Merge pull request #21 from HanXHX/improvements/misc

Many improvements
🚀 Manages Ubuntu 20.04 + 22.04
2023-05-30 13:22:51 +02:00 · 2023-05-30 12:55:12 +02:00 · 2023-05-30 12:52:46 +02:00 · 2023-05-30 12:46:24 +02:00 · 2023-05-30 12:45:04 +02:00 · 2023-05-30 12:44:15 +02:00
47 changed files with 837 additions and 272 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@ -0,0 +1,8 @@
+---
+
+# TODO: enable later
+enable_list:
+  - fqcn-builtins
+
+skip_list:
+  - role-name
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -0,0 +1,43 @@
+---
+
+name: ci
+'on':
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+
+  yaml-lint:
+    name: YAML Lint
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Fetch code
+        uses: actions/checkout@v3
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.x'
+
+      - name: Install test dependencies.
+        run: pip3 install yamllint
+
+      - name: Lint code.
+        run: |
+          yamllint .
+
+  ansible-lint:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Fetch code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Run ansible-lint
+        uses: ansible/ansible-lint-action@v6.15.0
--- a/.github/workflows/galaxy.yml
+++ b/.github/workflows/galaxy.yml
@ -0,0 +1,17 @@
+---
+
+name: Deploy on Ansible Galaxy
+
+'on':
+  - push
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v2
+      - name: galaxy
+        uses: robertdebock/galaxy-action@1.2.0
+        with:
+          galaxy_api_key: ${{ secrets.galaxy_api_key }}
--- a/.github/workflows/molecule.yml
+++ b/.github/workflows/molecule.yml
@ -0,0 +1,35 @@
+---
+name: Molecule
+
+'on':
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        scenario:
+          - debian-10
+          - debian-11
+          - debian-12
+          - ubuntu-18.04
+          - ubuntu-20.04
+          - ubuntu-22.04
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          path: "${{ github.repository }}"
+
+      - name: Molecule
+        uses: gofrolist/molecule-action@v2.3.19
+        with:
+          molecule_options: --base-config molecule/_shared/base.yml
+          molecule_args: --scenario-name ${{ matrix.scenario }}
+          molecule_working_dir: "HanXHX/ansible-php"
--- a/.gitignore
+++ b/.gitignore
@ -4,3 +4,4 @@
 *.log
 /filter_plugins/*.pyc
 /filter_plugins/__pycache__
+/.idea
--- a/.travis.yml
+++ b/.travis.yml
@ -1,42 +0,0 @@
-env:
-  - PLATFORM='docker-debian-stretch-php70' ANSIBLE_VERSION='ansible>=2.6,<2.7'
-  - PLATFORM='docker-debian-buster-php73' ANSIBLE_VERSION='ansible>=2.6,<2.7'
-  - PLATFORM='docker-ubuntu-xenial-php70' ANSIBLE_VERSION='ansible>=2.6,<2.7'
-  - PLATFORM='docker-ubuntu-bionic-php72' ANSIBLE_VERSION='ansible>=2.6,<2.7'
-  - PLATFORM='docker-ubuntu-bionic-php72' ANSIBLE_VERSION='ansible>=2.6,<2.7'
-  - PLATFORM='docker-debian-stretch-php70' ANSIBLE_VERSION='ansible>=2.7,<2.8'
-  - PLATFORM='docker-debian-stretch-php74' ANSIBLE_VERSION='ansible>=2.7,<2.8'
-  - PLATFORM='docker-debian-buster-php73' ANSIBLE_VERSION='ansible>=2.7,<2.8'
-  - PLATFORM='docker-debian-buster-php74' ANSIBLE_VERSION='ansible>=2.7,<2.8'
-  - PLATFORM='docker-ubuntu-xenial-php70' ANSIBLE_VERSION='ansible>=2.7,<2.8'
-  - PLATFORM='docker-ubuntu-bionic-php72' ANSIBLE_VERSION='ansible>=2.7,<2.8'
-  - PLATFORM='docker-ubuntu-bionic-php72' ANSIBLE_VERSION='ansible>=2.7,<2.8'
-
-sudo: required
-
-dist: trusty
-
-language: python
-python: 2.7
-
-services:
-  - docker
-
-before_install:
-  - wget https://releases.hashicorp.com/vagrant/2.0.1/vagrant_2.0.1_x86_64.deb
-  - sudo dpkg -i vagrant_2.0.1_x86_64.deb
-
-install:
-  - pip install "$ANSIBLE_VERSION"
-
-script:
-  - VAGRANT_DEFAULT_PROVIDER=docker vagrant up $PLATFORM
-  - >
-    VAGRANT_DEFAULT_PROVIDER=docker vagrant provision $PLATFORM
-    | grep -q 'changed=0.*failed=0'
-    && (echo 'Idempotence test: pass' && exit 0)
-    || (echo 'Idempotence test: fail' && exit 1)
-  - VAGRANT_DEFAULT_PROVIDER=docker vagrant status
-
-notifications:
-  webhooks: https://galaxy.ansible.com/api/v1/notifications/
--- a/.yamllint.yml
+++ b/.yamllint.yml
@ -0,0 +1,6 @@
+---
+
+extends: default
+
+rules:
+  line-length: disable
--- a/README.md
+++ b/README.md
@ -1,21 +1,22 @@
 Ansible PHP (+FPM) role for Debian / Ubuntu / FreeBSD
 =====================================================

