From 5f3ed06fc85c3c9cb8d80c03d157bcc29bf75798 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Thu, 2 Nov 2017 13:01:00 -0200
Subject: Support both PHP 5 and 7, defaults to 5

---
 manifests/series7/defaults.pp | 7 +++++++
 manifests/series7/hardened.pp | 8 ++++++++
 2 files changed, 15 insertions(+)
 create mode 100644 manifests/series7/defaults.pp
 create mode 100644 manifests/series7/hardened.pp

(limited to 'manifests/series7')

diff --git a/manifests/series7/defaults.pp b/manifests/series7/defaults.pp
new file mode 100644
index 0000000..936d165
--- /dev/null
+++ b/manifests/series7/defaults.pp
@@ -0,0 +1,7 @@
+class php::series7::defaults {
+  php::config {
+    'error_reporting'     : series => '7', value => 'E_ALL & ~E_NOTICE & ~E_STRICT';
+    'post_max_size'       : series => '7', value => '100M';
+    'upload_max_filesize' : series => '7', value => '100M';
+  }
+}
diff --git a/manifests/series7/hardened.pp b/manifests/series7/hardened.pp
new file mode 100644
index 0000000..73cf21a
--- /dev/null
+++ b/manifests/series7/hardened.pp
@@ -0,0 +1,8 @@
+class php::series7::hardened {
+  php::config {
+    'allow_url_fopen'   : series => '7', value => 'Off';
+    'allow_url_include' : series => '7', value => 'Off';
+    'disable_functions' : series => '7', value => 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, show_source, dl, symlink, system_exec';
+    #series => '7', value => 'disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,phpinfo, system, exec, shell_exec, passthru, proc_get_status, proc_open, popen, proc_close, proc_nice, proc_terminate, pcntl_exec, proc_open, curl_init, parse_ini_file, show_source, dl, symlink, syslog, mail, system_exec',
+  }
+}
-- 
cgit v1.2.3