diff --git a/.github/SECURITY.md b/.github/SECURITY.md new file mode 100644 index 0000000..cacadf2 --- /dev/null +++ b/.github/SECURITY.md @@ -0,0 +1,3 @@ +# Vox Pupuli Security Policy + +Our vulnerabilities reporting process is at https://voxpupuli.org/security/ diff --git a/.msync.yml b/.msync.yml index 8864fc0..4c7999c 100644 --- a/.msync.yml +++ b/.msync.yml @@ -1 +1 @@ -modulesync_config_version: '2.12.0' +modulesync_config_version: '3.0.0' diff --git a/.rubocop.yml b/.rubocop.yml index c2ebc88..316e4ec 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,546 +1,549 @@ require: rubocop-rspec AllCops: # Puppet Server 5 defaults to jruby 1.7 so TargetRubyVersion must stay at 1.9 until we drop support for puppet 5 TargetRubyVersion: 1.9 Include: - ./**/*.rb Exclude: - files/**/* - vendor/**/* - .vendor/**/* - pkg/**/* - spec/fixtures/**/* - Gemfile - Rakefile - Guardfile - Vagrantfile Lint/ConditionPosition: Enabled: True Lint/ElseLayout: Enabled: True Lint/UnreachableCode: Enabled: True Lint/UselessComparison: Enabled: True Lint/EnsureReturn: Enabled: True Lint/HandleExceptions: Enabled: True Lint/LiteralInCondition: Enabled: True Lint/ShadowingOuterLocalVariable: Enabled: True Lint/LiteralInInterpolation: Enabled: True Style/HashSyntax: Enabled: True Style/RedundantReturn: Enabled: True Layout/EndOfLine: Enabled: False Lint/AmbiguousOperator: Enabled: True Lint/AssignmentInCondition: Enabled: True Layout/SpaceBeforeComment: Enabled: True Style/AndOr: Enabled: True Style/RedundantSelf: Enabled: True Metrics/BlockLength: Enabled: False # Method length is not necessarily an indicator of code quality Metrics/MethodLength: Enabled: False # Module length is not necessarily an indicator of code quality Metrics/ModuleLength: Enabled: False Style/WhileUntilModifier: Enabled: True Lint/AmbiguousRegexpLiteral: Enabled: True Security/Eval: Enabled: True Lint/BlockAlignment: Enabled: True Lint/DefEndAlignment: Enabled: True Lint/EndAlignment: Enabled: True Lint/DeprecatedClassMethods: Enabled: True Lint/Loop: Enabled: True Lint/ParenthesesAsGroupedExpression: Enabled: True Lint/RescueException: Enabled: True Lint/StringConversionInInterpolation: Enabled: True Lint/UnusedBlockArgument: Enabled: True Lint/UnusedMethodArgument: Enabled: True Lint/UselessAccessModifier: Enabled: True Lint/UselessAssignment: Enabled: True Lint/Void: Enabled: True Layout/AccessModifierIndentation: Enabled: True Style/AccessorMethodName: Enabled: True Style/Alias: Enabled: True Layout/AlignArray: Enabled: True Layout/AlignHash: Enabled: True Layout/AlignParameters: Enabled: True Metrics/BlockNesting: Enabled: True Style/AsciiComments: Enabled: True Style/Attr: Enabled: True Style/BracesAroundHashParameters: Enabled: True Style/CaseEquality: Enabled: True Layout/CaseIndentation: Enabled: True Style/CharacterLiteral: Enabled: True Style/ClassAndModuleCamelCase: Enabled: True Style/ClassAndModuleChildren: Enabled: False Style/ClassCheck: Enabled: True # Class length is not necessarily an indicator of code quality Metrics/ClassLength: Enabled: False Style/ClassMethods: Enabled: True Style/ClassVars: Enabled: True Style/WhenThen: Enabled: True Style/WordArray: Enabled: True Style/UnneededPercentQ: Enabled: True Layout/Tab: Enabled: True Layout/SpaceBeforeSemicolon: Enabled: True Layout/TrailingBlankLines: Enabled: True Layout/SpaceInsideBlockBraces: Enabled: True Layout/SpaceInsideBrackets: Enabled: True Layout/SpaceInsideHashLiteralBraces: Enabled: True Layout/SpaceInsideParens: Enabled: True Layout/LeadingCommentSpace: Enabled: True Layout/SpaceBeforeFirstArg: Enabled: True Layout/SpaceAfterColon: Enabled: True Layout/SpaceAfterComma: Enabled: True Layout/SpaceAfterMethodName: Enabled: True Layout/SpaceAfterNot: Enabled: True Layout/SpaceAfterSemicolon: Enabled: True Layout/SpaceAroundEqualsInParameterDefault: Enabled: True Layout/SpaceAroundOperators: Enabled: True Layout/SpaceBeforeBlockBraces: Enabled: True Layout/SpaceBeforeComma: Enabled: True Style/CollectionMethods: Enabled: True Layout/CommentIndentation: Enabled: True Style/ColonMethodCall: Enabled: True Style/CommentAnnotation: Enabled: True # 'Complexity' is very relative Metrics/CyclomaticComplexity: Enabled: False Style/ConstantName: Enabled: True Style/Documentation: Enabled: False Style/DefWithParentheses: Enabled: True Style/PreferredHashMethods: Enabled: True Layout/DotPosition: EnforcedStyle: trailing Style/DoubleNegation: Enabled: True Style/EachWithObject: Enabled: True Layout/EmptyLineBetweenDefs: Enabled: True Layout/IndentArray: Enabled: True Layout/IndentHash: Enabled: True Layout/IndentationConsistency: Enabled: True Layout/IndentationWidth: Enabled: True Layout/EmptyLines: Enabled: True Layout/EmptyLinesAroundAccessModifier: Enabled: True Style/EmptyLiteral: Enabled: True # Configuration parameters: AllowURI, URISchemes. Metrics/LineLength: Enabled: False Style/MethodCallWithoutArgsParentheses: Enabled: True Style/MethodDefParentheses: Enabled: True Style/LineEndConcatenation: Enabled: True Layout/TrailingWhitespace: Enabled: True Style/StringLiterals: Enabled: True Style/TrailingCommaInArguments: Enabled: True Style/TrailingCommaInLiteral: Enabled: True Style/GlobalVars: Enabled: True Style/GuardClause: Enabled: True Style/IfUnlessModifier: Enabled: True Style/MultilineIfThen: Enabled: True Style/NegatedIf: Enabled: True Style/NegatedWhile: Enabled: True Style/Next: Enabled: True Style/SingleLineBlockParams: Enabled: True Style/SingleLineMethods: Enabled: True Style/SpecialGlobalVars: Enabled: True Style/TrivialAccessors: Enabled: True Style/UnlessElse: Enabled: True Style/VariableInterpolation: Enabled: True Style/VariableName: Enabled: True Style/WhileUntilDo: Enabled: True Style/EvenOdd: Enabled: True Style/FileName: Enabled: True Style/For: Enabled: True Style/Lambda: Enabled: True Style/MethodName: Enabled: True Style/MultilineTernaryOperator: Enabled: True Style/NestedTernaryOperator: Enabled: True Style/NilComparison: Enabled: True Style/FormatString: Enabled: True Style/MultilineBlockChain: Enabled: True Style/Semicolon: Enabled: True Style/SignalException: Enabled: True Style/NonNilCheck: Enabled: True Style/Not: Enabled: True Style/NumericLiterals: Enabled: True Style/OneLineConditional: Enabled: True Style/OpMethod: Enabled: True Style/ParenthesesAroundCondition: Enabled: True Style/PercentLiteralDelimiters: Enabled: True Style/PerlBackrefs: Enabled: True Style/PredicateName: Enabled: True Style/RedundantException: Enabled: True Style/SelfAssignment: Enabled: True Style/Proc: Enabled: True Style/RaiseArgs: Enabled: True Style/RedundantBegin: Enabled: True Style/RescueModifier: Enabled: True # based on https://github.com/voxpupuli/modulesync_config/issues/168 Style/RegexpLiteral: EnforcedStyle: percent_r Enabled: True Lint/UnderscorePrefixedVariableName: Enabled: True Metrics/ParameterLists: Enabled: False Lint/RequireParentheses: Enabled: True Style/ModuleFunction: Enabled: True Lint/Debugger: Enabled: True Style/IfWithSemicolon: Enabled: True Style/Encoding: Enabled: True Style/BlockDelimiters: Enabled: True Layout/MultilineBlockLayout: Enabled: True # 'Complexity' is very relative Metrics/AbcSize: Enabled: False # 'Complexity' is very relative Metrics/PerceivedComplexity: Enabled: False Lint/UselessAssignment: Enabled: True Layout/ClosingParenthesisIndentation: Enabled: True # RSpec RSpec/BeforeAfterAll: Exclude: - spec/acceptance/**/* # We don't use rspec in this way RSpec/DescribeClass: Enabled: False # Example length is not necessarily an indicator of code quality RSpec/ExampleLength: Enabled: False RSpec/NamedSubject: Enabled: False # disabled for now since they cause a lot of issues # these issues aren't easy to fix RSpec/RepeatedDescription: Enabled: False RSpec/NestedGroups: Enabled: False +RSpec/MultipleExpectations: + Enabled: false + # this is broken on ruby1.9 Layout/IndentHeredoc: Enabled: False # disable Yaml safe_load. This is needed to support ruby2.0.0 development envs Security/YAMLLoad: Enabled: false # This affects hiera interpolation, as well as some configs that we push. Style/FormatStringToken: Enabled: false # This is useful, but sometimes a little too picky about where unit tests files # are located. RSpec/FilePath: Enabled: false diff --git a/.sync.yml b/.sync.yml index 0d3c790..85de9bb 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,22 +1,24 @@ --- .travis.yml: docker_sets: - set: ubuntu1604-64 options: script: 'bundle exec rspec spec/acceptance/php56_spec.rb' - set: centos7-64 options: script: 'bundle exec rspec spec/acceptance/php56_spec.rb' - set: ubuntu1804-64 options: script: 'bundle exec rspec spec/acceptance/php_spec.rb' - set: ubuntu1604-64 options: script: 'bundle exec rspec spec/acceptance/php_spec.rb' - set: centos7-64 options: script: 'bundle exec rspec spec/acceptance/php_spec.rb' - set: debian9-64 options: script: 'bundle exec rspec spec/acceptance/php_spec.rb' secure: "GOhttACuJt+3s38m4WnW5RuTgwqaAoeEQnNT+X1Ukn7KdcIk4KV8NzYU/CC0VIm8lUOnBWYJKEC4ixX/J/4Wbxox2RAoKMQrO++L0DB1zTCJnq9SfoUBMaQhXvLu+PbxAR0p3P47ozra0C+pOWDpOaxT9ecufrPQt9W9Z4aY/bs=" +spec/spec_helper_acceptance.rb: + unmanaged: false diff --git a/.travis.yml b/.travis.yml index 9319058..12a7329 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,107 +1,108 @@ --- +os: linux dist: bionic language: ruby cache: bundler before_install: - yes | gem update --system - bundle --version script: - 'bundle exec rake $CHECK' -matrix: +jobs: fast_finish: true include: - rvm: 2.4.4 bundler_args: --without system_tests development release env: PUPPET_VERSION="~> 5.0" CHECK=test - rvm: 2.5.3 bundler_args: --without system_tests development release env: PUPPET_VERSION="~> 6.0" CHECK=test_with_coveralls - rvm: 2.5.3 bundler_args: --without system_tests development release env: PUPPET_VERSION="~> 6.0" CHECK=rubocop - rvm: 2.4.4 bundler_args: --without system_tests development release env: PUPPET_VERSION="~> 5.0" CHECK=build DEPLOY_TO_FORGE=yes - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=ubuntu1604-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_setfile=ubuntu1604-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php56_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=ubuntu1604-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_setfile=ubuntu1604-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php56_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=centos7-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_setfile=centos7-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php56_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=centos7-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_setfile=centos7-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php56_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=ubuntu1804-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_setfile=ubuntu1804-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=ubuntu1804-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_setfile=ubuntu1804-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=ubuntu1604-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_setfile=ubuntu1604-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=ubuntu1604-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_setfile=ubuntu1604-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=centos7-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_setfile=centos7-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=centos7-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_setfile=centos7-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=debian9-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_setfile=debian9-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php_spec.rb services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=debian9-64 BEAKER_HYPERVISOR=docker CHECK=beaker + env: BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_setfile=debian9-64 CHECK=beaker script: bundle exec rspec spec/acceptance/php_spec.rb services: docker branches: only: - master - /^v\d/ notifications: email: false webhooks: https://voxpupu.li/incoming/travis irc: on_success: always on_failure: always channels: - "chat.freenode.org#voxpupuli-notifications" deploy: provider: puppetforge - user: puppet + username: puppet password: secure: "GOhttACuJt+3s38m4WnW5RuTgwqaAoeEQnNT+X1Ukn7KdcIk4KV8NzYU/CC0VIm8lUOnBWYJKEC4ixX/J/4Wbxox2RAoKMQrO++L0DB1zTCJnq9SfoUBMaQhXvLu+PbxAR0p3P47ozra0C+pOWDpOaxT9ecufrPQt9W9Z4aY/bs=" on: tags: true # all_branches is required to use tags all_branches: true # Only publish the build marked with "DEPLOY_TO_FORGE" condition: "$DEPLOY_TO_FORGE = yes" diff --git a/Gemfile b/Gemfile index 11c8558..8592cd6 100644 --- a/Gemfile +++ b/Gemfile @@ -1,68 +1,48 @@ source ENV['GEM_SOURCE'] || "https://rubygems.org" def location_for(place, fake_version = nil) if place =~ /^(git[:@][^#]*)#(.*)/ [fake_version, { :git => $1, :branch => $2, :require => false }].compact elsif place =~ /^file:\/\/(.*)/ ['>= 0', { :path => File.expand_path($1), :require => false }] else [place, { :require => false }] end end group :test do - gem 'voxpupuli-test', '>= 1.0.0', :require => false - gem 'coveralls', :require => false - gem 'simplecov-console', :require => false + gem 'voxpupuli-test', '~> 2.0', :require => false + gem 'coveralls', :require => false + gem 'simplecov-console', :require => false end group :development do gem 'travis', :require => false gem 'travis-lint', :require => false gem 'guard-rake', :require => false gem 'overcommit', '>= 0.39.1', :require => false end group :system_tests do - gem 'winrm', :require => false - if beaker_version = ENV['BEAKER_VERSION'] - gem 'beaker', *location_for(beaker_version) - else - gem 'beaker', '>= 4.2.0', :require => false - end - if beaker_rspec_version = ENV['BEAKER_RSPEC_VERSION'] - gem 'beaker-rspec', *location_for(beaker_rspec_version) - else - gem 'beaker-rspec', :require => false - end - gem 'serverspec', :require => false - gem 'beaker-hostgenerator', '>= 1.1.22', :require => false - gem 'beaker-docker', :require => false - gem 'beaker-puppet', :require => false - gem 'beaker-puppet_install_helper', :require => false - gem 'beaker-module_install_helper', :require => false - gem 'rbnacl', '>= 4', :require => false - gem 'rbnacl-libsodium', :require => false - gem 'bcrypt_pbkdf', :require => false - gem 'ed25519', :require => false + gem 'voxpupuli-acceptance', :require => false end group :release do gem 'github_changelog_generator', :require => false, :git => 'https://github.com/voxpupuli/github-changelog-generator', :branch => 'voxpupuli_essential_fixes' gem 'puppet-blacksmith', :require => false gem 'voxpupuli-release', :require => false gem 'puppet-strings', '>= 2.2', :require => false end if facterversion = ENV['FACTER_GEM_VERSION'] gem 'facter', facterversion.to_s, :require => false, :groups => [:test] else gem 'facter', :require => false, :groups => [:test] end ENV['PUPPET_VERSION'].nil? ? puppetversion = '~> 6.0' : puppetversion = ENV['PUPPET_VERSION'].to_s gem 'puppet', puppetversion, :require => false, :groups => [:test] # vim: syntax=ruby diff --git a/manifests/apache_config.pp b/manifests/apache_config.pp index 85fda42..bddbc99 100644 --- a/manifests/apache_config.pp +++ b/manifests/apache_config.pp @@ -1,24 +1,23 @@ # Install and configure php apache settings # # === Parameters # # [*inifile*] # The path to the ini php-apache ini file # # [*settings*] # Hash with nested hash of key => value to set in inifile # -class php::apache_config( +class php::apache_config ( Stdlib::Absolutepath $inifile = $php::params::apache_inifile, Hash $settings = {} ) inherits php::params { - assert_private() - $real_settings = lookup('php::apache::settings', Hash, {'strategy' => 'deep', 'merge_hash_arrays' => true}, $settings) + $real_settings = lookup('php::apache::settings', Hash, { 'strategy' => 'deep', 'merge_hash_arrays' => true }, $settings) php::config { 'apache': file => $inifile, config => $real_settings, } } diff --git a/manifests/apache_vhost.pp b/manifests/apache_vhost.pp index a1daf14..db635ac 100644 --- a/manifests/apache_vhost.pp +++ b/manifests/apache_vhost.pp @@ -1,35 +1,34 @@ # Configures an apache vhost for php # # === Parameters # # [*vhost*] # The vhost address # # [*docroot*] # The vhost docroot # # [*port*] # The vhost port # # [*default_vhost*] # defines if vhost is the default vhost # # [*fastcgi_socket*] # address of the fastcgi socket # -define php::apache_vhost( +define php::apache_vhost ( $vhost = 'example.com', $docroot = '/var/www', $port = 80, $default_vhost = true, $fastcgi_socket = 'fcgi://127.0.0.1:9000/$1' ) { - ::apache::vhost { $vhost: docroot => $docroot, default_vhost => $default_vhost, port => $port, override => 'all', custom_fragment => "ProxyPassMatch ^/(.*\\.php(/.*)?)$ ${fastcgi_socket}", } } diff --git a/manifests/cli.pp b/manifests/cli.pp index fe913ca..7eb0bb1 100644 --- a/manifests/cli.pp +++ b/manifests/cli.pp @@ -1,45 +1,44 @@ # Install and configure php CLI # # === Parameters # # [*inifile*] # The path to the ini php5-cli ini file # # [*settings*] # Hash with nested hash of key => value to set in inifile # -class php::cli( +class php::cli ( Stdlib::Absolutepath $inifile = $php::params::cli_inifile, Hash $settings = {} ) inherits php::params { - assert_private() if $php::globals::rhscl_mode { # stupid fixes for scl - file {'/usr/bin/pear': + file { '/usr/bin/pear': ensure => 'link', target => "${$php::params::php_bin_dir}/pear", } - file {'/usr/bin/pecl': + file { '/usr/bin/pecl': ensure => 'link', target => "${$php::params::php_bin_dir}/pecl", } - file {'/usr/bin/php': + file { '/usr/bin/php': ensure => 'link', target => "${$php::params::php_bin_dir}/php", } } - $real_settings = lookup('php::cli::settings', Hash, {'strategy' => 'deep', 'merge_hash_arrays' => true}, $settings) + $real_settings = lookup('php::cli::settings', Hash, { 'strategy' => 'deep', 'merge_hash_arrays' => true }, $settings) if $inifile != $php::params::config_root_inifile { # only create a cli specific inifile if the filenames are different ::php::config { 'cli': file => $inifile, config => $real_settings, } } } diff --git a/manifests/composer.pp b/manifests/composer.pp index 701e596..c60beaf 100644 --- a/manifests/composer.pp +++ b/manifests/composer.pp @@ -1,64 +1,63 @@ # Install composer package manager # # === Parameters # # [*source*] # Holds URL to the Composer source file # # [*path*] # Holds path to the Composer executable # # [*channel*] # Holds the Update channel (stable|preview|snapshot|1|2) # # [*proxy_type*] # proxy server type (none|http|https|ftp) # # [*proxy_server*] # specify a proxy server, with port number if needed. ie: https://example.com:8080. # # [*auto_update*] # Defines if composer should be auto updated # # [*max_age*] # Defines the time in days after which an auto-update gets executed # # [*root_group*] # UNIX group of the root user # class php::composer ( String $source = $php::params::composer_source, Stdlib::Absolutepath $path = $php::params::composer_path, $proxy_type = undef, $proxy_server = undef, Php::ComposerChannel $channel = 'stable', Boolean $auto_update = true, Integer $max_age = $php::params::composer_max_age, Variant[Integer, String] $root_group = $php::params::root_group, ) inherits php::params { - assert_private() archive { 'download composer': path => $path, source => $source, proxy_type => $proxy_type, proxy_server => $proxy_server, } -> file { $path: mode => '0555', owner => root, group => $root_group, } if $auto_update { class { 'php::composer::auto_update': max_age => $max_age, source => $source, path => $path, channel => $channel, proxy_type => $proxy_type, proxy_server => $proxy_server, } } } diff --git a/manifests/composer/auto_update.pp b/manifests/composer/auto_update.pp index a182c38..2a924c9 100644 --- a/manifests/composer/auto_update.pp +++ b/manifests/composer/auto_update.pp @@ -1,57 +1,55 @@ # Install composer package manager # # === Parameters # # [*max_age*] # Defines number of days after which Composer should be updated # # [*source*] # Holds URL to the Composer source file # # [*path*] # Holds path to the Composer executable # # [*channel*] # Holds the Update channel (stable|preview|snapshot|1|2) # # [*proxy_type*] # proxy server type (none|http|https|ftp) # # [*proxy_server*] # specify a proxy server, with port number if needed. ie: https://example.com:8080. # # # === Examples # # include php::composer::auto_update # class { "php::composer::auto_update": # "max_age" => 90 # } # class php::composer::auto_update ( $max_age, $source, $path, Php::ComposerChannel $channel = 'stable', $proxy_type = undef, $proxy_server = undef, ) { - assert_private() - if $proxy_type and $proxy_server { - $env = [ 'HOME=/root', "${proxy_type}_proxy=${proxy_server}" ] + $env = ['HOME=/root', "${proxy_type}_proxy=${proxy_server}"] } else { - $env = [ 'HOME=/root' ] + $env = ['HOME=/root'] } exec { 'update composer': # touch binary when an update is attempted to update its mtime for idempotency when no update is available command => "${path} --no-interaction --quiet self-update --${channel}; touch ${path}", environment => $env, onlyif => "test `find '${path}' -mtime +${max_age}`", - path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/', '/usr/local/bin', '/usr/local/sbin' ], + path => ['/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/', '/usr/local/bin', '/usr/local/sbin'], require => [File[$path], Class['::php::cli']], } } diff --git a/manifests/config.pp b/manifests/config.pp index f7c47f2..e6bcb58 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,32 +1,29 @@ # Configure php.ini settings for a PHP SAPI # # === Parameters # # [*file*] # The path to ini file # # [*config*] # Nested hash of key => value to apply to php.ini # # === Examples # # php::config { '$unique-name': # file => '$full_path_to_ini_file' # config => { # {'Date/date.timezone' => 'Europe/Berlin'} # } # } # -define php::config( +define php::config ( Stdlib::Absolutepath $file, Hash $config ) { - if $caller_module_name != $module_name { warning('php::config is private') } - create_resources(::php::config::setting, to_hash_settings($config, $file), { - file => $file - }) + create_resources(::php::config::setting, to_hash_settings($config, $file),{ file => $file }) } diff --git a/manifests/config/setting.pp b/manifests/config/setting.pp index 1094a9f..150b05b 100644 --- a/manifests/config/setting.pp +++ b/manifests/config/setting.pp @@ -1,52 +1,50 @@ # Configure php.ini settings # # === Parameters # # [*key*] # The key of the value, like `ini_setting` # # [*file*] # The path to ini file # # [*value*] # The value to set # # === Examples # # php::config::setting { 'Date/date.timezone': # file => '$full_path_to_ini_file' # value => 'Europe/Berlin' # } # -define php::config::setting( +define php::config::setting ( $key, $value, Stdlib::Absolutepath $file, ) { - - assert_private() $split_name = split($key, '/') if count($split_name) == 1 { $section = '' # lint:ignore:empty_string_assignment $setting = $split_name[0] } else { $section = $split_name[0] $setting = $split_name[1] } if $value == undef { $ensure = 'absent' } else { $ensure = 'present' } ini_setting { $name: ensure => $ensure, value => $value, path => $file, section => $section, setting => $setting, } } diff --git a/manifests/dev.pp b/manifests/dev.pp index c90efef..c5cca3d 100644 --- a/manifests/dev.pp +++ b/manifests/dev.pp @@ -1,46 +1,42 @@ # Install the development package with headers for PHP # # === Parameters # # [*ensure*] # The PHP ensure of PHP dev to install # # [*package*] # The package name for the PHP development files # -class php::dev( +class php::dev ( String $ensure = $php::ensure, String $package = "${php::package_prefix}${php::params::dev_package_suffix}", Boolean $manage_repos = $php::manage_repos, ) inherits php::params { - assert_private() # On FreeBSD there is no 'devel' package. $real_package = $facts['os']['family'] ? { 'FreeBSD' => [], default => $package, } if $facts['os']['family'] == 'Debian' { # we can set the dependency only if we manage repos $require = $manage_repos ? { true => Class['::apt::update'], false => undef, } } else { $require = undef } # Default PHP come with xml module and no seperate package for it - if $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['full'], '16.04') >= 0 { - ensure_packages(["${php::package_prefix}xml"], { - ensure => present, - require => $require, - }) + if $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['full'], '16.04') >= 0 { + ensure_packages(["${php::package_prefix}xml"], { ensure => present, require => $require, }) } package { $real_package: ensure => $ensure, require => Class['php::packages'], } } diff --git a/manifests/embedded.pp b/manifests/embedded.pp index 832110b..dc5a7cf 100644 --- a/manifests/embedded.pp +++ b/manifests/embedded.pp @@ -1,49 +1,47 @@ # Install and configure php embedded SAPI # # === Parameters # # [*inifile*] # The path to the ini php5-embeded ini file # # [*settings*] # Hash with nested hash of key => value to set in inifile # # [*package*] # Specify which package to install # # [*ensure*] # Specify which version of the package to install # -class php::embedded( +class php::embedded ( String $ensure = $php::ensure, String $package = "${php::package_prefix}${php::params::embedded_package_suffix}", Stdlib::Absolutepath $inifile = $php::params::embedded_inifile, Hash $settings = {}, ) inherits php::params { - assert_private() $real_settings = lookup( 'php::embedded::settings', Hash, { 'strategy' => 'deep', 'merge_hash_arrays' => true }, $settings ) $real_package = $facts['os']['family'] ? { 'Debian' => "lib${package}", default => $package, } package { $real_package: ensure => $ensure, require => Class['php::packages'], } -> php::config { 'embedded': file => $inifile, config => $real_settings, } - } diff --git a/manifests/extension.pp b/manifests/extension.pp index 6016089..401cdc4 100644 --- a/manifests/extension.pp +++ b/manifests/extension.pp @@ -1,143 +1,142 @@ # Install a PHP extension package # # === Parameters # # [*ensure*] # The ensure of the package to install # Could be "present", "absent", "latest", "installed" or a pinned version # # [*package_prefix*] # Prefix to prepend to the package name for the package provider # # [*package_name*] # Full package name for the package provider (e.g. php7.2-xml for # simlexml extension) # # [*provider*] # The provider used to install the package # Could be "pecl", "apt", "dpkg" or any other OS package provider # If set to "none", no package will be installed # # [*source*] # The source to install the extension from. Possible values # depend on the *provider* used # # [*so_name*] # The DSO name of the package (e.g. opcache for zendopcache) # # [*ini_prefix*] # An optional filename prefix for the settings file of the extension # # [*php_api_version*] # This parameter is used to build the full path to the extension # directory for zend_extension in PHP < 5.5 (e.g. 20100525) # # [*header_packages*] # System packages dependencies to install for extensions (e.g. for # memcached libmemcached-dev on Debian) # # [*compiler_packages*] # System packages dependencies to install for compiling extensions # (e.g. build-essential on Debian) # # [*zend*] # Boolean parameter, whether to load extension as zend_extension. # Defaults to false. # # [*settings*] # Hash of parameters for the specific extension, which will be written to the extensions config file by # php::extension::config or a hash of mutliple settings files, each with parameters # (multifile_settings must be true) # (f.ex. {p => '..'} or {'bz2' => {..}, {'math' => {...}}) # # [*multifile_settings*] # Set this to true if you specify multiple setting files in *settings*. This must be used when the PHP package # distribution bundles extensions in a single package (like 'common' bundles extensions 'bz2', ...) and each of # the extension comes with a separate settings file. # # [*settings_prefix*] # Boolean/String parameter, whether to prefix all setting keys with # the extension name or specified name. Defaults to false. # # [*sapi*] # String parameter, whether to specify ALL sapi or a specific sapi. # Defaults to ALL. # # [*responsefile*] # File containing answers for interactive extension setup. Supported # *providers*: pear, pecl. # # [*install_options*] # Array of String or Hash options to pass to the provider. # define php::extension ( String $ensure = $php::ensure, Optional[Php::Provider] $provider = undef, Optional[String] $source = undef, Optional[String] $so_name = undef, Optional[String] $ini_prefix = undef, Optional[String] $php_api_version = undef, String $package_prefix = $php::package_prefix, Optional[String[1]] $package_name = undef, Boolean $zend = false, Variant[Hash, Hash[String, Hash]] $settings = {}, Boolean $multifile_settings = false, Php::Sapi $sapi = 'ALL', Variant[Boolean, String] $settings_prefix = false, Optional[Stdlib::AbsolutePath] $responsefile = undef, Variant[String, Array[String]] $header_packages = [], Variant[String, Array[String]] $compiler_packages = $php::params::compiler_packages, Php::InstallOptions $install_options = undef, ) { - if ! defined(Class['php']) { warning('php::extension is private') } php::extension::install { $title: ensure => $ensure, provider => $provider, source => $source, responsefile => $responsefile, package_prefix => $package_prefix, package_name => $package_name, header_packages => $header_packages, compiler_packages => $compiler_packages, install_options => $install_options, } # PEAR packages don't require any further configuration, they just need to "be there". if $provider != 'pear' { $_settings = $multifile_settings ? { true => $settings, false => { downcase($title) => $settings } # emulate a hash if no multifile settings } $_settings.each |$settings_name, $settings_hash| { if $so_name { $so_name = $multifile_settings ? { true => downcase($settings_name), false => pick(downcase($so_name), downcase($name), downcase($settings_name)), } } else { $so_name = $multifile_settings ? { true => downcase($settings_name), false => pick(downcase($name), downcase($settings_name)), } } php::extension::config { $settings_name: ensure => $ensure, provider => $provider, so_name => $so_name, ini_prefix => $ini_prefix, php_api_version => $php_api_version, zend => $zend, settings => $settings_hash, settings_prefix => $settings_prefix, sapi => $sapi, subscribe => Php::Extension::Install[$title], } } } } diff --git a/manifests/extension/config.pp b/manifests/extension/config.pp index 0df7f3b..22830d3 100644 --- a/manifests/extension/config.pp +++ b/manifests/extension/config.pp @@ -1,138 +1,134 @@ # Configure a PHP extension package # # === Parameters # # [*ensure*] # The ensure of the package to install # Could be "latest", "installed" or a pinned version # # [*provider*] # The provider used to install the package # Could be "pecl", "apt", "dpkg" or any other OS package provider # If set to "none", no package will be installed # # [*so_name*] # The DSO name of the package (e.g. opcache for zendopcache) # # [*ini_prefix*] # An optional filename prefix for the settings file of the extension # # [*php_api_version*] # This parameter is used to build the full path to the extension # directory for zend_extension in PHP < 5.5 (e.g. 20100525) # # [*header_packages*] # System packages dependencies to install for extensions (e.g. for # memcached libmemcached-dev on Debian) # # [*compiler_packages*] # System packages dependencies to install for compiling extensions # (e.g. build-essential on Debian) # # [*zend*] # Boolean parameter, whether to load extension as zend_extension. # Defaults to false. # # [*settings*] # Nested hash of global config parameters for php.ini # # [*settings_prefix*] # Boolean/String parameter, whether to prefix all setting keys with # the extension name or specified name. Defaults to false. # # [*sapi*] # String