-[![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-HanXHX.php-blue.svg)](https://galaxy.ansible.com/HanXHX/php) [![Build Status](https://travis-ci.org/HanXHX/ansible-php.svg?branch=master)](https://travis-ci.org/HanXHX/ansible-php)
+[![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-hanxhx.php-blue.svg)](https://galaxy.ansible.com/hanxhx.php) ![GitHub Workflow Status (master)](https://img.shields.io/github/actions/workflow/status/hanxhx/ansible-php/molecule.yml?branch=master)

 Install PHP on Debian / Ubuntu / FreeBSD. Manage PHP-FPM, APCu, Opcache and Xdebug.

 Managed OS / Versions
 ---------------------

-|         OS            |       PHP 7.0       |          PHP 7.1           |          PHP 7.2           |           PHP 7.3         |           PHP 7.4         |
-|:---------------------:|:-------------------:|:--------------------------:|:--------------------------:|:-------------------------:|:--------------------------:
-| Debian Stretch (9)    | :heavy_check_mark:  | :heavy_check_mark: (Sury)  | :heavy_check_mark: (Sury)  | :heavy_check_mark: (Sury) | :heavy_check_mark: (Sury) |
-| Debian Buster (10)    | :x:                 | :x:                        | :x:                        | :heavy_check_mark:        | :heavy_check_mark: (Sury) |
-| Ubuntu Xenial (16.04) | :heavy_check_mark:  | :x:                        | :x:                        | :x:                       | :x:                       |
-| Ubuntu Bionic (18.04) | :x:                 | :x:                        | :heavy_check_mark:         | :x:                       | :x:                       |
-| FreeBSD 11            | :heavy_check_mark:  | :heavy_check_mark:         | :heavy_check_mark:         | :heavy_check_mark:        | Need tests...             |
-| FreeBSD 12            | :heavy_check_mark:  | :heavy_check_mark:         | :heavy_check_mark:         | :heavy_check_mark:        | Need tests...             |
+On all Debian versions, you can install all PHP versions by using [Sury's APT repository](https://deb.sury.org/).
+
+Other cases:
+
+|         OS            |       PHP 7.0       |        PHP 7.1       |      PHP 7.2         |       PHP 7.3        |     PHP >= 7.4      |
+|:---------------------:|:-------------------:|:--------------------:|:--------------------:|:--------------------:|:--------------------:
+| Ubuntu Bionic (18.04) | :x:                 | :x:                  | :heavy_check_mark:   | :x:                  | :x:                 |
+| FreeBSD 11            | :heavy_check_mark:  | :heavy_check_mark:   | :heavy_check_mark:   | :heavy_check_mark:   | Need tests...       |
+| FreeBSD 12            | :heavy_check_mark:  | :heavy_check_mark:   | :heavy_check_mark:   | :heavy_check_mark:   | Need tests...       |

