diff --git a/manifests/apache_vhost.pp b/manifests/apache_vhost.pp index db635ac..3a5d70e 100644 --- a/manifests/apache_vhost.pp +++ b/manifests/apache_vhost.pp @@ -1,34 +1,34 @@ # Configures an apache vhost for php # # === Parameters # # [*vhost*] # The vhost address # # [*docroot*] # The vhost docroot # # [*port*] # The vhost port # # [*default_vhost*] # defines if vhost is the default vhost # # [*fastcgi_socket*] # address of the fastcgi socket # define php::apache_vhost ( - $vhost = 'example.com', - $docroot = '/var/www', - $port = 80, - $default_vhost = true, - $fastcgi_socket = 'fcgi://127.0.0.1:9000/$1' + String[1] $vhost = 'example.com', + Stdlib::Absolutepath $docroot = '/var/www', + Integer[1] $port = 80, + Boolean $default_vhost = true, + String[1] $fastcgi_socket = 'fcgi://127.0.0.1:9000/$1' ) { ::apache::vhost { $vhost: docroot => $docroot, default_vhost => $default_vhost, port => $port, override => 'all', custom_fragment => "ProxyPassMatch ^/(.*\\.php(/.*)?)$ ${fastcgi_socket}", } } diff --git a/manifests/composer.pp b/manifests/composer.pp index c60beaf..4177ee2 100644 --- a/manifests/composer.pp +++ b/manifests/composer.pp @@ -1,63 +1,63 @@ # Install composer package manager # # === Parameters # # [*source*] # Holds URL to the Composer source file # # [*path*] # Holds path to the Composer executable # # [*channel*] # Holds the Update channel (stable|preview|snapshot|1|2) # # [*proxy_type*] # proxy server type (none|http|https|ftp) # # [*proxy_server*] # specify a proxy server, with port number if needed. ie: https://example.com:8080. # # [*auto_update*] # Defines if composer should be auto updated # # [*max_age*] # Defines the time in days after which an auto-update gets executed # # [*root_group*] # UNIX group of the root user # class php::composer ( String $source = $php::params::composer_source, Stdlib::Absolutepath $path = $php::params::composer_path, - $proxy_type = undef, - $proxy_server = undef, + Optional[String[1]] $proxy_type = undef, + Optional[String[1]] $proxy_server = undef, Php::ComposerChannel $channel = 'stable', Boolean $auto_update = true, Integer $max_age = $php::params::composer_max_age, Variant[Integer, String] $root_group = $php::params::root_group, ) inherits php::params { assert_private() archive { 'download composer': path => $path, source => $source, proxy_type => $proxy_type, proxy_server => $proxy_server, } -> file { $path: mode => '0555', owner => root, group => $root_group, } if $auto_update { class { 'php::composer::auto_update': max_age => $max_age, source => $source, path => $path, channel => $channel, proxy_type => $proxy_type, proxy_server => $proxy_server, } } } diff --git a/manifests/composer/auto_update.pp b/manifests/composer/auto_update.pp index 2a58c6a..fe7a4f6 100644 --- a/manifests/composer/auto_update.pp +++ b/manifests/composer/auto_update.pp @@ -1,55 +1,55 @@ # Install composer package manager # # === Parameters # # [*max_age*] # Defines number of days after which Composer should be updated # # [*source*] # Holds URL to the Composer source file # # [*path*] # Holds path to the Composer executable # # [*channel*] # Holds the Update channel (stable|preview|snapshot|1|2) # # [*proxy_type*] # proxy server type (none|http|https|ftp) # # [*proxy_server*] # specify a proxy server, with port number if needed. ie: https://example.com:8080. # # # === Examples # # include php::composer::auto_update # class { "php::composer::auto_update": # "max_age" => 90 # } # class php::composer::auto_update ( - $max_age, - $source, - $path, + Integer[1] $max_age, + String[1] $source, + Stdlib::Absolutepath $path, Php::ComposerChannel $channel = 'stable', - $proxy_type = undef, - $proxy_server = undef, + Optional[String[1]] $proxy_type = undef, + Optional[String[1]] $proxy_server = undef, ) { assert_private() if $proxy_type and $proxy_server { $env = ['HOME=/root', "${proxy_type}_proxy=${proxy_server}"] } else { $env = ['HOME=/root'] } exec { 'update composer': # touch binary when an update is attempted to update its mtime for idempotency when no update is available command => "${path} --no-interaction --quiet self-update --${channel}; touch ${path}", environment => $env, onlyif => "test `find '${path}' -mtime +${max_age}`", path => ['/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/', '/usr/local/bin', '/usr/local/sbin'], require => [File[$path], Class['php::cli']], } } diff --git a/manifests/config/setting.pp b/manifests/config/setting.pp index 150b05b..f65c19e 100644 --- a/manifests/config/setting.pp +++ b/manifests/config/setting.pp @@ -1,50 +1,50 @@ # Configure php.ini settings # # === Parameters # # [*key*] # The key of the value, like `ini_setting` # # [*file*] # The path to ini file # # [*value*] # The value to set # # === Examples # # php::config::setting { 'Date/date.timezone': # file => '$full_path_to_ini_file' # value => 'Europe/Berlin' # } # define php::config::setting ( - $key, - $value, + String[1] $key, + Variant[Integer, String[1]] $value, Stdlib::Absolutepath $file, ) { assert_private() $split_name = split($key, '/') if count($split_name) == 1 { $section = '' # lint:ignore:empty_string_assignment $setting = $split_name[0] } else { $section = $split_name[0] $setting = $split_name[1] } if $value == undef { $ensure = 'absent' } else { $ensure = 'present' } ini_setting { $name: ensure => $ensure, value => $value, path => $file, section => $section, setting => $setting, } } diff --git a/manifests/fpm.pp b/manifests/fpm.pp index 821f9be..370202e 100644 --- a/manifests/fpm.pp +++ b/manifests/fpm.pp @@ -1,117 +1,117 @@ # Install and configure mod_php for fpm # # === Parameters # # [*user*] # The user that php-fpm should run as # # [*group*] # The group that php-fpm should run as # # [*service_enable*] # Enable/disable FPM service # # [*service_ensure*] # Ensure FPM service is either 'running' or 'stopped' # # [*service_name*] # This is the name of the php-fpm service. It defaults to reasonable OS # defaults but can be different in case of using php7.0/other OS/custom fpm service # # [*service_provider*] # This is the name of the service provider, in case there is a non # OS default service provider used to start FPM. # Defaults to 'undef', pick system defaults. # # [*pools*] # Hash of php::fpm::pool resources that will be created. Defaults # to a single php::fpm::pool named www with default parameters. # # [*log_owner*] # The php-fpm log owner # # [*log_group*] # The group owning php-fpm logs # # [*package*] # Specify which package to install # # [*ensure*] # Specify which version of the package to install # # [*inifile*] # Path to php.ini for fpm # # [*settings*] # fpm settings hash # # [*global_pool_settings*] # Hash of defaults params php::fpm::pool resources that will be created. # Defaults is empty hash. # # [*pool_purge*] # Whether to purge pool config files not created # by this module # # [*reload_fpm_on_config_changes*] # by default, we reload the service on changes. # But certain options, like socket owner, will only be applied during a restart. # If set to false, a restart will be executed instead of a reload. # This default will be changed in a future release. # class php::fpm ( - String $ensure = $php::ensure, - $user = $php::fpm_user, - $group = $php::fpm_group, - $service_ensure = $php::fpm_service_ensure, - $service_enable = $php::fpm_service_enable, - $service_name = $php::fpm_service_name, - $service_provider = $php::fpm_service_provider, + Optional[String] $ensure = $php::ensure, + String[1] $user = $php::fpm_user, + String[1] $group = $php::fpm_group, + Enum['running', 'stopped'] $service_ensure = $php::fpm_service_ensure, + Boolean $service_enable = $php::fpm_service_enable, + String[1] $service_name = $php::fpm_service_name, + Optional[String[1]] $service_provider = $php::fpm_service_provider, String $package = $php::real_fpm_package, Stdlib::Absolutepath $inifile = $php::fpm_inifile, Hash $settings = $php::real_settings, - $global_pool_settings = $php::real_fpm_global_pool_settings, + Hash $global_pool_settings = $php::real_fpm_global_pool_settings, Hash $pools = $php::real_fpm_pools, - $log_owner = $php::log_owner, - $log_group = $php::log_group, + String[1] $log_owner = $php::log_owner, + String[1] $log_group = $php::log_group, Boolean $pool_purge = $php::pool_purge, Boolean $reload_fpm_on_config_changes = $php::reload_fpm_on_config_changes, ) { if ! defined(Class['php']) { warning('php::fpm is private') } $real_settings = $settings # On FreeBSD fpm is not a separate package, but included in the 'php' package. # Implies that the option SET+=FPM was set when building the port. $real_package = $facts['os']['family'] ? { 'FreeBSD' => [], default => $package, } package { $real_package: ensure => $ensure, require => Class['php::packages'], } class { 'php::fpm::config': user => $user, group => $group, inifile => $inifile, settings => $real_settings, log_owner => $log_owner, log_group => $log_group, pool_purge => $pool_purge, require => Package[$real_package], } contain 'php::fpm::config' contain 'php::fpm::service' Class['php::fpm::config'] ~> Class['php::fpm::service'] $real_global_pool_settings = $global_pool_settings $real_pools = $pools create_resources(::php::fpm::pool, $real_pools, $real_global_pool_settings) } diff --git a/manifests/fpm/config.pp b/manifests/fpm/config.pp index 140692d..60fa953 100644 --- a/manifests/fpm/config.pp +++ b/manifests/fpm/config.pp @@ -1,145 +1,145 @@ # Configure php-fpm service # # === Parameters # # [*config_file*] # The path to the fpm config file # # [*user*] # The user that runs php-fpm # # [*group*] # The group that runs php-fpm # # [*inifile*] # The path to ini file # # [*settings*] # Nested hash of key => value to apply to php.ini # # [*pool_base_dir*] # The folder that contains the php-fpm pool configs # # [*pool_purge*] # Whether to purge pool config files not created # by this module # # [*error_log*] # Path to error log file. If it's set to "syslog", log is # sent to syslogd instead of being written in a local file. # # [*log_level*] # The php-fpm log level # # [*emergency_restart_threshold*] # The php-fpm emergency_restart_threshold # # [*emergency_restart_interval*] # The php-fpm emergency_restart_interval # # [*process_control_timeout*] # The php-fpm process_control_timeout # # [*process_max*] # The maximum number of processes FPM will fork. # # [*rlimit_files*] # Set open file descriptor rlimit for the master process. # # [*systemd_interval*] # The interval between health report notification to systemd # # [*log_owner*] # The php-fpm log owner # # [*log_group*] # The group owning php-fpm logs # # [*log_dir_mode*] # The octal mode of the directory # # [*syslog_facility*] # Used to specify what type of program is logging the message # # [*syslog_ident*] # Prepended to every message # # [*root_group*] # UNIX group of the root user # # [*pid_file*] # Path to fpm pid file # class php::fpm::config ( - $config_file = $php::params::fpm_config_file, + Stdlib::Absolutepath $config_file = $php::params::fpm_config_file, String $user = $php::params::fpm_user, String $group = $php::params::fpm_group, String $inifile = $php::params::fpm_inifile, - $pid_file = $php::params::fpm_pid_file, + Stdlib::Absolutepath $pid_file = $php::params::fpm_pid_file, Hash $settings = {}, Stdlib::Absolutepath $pool_base_dir = $php::params::fpm_pool_dir, - $pool_purge = false, + Boolean $pool_purge = false, String $error_log = $php::params::fpm_error_log, String $log_level = 'notice', Integer $emergency_restart_threshold = 0, - Variant[Integer, Pattern[/^\d+[smhd]?$/]] $emergency_restart_interval = 0, - Variant[Integer, Pattern[/^\d+[smhd]?$/]] $process_control_timeout = 0, + Php::Duration $emergency_restart_interval = 0, + Php::Duration $process_control_timeout = 0, Integer $process_max = 0, - $rlimit_files = undef, - Optional[Variant[Integer,Pattern[/^\d+[smhd]?$/]]] $systemd_interval = undef, + Optional[Integer[1]] $rlimit_files = undef, + Optional[Php::Duration] $systemd_interval = undef, String $log_owner = $php::params::fpm_user, String $log_group = $php::params::fpm_group, Pattern[/^\d+$/] $log_dir_mode = '0770', - $root_group = $php::params::root_group, + String[1] $root_group = $php::params::root_group, String $syslog_facility = 'daemon', String $syslog_ident = 'php-fpm', ) inherits php::params { assert_private() file { $config_file: ensure => file, content => template('php/fpm/php-fpm.conf.erb'), owner => 'root', group => $root_group, mode => '0644', } ensure_resource('file', '/var/run/php-fpm', { ensure => directory, owner => 'root', group => $root_group, mode => '0755', } ) ensure_resource('file', '/var/log/php-fpm/', { ensure => directory, owner => 'root', group => $root_group, mode => $log_dir_mode, } ) file { $pool_base_dir: ensure => directory, owner => 'root', group => $root_group, mode => '0755', } if $pool_purge { File[$pool_base_dir] { purge => true, recurse => true, } } if $inifile != $php::params::config_root_inifile { ::php::config { 'fpm': file => $inifile, config => $settings, } } } diff --git a/manifests/fpm/pool.pp b/manifests/fpm/pool.pp index 67ac575..385e2a7 100644 --- a/manifests/fpm/pool.pp +++ b/manifests/fpm/pool.pp @@ -1,206 +1,206 @@ # Configure fpm pools # # === Parameters # # See the official php-fpm documentation for parameters that are not # documented here: http://php.net/manual/en/install.fpm.configuration.php. # # [*ensure*] # Remove pool if set to `'absent'`, add otherwise # # [*listen*] # On what socket to listen for FastCGI connections, i.e. # `'127.0.0.1:9000'' or `'/var/run/php5-fpm.sock'` # # [*listen_backlog*] # # [*listen_allowed_clients*] # # [*listen_owner*] # Set owner of the Unix socket # # [*listen_group*] # Set the group of the Unix socket # # [*listen_mode*] # # [*user*] # The user that php-fpm should run as # # [*group*] # The group that php-fpm should run as # # [*apparmor_hat*] # The Apparmor hat to use # # [*pm*] # # [*pm_max_children*] # # [*pm_start_servers*] # # [*pm_min_spare_servers*] # # [*pm_max_spare_servers*] # # [*pm_max_requests*] # # [*pm_process_idle_timeout*] # # [*pm_status_path*] # # [*ping_path*] # # [*ping_response*] # # [*access_log*] # The path to the file to write access log requests to # # [*access_log_format*] # The format to save the access log entries as # # [*request_terminate_timeout*] # # [*request_slowlog_timeout*] # # [*security_limit_extensions*] # # [*slowlog*] # # [*template*] # The template to use for the pool # # [*rlimit_files*] # # [*rlimit_core*] # # [*chroot*] # # [*chdir*] # # [*catch_workers_output*] # # [*include*] # Other configuration files to include on this pool # # [*env*] # List of environment variables that are passed to the php-fpm from the # outside and will be available to php scripts in this pool # # [*env_value*] # Hash of environment variables and values as strings to use in php # scripts in this pool # # [*clear_env*] # Whether the environment should be cleared. # # [*options*] # An optional hash for any other data. # # [*php_value*] # Hash of php_value directives # # [*php_flag*] # Hash of php_flag directives # # [*php_admin_value*] # Hash of php_admin_value directives # # [*php_admin_flag*] # Hash of php_admin_flag directives # # [*php_directives*] # List of custom directives that are appended to the pool config # # [*root_group*] # UNIX group of the root user # # [*base_dir*] # The folder that contains the php-fpm pool configs. This