parameter, whether to specify ALL sapi or a specific sapi. # Defaults to ALL. # define php::extension::config ( String $ensure = 'installed', Optional[Php::Provider] $provider = undef, Optional[String] $so_name = downcase($name), Optional[String] $ini_prefix = undef, Optional[String] $php_api_version = undef, Boolean $zend = false, Hash $settings = {}, Variant[Boolean, String] $settings_prefix = false, Php::Sapi $sapi = 'ALL', ) { - if ! defined(Class['php']) { warning('php::extension::config is private') } if $zend == true { $extension_key = 'zend_extension' $module_path = $php_api_version? { undef => undef, default => "/usr/lib/php5/${php_api_version}/", } } else { $extension_key = 'extension' $module_path = undef } $ini_name = downcase($so_name) # Ensure "." prefix is present in setting keys if requested - $full_settings = $settings_prefix? { + $full_settings = $settings_prefix ? { true => ensure_prefix($settings, "${so_name}."), false => $settings, String => ensure_prefix($settings, "${settings_prefix}."), } if $provider != 'pear' { - $final_settings = deep_merge( - {"${extension_key}" => "${module_path}${so_name}.so"}, - $full_settings - ) + $final_settings = deep_merge( { "${extension_key}" => "${module_path}${so_name}.so" }, $full_settings) } else { $final_settings = $full_settings } if $facts['os']['name'] == 'Ubuntu' and $zend != true and $name == 'mysql' { # Do not manage the .ini file if it's mysql. PHP 7.0+ do not have # mysql.so. If mysql.ini exists and version is 7.0+, then remove it. $real_ensure = 'absent' } else { $real_ensure = $ensure } $config_root_ini = pick_default($php::config_root_ini, $php::params::config_root_ini) if $real_ensure != 'absent' { ::php::config { $title: file => "${config_root_ini}/${ini_prefix}${ini_name}.ini", config => $final_settings, } # Ubuntu/Debian systems use the mods-available folder. We need to enable # settings files ourselves with php5enmod command. $ext_tool_enable = pick_default($php::ext_tool_enable, $php::params::ext_tool_enable) $ext_tool_query = pick_default($php::ext_tool_query, $php::params::ext_tool_query) $ext_tool_enabled = pick_default($php::ext_tool_enabled, $php::params::ext_tool_enabled) if $facts['os']['family'] == 'Debian' and $ext_tool_enabled { $cmd = "${ext_tool_enable} -s ${sapi} ${so_name}" $execname = "ext_tool_enable_${so_name}" - $_sapi = $sapi? { + $_sapi = $sapi ? { 'ALL' => 'cli', default => $sapi, } if has_key($final_settings, $extension_key) and $final_settings[$extension_key] { exec { $execname: command => $cmd, onlyif => "${ext_tool_query} -s ${_sapi} -m ${so_name} | /bin/grep 'No module matches ${so_name}'", require => ::Php::Config[$title], } if $php::fpm { Package[$php::fpm::package] ~> Exec[$execname] } } } } else { - file {"${config_root_ini}/${ini_prefix}${ini_name}.ini": + file { "${config_root_ini}/${ini_prefix}${ini_name}.ini": ensure => 'absent', } } } diff --git a/manifests/extension/install.pp b/manifests/extension/install.pp index 81e9d33..d7ddba0 100644 --- a/manifests/extension/install.pp +++ b/manifests/extension/install.pp @@ -1,100 +1,99 @@ # Install a PHP extension package # # === Parameters # # [*ensure*] # The ensure of the package to install # Could be "latest", "installed" or a pinned version # # [*package_prefix*] # Prefix to prepend to the package name for the package provider # # [*package_name*] # Full package name for the package provider (e.g. php7.2-xml for # simlexml extension) # # [*provider*] # The provider used to install the package # Could be "pecl", "apt", "dpkg" or any other OS package provider # If set to "none", no package will be installed # # [*source*] # The source to install the extension from. Possible values # depend on the *provider* used # # [*header_packages*] # System packages dependencies to install for extensions (e.g. for # memcached libmemcached-dev on Debian) # # [*compiler_packages*] # System packages dependencies to install for compiling extensions # (e.g. build-essential on Debian) # # [*responsefile*] # File containing answers for interactive extension setup. Supported # *providers*: pear, pecl. # # [*install_options*] # Array of String or Hash options to pass to the provider. # define php::extension::install ( String $ensure = 'installed', Optional[Php::Provider] $provider = undef, Optional[String] $source = undef, String $package_prefix = $php::package_prefix, Optional[String[1]] $package_name = undef, Optional[Stdlib::AbsolutePath] $responsefile = undef, Variant[String, Array[String]] $header_packages = [], Variant[String, Array[String]] $compiler_packages = $php::params::compiler_packages, Php::InstallOptions $install_options = undef, ) { - if ! defined(Class['php']) { warning('php::extension::install is private') } case $provider { /pecl|pear/: { $real_package = $title unless empty($header_packages) { ensure_resource('package', $header_packages) Package[$header_packages] -> Package[$real_package] } unless empty($compiler_packages) { ensure_resource('package', $compiler_packages) Package[$compiler_packages] -> Package[$real_package] } $package_require = [ Class['::php::pear'], Class['::php::dev'], ] } 'none' : { debug("No package installed for php::extension: `${title}`.") } default: { $real_package = $package_name ? { undef => "${package_prefix}${title}", default => $package_name, } $package_require = undef } } unless $provider == 'none' { if ! defined(Package[$real_package]) { package { $real_package: ensure => $ensure, provider => $provider, source => $source, responsefile => $responsefile, install_options => $install_options, require => $package_require, } } } } diff --git a/manifests/fpm.pp b/manifests/fpm.pp index c8dd31e..a042b8a 100644 --- a/manifests/fpm.pp +++ b/manifests/fpm.pp @@ -1,128 +1,125 @@ # Install and configure mod_php for fpm # # === Parameters # # [*user*] # The user that php-fpm should run as # # [*group*] # The group that php-fpm should run as # # [*service_enable*] # Enable/disable FPM service # # [*service_ensure*] # Ensure FPM service is either 'running' or 'stopped' # # [*service_name*] # This is the name of the php-fpm service. It defaults to reasonable OS # defaults but can be different in case of using php7.0/other OS/custom fpm service # # [*service_provider*] # This is the name of the service provider, in case there is a non # OS default service provider used to start FPM. # Defaults to 'undef', pick system defaults. # # [*pools*] # Hash of php::fpm::pool resources that will be created. Defaults # to a single php::fpm::pool named www with default parameters. # # [*log_owner*] # The php-fpm log owner # # [*log_group*] # The group owning php-fpm logs # # [*package*] # Specify which package to install # # [*ensure*] # Specify which version of the package to install # # [*inifile*] # Path to php.ini for fpm # # [*settings*] # fpm settings hash # # [*global_pool_settings*] # Hash of defaults params php::fpm::pool resources that will be created. # Defaults is empty hash. # # [*pool_purge*] # Whether to purge pool config files not created # by this module # class php::fpm ( String $ensure = $php::ensure, $user = $php::fpm_user, $group = $php::fpm_group, $service_ensure = $php::fpm_service_ensure, $service_enable = $php::fpm_service_enable, $service_name = $php::fpm_service_name, $service_provider = $php::fpm_service_provider, String $package = $php::real_fpm_package, Stdlib::Absolutepath $inifile = $php::fpm_inifile, Hash $settings = $php::real_settings, $global_pool_settings = $php::real_fpm_global_pool_settings, Hash $pools = $php::real_fpm_pools, $log_owner = $php::log_owner, $log_group = $php::log_group, Boolean $pool_purge = $php::pool_purge, ) { - if ! defined(Class['php']) { warning('php::fpm is private') } $real_settings = $settings # On FreeBSD fpm is not a separate package, but included in the 'php' package. # Implies that the option SET+=FPM was set when building the port. $real_package = $facts['os']['family'] ? { 'FreeBSD' => [], default => $package, } package { $real_package: ensure => $ensure, require => Class['php::packages'], } class { 'php::fpm::config': user => $user, group => $group, inifile => $inifile, settings => $real_settings, log_owner => $log_owner, log_group => $log_group, pool_purge => $pool_purge, require => Package[$real_package], } contain 'php::fpm::config' contain 'php::fpm::service' Class['php::fpm::config'] ~> Class['php::fpm::service'] $real_global_pool_settings = $global_pool_settings $real_pools = $pools create_resources(::php::fpm::pool, $real_pools, $real_global_pool_settings) # Create an override to use a reload signal as trusty and utopic's # upstart version supports this - if ($facts['os']['name'] == 'Ubuntu' - and versioncmp($facts['os']['release']['full'], '14') >= 0 - and versioncmp($facts['os']['release']['full'], '16') < 0) { + if ($facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['full'], '14') >= 0 and versioncmp($facts['os']['release']['full'], '16') < 0) { if ($service_enable) { $fpm_override = 'reload signal USR2' } else { $fpm_override = "reload signal USR2\nmanual" } file { "/etc/init/${php::fpm::service::service_name}.override": content => $fpm_override, before => Package[$real_package], } } } diff --git a/manifests/fpm/config.pp b/manifests/fpm/config.pp index 3e0e23f..140692d 100644 --- a/manifests/fpm/config.pp +++ b/manifests/fpm/config.pp @@ -1,142 +1,145 @@ # Configure php-fpm service # # === Parameters # # [*config_file*] # The path to the fpm config file # # [*user*] # The user that runs php-fpm # # [*group*] # The group that runs php-fpm # # [*inifile*] # The path to ini file # # [*settings*] # Nested hash of key => value to apply to php.ini # # [*pool_base_dir*] # The folder that contains the php-fpm pool configs # # [*pool_purge*] # Whether to purge pool config files not created # by this module # # [*error_log*] # Path to error log file. If it's set to "syslog", log is # sent to syslogd instead of being written in a local file. # # [*log_level*] # The php-fpm log level # # [*emergency_restart_threshold*] # The php-fpm emergency_restart_threshold # # [*emergency_restart_interval*] # The php-fpm emergency_restart_interval # # [*process_control_timeout*] # The php-fpm process_control_timeout # # [*process_max*] # The maximum number of processes FPM will fork. # # [*rlimit_files*] # Set open file descriptor rlimit for the master process. # # [*systemd_interval*] # The interval between health report notification to systemd # # [*log_owner*] # The php-fpm log owner # # [*log_group*] # The group owning php-fpm logs # # [*log_dir_mode*] # The octal mode of the directory # # [*syslog_facility*] # Used to specify what type of program is logging the message # # [*syslog_ident*] # Prepended to every message # # [*root_group*] # UNIX group of the root user # # [*pid_file*] # Path to fpm pid file # -class php::fpm::config( +class php::fpm::config ( $config_file = $php::params::fpm_config_file, String $user = $php::params::fpm_user, String $group = $php::params::fpm_group, String $inifile = $php::params::fpm_inifile, $pid_file = $php::params::fpm_pid_file, Hash $settings = {}, Stdlib::Absolutepath $pool_base_dir = $php::params::fpm_pool_dir, $pool_purge = false, String $error_log = $php::params::fpm_error_log, String $log_level = 'notice', Integer $emergency_restart_threshold = 0, Variant[Integer, Pattern[/^\d+[smhd]?