 Links:
 - [Sury](https://deb.sury.org/)
@ -23,7 +24,9 @@ Links:
 Requirements
 ------------

-If you need PHP-FPM, you must install a webserver with FastCGI support. You can use my [nginx role](https://github.com/HanXHX/ansible-nginx).
+- Ansible >= 2.11
+- Collections: [community.general](https://galaxy.ansible.com/community/general)
+- If you need PHP-FPM, you must install a webserver with FastCGI support. You can use my [nginx role](https://github.com/HanXHX/ansible-nginx).

 FreeBSD limitations
 -------------------
@ -158,14 +161,14 @@ Example Playbook

    - hosts: servers
      roles:
-         - { role: HanXHX.php }
+         - { role: hanxhx.php }

-### Debian Stretch with PHP 7.2 CLI (no FPM)
+### Debian Bullseye with PHP 8.0 CLI (no FPM)

    - hosts: servers
      roles:
         - { role: HanXHX.sury }
-         - { role: HanXHX.php, php_version: '7.2', php_install_fpm: false }
+         - { role: hanxhx.php, php_version: '8.0', php_install_fpm: false }

 License
 -------
--- a/32
+++ b/32
@ -6,15 +6,11 @@
 Vagrant.configure("2") do |config|

  vms_debian = [
-    { :name => "debian-stretch-php70", :box => "debian/stretch64", :vars => { }},
-    { :name => "debian-stretch-php71", :box => "debian/stretch64", :vars => { "php_version": '7.1' }},
-    { :name => "debian-stretch-php72", :box => "debian/stretch64", :vars => { "php_version": '7.2' }},
-    { :name => "debian-stretch-php73", :box => "debian/stretch64", :vars => { "php_version": '7.3' }},
-    { :name => "debian-stretch-php74", :box => "debian/stretch64", :vars => { "php_version": '7.4' }},
-    { :name => "debian-buster-php73",  :box => "debian/buster64",  :vars => { }},
-    { :name => "debian-buster-php74",  :box => "debian/buster64",  :vars => { "php_version": '7.4' }},
-    { :name => "ubuntu-xenial-php70",  :box => "ubuntu/xenial64",  :vars => { }},
-    { :name => "ubuntu-bionic-php72",  :box => "ubuntu/bionic64",  :vars => { }},
+    { :name => "debian-buster-php73",   :box => "debian/buster64",   :vars => { }},
+    { :name => "debian-buster-php74",   :box => "debian/buster64",   :vars => { "php_version": '7.4' }},
+    { :name => "debian-bullseye-php74", :box => "debian/bullseye64", :vars => { }},
+    { :name => "debian-bullseye-php80", :box => "debian/bullseye64", :vars => { "php_version": '8.0' }},
+    { :name => "ubuntu-bionic-php72",   :box => "ubuntu/bionic64",   :vars => { }},
  ]

  vms_freebsd = [
@ -23,15 +19,11 @@ Vagrant.configure("2") do |config|
  ]