defaults to a # sensible default depending on your operating system, like # '/etc/php5/fpm/pool.d' or '/etc/php-fpm.d' # define php::fpm::pool ( - $ensure = 'present', - $listen = '127.0.0.1:9000', - $listen_backlog = '-1', - $listen_allowed_clients = undef, - $listen_owner = undef, - $listen_group = undef, - $listen_mode = undef, - $user = $php::fpm::config::user, - $group = $php::fpm::config::group, + Enum['present', 'absent'] $ensure = 'present', + String[1] $listen = '127.0.0.1:9000', + Integer[-1] $listen_backlog = -1, + Optional[String[1]] $listen_allowed_clients = undef, + Optional[String[1]] $listen_owner = undef, + Optional[String[1]] $listen_group = undef, + Optional[Stdlib::Filemode] $listen_mode = undef, + String[1] $user = $php::fpm::config::user, + String[1] $group = $php::fpm::config::group, Optional[String[1]] $apparmor_hat = undef, - $pm = 'dynamic', - $pm_max_children = '50', - $pm_start_servers = '5', - $pm_min_spare_servers = '5', - $pm_max_spare_servers = '35', - $pm_max_requests = '0', - $pm_process_idle_timeout = '10s', - $pm_status_path = undef, - $ping_path = undef, - $ping_response = 'pong', - $access_log = undef, - $access_log_format = '"%R - %u %t \"%m %r\" %s"', - $request_terminate_timeout = '0', - $request_slowlog_timeout = '0', - $security_limit_extensions = undef, - $slowlog = "/var/log/php-fpm/${name}-slow.log", - $template = 'php/fpm/pool.conf.erb', - $rlimit_files = undef, - $rlimit_core = undef, - $chroot = undef, - $chdir = undef, - $catch_workers_output = 'no', - $include = undef, - $env = [], - $env_value = {}, - $clear_env = true, - $options = {}, - $php_value = {}, - $php_flag = {}, - $php_admin_value = {}, - $php_admin_flag = {}, - $php_directives = [], - $root_group = $php::params::root_group, + String[1] $pm = 'dynamic', + Integer[1] $pm_max_children = 50, + Integer[1] $pm_start_servers = 5, + Integer[0] $pm_min_spare_servers = 5, + Integer[0] $pm_max_spare_servers = 35, + Integer[0] $pm_max_requests = 0, + Php::Duration $pm_process_idle_timeout = '10s', + Optional[Stdlib::Absolutepath] $pm_status_path = undef, + Optional[Stdlib::Absolutepath] $ping_path = undef, + String[1] $ping_response = 'pong', + Optional[Stdlib::Absolutepath] $access_log = undef, + String[1] $access_log_format = '"%R - %u %t \"%m %r\" %s"', + Php::Duration $request_terminate_timeout = 0, + Php::Duration $request_slowlog_timeout = 0, + Array[String[1]] $security_limit_extensions = [], + Stdlib::Absolutepath $slowlog = "/var/log/php-fpm/${name}-slow.log", + String[1] $template = 'php/fpm/pool.conf.erb', + Optional[Integer] $rlimit_files = undef, + Optional[Integer] $rlimit_core = undef, + Optional[Stdlib::Absolutepath] $chroot = undef, + Optional[Stdlib::Absolutepath] $chdir = undef, + Enum['yes', 'no'] $catch_workers_output = 'no', + Optional[String[1]] $include = undef, + Array[String[1]] $env = [], + Hash $env_value = {}, + Boolean $clear_env = true, + Hash $options = {}, + Hash $php_value = {}, + Hash $php_flag = {}, + Hash $php_admin_value = {}, + Hash $php_admin_flag = {}, + Array[String[1]] $php_directives = [], + String[1] $root_group = $php::params::root_group, Optional[Stdlib::Absolutepath] $base_dir = undef, ) { # The base class must be included first because it is used by parameter defaults if ! defined(Class['php']) { warning('You must include the php base class before using any php defined resources') } $pool = $title # Hack-ish to default to user for group too $group_final = $group ? { undef => $user, default => $group } # On FreeBSD fpm is not a separate package, but included in the 'php' package. # Implies that the option SET+=FPM was set when building the port. $real_package = $facts['os']['name'] ? { 'FreeBSD' => [], default => $php::fpm::package, } $pool_base_dir = pick_default($base_dir, $php::fpm::config::pool_base_dir, $php::params::fpm_pool_dir) if ($ensure == 'absent') { file { "${pool_base_dir}/${pool}.conf": ensure => absent, notify => Class['php::fpm::service'], } } else { file { "${pool_base_dir}/${pool}.conf": ensure => file, notify => Class['php::fpm::service'], require => Package[$real_package], content => template($template), owner => root, group => $root_group, mode => '0640', } } } diff --git a/manifests/fpm/service.pp b/manifests/fpm/service.pp index 5ef8f3e..6551c71 100644 --- a/manifests/fpm/service.pp +++ b/manifests/fpm/service.pp @@ -1,49 +1,49 @@ # Manage fpm service # # === Parameters # # [*service_name*] # name of the php-fpm service # # [*ensure*] # 'ensure' value for the service # # [*enable*] # Defines if the service is enabled # # [*provider*] # Defines if the service provider to use # # [*reload_fpm_on_config_changes*] # by default, we reload the service on changes. # But certain options, like socket owner, will only be applied during a restart. # If set to false, a restart will be executed instead of a reload. # This default will be changed in a future release. # class php::fpm::service ( - $service_name = $php::fpm::service_name, - $ensure = $php::fpm::service_ensure, - $enable = $php::fpm::service_enable, - $provider = $php::fpm::service_provider, + String[1] $service_name = $php::fpm::service_name, + Enum['running', 'stopped'] $ensure = $php::fpm::service_ensure, + Boolean $enable = $php::fpm::service_enable, + Optional[String[1]] $provider = $php::fpm::service_provider, Boolean $reload_fpm_on_config_changes = $php::fpm::reload_fpm_on_config_changes, ) { if ! defined(Class['php::fpm']) { warning('php::fpm::service is private') } if $reload_fpm_on_config_changes { $restart = "service ${service_name} reload" } else { $restart = undef } service { $service_name: ensure => $ensure, enable => $enable, provider => $provider, hasrestart => true, restart => $restart, hasstatus => true, } ::Php::Extension <| |> ~> Service[$service_name] } diff --git a/manifests/globals.pp b/manifests/globals.pp index 04ce1c6..d1bda94 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -1,162 +1,160 @@ # PHP globals class # # === Parameters # # [*php_version*] # The version of php. # # [*config_root*] # The configuration root directory. # # [*fpm_pid_file*] # Path to pid file for fpm # # [*rhscl_mode*] # The mode specifies the specifics in paths for the various RedHat SCL environments so that the module is configured # correctly on their pathnames. # -# Valid modes are: 'rhscl', 'remi' -# class php::globals ( Optional[Pattern[/^(rh-)?(php)?[57](\.)?[0-9]/]] $php_version = undef, Optional[Stdlib::Absolutepath] $config_root = undef, Optional[Stdlib::Absolutepath] $fpm_pid_file = undef, - $rhscl_mode = undef, + Optional[Enum['rhscl', 'remi']] $rhscl_mode = undef, ) { $default_php_version = $facts['os']['name'] ? { 'Debian' => $facts['os']['release']['major'] ? { '9' => '7.0', '10' => '7.3', '11' => '7.4', default => fail("Unsupported Debian release: ${fact('os.release.major')}"), }, 'Ubuntu' => $facts['os']['release']['major'] ? { '16.04' => '7.0', '18.04' => '7.2', '20.04' => '7.4', default => fail("Unsupported Ubuntu release: ${fact('os.release.major')}"), }, default => '5.x', } $globals_php_version = pick($php_version, $default_php_version) case $facts['os']['family'] { 'Debian': { if $facts['os']['name'] == 'Ubuntu' { case $globals_php_version { /^[57].[0-9]/: { $default_config_root = "/etc/php/${globals_php_version}" $default_fpm_pid_file = "/var/run/php/php${globals_php_version}-fpm.pid" $fpm_error_log = "/var/log/php${globals_php_version}-fpm.log" $fpm_service_name = "php${globals_php_version}-fpm" $ext_tool_enable = "/usr/sbin/phpenmod -v ${globals_php_version}" $ext_tool_query = "/usr/sbin/phpquery -v ${globals_php_version}" $package_prefix = "php${globals_php_version}-" } default: { # Default php installation from Ubuntu official repository use the following paths until 16.04 # For PPA please use the $php_version to override it. $default_config_root = '/etc/php5' $default_fpm_pid_file = '/var/run/php5-fpm.pid' $fpm_error_log = '/var/log/php5-fpm.log' $fpm_service_name = 'php5-fpm' $ext_tool_enable = '/usr/sbin/php5enmod' $ext_tool_query = '/usr/sbin/php5query' $package_prefix = 'php5-' } } } else { case $globals_php_version { /^5\.6/, /^7\.