$/]] $emergency_restart_interval = 0, Variant[Integer, Pattern[/^\d+[smhd]?$/]] $process_control_timeout = 0, Integer $process_max = 0, $rlimit_files = undef, Optional[Variant[Integer,Pattern[/^\d+[smhd]?$/]]] $systemd_interval = undef, String $log_owner = $php::params::fpm_user, String $log_group = $php::params::fpm_group, Pattern[/^\d+$/] $log_dir_mode = '0770', $root_group = $php::params::root_group, String $syslog_facility = 'daemon', String $syslog_ident = 'php-fpm', ) inherits php::params { - assert_private() file { $config_file: ensure => file, content => template('php/fpm/php-fpm.conf.erb'), owner => 'root', group => $root_group, mode => '0644', } - ensure_resource('file', '/var/run/php-fpm', { - ensure => directory, - owner => 'root', - group => $root_group, - mode => '0755', - }) + ensure_resource('file', '/var/run/php-fpm', + { + ensure => directory, + owner => 'root', + group => $root_group, + mode => '0755', + } + ) - ensure_resource('file', '/var/log/php-fpm/', { - ensure => directory, - owner => 'root', - group => $root_group, - mode => $log_dir_mode, - }) + ensure_resource('file', '/var/log/php-fpm/', + { + ensure => directory, + owner => 'root', + group => $root_group, + mode => $log_dir_mode, + } + ) file { $pool_base_dir: ensure => directory, owner => 'root', group => $root_group, mode => '0755', } if $pool_purge { File[$pool_base_dir] { purge => true, recurse => true, } } if $inifile != $php::params::config_root_inifile { ::php::config { 'fpm': file => $inifile, config => $settings, } } } diff --git a/manifests/fpm/pool.pp b/manifests/fpm/pool.pp index e7dcb21..aa7025d 100644 --- a/manifests/fpm/pool.pp +++ b/manifests/fpm/pool.pp @@ -1,203 +1,202 @@ # Configure fpm pools # # === Parameters # # See the official php-fpm documentation for parameters that are not # documented here: http://php.net/manual/en/install.fpm.configuration.php. # # [*ensure*] # Remove pool if set to `'absent'`, add otherwise # # [*listen*] # On what socket to listen for FastCGI connections, i.e. # `'127.0.0.1:9000'' or `'/var/run/php5-fpm.sock'` # # [*listen_backlog*] # # [*listen_allowed_clients*] # # [*listen_owner*] # Set owner of the Unix socket # # [*listen_group*] # Set the group of the Unix socket # # [*listen_mode*] # # [*user*] # The user that php-fpm should run as # # [*group*] # The group that php-fpm should run as # # [*pm*] # # [*pm_max_children*] # # [*pm_start_servers*] # # [*pm_min_spare_servers*] # # [*pm_max_spare_servers*] # # [*pm_max_requests*] # # [*pm_process_idle_timeout*] # # [*pm_status_path*] # # [*ping_path*] # # [*ping_response*] # # [*access_log*] # The path to the file to write access log requests to # # [*access_log_format*] # The format to save the access log entries as # # [*request_terminate_timeout*] # # [*request_slowlog_timeout*] # # [*security_limit_extensions*] # # [*slowlog*] # # [*template*] # The template to use for the pool # # [*rlimit_files*] # # [*rlimit_core*] # # [*chroot*] # # [*chdir*] # # [*catch_workers_output*] # # [*include*] # Other configuration files to include on this pool # # [*env*] # List of environment variables that are passed to the php-fpm from the # outside and will be available to php scripts in this pool # # [*env_value*] # Hash of environment variables and values as strings to use in php # scripts in this pool # # [*clear_env*] # Whether the environment should be cleared. # # [*options*] # An optional hash for any other data. # # [*php_value*] # Hash of php_value directives # # [*php_flag*] # Hash of php_flag directives # # [*php_admin_value*] # Hash of php_admin_value directives # # [*php_admin_flag*] # Hash of php_admin_flag directives # # [*php_directives*] # List of custom directives that are appended to the pool config # # [*root_group*] # UNIX group of the root user # # [*base_dir*] # The folder that contains the php-fpm pool configs. This defaults to a # sensible default depending on your operating system, like # '/etc/php5/fpm/pool.d' or '/etc/php-fpm.d' # define php::fpm::pool ( $ensure = 'present', $listen = '127.0.0.1:9000', $listen_backlog = '-1', $listen_allowed_clients = undef, $listen_owner = undef, $listen_group = undef, $listen_mode = undef, $user = $php::fpm::config::user, $group = $php::fpm::config::group, $pm = 'dynamic', $pm_max_children = '50', $pm_start_servers = '5', $pm_min_spare_servers = '5', $pm_max_spare_servers = '35', $pm_max_requests = '0', $pm_process_idle_timeout = '10s', $pm_status_path = undef, $ping_path = undef, $ping_response = 'pong', $access_log = undef, $access_log_format = '"%R - %u %t \"%m %r\" %s"', $request_terminate_timeout = '0', $request_slowlog_timeout = '0', $security_limit_extensions = undef, $slowlog = "/var/log/php-fpm/${name}-slow.log", $template = 'php/fpm/pool.conf.erb', $rlimit_files = undef, $rlimit_core = undef, $chroot = undef, $chdir = undef, $catch_workers_output = 'no', $include = undef, $env = [], $env_value = {}, $clear_env = true, $options = {}, $php_value = {}, $php_flag = {}, $php_admin_value = {}, $php_admin_flag = {}, $php_directives = [], $root_group = $php::params::root_group, Optional[Stdlib::Absolutepath] $base_dir = undef, ) { - # The base class must be included first because it is used by parameter defaults if ! defined(Class['php']) { warning('You must include the php base class before using any php defined resources') } $pool = $title # Hack-ish to default to user for group too $group_final = $group ? { undef => $user, default => $group } # On FreeBSD fpm is not a separate package, but included in the 'php' package. # Implies that the option SET+=FPM was set when building the port. $real_package = $facts['os']['name'] ? { 'FreeBSD' => [], default => $php::fpm::package, } $pool_base_dir = pick_default($base_dir, $php::fpm::config::pool_base_dir, $php::params::fpm_pool_dir) if ($ensure == 'absent') { file { "${pool_base_dir}/${pool}.conf": ensure => absent, notify => Class['::php::fpm::service'], } } else { file { "${pool_base_dir}/${pool}.conf": ensure => file, notify => Class['::php::fpm::service'], require => Package[$real_package], content => template($template), owner => root, group => $root_group, mode => '0640', } } } diff --git a/manifests/fpm/service.pp b/manifests/fpm/service.pp index b4398cc..5aa7a0f 100644 --- a/manifests/fpm/service.pp +++ b/manifests/fpm/service.pp @@ -1,50 +1,49 @@ # Manage fpm service # # === Parameters # # [*service_name*] # name of the php-fpm service # # [*ensure*] # 'ensure' value for the service # # [*enable*] # Defines if the service is enabled # # [*provider*] # Defines if the service provider to use # -class php::fpm::service( +class php::fpm::service ( $service_name = $php::fpm::service_name, $ensure = $php::fpm::service_ensure, $enable = $php::fpm::service_enable, $provider = $php::fpm::service_provider, ) { - if ! defined(Class['php::fpm']) { warning('php::fpm::service is private') } $reload = "service ${service_name} reload" if ($facts['os']['name'] == 'Ubuntu' - and versioncmp($facts['os']['release']['full'], '12') >= 0 - and versioncmp($facts['os']['release']['full'], '14') < 0) { + and versioncmp($facts['os']['release']['full'], '12') >= 0 + and versioncmp($facts['os']['release']['full'], '14') < 0) { # Precise upstart doesn't support reload signals, so use # regular service restart instead $restart = undef } else { $restart = $reload } service { $service_name: ensure => $ensure, enable => $enable, provider => $provider, hasrestart => true, restart => $restart, hasstatus => true, } ::Php::Extension <| |> ~> Service[$service_name] } diff --git a/manifests/global.pp b/manifests/global.pp index bc28e26..5ccdbde 100644 --- a/manifests/global.pp +++ b/manifests/global.pp @@ -1,28 +1,27 @@ # Install and configure mod_php for fpm # # === Parameters # # [*inifile*] # Absolute path to the global php.ini file. Defaults # to the OS specific default location as defined in params. # [*settings*] # Hash of settings to apply to the global php.ini file. # Defaults to OS specific defaults (i.e. add nothing) # # -class php::global( +class php::global ( Stdlib::Absolutepath $inifile = $php::config_root_inifile, Hash $settings = {} ) inherits ::php { - assert_private() # No deep merging required since the settings we have are the global settings. $real_settings = $settings php::config { 'global': file => $inifile, config => $real_settings, } } diff --git a/manifests/globals.pp b/manifests/globals.pp index 8a80054..17b9457 100644 --- a/manifests/globals.pp +++ b/manifests/globals.pp @@ -1,170 +1,169 @@ # PHP globals class # # === Parameters # # [*php_version*] # The version of php. # # [*config_root*] # The configuration root directory. # # [*fpm_pid_file*] # Path to pid file for fpm # # [*rhscl_mode*] # The mode specifies the specifics in paths for the various RedHat SCL environments so that the module is configured # correctly on their pathnames. # # Valid modes are: 'rhscl', 'remi' # class php::globals ( Optional[Pattern[/^(rh-)?(php)?[57](\.)?[0-9]/]] $php_version = undef, Optional[Stdlib::Absolutepath] $config_root = undef, Optional[Stdlib::Absolutepath] $fpm_pid_file = undef, $rhscl_mode = undef, ) { - $default_php_version = $facts['os']['name'] ? { 'Debian' => $facts['os']['release']['major'] ? { '9' => '7.0', '10' => '7.3', default => '5.x', }, 'Ubuntu' => $facts['os']['release']['major'] ? { '18.04' => '7.2', '16.04' => '7.0', default => '5.x', }, default => '5.x', } $globals_php_version = pick($php_version, $default_php_version) case $facts['os']['family'] { 'Debian': { if $facts['os']['name'] == 'Ubuntu' { case $globals_php_version { /^5\.4/: { $default_config_root = '/etc/php5' $default_fpm_pid_file = "/var/run/php/php${globals_php_version}-fpm.pid" $fpm_error_log = '/var/log/php5-fpm.log' $fpm_service_name = 'php5-fpm' $ext_tool_enable = '/usr/sbin/php5enmod' $ext_tool_query = '/usr/sbin/php5query' $package_prefix = 'php5-' } /^[57].