From 19a3a2cda8682e8b00f8c8962461cd8b4fef10d5 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 12 Apr 2018 12:29:24 -0300 Subject: Refactor and add php-fpm support --- manifests/dpa.pp | 25 +++++++++++ manifests/fpm.pp | 29 ++++++++++++ manifests/fpm/pool.pp | 22 +++++++++ manifests/init.pp | 10 +++++ manifests/ppa.pp | 37 +++++++++++++++ manifests/resources.pp | 4 +- manifests/series5.pp | 22 +++++---- manifests/series5/packages.pp | 48 ++++++++++++++++++++ manifests/series5/packages/default.pp | 16 ------- manifests/series5/packages/dpa.pp | 72 ------------------------------ manifests/series5/packages/ppa.pp | 84 ----------------------------------- manifests/series7.pp | 36 ++++++++------- manifests/series7/packages.pp | 12 +++++ 13 files changed, 220 insertions(+), 197 deletions(-) create mode 100644 manifests/dpa.pp create mode 100644 manifests/fpm.pp create mode 100644 manifests/fpm/pool.pp create mode 100644 manifests/ppa.pp create mode 100644 manifests/series5/packages.pp delete mode 100644 manifests/series5/packages/default.pp delete mode 100644 manifests/series5/packages/dpa.pp delete mode 100644 manifests/series5/packages/ppa.pp create mode 100644 manifests/series7/packages.pp diff --git a/manifests/dpa.pp b/manifests/dpa.pp new file mode 100644 index 0000000..8292d61 --- /dev/null +++ b/manifests/dpa.pp @@ -0,0 +1,25 @@ +class php::dpa { + file { '/etc/apt/trusted.gpg.d/deb.sury.org-php.gpg': + ensure => present, + owner => "root", + group => "root", + mode => "0644", + source => 'puppet:///modules/php/deb.sury.org.gpg', + } + + file { '/etc/apt/sources.list.d/php.list': + ensure => present, + owner => "root", + group => "root", + mode => "0644", + content => "deb https://packages.sury.org/php/ ${::lsbdistcodename} main\n", + require => File['/etc/apt/trusted.gpg.d/deb.sury.org-php.gpg'], + notify => Exec['php-apt-auto-update'], + } + + exec { 'php-apt-auto-update': + command => "/usr/bin/apt-get update", + user => "root", + refreshonly => true, + } +} diff --git a/manifests/fpm.pp b/manifests/fpm.pp new file mode 100644 index 0000000..25b1ee5 --- /dev/null +++ b/manifests/fpm.pp @@ -0,0 +1,29 @@ +class php::fpm( + $ensure = 'present', +) { + $series = $::php::series + + if $series == '5' { + $version = $::php::series5::version + } + else { + $version = $::php::series7::version + } + + package { 'php-fpm': + ensure => $ensure, + } + + service { "php${version}-fpm": + ensure => $ensure ? { + 'present' => running, + default => stopped, + }, + require => Package['php-fpm'], + } + + apache::module { [ "proxy_fcgi", "setenvif" ]: + ensure => $ensure, + require => Package["apache"], + } +} diff --git a/manifests/fpm/pool.pp b/manifests/fpm/pool.pp new file mode 100644 index 0000000..75560db --- /dev/null +++ b/manifests/fpm/pool.pp @@ -0,0 +1,22 @@ +define php::fpm::pool( + $source, + $ensure = 'present', +) { + $series = $::php::series + + if $series == '5' { + $version = $::php::series5::version + $folder = $::php::series5::folder + } + else { + $version = $::php::series7::version + $folder = $::php::series7::folder + } + + file { "/etc/php/${version}/fpm/pool.d/${name}": + ensure => $ensure, + source => $source, + require => Package['php-fpm'], + notify => Service["php-${version}-fpm"], + } +} diff --git a/manifests/init.pp b/manifests/init.pp index 3c699fc..4714e44 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -19,8 +19,18 @@ class php( $series = '5', $hardened = true, + $apc = absent, + $fpm = absent, ){ class { "php::series${series}": hardened => $hardened, } + + package { [ 'php-apcu', 'php-apcu-bc' ]: + ensure => $apc, + } + + class php::fpm { + ensure => $fpm, + } } diff --git a/manifests/ppa.pp b/manifests/ppa.pp new file mode 100644 index 0000000..d78492a --- /dev/null +++ b/manifests/ppa.pp @@ -0,0 +1,37 @@ +class php::ppa { + #package { 'python-software-properties': + # ensure => present, + #} + + # This required alternative checking of repository key! + #exec { 'add-apt-repository-ondrej-php': + # command => '/usr/bin/add-apt-repository -y ppa:ondrej/php && apt-get update', + # user => 'root', + # creates => '/etc/apt/sources.list.d/ondrej-ubuntu-php-xenial.list', + # require => Package['python-software-properties'], + #} + + file { '/etc/apt/trusted.gpg.d/ondrej_ubuntu_php.gpg': + ensure => present, + owner => "root", + group => "root", + mode => "0644", + source => 'puppet:///modules/php/ondrej_ubuntu_php.gpg', + } + + file { '/etc/apt/sources.list.d/php.list': + ensure => present, + owner => "root", + group => "root", + mode => "0644", + content => "deb http://ppa.launchpad.net/ondrej/php/ubuntu ${::lsbdistcodename} main\n", + require => File['/etc/apt/trusted.gpg.d/ondrej_ubuntu_php.gpg'], + notify => Exec['php-apt-auto-update'], + } + + exec { 'php-apt-auto-update': + command => "/usr/bin/apt-get update", + user => "root", + refreshonly => true, + } +} diff --git a/manifests/resources.pp b/manifests/resources.pp index 88e173c..fee8613 100644 --- a/manifests/resources.pp +++ b/manifests/resources.pp @@ -1,6 +1,8 @@ class php::resources { $configs = hiera('php::config', {}) + $pools = hiera('php::pool', {}) # Apply instances - create_resources('php::config', $configs) + create_resources('php::config', $configs) + create_resources('php::fpm::pool', $pools) } diff --git a/manifests/series5.pp b/manifests/series5.pp index 50ab6f4..f05efb2 100644 --- a/manifests/series5.pp +++ b/manifests/series5.pp @@ -1,19 +1,24 @@ -class php::series5($hardened = true) { +class php::series5( + $hardened = true +) { case $::lsbdistcodename { 'xenial': { - include php::series5::packages::ppa + include php::ppa } 'stretch': { - include php::series5::packages::dpa - } - default: { - include php::series5::packages::default + include php::dpa } } + $version = $::lsbdistcodename ? { + 'xenial' => '5.6', + 'stretch' => '5.6', + default => '5', + } + $folder = $::lsbdistcodename ? { - 'xenial' => '/etc/php/5.6', - 'stretch' => '/etc/php/5.6', + 'xenial' => "/etc/php/${version}", + 'stretch' => "/etc/php/${version}", default => '/etc/php5', } @@ -52,6 +57,7 @@ class php::series5($hardened = true) { # require => [ Package['php5'], File["${folder}/apache2"] ], #} + include php::series5::packages include php::resources include php::series5::defaults diff --git a/manifests/series5/packages.pp b/manifests/series5/packages.pp new file mode 100644 index 0000000..2d7e196 --- /dev/null +++ b/manifests/series5/packages.pp @@ -0,0 +1,48 @@ +class php::series5::packages { + # The needed packages: we could also try libapache2-mod-php5.6filter + package { 'php5': + name => 'php5.6', + require => File['/etc/apt/sources.list.d/php.list'], + } + + package { 'php5-cli': + name => 'php5.6-cli', + require => File['/etc/apt/sources.list.d/php.list'], + } + + package { [ 'php5.6-mysql', 'php5.6-sqlite3', 'php5.6-curl', 'php5.6-gmp', 'libapache2-mod-php5.6' ]: + ensure => installed, + require => File['/etc/apt/sources.list.d/php.list'], + } + + # Optional packages + package { [ "php5.6-gd", "php-imagick", "php5.6-xml", "php5.6-mbstring" ]: + ensure => installed, + require => File['/etc/apt/sources.list.d/php.list'], + } + + # Not available anymore + package { 'php5.6-suhosin': + ensure => absent, + require => File['/etc/apt/sources.list.d/php.list'], + } + + # The old module + apache::module { 'php5': + ensure => absent, + } + + # The needed apache modules + apache::module { 'php5.6': + ensure => present, + require => [ Package['libapache2-mod-php5.6'], Apache::Module['php5'] ], + } + + # Default alternative + file { "/etc/alternatives/php": + ensure => "/usr/bin/php5.6", + owner => root, + group => root, + require => Package['php5'], + } +} diff --git a/manifests/series5/packages/default.pp b/manifests/series5/packages/default.pp deleted file mode 100644 index 7dd51af..0000000 --- a/manifests/series5/packages/default.pp +++ /dev/null @@ -1,16 +0,0 @@ -class php::series5::packages::default { - # The needed packages: we could also try libapache2-mod-php5filter - package { [ 'php5', 'php5-mysql', 'php5-sqlite', 'php5-cli', 'php5-curl', 'php5-gmp', 'libapache2-mod-php5' ]: - ensure => installed, - } - - # Optional packages - package { [ "php5-gd", "php5-imagick" ]: - ensure => installed, - } - - # Not available anymore - package { 'php5-suhosin': - ensure => absent, - } -} diff --git a/manifests/series5/packages/dpa.pp b/manifests/series5/packages/dpa.pp deleted file mode 100644 index 297c4a2..0000000 --- a/manifests/series5/packages/dpa.pp +++ /dev/null @@ -1,72 +0,0 @@ -class php::series5::packages::dpa { - file { '/etc/apt/trusted.gpg.d/deb.sury.org-php.gpg': - ensure => present, - owner => "root", - group => "root", - mode => "0644", - source => 'puppet:///modules/php/deb.sury.org.gpg', - } - - file { '/etc/apt/sources.list.d/php.list': - ensure => present, - owner => "root", - group => "root", - mode => "0644", - content => "deb https://packages.sury.org/php/ ${::lsbdistcodename} main\n", - require => File['/etc/apt/trusted.gpg.d/deb.sury.org-php.gpg'], - notify => Exec['php-apt-auto-update'], - } - - exec { 'php-apt-auto-update': - command => "/usr/bin/apt-get update", - user => "root", - refreshonly => true, - } - - # The needed packages: we could also try libapache2-mod-php5.6filter - package { 'php5': - name => 'php5.6', - require => File['/etc/apt/sources.list.d/php.list'], - } - - package { 'php5-cli': - name => 'php5.6-cli', - require => File['/etc/apt/sources.list.d/php.list'], - } - - package { [ 'php5.6-mysql', 'php5.6-sqlite3', 'php5.6-curl', 'php5.6-gmp', 'libapache2-mod-php5.6' ]: - ensure => installed, - require => File['/etc/apt/sources.list.d/php.list'], - } - - # Optional packages - package { [ "php5.6-gd", "php-imagick", "php5.6-xml", "php5.6-mbstring" ]: - ensure => installed, - require => File['/etc/apt/sources.list.d/php.list'], - } - - # Not available anymore - package { 'php5.6-suhosin': - ensure => absent, - require => File['/etc/apt/sources.list.d/php.list'], - } - - # The old module - apache::module { 'php5': - ensure => absent, - } - - # The needed apache modules - apache::module { 'php5.6': - ensure => present, - require => [ Package['libapache2-mod-php5.6'], Apache::Module['php5'] ], - } - - # Default alternative - file { "/etc/alternatives/php": - ensure => "/usr/bin/php5.6", - owner => root, - group => root, - require => Package['php5'], - } -} diff --git a/manifests/series5/packages/ppa.pp b/manifests/series5/packages/ppa.pp deleted file mode 100644 index e420822..0000000 --- a/manifests/series5/packages/ppa.pp +++ /dev/null @@ -1,84 +0,0 @@ -class php::series5::packages::ppa { - #package { 'python-software-properties': - # ensure => present, - #} - - # This required alternative checking of repository key! - #exec { 'add-apt-repository-ondrej-php': - # command => '/usr/bin/add-apt-repository -y ppa:ondrej/php && apt-get update', - # user => 'root', - # creates => '/etc/apt/sources.list.d/ondrej-ubuntu-php-xenial.list', - # require => Package['python-software-properties'], - #} - - file { '/etc/apt/trusted.gpg.d/ondrej_ubuntu_php.gpg': - ensure => present, - owner => "root", - group => "root", - mode => "0644", - source => 'puppet:///modules/php/ondrej_ubuntu_php.gpg', - } - - file { '/etc/apt/sources.list.d/php.list': - ensure => present, - owner => "root", - group => "root", - mode => "0644", - content => "deb http://ppa.launchpad.net/ondrej/php/ubuntu ${::lsbdistcodename} main\n", - require => File['/etc/apt/trusted.gpg.d/ondrej_ubuntu_php.gpg'], - notify => Exec['php-apt-auto-update'], - } - - exec { 'php-apt-auto-update': - command => "/usr/bin/apt-get update", - user => "root", - refreshonly => true, - } - - # The needed packages: we could also try libapache2-mod-php5.6filter - package { 'php5': - name => 'php5.6', - #require => Exec['add-apt-repository-ondrej-php'], - } - - package { 'php5-cli': - name => 'php5.6-cli', - #require => Exec['add-apt-repository-ondrej-php'], - } - - package { [ 'php5.6-mysql', 'php5.6-sqlite3', 'php5.6-curl', 'php5.6-gmp', 'libapache2-mod-php5.6' ]: - ensure => installed, - #require => Exec['add-apt-repository-ondrej-php'], - } - - # Optional packages - package { [ "php5.6-gd", "php-imagick", "php5.6-xml", "php5.6-mbstring" ]: - ensure => installed, - #require => Exec['add-apt-repository-ondrej-php'], - } - - # Not available anymore - package { 'php5.6-suhosin': - ensure => absent, - #require => Exec['add-apt-repository-ondrej-php'], - } - - # The old module - apache::module { 'php5': - ensure => absent, - } - - # The needed apache modules - apache::module { 'php5.6': - ensure => present, - require => [ Package['libapache2-mod-php5.6'], Apache::Module['php5'] ], - } - - # Default alternative - file { "/etc/alternatives/php": - ensure => "/usr/bin/php5.6", - owner => root, - group => root, - require => Package['php5'], - } -} diff --git a/manifests/series7.pp b/manifests/series7.pp index 97fddd2..64125f3 100644 --- a/manifests/series7.pp +++ b/manifests/series7.pp @@ -1,19 +1,30 @@ -class php::series7($hardened = true) { - $folder = '/etc/php/7.0' - - package { [ 'php', 'php-mysql', 'php-sqlite3', 'php-cli', 'php-curl', 'php-gmp', 'libapache2-mod-php7.0' ]: - ensure => installed, +class php::series7( + $hardened = true +) { + case $::lsbdistcodename { + 'xenial': { + include php::ppa + } + 'stretch': { + include php::dpa + } } - # Optional packages - package { [ "php-gd", "php-imagick" ]: - ensure => installed, + $version = '7.2' + $folder = "/etc/php/${version}" + + include php::packages + include php::resources + include php::series7::defaults + + if $hardened == true { + include php::series7::hardened } # The needed apache modules #apache::module { 'php': # ensure => present, - # require => Package['libapache2-mod-php7.0'], + # require => Package["libapache2-mod-php${version}"], #} file { [ "${folder}", "${folder}/cli", "${folder}/apache2", "${folder}/cli/conf.d", "${folder}/apache2/conf.d" ]: @@ -23,11 +34,4 @@ class php::series7($hardened = true) { mode => '0755', require => Package['php'], } - - include php::resources - include php::series7::defaults - - if $hardened == true { - include php::series7::hardened - } } diff --git a/manifests/series7/packages.pp b/manifests/series7/packages.pp new file mode 100644 index 0000000..1e949b8 --- /dev/null +++ b/manifests/series7/packages.pp @@ -0,0 +1,12 @@ +class php::series7::packages { + $version = $::php::series7::version + + package { [ 'php', 'php-mysql', 'php-sqlite3', 'php-cli', 'php-curl', 'php-gmp', "libapache2-mod-php${version}" ]: + ensure => installed, + } + + # Optional packages + package { [ "php-gd", "php-imagick" ]: + ensure => installed, + } +} -- cgit v1.2.3