  conts = [
-    { :name => "docker-debian-stretch-php70", :docker => "hanxhx/vagrant-ansible:debian9",     :vars => { }},
-    { :name => "docker-debian-stretch-php71", :docker => "hanxhx/vagrant-ansible:debian9",     :vars => { "php_version": '7.1' }},
-    { :name => "docker-debian-stretch-php72", :docker => "hanxhx/vagrant-ansible:debian9",     :vars => { "php_version": '7.2' }},
-    { :name => "docker-debian-stretch-php73", :docker => "hanxhx/vagrant-ansible:debian9",     :vars => { "php_version": '7.3' }},
-    { :name => "docker-debian-stretch-php74", :docker => "hanxhx/vagrant-ansible:debian9",     :vars => { "php_version": '7.4' }},
-    { :name => "docker-debian-buster-php73",  :docker => "hanxhx/vagrant-ansible:debian10",    :vars => { }},
-    { :name => "docker-debian-buster-php74",  :docker => "hanxhx/vagrant-ansible:debian10",    :vars => { "php_version": '7.4' }},
-    { :name => "docker-ubuntu-xenial-php70",  :docker => "hanxhx/vagrant-ansible:ubuntu16.04", :vars => { }},
-    { :name => "docker-ubuntu-bionic-php72",  :docker => "hanxhx/vagrant-ansible:ubuntu18.04", :vars => { }},
+    { :name => "docker-debian-buster-php73",   :docker => "hanxhx/vagrant-ansible:debian10",    :vars => { }},
+    { :name => "docker-debian-buster-php74",   :docker => "hanxhx/vagrant-ansible:debian10",    :vars => { "php_version": '7.4' }},
+    { :name => "docker-debian-bullseye-php74", :docker => "hanxhx/vagrant-ansible:debian11",    :vars => { }},
+    { :name => "docker-debian-bullseye-php80", :docker => "hanxhx/vagrant-ansible:debian11",    :vars => { "php_version": '8.0' }},
+    { :name => "docker-ubuntu-bionic-php72",   :docker => "hanxhx/vagrant-ansible:ubuntu18.04", :vars => { }},
  ]

  config.vm.network "private_network", type: "dhcp"
@ -43,7 +35,8 @@ Vagrant.configure("2") do |config|
        d.remains_running = true
        d.has_ssh = true
      end
-      m.vm.provision "shell", inline: "apt-get update && apt-get install -y python python-apt"
+
+      #m.vm.provision "shell", inline: "apt-get update && apt-get install -y python python-apt"
      m.vm.provision "ansible" do |ansible|
        ansible.playbook = "tests/test.yml"
        ansible.verbose = 'vv'
@ -61,6 +54,7 @@ Vagrant.configure("2") do |config|
        v.memory = 256
      end
      m.vm.provision "shell", inline: "apt-get update && apt-get install -y ifupdown python"
+
      m.vm.provision "ansible" do |ansible|
        ansible.playbook = "tests/test.yml"
        ansible.verbose = 'vv'
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -1,14 +1,12 @@
 ---

- name: restart php-fpm
-  service:
+- name: Restart php-fpm
+  ansible.builtin.service:
    name: '{{ php_fpm_service }}'
    state: restarted
  when: php_install_fpm
-  notify: docker restart php-fpm
+  notify: Docker restart php-fpm

