diff --git a/defaults/main.yml b/defaults/main.yml index 5e294ab..0bbd82c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -12,7 +12,7 @@ php_ini: - key: 'memory_limit' value: '256M' -# OpCache settings (useful for PHP >=5.5). +# OpCache settings (PHP >= 5.5) php_opcache_enable: "1" php_opcache_enable_cli: "0" php_opcache_memory_consumption: "96" @@ -23,7 +23,7 @@ php_opcache_validate_timestamps: "1" php_opcache_revalidate_freq: "2" php_opcache_max_file_size: "0" -# APC settings (useful for PHP <5.5). +# APC/APCu settings php_apc_enable: "1" php_apc_enable_cli: "0" php_apc_shm_size: "32M" @@ -36,14 +36,13 @@ php_apc_slam_defense: "0" php_apc_stat_ctime: "1" - # PHP-FPM php_fpm_poold: - pool_name: 'www' listen: '/var/run/php5-fpm.sock' pm: 'dynamic' - pm_max_children: 250 + pm_max_children: 250 pm_start_servers: 10 pm_min_spare_servers: 10 pm_max_spare_servers: 20 - + diff --git a/meta/main.yml b/meta/main.yml index 1cbb981..23c8e52 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,11 +1,11 @@ --- galaxy_info: author: Emilien Mantel - description: Install and configure PHP (+ FPM is wanted) + description: Install and configure PHP (+ FPM is wanted) company: license: GPLv2 min_ansible_version: 1.8 - platforms: + platforms: - name: Debian versions: - wheezy diff --git a/tasks/main.yml b/tasks/main.yml index 2bd63c7..416d6e0 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -2,7 +2,7 @@ - name: APT | Install PHP packages apt: pkg={{ item }} state=latest update_cache=yes cache_valid_time=3600 - with_flattened: + with_flattened: - php_packages - php_extra_packages @@ -10,7 +10,7 @@ include: fpm.yml when: php_install_fpm -- name: SHELL | Get PHP version on apt +- name: SHELL | Get PHP version on apt shell: LANG=C apt-cache policy php5 2>&1 | awk '/Candidate:/ { print $2 }' register: php_apt_version changed_when: false diff --git a/tasks/php54max.yml b/tasks/php54max.yml index b16c758..75a5c6d 100644 --- a/tasks/php54max.yml +++ b/tasks/php54max.yml @@ -4,5 +4,5 @@ apt: pkg=php-apc state=latest - name: TEMPLATE | Configure APC - template: src=etc/php5/mods-available/apc.j2 dest=/etc/php5/mods-available/apc.ini + template: src=etc/php5/mods-available/apcu.ini.j2 dest=/etc/php5/mods-available/apc.ini notify: restart php-fpm diff --git a/tasks/php55min.yml b/tasks/php55min.yml index 706954e..5f63bf2 100644 --- a/tasks/php55min.yml +++ b/tasks/php55min.yml @@ -4,7 +4,7 @@ apt: pkg=php5-apcu state=latest - name: TEMPLATE | Configure Opcache / APCu - template: src=etc/php5/mods-available/{{ item }}.j2 dest=/etc/php5/mods-available/{{ item }} + template: src=etc/php5/mods-available/{{ item }}.ini.j2 dest=/etc/php5/mods-available/{{ item }}.ini with_items: - apcu - opcache diff --git a/templates/etc/php5/fpm/pool.d/pool.conf.j2 b/templates/etc/php5/fpm/pool.d/pool.conf.j2 index 022884d..d5f609c 100644 --- a/templates/etc/php5/fpm/pool.d/pool.conf.j2 +++ b/templates/etc/php5/fpm/pool.d/pool.conf.j2 @@ -43,7 +43,7 @@ listen = {{ item.listen }} ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many -; BSD-derived systems allow connections regardless of permissions. +; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user ; mode is set to 0660 listen.owner = {{ item.listen_ | default('www-data') }} @@ -54,7 +54,7 @@ listen.group = {{ item.listen_ | default('www-data') }} ; When set, listen.owner and listen.group are ignored ;listen.acl_users = ;listen.acl_groups = - + ; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address @@ -111,23 +111,23 @@ pm.max_children = {{ item.pm_max_children }} ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = {{ item.pm_start_servers }} +pm.start_servers = {{ item.pm_start_servers }} ; The desired minimum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = {{ item.pm_min_spare_servers }} +pm.min_spare_servers = {{ item.pm_min_spare_servers }} ; The desired