[0-9]/: { $default_config_root = "/etc/php/${globals_php_version}" $default_fpm_pid_file = "/var/run/php/php${globals_php_version}-fpm.pid" $fpm_error_log = "/var/log/php${globals_php_version}-fpm.log" $fpm_service_name = "php${globals_php_version}-fpm" $ext_tool_enable = "/usr/sbin/phpenmod -v ${globals_php_version}" $ext_tool_query = "/usr/sbin/phpquery -v ${globals_php_version}" $package_prefix = "php${globals_php_version}-" } default: { $default_config_root = '/etc/php5' $default_fpm_pid_file = '/var/run/php5-fpm.pid' $fpm_error_log = '/var/log/php5-fpm.log' $fpm_service_name = 'php5-fpm' $ext_tool_enable = '/usr/sbin/php5enmod' $ext_tool_query = '/usr/sbin/php5query' $package_prefix = 'php5-' } } } } 'Suse': { case $globals_php_version { /^7/: { $default_config_root = '/etc/php7' $package_prefix = 'php7-' $default_fpm_pid_file = '/var/run/php7-fpm.pid' $fpm_error_log = '/var/log/php7-fpm.log' } default: { $default_config_root = '/etc/php5' $package_prefix = 'php5-' $default_fpm_pid_file = '/var/run/php5-fpm.pid' $fpm_error_log = '/var/log/php5-fpm.log' } } } 'RedHat': { case $rhscl_mode { 'remi': { $rhscl_root = "/opt/remi/${php_version}/root" $default_config_root = "/etc/opt/remi/${php_version}" $default_fpm_pid_file = '/var/run/php-fpm/php-fpm.pid' $package_prefix = "${php_version}-php-" $fpm_service_name = "${php_version}-php-fpm" } 'rhscl': { $rhscl_root = "/opt/rh/${php_version}/root" $default_config_root = "/etc/opt/rh/${php_version}" # rhscl registers contents by copy in /etc/opt/rh $default_fpm_pid_file = "/var/opt/rh/${php_version}/run/php-fpm/php-fpm.pid" $package_prefix = "${php_version}-php-" $fpm_service_name = "${php_version}-php-fpm" } undef: { $default_config_root = '/etc/php.d' $default_fpm_pid_file = '/var/run/php-fpm/php-fpm.pid' $fpm_service_name = undef $package_prefix = undef } default: { fail("Unsupported rhscl_mode '${rhscl_mode}'") } } } 'FreeBSD': { case $globals_php_version { /^(\d)\.(\d)$/: { $package_prefix = "php${1}${2}-" } default: { $package_prefix = 'php56-' } } $default_config_root = '/usr/local/etc' $default_fpm_pid_file = '/var/run/php-fpm.pid' $fpm_service_name = undef } 'Archlinux': { $default_config_root = '/etc/php' $default_fpm_pid_file = '/run/php-fpm/php-fpm.pid' } default: { fail("Unsupported osfamily: ${facts['os']['family']}") } } $globals_config_root = pick($config_root, $default_config_root) $globals_fpm_pid_file = pick($fpm_pid_file, $default_fpm_pid_file) } diff --git a/manifests/init.pp b/manifests/init.pp index 7d2fc82..3ec00ed 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,252 +1,252 @@ # Base class with global configuration parameters that pulls in all # enabled components. # # === Parameters # # [*ensure*] # Specify which version of PHP packages to install, defaults to 'present'. # Please note that 'absent' to remove packages is not supported! # # [*manage_repos*] # Include repository (dotdeb, ppa, etc.) to install recent PHP from # # [*fpm*] # Install and configure php-fpm # # [*fpm_service_enable*] # Enable/disable FPM service # # [*fpm_service_ensure*] # Ensure FPM service is either 'running' or 'stopped' # # [*fpm_service_name*] # This is the name of the php-fpm service. It defaults to reasonable OS # defaults but can be different in case of using php7.0/other OS/custom fpm service # # [*fpm_service_provider*] # This is the name of the service provider, in case there is a non # OS default service provider used to start FPM. # Defaults to 'undef', pick system defaults. # # [*fpm_pools*] # Hash of php::fpm::pool resources that will be created. Defaults # to a single php::fpm::pool named www with default parameters. # # [*fpm_global_pool_settings*] # Hash of defaults params php::fpm::pool resources that will be created. # Defaults to empty hash. # # [*fpm_inifile*] # Path to php.ini for fpm # # [*fpm_package*] # Name of fpm package to install # # [*fpm_user*] # The user that php-fpm should run as # # [*fpm_group*] # The group that php-fpm should run as # # [*dev*] # Install php header files, needed to install pecl modules # # [*composer*] # Install and auto-update composer # # [*pear*] # Install PEAR # # [*phpunit*] # Install phpunit # # [*apache_config*] # Manage apache's mod_php configuration # # [*proxy_type*] # proxy server type (none|http|https|ftp) # # [*proxy_server*] # specify a proxy server, with port number if needed. ie: https://example.com:8080. # # [*extensions*] # Install PHP extensions, this is overwritten by hiera hash `php::extensions` # # [*package_prefix*] # This is the prefix for constructing names of php packages. This defaults # to a sensible default depending on your operating system, like 'php-' or # 'php5-'. # # [*config_root_ini*] # This is the path to the config .ini files of the extensions. This defaults # to a sensible default depending on your operating system, like # '/etc/php5/mods-available' or '/etc/php5/conf.d'. # # [*config_root_inifile*] # The path to the global php.ini file. This defaults to a sensible default # depending on your operating system. # # [*ext_tool_enable*] # Absolute path to php tool for enabling extensions in debian/ubuntu systems. # This defaults to '/usr/sbin/php5enmod'. # # [*ext_tool_query*] # Absolute path to php tool for querying information about extensions in # debian/ubuntu systems. This defaults to '/usr/sbin/php5query'. # # [*ext_tool_enabled*] # Enable or disable the use of php tools on debian based systems # debian/ubuntu systems. This defaults to 'true'. # # [*log_owner*] # The php-fpm log owner # # [*log_group*] # The group owning php-fpm logs # # [*embedded*] # Enable embedded SAPI # # [*pear_ensure*] # The package ensure of PHP pear to install and run pear auto_discover # # [*settings*] # PHP configuration parameters in php.ini files as a hash. For example, # 'Date/date.timezone' => 'Australia/Melbourne' sets data.timezone # to 'Australia/Melbourne' under [Date] section, and # 'PHP/memory_limit' => '256M' sets memory_limit to 256M. # # [*cli_settings*] # Additional hash of PHP configuration parameters for PHP CLI. When a # setting key already exists in $settings, the value provided from the # $cli_settings parameter overrides the value from $settings parameter. # For example, 'PHP/memory_limit' => '1000M' sets memory_limit to 1000M # for the PHP cli ini file, regardless of the values from $settings. # # [*pool_purge*] # Whether to purge pool config files not created # by this module # # [*reload_fpm_on_config_changes*] # by default, we reload the service on changes. # But certain options, like socket owner, will only be applied during a restart. # If set to false, a restart will be executed instead of a reload. # This default will be changed in a future release. # class php ( String $ensure = $php::params::ensure, Boolean $manage_repos = $php::params::manage_repos, Boolean $fpm = true, - $fpm_service_enable = $php::params::fpm_service_enable, - $fpm_service_ensure = $php::params::fpm_service_ensure, - $fpm_service_name = $php::params::fpm_service_name, - $fpm_service_provider = undef, + Boolean $fpm_service_enable = $php::params::fpm_service_enable, + Enum['running', 'stopped'] $fpm_service_ensure = $php::params::fpm_service_ensure, + String[1] $fpm_service_name = $php::params::fpm_service_name, + Optional[String[1]] $fpm_service_provider = undef, Hash $fpm_pools = $php::params::fpm_pools, Hash $fpm_global_pool_settings = {}, - $fpm_inifile = $php::params::fpm_inifile, - $fpm_package = undef, - $fpm_user = $php::params::fpm_user, - $fpm_group = $php::params::fpm_group, + Stdlib::Absolutepath $fpm_inifile = $php::params::fpm_inifile, + Optional[String[1]] $fpm_package = undef, + String[1] $fpm_user = $php::params::fpm_user, + String[1] $fpm_group = $php::params::fpm_group, Boolean $embedded = false, Boolean $dev = true, Boolean $composer = true, Boolean $pear = true, String $pear_ensure = $php::params::pear_ensure, Boolean $phpunit = false, Boolean $apache_config = false, - $proxy_type = undef, - $proxy_server = undef, + Optional[String[1]] $proxy_type = undef, + Optional[String[1]] $proxy_server = undef, Hash $extensions = {}, Hash $settings = {}, Hash $cli_settings = {}, - $package_prefix = $php::params::package_prefix, + Optional[String[1]] $package_prefix = $php::params::package_prefix, Stdlib::Absolutepath $config_root_ini = $php::params::config_root_ini, Stdlib::Absolutepath $config_root_inifile = $php::params::config_root_inifile, Optional[Stdlib::Absolutepath] $ext_tool_enable = $php::params::ext_tool_enable, Optional[Stdlib::Absolutepath] $ext_tool_query = $php::params::ext_tool_query, Boolean $ext_tool_enabled = $php::params::ext_tool_enabled, String $log_owner = $php::params::fpm_user, String $log_group = $php::params::fpm_group, Boolean $pool_purge = $php::params::pool_purge, Boolean $reload_fpm_on_config_changes = true, ) inherits php::params { $real_fpm_package = pick($fpm_package, "${package_prefix}${php::params::fpm_package_suffix}") $real_settings = $settings $real_extensions = $extensions $real_fpm_pools = $fpm_pools $real_fpm_global_pool_settings = $fpm_global_pool_settings # Merge in additional or overridden settings for php::cli::settings. $final_cli_settings = $real_settings + $cli_settings if $manage_repos { contain php::repo } class { 'php::packages': } -> class { 'php::cli': settings => $final_cli_settings, } contain php::packages contain php::cli # Configure global PHP settings in php.ini if $facts['os']['family'] != 'Debian' { Class['php::packages'] -> class { 'php::global': settings => $real_settings, } contain php::global } if $fpm { contain 'php::fpm' } if $embedded { if $facts['os']['family'] == 'RedHat' and $fpm { # Both fpm and embeded SAPIs are using same php.ini fail('Enabling both cli and embedded sapis is not currently supported') } class { 'php::embedded': settings => $real_settings, } contain php::embedded } if $dev { contain php::dev } if $composer { class { 'php::composer': proxy_type => $proxy_type, proxy_server => $proxy_server, } } if $pear { class { 'php::pear': ensure => $pear_ensure, } } if $phpunit { contain php::phpunit } if $apache_config { class { 'php::apache_config': settings => $real_settings, } contain php::apache_config } create_resources('php::extension', $real_extensions, { require => Class['php::cli'], }) # On FreeBSD purge the system-wide extensions.ini. It is going # to be replaced with per-module configuration files. if $facts['os']['family'] == 'FreeBSD' { # Purge the system-wide extensions.ini file { '/usr/local/etc/php/extensions.ini': ensure => absent, require => Class['php::packages'], } } } diff --git a/manifests/params.pp b/manifests/params.pp index ec28c51..9d7d975 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,235 +1,235 @@ # PHP params class # class php::params inherits php::globals { $ensure = 'present' $fpm_service_enable = true $fpm_service_ensure = 'running' $composer_source = 'https://getcomposer.org/composer.phar' $composer_path = '/usr/local/bin/composer' $composer_max_age = 30 $pear_ensure = 'present' $pear_package_suffix = 'pear' $phpunit_source = 'https://phar.phpunit.de/phpunit.phar' $phpunit_path = '/usr/local/bin/phpunit' $phpunit_max_age = 30 $pool_purge = false $fpm_pools = { 'www' => { 'catch_workers_output' => 'no', 'listen' => '127.0.0.1:9000', - 'listen_backlog' => '-1', + 'listen_backlog' => -1, 'pm' => 'dynamic', 'pm_max_children' => 50, 'pm_max_requests' => 0, 'pm_max_spare_servers' => 35, 'pm_min_spare_servers' => 5, 'pm_start_servers' => 5, 'request_terminate_timeout' => 0, }, } case $facts['os']['family'] { 'Debian': { $config_root = $php::globals::globals_config_root $config_root_ini = "${config_root}/mods-available" $config_root_inifile = "${config_root}/php.ini" $common_package_names = [] $common_package_suffixes = ['cli', 'common'] $cli_inifile = "${config_root}/cli/php.ini" $dev_package_suffix = 'dev' $fpm_pid_file = $php::globals::globals_fpm_pid_file $fpm_config_file = "${config_root}/fpm/php-fpm.conf" $fpm_error_log = $php::globals::fpm_error_log $fpm_inifile = "${config_root}/fpm/php.ini" $fpm_package_suffix = 'fpm' $fpm_pool_dir = "${config_root}/fpm/pool.d" $fpm_service_name = $php::globals::fpm_service_name $fpm_user = 'www-data' $fpm_group = 'www-data' $apache_inifile = "${config_root}/apache2/php.ini" $embedded_package_suffix = 'embed' $embedded_inifile = "${config_root}/embed/php.ini" $package_prefix = $php::globals::package_prefix $compiler_packages = 'build-essential' $root_group = 'root' $ext_tool_enable = $php::globals::ext_tool_enable $ext_tool_query = $php::globals::ext_tool_query $ext_tool_enabled = true case $facts['os']['name'] { 'Debian': { $manage_repos = false } 'Ubuntu': { $manage_repos = false } default: { $manage_repos = false } } } 'Suse': { if ($php::globals::php_version != undef) { $php_version_major = regsubst($php::globals::php_version, '^(\d+)\.(\d+)$','\1') } else { $php_version_major = 5 } $config_root = $php::globals::globals_config_root $config_root_ini = "${config_root}/conf.d" $config_root_inifile = "${config_root}/php.ini" $common_package_names = ["php${php_version_major}"] $common_package_suffixes = [] $cli_inifile = "${config_root}/cli/php.ini" $dev_package_suffix = 'devel' $fpm_pid_file = $php::globals::globals_fpm_pid_file $fpm_config_file = "${config_root}/fpm/php-fpm.conf" $fpm_error_log = $php::globals::fpm_error_log $fpm_inifile = "${config_root}/fpm/php.ini" $fpm_package_suffix = 'fpm' $fpm_pool_dir = "${config_root}/fpm/pool.d" $fpm_service_name = 'php-fpm' $fpm_user = 'wwwrun' $fpm_group = 'www' $embedded_package_suffix = 'embed' $embedded_inifile = "${config_root}/embed/php.ini" $package_prefix = $php::globals::package_prefix $manage_repos = true $root_group = 'root' $ext_tool_enable = undef $ext_tool_query = undef $ext_tool_enabled = false case $facts['os']['name'] { 'SLES': { $compiler_packages = [] } 'OpenSuSE': { $compiler_packages = 'devel_basis' } default: { fail("Unsupported operating system ${facts['os']['name']}") } } } 'RedHat': { $config_root = $php::globals::globals_config_root case $php::globals::rhscl_mode { 'remi': { $config_root_ini = "${config_root}/php.d" $config_root_inifile = "${config_root}/php.ini" $cli_inifile = $config_root_inifile $fpm_inifile = $config_root_inifile $fpm_config_file = "${config_root}/php-fpm.conf" $fpm_pool_dir = "${config_root}/php-fpm.d" $php_bin_dir = "${php::globals::rhscl_root}/bin" } 'rhscl': { $config_root_ini = "${config_root}/php.d" $config_root_inifile = "${config_root}/php.ini" $cli_inifile = "${config_root}/php-cli.ini" $fpm_inifile = "${config_root}/php-fpm.ini" $fpm_config_file = "${config_root}/php-fpm.conf" $fpm_pool_dir = "${config_root}/php-fpm.d" $php_bin_dir = "${php::globals::rhscl_root}/bin" } undef: { # no rhscl $config_root_ini = $config_root $config_root_inifile = '/etc/php.ini' $cli_inifile = '/etc/php-cli.ini' $fpm_inifile = '/etc/php-fpm.ini' $fpm_config_file = '/etc/php-fpm.conf' $fpm_pool_dir = '/etc/php-fpm.d' } default: { fail("Unsupported rhscl_mode '${php::globals::rhscl_mode}'") } } $apache_inifile = $config_root_inifile $embedded_inifile = $config_root_inifile $common_package_names = [] $common_package_suffixes = ['cli', 'common'] $dev_package_suffix = 'devel' $fpm_pid_file = $php::globals::globals_fpm_pid_file $fpm_error_log = '/var/log/php-fpm/error.log' $fpm_package_suffix = 'fpm' $fpm_service_name = pick($php::globals::fpm_service_name, 'php-fpm') $fpm_user = 'apache' $fpm_group = 'apache' $embedded_package_suffix = 'embedded' $package_prefix = pick($php::globals::package_prefix, 'php-') $compiler_packages = ['gcc', 'gcc-c++', 'make'] $manage_repos = false $root_group = 'root' $ext_tool_enable = undef $ext_tool_query = undef $ext_tool_enabled = false } 'FreeBSD': { $config_root = $php::globals::globals_config_root $config_root_ini = "${config_root}/php" $config_root_inifile = "${config_root}/php.ini" # No common packages, because the required PHP base package will be # pulled in as a dependency. This preserves the ability to choose # any available PHP version by setting the 'package_prefix' parameter. $common_package_names = [] $common_package_suffixes = ['extensions'] $cli_inifile = "${config_root}/php-cli.ini" $dev_package_suffix = undef $fpm_pid_file = $php::globals::globals_fpm_pid_file $fpm_config_file = "${config_root}/php-fpm.conf" $fpm_error_log = '/var/log/php-fpm.log' $fpm_inifile = "${config_root}/php-fpm.ini" $fpm_package_suffix = undef $fpm_pool_dir = "${config_root}/php-fpm.d" $fpm_service_name = 'php-fpm' $fpm_user = 'www' $fpm_group = 'www' $embedded_package_suffix = 'embed' $embedded_inifile = "${config_root}/php-embed.ini" $package_prefix = $php::globals::package_prefix $compiler_packages = ['gcc'] $manage_repos = false $root_group = 'wheel' $ext_tool_enable = undef $ext_tool_query = undef $ext_tool_enabled = false } 'Archlinux': { $config_root_ini = '/etc/php/conf.d' $config_root_inifile = '/etc/php/php.ini' $common_package_names = [] $common_package_suffixes = [] $cli_inifile = '/etc/php/php.ini' $dev_package_suffix = undef $fpm_pid_file = '/run/php-fpm/php-fpm.pid' $fpm_config_file = '/etc/php/php-fpm.conf' $fpm_error_log = 'syslog' $fpm_inifile = '/etc/php/php.ini' $fpm_package_suffix = 'fpm' $fpm_pool_dir = '/etc/php/php-fpm.d' $fpm_service_name = 'php-fpm' $fpm_user = 'root' $fpm_group = 'root' $apache_inifile = '/etc/php/php.ini' $embedded_package_suffix = 'embedded' $embedded_inifile = '/etc/php/php.ini' $package_prefix = 'php-' $compiler_packages = ['gcc', 'make'] $manage_repos = false $root_group = 'root' $ext_tool_enable = undef $ext_tool_query = undef $ext_tool_enabled = false } default: { fail("Unsupported osfamily: ${facts['os']['family']}") } } } diff --git a/manifests/phpunit/auto_update.pp b/manifests/phpunit/auto_update.pp index 985c477..6e7b228 100644 --- a/manifests/phpunit/auto_update.pp +++ b/manifests/phpunit/auto_update.pp @@ -1,27 +1,27 @@ # Install phpunit package manager # # === Parameters # # [*max_age*] # Defines number of days after which phpunit should be updated # # [*source*] # Holds URL to the phpunit source file # # [*path*] # Holds path to the phpunit executable # class php::phpunit::auto_update ( - $max_age, - $source, - $path, + Integer[1] $max_age, + String[1] $source, + Stdlib::Absolutepath $path, ) { assert_private() exec { 'update phpunit': command => "wget ${source} -O ${path}", onlyif => "test `find '${path}' -mtime +${max_age}`", path => ['/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/', '/usr/local/bin', '/usr/local/sbin'], require => File[$path], } } diff --git a/manifests/repo/debian.pp b/manifests/repo/debian.pp index 5dd4d50..20808e7 100644 --- a/manifests/repo/debian.pp +++ b/manifests/repo/debian.pp @@ -1,67 +1,67 @@ # Configure debian apt repo # # === Parameters # # [*location*] # Location of the apt repository # # [*release*] # Release of the apt repository # # [*repos*] # Apt repository names # # [*include_src*] # Add source source repository # # [*key*] # Public key in apt::key format # # [*dotdeb*] # Enable special dotdeb handling # # [*sury*] # Enable special sury handling # class php::repo::debian ( - $location = 'https://packages.dotdeb.org', - $release = 'wheezy-php56', - $repos = 'all', - $include_src = false, - $key = { + String[1] $location = 'https://packages.dotdeb.org', + String[1] $release = 'wheezy-php56', + String[1] $repos = 'all', + Boolean $include_src = false, + Hash $key = { 'id' => '6572BBEF1B5FF28B28B706837E3F070089DF5277', 'source' => 'http://www.dotdeb.org/dotdeb.gpg', }, - $dotdeb = true, - $sury = true, + Boolean $dotdeb = true, + Boolean $sury = true, ) { assert_private() include 'apt' apt::source { "source_php_${release}": location => $location, release => $release, repos => $repos, include => { 'src' => $include_src, 'deb' => true, }, key => $key, } if ($sury and $php::globals::php_version in ['7.1','7.2']) { apt::source { 'source_php_sury': location => 'https://packages.sury.org/php/', repos => 'main', include => { 'src' => $include_src, 'deb' => true, }, key => { id => '15058500A0235D97F5D10063B188E2B695BD4743', source => 'https://packages.sury.org/php/apt.gpg', }, } } } diff --git a/manifests/repo/redhat.pp b/manifests/repo/redhat.pp index 16cad24..33688f4 100644 --- a/manifests/repo/redhat.pp +++ b/manifests/repo/redhat.pp @@ -1,34 +1,34 @@ # Configure a yum repo for RedHat-based systems # # === Parameters # # [*yum_repo*] # Class name of the repo under ::yum::repo # class php::repo::redhat ( - $yum_repo = 'remi_php56', + String[1] $yum_repo = 'remi_php56', ) { $releasever = $facts['os']['name'] ? { /(?i:Amazon)/ => '6', default => '$releasever', # Yum var } yumrepo { 'remi': descr => 'Remi\'s RPM repository for Enterprise Linux $releasever - $basearch', mirrorlist => "https://rpms.remirepo.net/enterprise/${releasever}/remi/mirror", enabled => 1, gpgcheck => 1, gpgkey => 'https://rpms.remirepo.net/RPM-GPG-KEY-remi', priority => 1, } yumrepo { 'remi-php56': descr => 'Remi\'s PHP 5.6 RPM repository for Enterprise Linux $releasever - $basearch', mirrorlist => "https://rpms.remirepo.net/enterprise/${releasever}/php56/mirror", enabled => 1, gpgcheck => 1, gpgkey => 'https://rpms.remirepo.net/RPM-GPG-KEY-remi', priority => 1, } } diff --git a/manifests/repo/suse.pp b/manifests/repo/suse.pp index 9c02f5b..d2ee719 100644 --- a/manifests/repo/suse.pp +++ b/manifests/repo/suse.pp @@ -1,25 +1,25 @@ # Configure suse repo # # === Parameters # # [*reponame*] # Name of the Zypper repository # # [*baseurl*] # Base URL of the Zypper repository # class php::repo::suse ( - $reponame = 'mayflower-php56', - $baseurl = 'http://download.opensuse.org/repositories/home:/mayflower:/php5.6_based/SLE_11_SP3/', + String[1] $reponame = 'mayflower-php56', + String[1] $baseurl = 'http://download.opensuse.org/repositories/home:/mayflower:/php5.6_based/SLE_11_SP3/', ) { zypprepo { $reponame: baseurl => $baseurl, enabled => 1, autorefresh => 1, } ~> exec { 'zypprepo-accept-key': command => 'zypper --gpg-auto-import-keys update -y', path => '/usr/bin:/bin', refreshonly => true, } } diff --git a/manifests/repo/ubuntu.pp b/manifests/repo/ubuntu.pp index a8546f7..9be7ea0 100644 --- a/manifests/repo/ubuntu.pp +++ b/manifests/repo/ubuntu.pp @@ -1,35 +1,28 @@ # Configure ubuntu ppa # # === Parameters # # [*version*] # PHP version to manage (e.g. 5.6) # class php::repo::ubuntu ( - $version = undef, + Pattern[/^\d\.\d/] $version = '5.6', ) { if $facts['os']['name'] != 'Ubuntu' { fail("class php::repo::ubuntu does not work on OS ${facts['os']['name']}") } include 'apt' - if($version == undef) { - $version_real = '5.6' - } else { - $version_real = $version - } - - if ($version_real == '5.5') { + if ($version == '5.5') { fail('PHP 5.5 is no longer available for download') } - assert_type(Pattern[/^\d\.