- name: docker restart php-fpm
-  command: 'service {{ php_fpm_service }} restart'
-  args:
-    warn: false
+- name: Docker restart php-fpm  # noqa: command-instead-of-module no-changed-when
+  ansible.builtin.command: 'service {{ php_fpm_service }} restart'
  when: ansible_virtualization_type == 'docker'
--- a/meta/argument_specs.yml
+++ b/meta/argument_specs.yml
@ -0,0 +1,6 @@
+---
+
+argument_specs:
+  main:
+    short_description: Main entry point
+    options: {}
--- a/meta/main.yml
+++ b/meta/main.yml
@ -1,32 +1,35 @@
 ---
 galaxy_info:
  author: Emilien Mantel
-  description: Install and configure PHP 7.0/7.1/7.2/7.3
-  company:
+  role_name: php
+  namespace: hanxhx
+  description: Install and configure PHP 7.x/8.x
+  company: TripleStack
  license: GPLv2
-  min_ansible_version: 2.6
+  min_ansible_version: '2.11'
  platforms:
-  - name: Debian
-    versions:
-    - stretch
-    - buster
-  - name: Ubuntu
-    versions:
-    - xenial
-    - bionic
-  - name: FreeBSD
-    versions:
-    - 11.0
-    - 11.1
-    - 12.0
+    - name: Debian
+      versions:
+        - buster
+        - bullseye
+        - bookworm
+    - name: Ubuntu
+      versions:
+        - bionic
+    - name: FreeBSD
+      versions:
+        - '11.0'
+        - '11.1'
+        - '12.0'
  galaxy_tags:
-  - development
-  - web
-  - php
-  - php-fpm
-  - php7
-  - debian
-  - ubuntu
-  - freebsd
-dependencies: []
+    - development
+    - web
+    - php
+    - fpm
+    - php7
+    - php8
+    - debian
+    - ubuntu
+    - freebsd