maximum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = {{ item.pm_max_spare_servers }} +pm.max_spare_servers = {{ item.pm_max_spare_servers }} ; The number of seconds after which an idle process will be killed. ; Note: Used only when pm is set to 'ondemand' ; Default Value: 10s ;pm.process_idle_timeout = 10s; - + ; The number of requests each child process should execute before respawning. ; This can be useful to work around memory leaks in 3rd party libraries. For ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. @@ -180,7 +180,7 @@ pm.max_spare_servers = {{ item.pm_max_spare_servers }} ; ; By default the status page only outputs short status. Passing 'full' in the ; query string will also return status for each pool process. -; Example: +; Example: ; http://www.foo.bar/status?full ; http://www.foo.bar/status?json&full ; http://www.foo.bar/status?html&full @@ -230,9 +230,9 @@ pm.max_spare_servers = {{ item.pm_max_spare_servers }} ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; may conflict with a real PHP file. -; Default Value: not set +; Default Value: not set ;pm.status_path = /status - + ; The ping URI to call the monitoring page of FPM. If this value is not set, no ; URI will be recognized as a ping page. This could be used to test from outside ; that FPM is alive and responding, or to @@ -293,7 +293,7 @@ pm.max_spare_servers = {{ item.pm_max_spare_servers }} ; - .... ; %p: PID of the child that serviced the request ; %P: PID of the parent of the child that serviced the request -; %q: the query string +; %q: the query string ; %Q: the '?' character if query string exists ; %r: the request URI (without the query string, see %q and %Q) ; %R: remote IP address @@ -308,50 +308,50 @@ pm.max_spare_servers = {{ item.pm_max_spare_servers }} ; ; Default: "%R - %u %t \"%m %r\" %s" ;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" - + ; The log file for slow requests ; Default Value: not set ; Note: slowlog is mandatory if request_slowlog_timeout is set ;slowlog = log/$pool.log.slow - + ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 ;request_slowlog_timeout = 0 - + ; The timeout for serving a single request after which the worker process will ; be killed. This option should be used when the 'max_execution_time' ini option ; does not stop script execution for some reason. A value of '0' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ; Default Value: 0 ;request_terminate_timeout = 0 - + ; Set open file descriptor rlimit. ; Default Value: system defined value ;rlimit_files = 1024 - + ; Set max core size rlimit. ; Possible Values: 'unlimited' or an integer greater or equal to 0 ; Default Value: system defined value ;rlimit_core = 0 - + ; Chroot to this directory at the start. This value must be defined as an ; absolute path. When this value is not set, chroot is not used. ; Note: you can prefix with '$prefix' to chroot to the pool prefix or one ; of its subdirectories. If the pool prefix is not set, the global prefix ; will be used instead. -; Note: chrooting is a great security feature and should be used whenever +; Note: chrooting is a great security feature and should be used whenever ; possible. However, all PHP paths will be relative to the chroot ; (error_log, sessions.save_path, ...). ; Default Value: not set -;chroot = - +;chroot = + ; Chdir to this directory at the start. ; Note: relative path can be used. ; Default Value: current directory or / when chroot chdir = / - + ; Redirect worker stdout and stderr into main error log. If not set, stdout and ; stderr will be redirected to /dev/null according to FastCGI specs. ; Note: on highloaded environement, this can cause some delay in the page @@ -375,7 +375,7 @@ chdir = / ; Note: set an empty value to allow all extensions. ; Default Value: .php ;security.limit_extensions = .php .php3 .php4 .php5 - + ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; the current environment. ; Default Value: clean env @@ -389,7 +389,7 @@ chdir = / ; overwrite the values previously defined in the php.ini. The directives are the ; same as the PHP SAPI: ; php_value/php_flag - you can set classic ini defines which can -; be overwritten from PHP call 'ini_set'. +; be overwritten from PHP call 'ini_set'. ; php_admin_value/php_admin_flag - these directives won't be overwritten by ; PHP call 'ini_set' ; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. @@ -410,4 +410,4 @@ chdir = / ;php_admin_flag[log_errors] = on ;php_admin_value[memory_limit] = 32M -; vim:filetype=dosini +; vim:filetype=dosini diff --git a/templates/etc/php5/mods-available/apc.j2 b/templates/etc/php5/mods-available/apc.j2 deleted file mode 100644 index f223388..0000000 --- a/templates/etc/php5/mods-available/apc.j2 +++ /dev/null @@ -1,16 +0,0 @@ -; -; {{ ansible_managed }} -; - -extension=apc.so - -apc.enable_cli={{ php_apc_enable_cli }} -apc.shm_size={{ php_apc_shm_size }} -apc.enable={{ php_apc_enable }} -apc.num_files_hint={{ php_apc_num_files_hint }} -apc.user_entries_hint={{ php_apc_user_entries_hint }} -apc.user_ttl={{ php_apc_user_ttl }} -apc.ttl={{ php_apc_ttl }} -apc.file_update_protection={{ php_apc_file_update_protection }} -apc.slam_defense={{ php_apc_slam_defense }} -apc.stat_ctime={{ php_apc_stat_ctime }} diff --git a/templates/etc/php5/mods-available/apcu.ini.j2 b/templates/etc/php5/mods-available/apcu.ini.j2 new file mode 100644 index 0000000..1f68cbc --- /dev/null +++ b/templates/etc/php5/mods-available/apcu.ini.j2 @@ -0,0 +1,25 @@ +; +; {{ ansible_managed }} +; + +extension=apc.so + +; apc.enabled can be set to 0 to disable APC +apc.enable={{ php_apc_enable }} +; Mostly for testing and debugging. +apc.enable_cli={{ php_apc_enable_cli }} +; The size of each shared memory segment in MB +apc.shm_size={{ php_apc_shm_size }} +; A "hint" about the number of distinct source files that will be included or requested on your web server. Set to zero or omit if unsure; this setting is mainly useful for sites that have many thousands of source files. +apc.num_files_hint={{ php_apc_num_files_hint }} +; Just like apc.num_files_hint, a "hint" about the number of distinct user cache variables to store. Set to zero or omit if not sure. +apc.user_entries_hint={{ php_apc_user_entries_hint }} +; The number of seconds a cache entry is allowed to idle in a slot in case this cache entry slot is needed by another entry +apc.user_ttl={{ php_apc_user_ttl }} +apc.ttl={{ php_apc_ttl }} +; rsync = 0 | tar/cp = 2 +apc.file_update_protection={{ php_apc_file_update_protection }} +; This option sets the percentage of processes that will skip trying to cache an uncached file +apc.slam_defense={{ php_apc_slam_defense }} +; Verification with ctime will avoid problems caused by programs such as svn or rsync by making sure inodes haven't changed since the last stat +apc.stat_ctime={{ php_apc_stat_ctime }} diff --git a/templates/etc/php5/mods-available/apcu.j2 b/templates/etc/php5/mods-available/apcu.j2 deleted file mode 100644 index 6a131b1..0000000 --- a/templates/etc/php5/mods-available/apcu.j2 +++ /dev/null @@ -1,5 +0,0 @@ -; -; {{ ansible_managed }} -; - -extension=apcu.so diff --git a/templates/etc/php5/mods-available/opcache.j2 b/templates/etc/php5/mods-available/opcache.ini.j2 similarity index 100% rename from templates/etc/php5/mods-available/opcache.j2 rename to templates/etc/php5/mods-available/opcache.ini.j2 diff --git a/tests/test.yml b/tests/test.yml index 1eacb47..7a17f63 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -23,7 +23,7 @@ command: php -i changed_when: false - name: FILE | Create /var/www - file: dest=/var/www state=directory + file: dest=/var/www state=directory - name: COPY | Add phpinfo copy: dest=/var/www/phpinfo.php content='