[0-9]/: { $default_config_root = "/etc/php/${globals_php_version}" $default_fpm_pid_file = "/var/run/php/php${globals_php_version}-fpm.pid" $fpm_error_log = "/var/log/php${globals_php_version}-fpm.log" $fpm_service_name = "php${globals_php_version}-fpm" $ext_tool_enable = "/usr/sbin/phpenmod -v ${globals_php_version}" $ext_tool_query = "/usr/sbin/phpquery -v ${globals_php_version}" $package_prefix = "php${globals_php_version}-" } default: { # Default php installation from Ubuntu official repository use the following paths until 16.04 # For PPA please use the $php_version to override it. $default_config_root = '/etc/php5' $default_fpm_pid_file = '/var/run/php5-fpm.pid' $fpm_error_log = '/var/log/php5-fpm.log' $fpm_service_name = 'php5-fpm' $ext_tool_enable = '/usr/sbin/php5enmod' $ext_tool_query = '/usr/sbin/php5query' $package_prefix = 'php5-' } } } else { case $globals_php_version { /^5\.6/, /^7\.[0-9]/: { $default_config_root = "/etc/php/${globals_php_version}" $default_fpm_pid_file = "/var/run/php/php${globals_php_version}-fpm.pid" $fpm_error_log = "/var/log/php${globals_php_version}-fpm.log" $fpm_service_name = "php${globals_php_version}-fpm" $ext_tool_enable = "/usr/sbin/phpenmod -v ${globals_php_version}" $ext_tool_query = "/usr/sbin/phpquery -v ${globals_php_version}" $package_prefix = "php${globals_php_version}-" } default: { $default_config_root = '/etc/php5' $default_fpm_pid_file = '/var/run/php5-fpm.pid' $fpm_error_log = '/var/log/php5-fpm.log' $fpm_service_name = 'php5-fpm' $ext_tool_enable = '/usr/sbin/php5enmod' $ext_tool_query = '/usr/sbin/php5query' $package_prefix = 'php5-' } } } } 'Suse': { case $globals_php_version { /^7/: { $default_config_root = '/etc/php7' $package_prefix = 'php7-' $default_fpm_pid_file = '/var/run/php7-fpm.pid' $fpm_error_log = '/var/log/php7-fpm.log' } default: { $default_config_root = '/etc/php5' $package_prefix = 'php5-' $default_fpm_pid_file = '/var/run/php5-fpm.pid' $fpm_error_log = '/var/log/php5-fpm.log' } } } 'RedHat': { case $rhscl_mode { 'remi': { $rhscl_root = "/opt/remi/${php_version}/root" $default_config_root = "/etc/opt/remi/${php_version}" $default_fpm_pid_file = '/var/run/php-fpm/php-fpm.pid' $package_prefix = "${php_version}-php-" $fpm_service_name = "${php_version}-php-fpm" } 'rhscl': { $rhscl_root = "/opt/rh/${php_version}/root" $default_config_root = "/etc/opt/rh/${php_version}" # rhscl registers contents by copy in /etc/opt/rh $default_fpm_pid_file = "/var/opt/rh/${php_version}/run/php-fpm/php-fpm.pid" $package_prefix = "${php_version}-php-" $fpm_service_name = "${php_version}-php-fpm" } undef: { $default_config_root = '/etc/php.d' $default_fpm_pid_file = '/var/run/php-fpm/php-fpm.pid' $fpm_service_name = undef $package_prefix = undef } default: { fail("Unsupported rhscl_mode '${rhscl_mode}'") } } } 'FreeBSD': { case $globals_php_version { /^(\d)\.(\d)$/: { $package_prefix = "php${1}${2}-" } default: { $package_prefix = 'php56-' } } $default_config_root = '/usr/local/etc' $default_fpm_pid_file = '/var/run/php-fpm.pid' $fpm_service_name = undef } 'Archlinux': { $default_config_root = '/etc/php' $default_fpm_pid_file = '/run/php-fpm/php-fpm.pid' } default: { fail("Unsupported osfamily: ${facts['os']['family']}") } } $globals_config_root = pick($config_root, $default_config_root) $globals_fpm_pid_file = pick($fpm_pid_file, $default_fpm_pid_file) } diff --git a/manifests/init.pp b/manifests/init.pp index 6318d77..1035bbc 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,246 +1,245 @@ # Base class with global configuration parameters that pulls in all # enabled components. # # === Parameters # # [*ensure*] # Specify which version of PHP packages to install, defaults to 'present'. # Please note that 'absent' to remove packages is not supported! # # [*manage_repos*] # Include repository (dotdeb, ppa, etc.) to install recent PHP from # # [*fpm*] # Install and configure php-fpm # # [*fpm_service_enable*] # Enable/disable FPM service # # [*fpm_service_ensure*] # Ensure FPM service is either 'running' or 'stopped' # # [*fpm_service_name*] # This is the name of the php-fpm service. It defaults to reasonable OS # defaults but can be different in case of using php7.0/other OS/custom fpm service # # [*fpm_service_provider*] # This is the name of the service provider, in case there is a non # OS default service provider used to start FPM. # Defaults to 'undef', pick system defaults. # # [*fpm_pools*] # Hash of php::fpm::pool resources that will be created. Defaults # to a single php::fpm::pool named www with default parameters. # # [*fpm_global_pool_settings*] # Hash of defaults params php::fpm::pool resources that will be created. # Defaults to empty hash. # # [*fpm_inifile*] # Path to php.ini for fpm # # [*fpm_package*] # Name of fpm package to install # # [*fpm_user*] # The user that php-fpm should run as # # [*fpm_group*] # The group that php-fpm should run as # # [*dev*] # Install php header files, needed to install pecl modules # # [*composer*] # Install and auto-update composer # # [*pear*] # Install PEAR # # [*phpunit*] # Install phpunit # # [*apache_config*] # Manage apache's mod_php configuration # # [*proxy_type*] # proxy server type (none|http|https|ftp) # # [*proxy_server*] # specify a proxy server, with port number if needed. ie: https://example.com:8080. # # [*extensions*] # Install PHP extensions, this is overwritten by hiera hash `php::extensions` # # [*package_prefix*] # This is the prefix for constructing names of php packages. This defaults # to a sensible default depending on your operating system, like 'php-' or # 'php5-'. # # [*config_root_ini*] # This is the path to the config .ini files of the extensions. This defaults # to a sensible default depending on your operating system, like # '/etc/php5/mods-available' or '/etc/php5/conf.d'. # # [*config_root_inifile*] # The path to the global php.ini file. This defaults to a sensible default # depending on your operating system. # # [*ext_tool_enable*] # Absolute path to php tool for enabling extensions in debian/ubuntu systems. # This defaults to '/usr/sbin/php5enmod'. # # [*ext_tool_query*] # Absolute path to php tool for querying information about extensions in # debian/ubuntu systems. This defaults to '/usr/sbin/php5query'. # # [*ext_tool_enabled*] # Enable or disable the use of php tools on debian based systems # debian/ubuntu systems. This defaults to 'true'. # # [*log_owner*] # The php-fpm log owner # # [*log_group*] # The group owning php-fpm logs # # [*embedded*] # Enable embedded SAPI # # [*pear_ensure*] # The package ensure of PHP pear to install and run pear auto_discover # # [*settings*] # PHP configuration parameters in php.ini files as a hash. For example, # 'Date/date.timezone' => 'Australia/Melbourne' sets data.timezone # to 'Australia/Melbourne' under [Date] section, and # 'PHP/memory_limit' => '256M' sets memory_limit to 256M. # # [*cli_settings*] # Additional hash of PHP configuration parameters for PHP CLI. When a # setting key already exists in $settings, the value provided from the # $cli_settings parameter overrides the value from $settings parameter. # For example, 'PHP/memory_limit' => '1000M' sets memory_limit to 1000M # for the PHP cli ini file, regardless of the values from $settings. # # [*pool_purge*] # Whether to purge pool config files not created # by this module # class php ( String $ensure = $php::params::ensure, Boolean $manage_repos = $php::params::manage_repos, Boolean $fpm = true, $fpm_service_enable = $php::params::fpm_service_enable, $fpm_service_ensure = $php::params::fpm_service_ensure, $fpm_service_name = $php::params::fpm_service_name, $fpm_service_provider = undef, Hash $fpm_pools = $php::params::fpm_pools, Hash $fpm_global_pool_settings = {}, $fpm_inifile = $php::params::fpm_inifile, $fpm_package = undef, $fpm_user = $php::params::fpm_user, $fpm_group = $php::params::fpm_group, Boolean $embedded = false, Boolean $dev = true, Boolean $composer = true, Boolean $pear = true, String $pear_ensure = $php::params::pear_ensure, Boolean $phpunit = false, Boolean $apache_config = false, $proxy_type = undef, $proxy_server = undef, Hash $extensions = {}, Hash $settings = {}, Hash $cli_settings = {}, $package_prefix = $php::params::package_prefix, Stdlib::Absolutepath $config_root_ini = $php::params::config_root_ini, Stdlib::Absolutepath $config_root_inifile = $php::params::config_root_inifile, Optional[Stdlib::Absolutepath] $ext_tool_enable = $php::params::ext_tool_enable, Optional[Stdlib::Absolutepath] $ext_tool_query = $php::params::ext_tool_query, Boolean $ext_tool_enabled = $php::params::ext_tool_enabled, String $log_owner = $php::params::fpm_user, String $log_group = $php::params::fpm_group, Boolean $pool_purge = $php::params::pool_purge, ) inherits php::params { - $real_fpm_package = pick($fpm_package, "${package_prefix}${php::params::fpm_package_suffix}") $real_settings = $settings $real_extensions = $extensions $real_fpm_pools = $fpm_pools $real_fpm_global_pool_settings = $fpm_global_pool_settings # Merge in additional or overridden settings for php::cli::settings. $final_cli_settings = $real_settings + $cli_settings if $manage_repos { contain php::repo } - class { 'php::packages': } - -> class { 'php::cli': - settings => $final_cli_settings, - } - contain php::packages - contain php::cli + class { 'php::packages': } + -> class { 'php::cli': + settings => $final_cli_settings, + } + contain php::packages + contain php::cli # Configure global PHP settings in php.ini if $facts['os']['family'] != 'Debian' { Class['php::packages'] - -> class {'php::global': + -> class { 'php::global': settings => $real_settings, } contain php::global } if $fpm { contain 'php::fpm' } if $embedded { if $facts['os']['family'] == 'RedHat' and $fpm { # Both fpm and embeded SAPIs are using same php.ini fail('Enabling both cli and embedded sapis is not currently supported') } class { 'php::embedded': settings => $real_settings, } contain php::embedded } if $dev { contain php::dev } if $composer { class { 'php::composer': proxy_type => $proxy_type, proxy_server => $proxy_server, } } if $pear { class { 'php::pear': ensure => $pear_ensure, } } if $phpunit { contain php::phpunit } if $apache_config { class { 'php::apache_config': settings => $real_settings, } contain php::apache_config } create_resources('php::extension', $real_extensions, { - require => Class['php::cli'], + require => Class['php::cli'], }) # On FreeBSD purge the system-wide extensions.ini. It is going # to be replaced with per-module configuration files. if $facts['os']['family'] == 'FreeBSD' { # Purge the system-wide extensions.ini file { '/usr/local/etc/php/extensions.ini': ensure => absent, require => Class['php::packages'], } } } diff --git a/manifests/packages.pp b/manifests/packages.pp index fd556e0..86bcafa 100644 --- a/manifests/packages.pp +++ b/manifests/packages.pp @@ -1,38 +1,37 @@ # Install common PHP packages # # === Parameters # # [*ensure*] # Specify which version of PHP packages to install # # [*names*] # List of the names of the package to install # # [*names_to_prefix*] # List of packages names that should be prefixed with the common # package prefix `$php::package_prefix` # class php::packages ( String $ensure = $php::ensure, Boolean $manage_repos = $php::manage_repos, Array $names_to_prefix = prefix($php::params::common_package_suffixes, $php::package_prefix), Array $names = $php::params::common_package_names, ) inherits php::params { - assert_private() $real_names = union($names, $names_to_prefix) if $facts['os']['family'] == 'Debian' { if $manage_repos { include apt Class['::apt::update'] -> Package[$real_names] } package { $real_names: ensure => $ensure, } } else { package { $real_names: ensure => $ensure, } } } diff --git a/manifests/params.pp b/manifests/params.pp index 313e041..ec28c51 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,236 +1,235 @@ # PHP params class # class php::params inherits php::globals { - $ensure = 'present' $fpm_service_enable = true $fpm_service_ensure = 'running' $composer_source = 'https://getcomposer.org/composer.phar' $composer_path = '/usr/local/bin/composer' $composer_max_age = 30 $pear_ensure = 'present' $pear_package_suffix = 'pear' $phpunit_source = 'https://phar.phpunit.de/phpunit.phar' $phpunit_path = '/usr/local/bin/phpunit' $phpunit_max_age = 30 $pool_purge = false $fpm_pools = { 'www' => { 'catch_workers_output' => 'no', 'listen' => '127.0.0.1:9000', 'listen_backlog' => '-1', 'pm' => 'dynamic', 'pm_max_children' => 50, 'pm_max_requests' => 0, 'pm_max_spare_servers' => 35, 'pm_min_spare_servers' => 5, 'pm_start_servers' => 5, 'request_terminate_timeout' => 0, }, } case $facts['os']['family'] { 'Debian': { $config_root = $php::globals::globals_config_root $config_root_ini = "${config_root}/mods-available" $config_root_inifile = "${config_root}/php.ini" $common_package_names = [] $common_package_suffixes = ['cli', 'common'] $cli_inifile = "${config_root}/cli/php.ini" $dev_package_suffix = 'dev' $fpm_pid_file = $php::globals::globals_fpm_pid_file $fpm_config_file = "${config_root}/fpm/php-fpm.conf" $fpm_error_log = $php::globals::fpm_error_log $fpm_inifile = "${config_root}/fpm/php.ini" $fpm_package_suffix = 'fpm' $fpm_pool_dir = "${config_root}/fpm/pool.d" $fpm_service_name = $php::globals::fpm_service_name $fpm_user = 'www-data' $fpm_group = 'www-data' $apache_inifile = "${config_root}/apache2/php.ini" $embedded_package_suffix = 'embed' $embedded_inifile = "${config_root}/embed/php.ini" $package_prefix = $php::globals::package_prefix $compiler_packages = 'build-essential' $root_group = 'root' $ext_tool_enable = $php::globals::ext_tool_enable $ext_tool_query = $php::globals::ext_tool_query $ext_tool_enabled = true case $facts['os']['name'] { 'Debian': { $manage_repos = false } 'Ubuntu': { $manage_repos = false } default: { $manage_repos = false } } } 'Suse': { if ($php::globals::php_version != undef) { $php_version_major = regsubst($php::globals::php_version, '^(\d+)\.(\d+)$','\1') } else { $php_version_major = 5 } $config_root = $php::globals::globals_config_root $config_root_ini = "${config_root}/conf.d" $config_root_inifile = "${config_root}/php.ini" $common_package_names = ["php${php_version_major}"] $common_package_suffixes = [] $cli_inifile = "${config_root}/cli/php.ini" $dev_package_suffix = 'devel' $fpm_pid_file = $php::globals::globals_fpm_pid_file $fpm_config_file = "${config_root}/fpm/php-fpm.conf" $fpm_error_log = $php::globals::fpm_error_log $fpm_inifile = "${config_root}/fpm/php.ini" $fpm_package_suffix = 'fpm' $fpm_pool_dir = "${config_root}/fpm/pool.d" $fpm_service_name = 'php-fpm' $fpm_user = 'wwwrun' $fpm_group = 'www' $embedded_package_suffix = 'embed' $embedded_inifile = "${config_root}/embed/php.ini" $package_prefix = $php::globals::package_prefix $manage_repos = true $root_group = 'root' $ext_tool_enable = undef $ext_tool_query = undef $ext_tool_enabled = false case $facts['os']['name'] { 'SLES': { $compiler_packages = [] } 'OpenSuSE': { $compiler_packages = 'devel_basis' } default: { fail("Unsupported operating system ${facts['os']['name']}") } } } 'RedHat': { $config_root = $php::globals::globals_config_root case $php::globals::rhscl_mode { 'remi': { $config_root_ini = "${config_root}/php.d" $config_root_inifile = "${config_root}/php.ini" $cli_inifile = $config_root_inifile $fpm_inifile = $config_root_inifile $fpm_config_file = "${config_root}/php-fpm.conf" $fpm_pool_dir = "${config_root}/php-fpm.d" $php_bin_dir = "${php::globals::rhscl_root}/bin" } 'rhscl': { $config_root_ini = "${config_root}/php.d" $config_root_inifile = "${config_root}/php.ini" $cli_inifile = "${config_root}/php-cli.ini" $fpm_inifile = "${config_root}/php-fpm.ini" $fpm_config_file = "${config_root}/php-fpm.conf" $fpm_pool_dir = "${config_root}/php-fpm.d" $php_bin_dir = "${php::globals::rhscl_root}/bin" } undef: { # no rhscl $config_root_ini = $config_root $config_root_inifile = '/etc/php.ini' $cli_inifile = '/etc/php-cli.ini' $fpm_inifile = '/etc/php-fpm.ini' $fpm_config_file = '/etc/php-fpm.conf' $fpm_pool_dir = '/etc/php-fpm.d' } default: { fail("Unsupported rhscl_mode '${php::globals::rhscl_mode}'") } } $apache_inifile = $config_root_inifile $embedded_inifile = $config_root_inifile $common_package_names = [] $common_package_suffixes = ['cli', 'common'] $dev_package_suffix = 'devel' $fpm_pid_file = $php::globals::globals_fpm_pid_file $fpm_error_log = '/var/log/php-fpm/error.log' $fpm_package_suffix = 'fpm' $fpm_service_name = pick($php::globals::fpm_service_name, 'php-fpm') $fpm_user = 'apache' $fpm_group = 'apache' $embedded_package_suffix = 'embedded' $package_prefix = pick($php::globals::package_prefix, 'php-') $compiler_packages = ['gcc', 'gcc-c++', 'make'] $manage_repos = false $root_group = 'root' $ext_tool_enable = undef $ext_tool_query = undef $ext_tool_enabled = false } 'FreeBSD': { $config_root = $php::globals::globals_config_root $config_root_ini = "${config_root}/php" $config_root_inifile = "${config_root}/php.ini" # No common packages, because the required PHP base package will be # pulled in as a dependency. This preserves the ability to choose # any available PHP version by setting the 'package_prefix' parameter. $common_package_names = [] $common_package_suffixes = ['extensions'] $cli_inifile = "${config_root}/php-cli.ini" $dev_package_suffix = undef $fpm_pid_file = $php::globals::globals_fpm_pid_file $fpm_config_file = "${config_root}/php-fpm.conf" $fpm_error_log = '/var/log/php-fpm.log' $fpm_inifile = "${config_root}/php-fpm.ini" $fpm_package_suffix = undef $fpm_pool_dir = "${config_root}/php-fpm.d" $fpm_service_name = 'php-fpm' $fpm_user = 'www' $fpm_group = 'www' $embedded_package_suffix = 'embed' $embedded_inifile = "${config_root}/php-embed.ini" $package_prefix = $php::globals::package_prefix $compiler_packages = ['gcc'] $manage_repos = false $root_group = 'wheel' $ext_tool_enable = undef $ext_tool_query = undef $ext_tool_enabled = false } 'Archlinux': { $config_root_ini = '/etc/php/conf.d' $config_root_inifile = '/etc/php/php.ini' $common_package_names = [] $common_package_suffixes = [] $cli_inifile = '/etc/php/php.ini' $dev_package_suffix = undef $fpm_pid_file = '/run/php-fpm/php-fpm.pid' $fpm_config_file = '/etc/php/php-fpm.conf' $fpm_error_log = 'syslog' $fpm_inifile = '/etc/php/php.ini' $fpm_package_suffix = 'fpm' $fpm_pool_dir = '/etc/php/php-fpm.d' $fpm_service_name = 'php-fpm' $fpm_user = 'root' $fpm_group = 'root' $apache_inifile = '/etc/php/php.ini' $embedded_package_suffix = 'embedded' $embedded_inifile = '/etc/php/php.ini' $package_prefix = 'php-' $compiler_packages = ['gcc', 'make'] $manage_repos = false $root_group = 'root' $ext_tool_enable = undef $ext_tool_query = undef $ext_tool_enabled = false } default: { fail("Unsupported osfamily: ${facts['os']['family']}") } } } diff --git a/manifests/pear.pp b/manifests/pear.pp index 6c3cd52..556ac5c 100644 --- a/manifests/pear.pp +++ b/manifests/pear.pp @@ -1,66 +1,62 @@ # Install PEAR package manager # # === Parameters # # [*ensure*] # The package ensure of PHP pear to install and run pear auto_discover # # [*package*] # The package name for PHP pear # class php::pear ( String $ensure = $php::pear_ensure, Optional[String] $package = undef, Boolean $manage_repos = $php::manage_repos, ) inherits php::params { - assert_private() # Defaults for the pear package name if $package { $package_name = $package } else { if $facts['os']['name'] == 'Amazon' { # On Amazon Linux the package name is also just 'php-pear'. # This would normally not be problematic but if you specify a # package_prefix other than 'php' then it will fail. $package_name = "php-${php::params::pear_package_suffix}" } else { case $facts['os']['family'] { 'Debian': { # Debian is a litte stupid: The pear package is called 'php-pear' # even though others are called 'php5-fpm' or 'php5-dev' $package_name = "php-${php::params::pear_package_suffix}" } default: { # This is the default for all other architectures $package_name = "${php::package_prefix}${php::params::pear_package_suffix}" } } } } # the apt module provides apt::update. apt is only included if we manage any repos $require = $manage_repos ? { true => Class['::apt::update'], false => undef, } # Default PHP come with xml module and no seperate package for it if $facts['os']['name'] == 'Ubuntu' and versioncmp($facts['os']['release']['full'], '16.04') >= 0 { - ensure_packages(["${php::package_prefix}xml"], { - ensure => present, - require => $require, - }) + ensure_packages(["${php::package_prefix}xml"], { ensure => present, require => $require, }) package { $package_name: ensure => $ensure, require => [$require,Class['php::cli'],Package["${php::package_prefix}xml"]], } } else { package { $package_name: ensure => $ensure, require => Class['php::cli'], } } } diff --git a/manifests/phpunit.pp b/manifests/phpunit.pp index 3ff3088..e6939fb 100644 --- a/manifests/phpunit.pp +++ b/manifests/phpunit.pp @@ -1,48 +1,47 @@ # Install phpunit, PHP testing framework # # === Parameters # # [*source*] # Holds URL to the phpunit source file # # [*path*] # Holds path to the phpunit executable # # [*auto_update*] # Defines if phpunit should be auto updated # # [*max_age*] # Defines the time in days after which an auto-update gets executed # class php::phpunit ( String $source = $php::params::phpunit_source, Stdlib::Absolutepath $path = $php::params::phpunit_path, String[1] $root_group = $php::params::root_group, Boolean $auto_update = true, Integer $max_age = $php::params::phpunit_max_age, ) inherits php::params { - assert_private() ensure_packages(['wget']) exec { 'download phpunit': command => "wget ${source} -O ${path}", creates => $path, path => ['/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/', '/usr/local/bin', '/usr/local/sbin'], require => [Class['php::cli'],Package['wget']], } -> file { $path: mode => '0555', owner => root, group => $root_group, } if $auto_update { class { 'php::phpunit::auto_update': max_age => $max_age, source => $source, path => $path, } } } diff --git a/manifests/phpunit/auto_update.pp b/manifests/phpunit/auto_update.pp index 2510553..985c477 100644 --- a/manifests/phpunit/auto_update.pp +++ b/manifests/phpunit/auto_update.pp @@ -1,28 +1,27 @@ # Install phpunit package manager # # === Parameters # # [*max_age*] # Defines number of days after which phpunit should be updated # # [*source*] # Holds URL to the phpunit source file # # [*path*] # Holds path to the phpunit executable # class php::phpunit::auto_update ( $max_age, $source, $path, ) { - assert_private() exec { 'update phpunit': command => "wget ${source} -O ${path}", onlyif => "test `find '${path}' -mtime +${max_age}`", - path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/', '/usr/local/bin', '/usr/local/sbin' ], + path => ['/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/', '/usr/local/bin', '/usr/local/sbin'], require => File[$path], } } diff --git a/manifests/repo.pp b/manifests/repo.pp index dd773a6..9cd217c 100644 --- a/manifests/repo.pp +++ b/manifests/repo.pp @@ -1,33 +1,32 @@ # Configure package repository # class php::repo { - $msg_no_repo = "No repo available for ${facts['os']['family']}/${facts['os']['name']}" case $facts['os']['family'] { 'Debian': { # no contain here because apt does that already case $facts['os']['name'] { 'Debian': { include php::repo::debian } 'Ubuntu': { include php::repo::ubuntu } default: { fail($msg_no_repo) } } } 'FreeBSD': {} 'Suse': { contain php::repo::suse } 'RedHat': { contain 'php::repo::redhat' } default: { fail($msg_no_repo) } } } diff --git a/manifests/repo/debian.pp b/manifests/repo/debian.pp index 6133fe0..1bf4aeb 100644 --- a/manifests/repo/debian.pp +++ b/manifests/repo/debian.pp @@ -1,84 +1,83 @@ # Configure debian apt repo # # === Parameters # # [*location*] # Location of the apt repository # # [*release*] # Release of the apt repository # # [*repos*] # Apt repository names # # [*include_src*] # Add source source repository # # [*key*] # Public key in apt::key format # # [*dotdeb*] # Enable special dotdeb handling # # [*sury*] # Enable special sury handling # -class php::repo::debian( +class php::repo::debian ( $location = 'https://packages.dotdeb.org', $release = 'wheezy-php56', $repos = 'all', $include_src = false, $key = { 'id' => '6572BBEF1B5FF28B28B706837E3F070089DF5277', 'source' => 'http://www.dotdeb.org/dotdeb.gpg', }, $dotdeb = true, $sury = true, ) { - assert_private() include 'apt' apt::source { "source_php_${release}": location => $location, release => $release, repos => $repos, include => { 'src' => $include_src, 'deb' => true, }, key => $key, } if ($dotdeb) { # both repositories are required to work correctly # See: http://www.dotdeb.org/instructions/ if $release == 'wheezy-php56' { apt::source { 'dotdeb-wheezy': location => $location, release => 'wheezy', repos => $repos, include => { 'src' => $include_src, 'deb' => true, }, } } } - if ($sury and $php::globals::php_version in ['5.6','7.1','7.2'] ) { + if ($sury and $php::globals::php_version in ['5.6','7.1','7.2']) { apt::source { 'source_php_sury': location => 'https://packages.sury.org/php/', repos => 'main', include => { 'src' => $include_src, 'deb' => true, }, key => { id => '15058500A0235D97F5D10063B188E2B695BD4743', source => 'https://packages.sury.org/php/apt.gpg', }, } } } diff --git a/manifests/repo/redhat.pp b/manifests/repo/redhat.pp index bd64e05..16cad24 100644 --- a/manifests/repo/redhat.pp +++ b/manifests/repo/redhat.pp @@ -1,35 +1,34 @@ # Configure a yum repo for RedHat-based systems # # === Parameters # # [*yum_repo*] # Class name of the repo under ::yum::repo # class php::repo::redhat ( $yum_repo = 'remi_php56', ) { - $releasever = $facts['os']['name'] ? { /(?i:Amazon)/ => '6', default => '$releasever', # Yum var } yumrepo { 'remi': descr => 'Remi\'s RPM repository for Enterprise Linux $releasever - $basearch', mirrorlist => "https://rpms.remirepo.net/enterprise/${releasever}/remi/mirror", enabled => 1, gpgcheck => 1, gpgkey => 'https://rpms.remirepo.net/RPM-GPG-KEY-remi', priority => 1, } yumrepo { 'remi-php56': descr => 'Remi\'s PHP 5.6 RPM repository for Enterprise Linux $releasever - $basearch', mirrorlist => "https://rpms.remirepo.net/enterprise/${releasever}/php56/mirror", enabled => 1, gpgcheck => 1, gpgkey => 'https://rpms.remirepo.net/RPM-GPG-KEY-remi', priority => 1, } } diff --git a/metadata.json b/metadata.json index f7ce00b..22f409c 100644 --- a/metadata.json +++ b/metadata.json @@ -1,90 +1,88 @@ { "name": "puppet-php", "version": "7.1.1-rc0", "author": "Vox Pupuli", "summary": "Generic PHP module that supports many platforms", "license": "MIT", "source": "https://github.com/voxpupuli/puppet-php", "project_page": "https://github.com/voxpupuli/puppet-php", "issues_url": "https://github.com/voxpupuli/puppet-php/issues", "description": "Puppet module that aims to manage PHP and extensions in a generic way on many platforms with sane defaults and easy configuration", "dependencies": [ { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.16.0 < 7.0.0" }, { "name": "puppetlabs/apt", "version_requirement": ">= 4.4.0 < 8.0.0" }, { "name": "puppetlabs/inifile", "version_requirement": ">= 1.4.1 < 5.0.0" }, { "name": "puppet/zypprepo", "version_requirement": ">= 2.0.0 < 3.0.0" }, { "name": "puppet/archive", "version_requirement": ">= 1.0.0 < 5.0.0" } ], "requirements": [ { "name": "puppet", "version_requirement": ">= 5.5.8 < 7.0.0" } ], "operatingsystem_support": [ { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ "16.04", "18.04" ] }, { "operatingsystem": "Debian", "operatingsystemrelease": [ "8", "9", "10" ] }, { "operatingsystem": "RedHat", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "FreeBSD", "operatingsystemrelease": [ - "9", - "10", "11" ] }, { "operatingsystem": "SLES", "operatingsystemrelease": [ "11" ] }, { "operatingsystem": "OpenSUSE" }, { "operatingsystem": "Archlinux" } ] } diff --git a/spec/classes/php_repo_ubuntu_spec.rb b/spec/classes/php_repo_ubuntu_spec.rb index 6650ab4..56b68a3 100644 --- a/spec/classes/php_repo_ubuntu_spec.rb +++ b/spec/classes/php_repo_ubuntu_spec.rb @@ -1,49 +1,49 @@ require 'spec_helper' describe 'php::repo::ubuntu', type: :class do on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end case facts[:lsbdistcodename] when 'trusty' describe 'when called with no parameters on Ubuntu trusty' do it { is_expected.to contain_exec('add-apt-repository-ppa:ondrej/php') } end describe 'when called with version 7.0 on Ubuntu trusty' do let(:params) do { version: '7.0' } end it { is_expected.to contain_exec('add-apt-repository-ppa:ondrej/php') } end describe 'when call with version 5.6 on Ubuntu trusty' do let(:params) do { version: '5.6' } end it { is_expected.to contain_exec('add-apt-repository-ppa:ondrej/php') } end describe 'when call with version 5.4 on Ubuntu trusty' do let(:params) do { version: '5.4' } end - it { expect { is_expected.to raise_error(Puppet::Error) } } + it { is_expected.to raise_error(Puppet::Error) } end end end end end diff --git a/spec/defines/config_spec.rb b/spec/defines/config_spec.rb index e0c0c75..77976bb 100644 --- a/spec/defines/config_spec.rb +++ b/spec/defines/config_spec.rb @@ -1,114 +1,114 @@ require 'spec_helper' describe 'php::config' do on_supported_os.each do |os, facts| context "on #{os}" do let :facts do facts end case facts[:operatingsystem] when 'Ubuntu' context 'default config' do let(:title) { 'unique-name' } let(:params) do { file: '/etc/php/5.6/conf.d/unique-name.ini', config: {} } end it { is_expected.to compile } end context 'simple example' do let(:title) { 'unique-name' } let(:params) do { file: '/etc/php/5.6/conf.d/unique-name.ini', config: { 'apc.enabled' => 1 } } end it { is_expected.to contain_php__config('unique-name').with_file('/etc/php/5.6/conf.d/unique-name.ini') } end context 'empty array' do let(:title) { 'unique-name' } let(:params) do { file: '/etc/php/5.6/conf.d/unique-name.ini', config: {} } end it { is_expected.to contain_php__config('unique-name').with_file('/etc/php/5.6/conf.d/unique-name.ini') } end context 'invalid config (string)' do let(:title) { 'unique-name' } let(:params) do { file: '/etc/php/5.6/conf.d/unique-name.ini', config: 'hello world' } end - it { expect { is_expected.to raise_error(Puppet::Error) } } + it { is_expected.to raise_error(Puppet::Error) } end else context 'default config' do let(:title) { 'unique-name' } let(:params) do { file: '/etc/php5/conf.d/unique-name.ini', config: {} } end it { is_expected.to compile } end context 'simple example' do let(:title) { 'unique-name' } let(:params) do { file: '/etc/php5/conf.d/unique-name.ini', config: { 'apc.enabled' => 1 } } end it { is_expected.to contain_php__config('unique-name').with_file('/etc/php5/conf.d/unique-name.ini') } end context 'empty array' do let(:title) { 'unique-name' } let(:params) do { file: '/etc/php5/conf.d/unique-name.ini', config: {} } end it { is_expected.to contain_php__config('unique-name').with_file('/etc/php5/conf.d/unique-name.ini') } end context 'invalid config (string)' do let(:title) { 'unique-name' } let(:params) do { file: '/etc/php5/conf.d/unique-name.ini', config: 'hello world' } end - it { expect { is_expected.to raise_error(Puppet::Error) } } + it { is_expected.to raise_error(Puppet::Error) } end end end end end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 7610623..bec34fd 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,17 +1,6 @@ -require 'beaker-rspec' -require 'beaker-puppet' -require 'beaker/puppet_install_helper' -require 'beaker/module_install_helper' +# This file is completely managed via modulesync +require 'voxpupuli/acceptance/spec_helper_acceptance' -run_puppet_install_helper unless ENV['BEAKER_provision'] == 'no' +configure_beaker -RSpec.configure do |c| - # Readable test descriptions - c.formatter = :documentation - - # Configure all nodes in nodeset - c.before :suite do - install_module - install_module_dependencies - end -end +Dir['./spec/support/acceptance/**/*.rb'].sort.each { |f| require f }