+dependencies: []
--- a/molecule/_shared/Dockerfile.j2
+++ b/molecule/_shared/Dockerfile.j2
@ -0,0 +1,19 @@
+# Molecule managed
+
+{% if item.registry is defined %}
+FROM {{ item.registry.url }}/{{ item.image }}
+{% else %}
+FROM {{ item.image }}
+{% endif %}
+
+{% if item.env is defined %}
+{% for var, value in item.env.items() %}
+{% if value %}
+ENV {{ var }} {{ value }}
+{% endif %}
+{% endfor %}
+{% endif %}
+
+RUN apt-get update && \
+	apt-get install -y python3 sudo bash ca-certificates iproute2 python-apt-common \
+	&& apt-get clean
--- a/molecule/_shared/base.yml
+++ b/molecule/_shared/base.yml
@ -0,0 +1,36 @@
+---
+
+scenario:
+  test_sequence:
+    - dependency
+    - syntax
+    - create
+    - prepare
+    - converge
+    - idempotence
+    - verify
+    - destroy
+dependency:
+  name: galaxy
+  options:
+    requirements-file: ../../requirements.yml
+driver:
+  name: docker
+role_name_check: 1
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      deprecation_warnings: false
+      callback_whitelist: timer,profile_tasks
+      fact_caching: jsonfile
+      fact_caching_connection: ./cache
+      forks: 100
+    connection:
+      pipelining: true
+  playbooks:
+    converge: ../_shared/converge.yml
+    prepare: ../_shared/prepare.yml
+    verify: ../_shared/verify.yml
+verifier:
+  name: ansible
--- a/molecule/_shared/converge.yml
+++ b/molecule/_shared/converge.yml
@ -0,0 +1,25 @@
+---
+
+- name: Converge
+  hosts: all
+  gather_facts: true
+  handlers:
+    - name: Reload nginx
+      ansible.builtin.service:
+        name: nginx
+        state: reloaded
+  tasks:
+    - name: Include role
+      ansible.builtin.include_role:
+        name: "hanxhx.php"
+  post_tasks:
+    - name: TEMPLATE | Nginx site config
+      ansible.builtin.template:
+        src: "../../tests/templates/nginx.conf.j2"
+        dest: "{{ __nginx_conf }}"
+        mode: 0644
+        owner: root
+        group: root
+      notify: Reload nginx
+  vars_files:
+    - vars/misc.yml
--- a/molecule/_shared/prepare.yml
+++ b/molecule/_shared/prepare.yml
@ -0,0 +1,67 @@
+---
+
+- name: Prepare
+  hosts: all
+  gather_facts: true
+  vars_files:
+    - vars/misc.yml
+
+  handlers:
+    - name: Reload nginx
+      ansible.builtin.service:
+        name: nginx
+        state: reloaded
+
+  tasks:
+
+    - name: INCLUDE_TASKS | Pre tasks related to OS
+      ansible.builtin.include_tasks: "../../tests/includes/pre_{{ ansible_os_family }}.yml"
+
+    - name: USER | Create PHP user
+      ansible.builtin.user:
+        name: 'foo'
+        system: true
+        create_home: false
+        shell: '/usr/sbin/nologin'
+
+    - name: COMMAND | Fix nginx config
+      ansible.builtin.command: "cp {{ __nginx_conf | dirname }}/fastcgi_params {{ __nginx_conf | dirname }}/fastcgi.conf"
+      args:
+        creates: "{{ __nginx_conf | dirname }}/fastcgi.conf"
+      notify: Reload nginx
+
+    - name: LINEINFILE | Fix nginx config (second step)
+      ansible.builtin.lineinfile:
+        regexp: '^fastcgi_param\s+SCRIPT_FILENAME'
+        line: "fastcgi_param  SCRIPT_FILENAME    $realpath_root$fastcgi_script_name;"
+        dest: "{{ __nginx_conf | dirname }}/fastcgi.conf"
+      notify: Reload nginx
+
+    - name: SERVICE | Ensure nginx is started
+      ansible.builtin.service:
+        name: nginx
+        state: started
+
+    - name: FILE | Create /var/www
+      ansible.builtin.file:
+        dest: /var/www
+        state: directory
+        owner: root
+        group: root
+        mode: 0755
+
+    - name: COPY | Add phpinfo
+      ansible.builtin.copy:
+        dest: /var/www/phpinfo.php
+        content: '<?php phpinfo();'
+        owner: root
+        group: root
+        mode: 0644
+
+    - name: COPY | Add ini test file
+      ansible.builtin.copy:
+        dest: /var/www/ini.php
+        content: '<?php echo ini_get("memory_limit") . "\n";'
+        owner: root
+        group: root
+        mode: 0644
--- a/molecule/_shared/vars/misc.yml
+++ b/molecule/_shared/vars/misc.yml
@ -0,0 +1,36 @@
