aboutsummaryrefslogtreecommitdiff
path: root/manifests/series5
diff options
context:
space:
mode:
Diffstat (limited to 'manifests/series5')
-rw-r--r--manifests/series5/defaults.pp7
-rw-r--r--manifests/series5/hardened.pp8
-rw-r--r--manifests/series5/packages/default.pp22
-rw-r--r--manifests/series5/packages/dpa.pp67
-rw-r--r--manifests/series5/packages/ppa.pp55
5 files changed, 159 insertions, 0 deletions
diff --git a/manifests/series5/defaults.pp b/manifests/series5/defaults.pp
new file mode 100644
index 0000000..15cb8a2
--- /dev/null
+++ b/manifests/series5/defaults.pp
@@ -0,0 +1,7 @@
+class php::series5::defaults {
+ php::config {
+ 'error_reporting' : value => 'E_ALL & ~E_NOTICE & ~E_STRICT';
+ 'post_max_size' : value => '100M';
+ 'upload_max_filesize' : value => '100M';
+ }
+}
diff --git a/manifests/series5/hardened.pp b/manifests/series5/hardened.pp
new file mode 100644
index 0000000..e512402
--- /dev/null
+++ b/manifests/series5/hardened.pp
@@ -0,0 +1,8 @@
+class php::series5::hardened {
+ php::config {
+ 'allow_url_fopen' : value => 'Off';
+ 'allow_url_include' : value => 'Off';
+ 'disable_functions' : value => 'phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, system_exec';
+ #value => 'disable_functions = phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec',
+ }
+}
diff --git a/manifests/series5/packages/default.pp b/manifests/series5/packages/default.pp
new file mode 100644
index 0000000..f16e03e
--- /dev/null
+++ b/manifests/series5/packages/default.pp
@@ -0,0 +1,22 @@
+class php::series5::packages::default {
+ # The needed packages: we could also try libapache2-mod-php5filter
+ package { [ 'php5', 'php5-mysql', 'php5-sqlite', 'php5-cli', 'php5-curl', 'php5-gmp', 'libapache2-mod-php5' ]:
+ ensure => installed,
+ }
+
+ # Optional packages
+ package { [ "php5-gd", "php5-imagick" ]:
+ ensure => installed,
+ }
+
+ # Not available anymore
+ package { 'php5-suhosin':
+ ensure => absent,
+ }
+
+ # The needed apache modules
+ apache::module { 'php5':
+ ensure => present,
+ require => Package['libapache2-mod-php5'],
+ }
+}
diff --git a/manifests/series5/packages/dpa.pp b/manifests/series5/packages/dpa.pp
new file mode 100644
index 0000000..f9fad94
--- /dev/null
+++ b/manifests/series5/packages/dpa.pp
@@ -0,0 +1,67 @@
+class php::series5::packages::dpa {
+ file { '/etc/apt/trusted.gpg.d/deb.sury.org-php.gpg':
+ ensure => present,
+ owner => "root",
+ group => "root",
+ mode => "0644",
+ source => 'puppet:///modules/php/deb.sury.org.gpg',
+ }
+
+ file { '/etc/apt/sources.list.d/php.list' :
+ ensure => present,
+ owner => "root",
+ group => "root",
+ mode => "0644",
+ content => "deb https://packages.sury.org/php/ ${::lsbdistcodename} main\n",
+ require => File['/etc/apt/trusted.gpg.d/deb.sury.org-php.gpg'],
+ notify => Exec['php-apt-auto-update'],
+ }
+
+ exec { 'php-apt-auto-update':
+ command => "/usr/bin/apt-get update",
+ user => "root",
+ refreshonly => true,
+ }
+
+ # The needed packages: we could also try libapache2-mod-php5.6filter
+ package { 'php5':
+ name => 'php5.6',
+ require => File['/etc/apt/sources.list.d/php.list'],
+ }
+
+ package { 'php5-cli':
+ name => 'php5.6-cli',
+ require => File['/etc/apt/sources.list.d/php.list'],
+ }
+
+ package { [ 'php5.6-mysql', 'php5.6-sqlite3', 'php5.6-curl', 'php5.6-gmp', 'libapache2-mod-php5.6' ]:
+ ensure => installed,
+ require => File['/etc/apt/sources.list.d/php.list'],
+ }
+
+ # Optional packages
+ package { [ "php5.6-gd", "php-imagick", "php5.6-xml", "php5.6-mbstring" ]:
+ ensure => installed,
+ require => File['/etc/apt/sources.list.d/php.list'],
+ }
+
+ # Not available anymore
+ package { 'php5.6-suhosin':
+ ensure => absent,
+ require => File['/etc/apt/sources.list.d/php.list'],
+ }
+
+ # The needed apache modules
+ apache::module { 'php5.6':
+ ensure => present,
+ require => Package['libapache2-mod-php5.6'],
+ }
+
+ # Default alternative
+ file { "/etc/alternatives/php":
+ ensure => "/usr/bin/php5.6",
+ owner => root,
+ group => root,
+ require => Package['php5'],
+ }
+}
diff --git a/manifests/series5/packages/ppa.pp b/manifests/series5/packages/ppa.pp
new file mode 100644
index 0000000..f821ab4
--- /dev/null
+++ b/manifests/series5/packages/ppa.pp
@@ -0,0 +1,55 @@
+class php::series5::packages::ppa {
+ #package { 'python-software-properties':
+ # ensure => present,
+ #}
+
+ ## TODO: check repository key!
+ #exec { 'add-apt-repository-ondrej-php':
+ # command => '/usr/bin/add-apt-repository -y ppa:ondrej/php && apt-get update',
+ # user => 'root',
+ # creates => '/etc/apt/sources.list.d/ondrej-ubuntu-php-xenial.list',
+ # require => Package['python-software-properties'],
+ #}
+
+ # The needed packages: we could also try libapache2-mod-php5.6filter
+ package { 'php5':
+ name => 'php5.6',
+ #require => Exec['add-apt-repository-ondrej-php'],
+ }
+
+ package { 'php5-cli':
+ name => 'php5.6-cli',
+ #require => Exec['add-apt-repository-ondrej-php'],
+ }
+
+ package { [ 'php5.6-mysql', 'php5.6-sqlite3', 'php5.6-curl', 'php5.6-gmp', 'libapache2-mod-php5.6' ]:
+ ensure => installed,
+ #require => Exec['add-apt-repository-ondrej-php'],
+ }
+
+ # Optional packages
+ package { [ "php5.6-gd", "php-imagick", "php5.6-xml", "php5.6-mbstring" ]:
+ ensure => installed,
+ #require => Exec['add-apt-repository-ondrej-php'],
+ }
+
+ # Not available anymore
+ package { 'php5.6-suhosin':
+ ensure => absent,
+ #require => Exec['add-apt-repository-ondrej-php'],
+ }
+
+ # The needed apache modules
+ apache::module { 'php5.6':
+ ensure => present,
+ require => Package['libapache2-mod-php5.6'],
+ }
+
+ # Default alternative
+ file { "/etc/alternatives/php":
+ ensure => "/usr/bin/php5.6",
+ owner => root,
+ group => root,
+ require => Package['php5'],
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-27 11:44:34 +0000