tasks: wordpress.yml
when: (noobient_nginx_wp_installed is not defined) and (mode == 'wordpress')

- include_tasks: php.yml
when: (noobient_nginx_php_installed is not defined) and (mode == 'php' or mode == 'wordpress')

- include_tasks: nginx.yml
when: noobient_nginx_installed is not defined

- include_tasks: config.yml
Expand Down
File renamed without changes.
60 changes: 60 additions & 0 deletions tasks/php.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
---
- name: Install PHP
package:
name: php-fpm
state: latest

# Ubuntu applies versioning to their PHP-FPM service names, because brain damage
- name: Determine PHP-FPM unit name
shell:
cmd: "update-alternatives --query php | grep '^Best' | awk '{print $2}' | xargs basename | sed 's/php//'"
changed_when: false
register: noobient_nginx_php_check
when: ansible_pkg_mgr == 'apt'

- set_fact:
noobient_nginx_php_ver: "{{ noobient_nginx_php_check.stdout_lines[0] }}"
when: ansible_pkg_mgr == 'apt'

- set_fact:
noobient_nginx_php_unit: "php{% if ansible_pkg_mgr == 'apt' %}{{ noobient_nginx_php_ver }}{% endif %}-fpm.service"
noobient_nginx_php_ini: "{% if ansible_pkg_mgr == 'dnf' %}/etc/php.ini{% else %}/etc/php/{{ noobient_nginx_php_ver }}/fpm/php.ini{% endif %}"
noobient_nginx_fpm_conf: "{% if ansible_pkg_mgr == 'dnf' %}/etc/php-fpm.d/{% else %}/etc/php/{{ noobient_nginx_php_ver }}/fpm/pool.d/{% endif %}www.conf"
noobient_nginx_fpm_sock: "{% if ansible_pkg_mgr == 'dnf' %}/run/php-fpm/www.sock{% else %}/run/php/php{{ noobient_nginx_php_ver }}-fpm.sock{% endif %}"

- name: Set PHP options
ini_file:
path: "{{ noobient_nginx_php_ini }}"
section: PHP
option: "{{ item.option }}"
value: "{{ item.value }}"
mode: '0644'
backup: true
loop:
- { option: 'post_max_size', value: '32M' }
- { option: 'upload_max_filesize', value: '32M' }
notify: Reload PHP

- name: Set PHP-FPM options
ini_file:
path: "{{ noobient_nginx_fpm_conf }}"
section: www
option: "{{ item.option }}"
value: "{{ item.value }}"
mode: '0644'
backup: true
loop:
- { option: 'user', value: "{{ nginx_account }}" }
- { option: 'group', value: "{{ nginx_account }}" }
- { option: 'pm', value: 'ondemand' }
- { option: 'pm.process_idle_timeout', value: '10s' }
#- { option: 'pm.max_requests', value: '' }
#- { option: 'pm.max_children', value: '' }
notify: Reload PHP

- name: Enable PHP service
systemd_service:
name: "{{ noobient_nginx_php_unit }}"
enabled: true
state: started
register: noobient_nginx_php_installed
17 changes: 17 additions & 0 deletions tasks/wordpress.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
---
- name: Install PHP packages for WordPress
package:
name: "{{ packages }}"
state: latest
vars:
packages:
- php-pdo
- php-gd
- php-opcache
- php-mysqlnd
- php-json
- php-mbstring
- "php{% if ansible_pkg_mgr == 'apt' %}{{ noobient_nginx_php_ver }}{% endif %}-intl"
- "php{% if ansible_pkg_mgr == 'dnf' %}-pecl{% else %}{{ noobient_nginx_php_ver }}{% endif %}-imagick"
- "php{% if ansible_pkg_mgr == 'dnf' %}-pecl{% else %}{{ noobient_nginx_php_ver }}{% endif %}-zip"
register: noobient_nginx_wp_installed
2 changes: 1 addition & 1 deletion templates/nginx.conf.j2
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# avoid root, it's unnecessary
user {% if ansible_pkg_mgr == 'dnf' %}nginx{% else %}www-data{% endif %};
user {{ nginx_account }};
# start processes according to the number of cores
worker_processes auto;

Expand Down
2 changes: 1 addition & 1 deletion templates/php.conf.j2
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ index index.php;
location ~ \.php$
{
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_pass unix:{{ noobient_nginx_fpm_sock }};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
Expand Down
2 changes: 2 additions & 0 deletions tests/main.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
---
- hosts: 127.0.0.1
tasks:
- include_tasks: php.yml

- include_role:
name: "{{ playbook_dir.split('/')[:-1] | last }}"
vars:
Expand Down
55 changes: 55 additions & 0 deletions tests/php.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
---
- include_role:
name: "{{ playbook_dir.split('/')[:-1] | last }}"
vars:
domain: foo0.com
ssl_disabled: true
mode: php

# lineinfile fails for whatever reason
- name: Redirect foo0.com requests to localhost # noqa no-changed-when
shell:
cmd: echo '127.0.0.1 foo0.com' >> /etc/hosts

# for nginx_account
- include_vars:
file: ../vars/main.yml

- name: Create document root
file:
path: /var/www/html/foo0.com
state: directory
recurse: true
owner: "{{ nginx_account }}"
group: "{{ nginx_account }}"
mode: '0755'

- name: Set up index with phpinfo() # noqa risky-file-permissions
copy:
dest: /var/www/html/foo0.com/index.php
content: |
<?php
phpinfo();
?>
# TODO On EL, cURL is installed by default. On top of that, on AlmaLinux 9, curl
# is broken, and on Fedora, curl-minimal is broken. So just skip it altogether.
# https://bugs.launchpad.net/tripleo/+bug/1953156
- name: Install cURL
package:
name: curl
state: latest
register: installed_curl
when: installed_curl is not defined and ansible_os_family != 'RedHat'

# gotta trigger manually, since nginx is only started via reload handler
- meta: flush_handlers

- name: Check phpinfo # noqa command-instead-of-module
shell:
cmd: curl --silent http://foo0.com | grep -A7 '>System <' | sed 's@ </td><td class="v">@{{ ":" }} @' | sed -e 's/<[^>]*>//g'
changed_when: false
register: curl_phpinfo_content

- debug:
msg: "{{ curl_phpinfo_content.stdout_lines }}"
2 changes: 2 additions & 0 deletions vars/main.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
---
nginx_root: /etc/nginx
nginx_account: "{% if ansible_pkg_mgr == 'dnf' %}nginx{% else %}www-data{% endif %}"

eff_www_mode: "{% if www_mode is defined and www_mode | length %}{{ www_mode }}{% else %}redirect{% endif %}"
eff_path: "{% if path is defined and path | length %}{{ path }}{% else %}/var/www/html/{{ domain }}{% endif %}"
eff_ssl_disabled: "{% if ssl_disabled is defined and ssl_disabled | string | length %}{{ ssl_disabled }}{% else %}false{% endif %}"
Expand Down

0 comments on commit ac585b4

Please sign in to comment.