+---
+
+# Force SysVinit, since systemd won't work in a Docker container
+ansible_service_mgr: "sysvinit"
+
+# ----------------------------------------
+# Copied from {role_dir}/tests/test.yml
+# ----------------------------------------
+vhost: 'test.local'
+php_extra_packages:
+  - '{{ php_package_prefix }}pgsql'
+php_install_xdebug: true
+php_autoremove_default_pool: true
+php_ini_fpm:
+  display_errors: 'Off'
+php_ini_cli:
+  error_reporting: 'E_ALL'
+php_fpm_poold:
+  - pool_name: 'test_ansible'
+    listen: '/run/php/php-ansible1.sock'
+    pm: 'dynamic'
+    pm_max_children: 250
+    pm_start_servers: 10
+    pm_min_spare_servers: 10
+    pm_max_spare_servers: 20
+    status_path: '/status'
+    ping_path: '/ping'
+    ping_response: 'ok'
+  - name: 'test_ansible2'
+    user: 'foo'
+    php_env:
+      foo: bar
+    php_value:
+      display_errors: 'Off'
+    php_admin_value:
+      memory_limit: '98M'
--- a/molecule/_shared/verify.yml
+++ b/molecule/_shared/verify.yml
@ -0,0 +1,74 @@
+---
+
+- name: Verify
+  hosts: all
+  gather_facts: true
+  vars_files:
+    - vars/misc.yml
+  tasks:
+
+    - name: COMMAND | Test php-cli
+      ansible.builtin.command: php -v
+      changed_when: false
+
+    - name: SHELL | Check vhost
+      ansible.builtin.shell: "set -o pipefail && curl -v -H 'Host: {{ vhost }}' http://127.0.0.1/phpinfo.php 2> /dev/null | grep h1 | grep 'PHP Version'"
+      args:
+        executable: /bin/bash
+      changed_when: false
+      register: c
+      failed_when: c.stdout == ''
+
+    - name: BLOCK | Test explicit version
+      when: php_version is defined
+      block:
+
+        - name: SHELL | Test php-cli (explicit version)
+          ansible.builtin.shell: set -o pipefail && php -i | grep '^PHP Version => {{ php_version }}' | head -n 1
+          changed_when: false
+          register: p
+          failed_when: p.stdout == ''
+          args:
+            executable: /bin/bash
+
+        - name: SHELL | Check vhost
+          ansible.builtin.shell: "set -o pipefail && curl -v -H 'Host: {{ vhost }}' http://127.0.0.1/phpinfo.php 2> /dev/null | grep h1 | grep -o 'PHP Version {{ php_version }}' | sed -r 's/<//g'"
+          args:
+            executable: /bin/bash
+          changed_when: false
+          register: c
+          failed_when: c.stdout == ''
+
+    - name: SHELL | Check custom php value  # noqa: command-instead-of-module
+      ansible.builtin.shell: "curl -H 'Host: {{ vhost }}' http://127.0.0.1/ini.php 2> /dev/null"
+      changed_when: false
+      register: c
+      failed_when: 'php_fpm_poold.1.php_admin_value.memory_limit not in c.stdout'
+
+    - name: URI | Check ping
+      ansible.builtin.uri:
+        url: "http://localhost{{ php_fpm_poold.0.ping_path }}"
+      when: php_fpm_poold.0.ping_path is defined
+
+    - name: URI | Check status
+      ansible.builtin.uri:
+        url: "http://localhost{{ php_fpm_poold.0.status_path }}"
+      when: php_fpm_poold.0.status_path is defined
+
+    - name: Debian extra checks
+      when: ansible_os_family == 'Debian'
+      block:
+
+        - name: SHELL | Check if we installed multiple PHP versions
+          ansible.builtin.shell: set -o pipefail && (dpkg -l | grep 'php[[:digit:]].*common' | wc -l)
+          args:
+            executable: /bin/bash
+          failed_when: false
+          changed_when: false
+          register: check_multiple_php
+
+
+        - name: FAIL | If we have multiple PHP version
+          ansible.builtin.fail:
+            msg: "Multiple PHP versions detected"
+          when: check_multiple_php.stdout != '1'
--- a/molecule/debian-10/molecule.yml
+++ b/molecule/debian-10/molecule.yml
@ -0,0 +1,32 @@
+---
+
+platforms:
+  - name: debian-10
+    image: dokken/debian-10
+    command: /lib/systemd/systemd
+    dockerfile: ../_shared/Dockerfile.j2
+    capabilities:
+      - SYS_ADMIN
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    privileged: true
+  - name: debian-10-php-7.4
+    image: dokken/debian-10
+    command: /lib/systemd/systemd