\d/], $version_real) - $version_repo = $version_real ? { + $version_repo = $version ? { '5.4' => 'ondrej/php5-oldstable', default => 'ondrej/php' } ::apt::ppa { "ppa:${version_repo}": package_manage => true, } } diff --git a/spec/acceptance/php_spec.rb b/spec/acceptance/php_spec.rb index d3247f5..3dd6ba6 100644 --- a/spec/acceptance/php_spec.rb +++ b/spec/acceptance/php_spec.rb @@ -1,111 +1,108 @@ require 'spec_helper_acceptance' describe 'php with default settings' do context 'default parameters' do it 'works with defaults' do pp = 'include php' # Run it twice and test for idempotency apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end case default[:platform] when %r{ubuntu-20.04} packagename = 'php7.4-fpm' when %r{ubuntu-18.04} packagename = 'php7.2-fpm' when %r{ubuntu-16.04} packagename = 'php7.0-fpm' when %r{el} packagename = 'php-fpm' when %r{debian-9} packagename = 'php7.0-fpm' when %r{debian-10} packagename = 'php7.3-fpm' when %r{debian-11} packagename = 'php7.4-fpm' end describe package(packagename) do it { is_expected.to be_installed } end describe service(packagename) do it { is_expected.to be_running } it { is_expected.to be_enabled } end end context 'default parameters with extensions' do case default[:platform] when %r{ubuntu-20.04}, %r{ubuntu-18.04}, %r{ubuntu-16.04} it 'works with defaults' do case default[:platform] when %r{ubuntu-20.04} simplexmlpackagename = 'php7.4-xml' when %r{ubuntu-18.04} simplexmlpackagename = 'php7.2-xml' when %r{ubuntu-16.04} simplexmlpackagename = 'php7.0-xml' end pp = <<-EOS class{'php': extensions => { 'mysql' => {}, 'gd' => {}, 'net-url' => { package_prefix => 'php-', - settings => { - extension => undef - }, }, 'simplexml' => { package_name => '#{simplexmlpackagename}', } } } EOS # Run it twice and test for idempotency apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end else it 'works with defaults' do pp = <<-EOS class{'php': extensions => { 'mysql' => {}, 'gd' => {} } } EOS # Run it twice and test for idempotency apply_manifest(pp, catch_failures: true) apply_manifest(pp, catch_changes: true) end end case default[:platform] when %r{ubuntu-20.04} packagename = 'php7.4-fpm' when %r{ubuntu-18.04} packagename = 'php7.2-fpm' when %r{ubuntu-16.04} packagename = 'php7.0-fpm' when %r{el} packagename = 'php-fpm' when %r{debian-9} packagename = 'php7.0-fpm' when %r{debian-10} packagename = 'php7.3-fpm' when %r{debian-11} packagename = 'php7.4-fpm' end describe package(packagename) do it { is_expected.to be_installed } end describe service(packagename) do it { is_expected.to be_running } it { is_expected.to be_enabled } end end end diff --git a/templates/fpm/pool.conf.erb b/templates/fpm/pool.conf.erb index 99981d1..8c07fac 100644 --- a/templates/fpm/pool.conf.erb +++ b/templates/fpm/pool.conf.erb @@ -1,383 +1,383 @@ [<%= @pool %>] ; The address on which to accept FastCGI requests. listen = <%= @listen %> ; Set listen(2) backlog. A value of '-1' means unlimited. listen.backlog = <%= @listen_backlog %> ; List of ipv4 addresses of FastCGI clients which are allowed to connect. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address ; must be separated by a comma. If this value is left blank, connections will be ; accepted from any ip address. ; Default Value: any <% if @listen_allowed_clients -%> listen.allowed_clients = <%= @listen_allowed_clients %> <% else -%> ;listen.allowed_clients = 127.0.0.1 <% end -%> ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many ; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user ; mode is set to 0666 <% if @listen_owner -%> listen.owner = <%= @listen_owner %> <% else -%> ;listen.owner = nobody <% end -%> <% if @listen_group -%> listen.group = <%= @listen_group %> <% else -%> ;listen.group = nobody <% end -%> <% if @listen_mode -%> listen.mode = <%= @listen_mode %> <% else -%> ;listen.mode = 0660 <% end -%> ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. ; RPM: apache Choosed to be able to access some dir as httpd user = <%= @user %> ; RPM: Keep a group allowed to write in log dir. group = <%= @group_final %> <% if @apparmor_hat -%> ; Apparmor hat to change to apparmor_hat = <%= @apparmor_hat %> <% end -%> ; Choose how the process manager will control the number of child processes. ; Possible Values: ; static - a fixed number (pm.max_children) of child processes; ; dynamic - the number of child processes are set dynamically based on the ; following directives: ; pm.max_children - the maximum number of children that can ; be alive at the same time. ; pm.start_servers - the number of children created on startup. ; pm.min_spare_servers - the minimum number of children in 'idle' ; state (waiting to process). If the number ; of 'idle' processes is less than this ; number then some children will be created. ; pm.max_spare_servers - the maximum number of children in 'idle' ; state (waiting to process). If the number ; of 'idle' processes is greater than this ; number then some children will be killed. ; ondemand - no children are created at startup. Children will be forked when ; new requests will connect. The following parameter are used: ; pm.max_children - the maximum number of children that ; can be alive at the same time. ; pm.process_idle_timeout - The number of seconds after which ; an idle process will be killed. ; Note: This value is mandatory. pm = <%= @pm %> ; The number of child processes to be created when pm is set to 'static' and the ; maximum number of child processes to be created when pm is set to 'dynamic'. ; This value sets the limit on the number of simultaneous requests that will be ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP ; CGI. ; Note: Used when pm is set to either 'static' or 'dynamic' ; Note: This value is mandatory. pm.max_children = <%= @pm_max_children %> ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 pm.start_servers = <%= @pm_start_servers %> ; The desired minimum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' pm.min_spare_servers = <%= @pm_min_spare_servers %> ; The desired maximum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' pm.max_spare_servers = <%= @pm_max_spare_servers %> ; The number of seconds after which an idle process will be killed. ; Note: Used only when pm is set to 'ondemand' ; Default Value: 10s pm.process_idle_timeout = <%= @pm_process_idle_timeout %> ; The number of requests each child process should execute before respawning. ; This can be useful to work around memory leaks in 3rd party libraries. For ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. ; Default Value: 0 pm.max_requests = <%= @pm_max_requests %> ; The URI to view the FPM status page. If this value is not set, no URI will be ; recognized as a status page. By default, the status page shows the following ; information: ; accepted conn - the number of request accepted by the pool; ; pool - the name of the pool; ; process manager - static or dynamic; ; idle processes - the number of idle processes; ; active processes - the number of active processes; ; total processes - the number of idle + active processes. ; The values of 'idle processes', 'active processes' and 'total processes' are ; updated each second. The value of 'accepted conn' is updated in real time. ; Example output: ; accepted conn: 12073 ; pool: www ; process manager: static ; idle processes: 35 ; active processes: 65 ; total processes: 100 ; By default the status page output is formatted as text/plain. Passing either ; 'html' or 'json' as a query string will return the corresponding output ; syntax. Example: ; http://www.foo.bar/status ; http://www.foo.bar/status?json ; http://www.foo.bar/status?html ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. ; Default Value: not set <% if @pm_status_path -%> pm.status_path = <%= @pm_status_path %> <% else -%> ;pm.status_path = /status <% end -%> ; The ping URI to call the monitoring page of FPM. If this value is not set, no ; URI will be recognized as a ping page. This could be used to test from outside ; that FPM is alive and responding, or to ; - create a graph of FPM availability (rrd or such); ; - remove a server from a group if it is not responding (load balancing); ; - trigger alerts for the operating team (24/7). ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. ; Default Value: not set <% if @ping_path -%> ping.path = <%= @ping_path %> <% else -%> ;ping.path = /ping <% end -%> ; This directive may be used to customize the response of a ping request. The ; response is formatted as text/plain with a 200 response code. ; Default Value: pong ping.response = <%= @ping_response %> ; The access log file ; Default: not set <% if @access_log -%> access.log = <%= @access_log %> <% end -%> ; The access log format. ; The following syntax is allowed ; %%: the '%' character ; %C: %CPU used by the request ; it can accept the following format: ; - %{user}C for user CPU only ; - %{system}C for system CPU only ; - %{total}C for user + system CPU (default) ; %d: time taken to serve the request ; it can accept the following format: ; - %{seconds}d (default) ; - %{miliseconds}d ; - %{mili}d ; - %{microseconds}d ; - %{micro}d ; %e: an environment variable (same as $_ENV or $_SERVER) ; it must be associated with embraces to specify the name of the env ; variable. Some exemples: ; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e ; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e ; %f: script filename ; %l: content-length of the request (for POST request only) ; %m: request method ; %M: peak of memory allocated by PHP ; it can accept the following format: ; - %{bytes}M (default) ; - %{kilobytes}M ; - %{kilo}M ; - %{megabytes}M ; - %{mega}M ; %n: pool name ; %o: ouput header ; it must be associated with embraces to specify the name of the header: ; - %{Content-Type}o ; - %{X-Powered-By}o ; - %{Transfert-Encoding}o ; - .... ; %p: PID of the child that serviced the request ; %P: PID of the parent of the child that serviced the request ; %q: the query string ; %Q: the '?' character if query string exists ; %r: the request URI (without the query string, see %q and %Q) ; %R: remote IP address ; %s: status (response code) ; %t: server time the request was received ; it can accept a strftime(3) format: ; %d/%b/%Y:%H:%M:%S %z (default) ; %T: time the log has been written (the request has finished) ; it can accept a strftime(3) format: ; %d/%b/%Y:%H:%M:%S %z (default) ; %u: remote user ; ; Default: "%R - %u %t \"%m %r\" %s" access.format = <%= @access_log_format %> ; The timeout for serving a single request after which the worker process will ; be killed. This option should be used when the 'max_execution_time' ini option ; does not stop script execution for some reason. A value of '0' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 request_terminate_timeout = <%= @request_terminate_timeout %> ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 request_slowlog_timeout = <%= @request_slowlog_timeout %> ; The log file for slow requests ; Default Value: not set ; Note: slowlog is mandatory if request_slowlog_timeout is set slowlog = <%= @slowlog %> ; Set open file descriptor rlimit. ; Default Value: system defined value <% if @rlimit_files -%> rlimit_files = <%= @rlimit_files %> <% else -%> ;rlimit_files = 1024 <% end -%> ; Set max core size rlimit. ; Possible Values: 'unlimited' or an integer greater or equal to 0 ; Default Value: system defined value <% if @rlimit_core -%> rlimit_core = <%= @rlimit_core %> <% else -%> ;rlimit_core = 0 <% end -%> ; Chroot to this directory at the start. This value must be defined as an ; absolute path. When this value is not set, chroot is not used. ; Note: chrooting is a great security feature and should be used whenever ; possible. However, all PHP paths will be relative to the chroot ; (error_log, sessions.save_path, ...). ; Default Value: not set <% if @chroot -%> chroot = <%= @chroot %> <% else -%> ;chroot = <% end -%> ; Chdir to this directory at the start. This value must be an absolute path. ; Default Value: current directory or / when chroot <% if @chdir -%> chdir = <%= @chdir %> <% else -%> ;chdir = /var/www <% end -%> ; Redirect worker stdout and stderr into main error log. If not set, stdout and ; stderr will be redirected to /dev/null according to FastCGI specs. ; Default Value: no catch_workers_output = <%= @catch_workers_output %> ; Include one or more files. If glob(3) exists, it is used to include a bunch of ; files from a glob(3) pattern. This directive can be used everywhere in the ; file. ; Relative path can also be used. They will be prefixed by: ; - the global prefix if it's been set (-p arguement) ; - /usr otherwise <% if @include -%> include=<%= @include %> <% else -%> ;include=/etc/php5/fpm/*.conf <% end -%> ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; the current environment. ; Default Value: clean env ;env[HOSTNAME] = $HOSTNAME ;env[PATH] = /usr/local/bin:/usr/bin:/bin ;env[TMP] = /tmp ;env[TMPDIR] = /tmp ;env[TEMP] = /tmp <% if @clear_env -%> <% @env.each do |var| -%> env[<%= var %>] = $<%= var %> <% end -%> <% @env_value.sort_by {|key,value| key}.each do |key,value| -%> <% if !value.empty? -%> env[<%= key %>] = '<%= value %>' <% end -%> <% end -%> <% else -%> clear_env = no <% end -%> ; Additional php.ini defines, specific to this pool of workers. These settings ; overwrite the values previously defined in the php.ini. The directives are the ; same as the PHP SAPI: ; php_value/php_flag - you can set classic ini defines which can ; be overwritten from PHP call 'ini_set'. ; php_admin_value/php_admin_flag - these directives won't be overwritten by ; PHP call 'ini_set' ; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. ; Defining 'extension' will load the corresponding shared extension from ; extension_dir. Defining 'disable_functions' or 'disable_classes' will not ; overwrite previously defined php.ini values, but will append the new value ; instead. ; Default Value: nothing is defined by default except the values in php.ini and ; specified at startup with the -d argument ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com ;php_flag[display_errors] = off ;php_admin_value[error_log] = /var/log/php-fpm/www-error.log ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M ; ; Custom PHP values ; <% @php_value.sort_by {|key,value| key}.each do |key,value| -%> php_value[<%= key %>] = <%= value %> <% end -%> ; ; Custom PHP flags ; <% @php_flag.sort_by {|key,flag| key}.each do |key,flag| -%> php_flag[<%= key %>] = <%= flag %> <% end -%> ; ; Custom PHP admin values ; <% @php_admin_value.sort_by {|key,value| key}.each do |key,value| -%> php_admin_value[<%= key %>] = <%= value %> <% end -%> ; ; Custom PHP admin flags ; <% @php_admin_flag.sort_by {|key,flag| key}.each do |key,flag| -%> php_admin_flag[<%= key %>] = <%= flag %> <% end -%> ; ; Custom PHP directives ; <% @php_directives.each do |line| -%> <%= line.gsub "{", "%{" %> <% end -%> -<% if @security_limit_extensions -%> +<% unless @security_limit_extensions.empty? -%> security.limit_extensions = <%= @security_limit_extensions.join(" ") %> <% end -%> diff --git a/types/duration.pp b/types/duration.pp new file mode 100644 index 0000000..ad645b2 --- /dev/null +++ b/types/duration.pp @@ -0,0 +1,6 @@ +# A duration in seconds are with an unit +type Php::Duration = Variant[ + Integer[0], + Pattern[/^\d+[smhd]?$/] +] +