+    dockerfile: ../_shared/Dockerfile.j2
+    capabilities:
+      - SYS_ADMIN
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    privileged: true
+
+provisioner:
+  inventory:
+    group_vars:
+      all:
+        __nginx_conf: /etc/nginx/nginx.conf
+    host_vars:
+      debian-10-php-7.4:
+        php_version: '7.4'
--- a/molecule/debian-11/molecule.yml
+++ b/molecule/debian-11/molecule.yml
@ -0,0 +1,32 @@
+---
+
+platforms:
+  - name: debian-11
+    image: dokken/debian-11
+    command: /lib/systemd/systemd
+    dockerfile: ../_shared/Dockerfile.j2
+    capabilities:
+      - SYS_ADMIN
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    privileged: true
+  - name: debian-11-php-8.0
+    image: dokken/debian-11
+    command: /lib/systemd/systemd
+    dockerfile: ../_shared/Dockerfile.j2
+    capabilities:
+      - SYS_ADMIN
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    privileged: true
+
+provisioner:
+  inventory:
+    group_vars:
+      all:
+        __nginx_conf: /etc/nginx/nginx.conf
+    host_vars:
+      debian-11-php-8.0:
+        php_version: '8.0'
--- a/molecule/debian-12/molecule.yml
+++ b/molecule/debian-12/molecule.yml
@ -0,0 +1,19 @@
+---
+
+platforms:
+  - name: debian-12
+    image: dokken/debian-12
+    command: /lib/systemd/systemd
+    dockerfile: ../_shared/Dockerfile.j2
+    capabilities:
+      - SYS_ADMIN
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    privileged: true
+
+provisioner:
+  inventory:
+    group_vars:
+      all:
+        __nginx_conf: /etc/nginx/nginx.conf
--- a/molecule/default/.gitkeep
+++ b/molecule/default/.gitkeep
--- a/molecule/ubuntu-18.04/molecule.yml
+++ b/molecule/ubuntu-18.04/molecule.yml
@ -0,0 +1,19 @@
+---
+
+platforms:
+  - name: ubuntu-18.04
+    image: dokken/ubuntu-18.04
+    command: /lib/systemd/systemd
+    dockerfile: ../_shared/Dockerfile.j2
+    capabilities:
+      - SYS_ADMIN
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    privileged: true
+
+provisioner:
+  inventory:
+    group_vars:
+      all:
+        __nginx_conf: /etc/nginx/nginx.conf
--- a/molecule/ubuntu-20.04/molecule.yml
+++ b/molecule/ubuntu-20.04/molecule.yml
@ -0,0 +1,19 @@
+---
+
+platforms:
+  - name: ubuntu-20.04
+    image: dokken/ubuntu-20.04
+    command: /lib/systemd/systemd
+    dockerfile: ../_shared/Dockerfile.j2
+    capabilities:
+      - SYS_ADMIN
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    privileged: true
+
+provisioner:
+  inventory:
+    group_vars:
+      all:
+        __nginx_conf: /etc/nginx/nginx.conf
--- a/molecule/ubuntu-22.04/molecule.yml
+++ b/molecule/ubuntu-22.04/molecule.yml
@ -0,0 +1,19 @@
+---
+
+platforms:
+  - name: ubuntu-22.04
+    image: dokken/ubuntu-22.04
+    command: /lib/systemd/systemd
+    dockerfile: ../_shared/Dockerfile.j2
+    capabilities:
+      - SYS_ADMIN
+    cgroupns_mode: host
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    privileged: true
+
+provisioner:
+  inventory:
+    group_vars:
+      all:
+        __nginx_conf: /etc/nginx/nginx.conf
--- a/requirements.yml
+++ b/requirements.yml
@ -0,0 +1,4 @@
+---
+
+collections:
+  - community.general
--- a/tasks/fpm.yml
+++ b/tasks/fpm.yml
@ -1,36 +1,46 @@
 ---

 - name: APT | Install PHP-FPM for Debian based systems
-  apt:
+  ansible.builtin.apt:
    pkg: "{{ php_fpm_service }}"
    state: "{{ 'present' if php_install_fpm else 'absent' }}"
  when: ansible_os_family == 'Debian'

 - name: SERVICE | Enable service on FreeBSD
-  service:
+  ansible.builtin.service:
    name: "{{ php_fpm_service }}"
-    enabled: "{{ 'yes' if php_install_fpm else 'no' }}"
+    enabled: "{{ 'true' if php_install_fpm else 'false' }}"
  when: ansible_os_family == 'FreeBSD'

 - name: LINEINFILE | PHP configuration
-  lineinfile:
-    dest: '{{ php_cli_ini }}'
+  ansible.builtin.lineinfile:
+    dest: '{{ php_fpm_ini }}'
    regexp: '^;?{{ item.key }}'
    line: '{{ item.key }} = {{ item.value }}'
-    create: yes
+    create: true
+    owner: root
+    group: root
+    mode: 0644
  loop: "{{ php_ini | combine(php_ini_fpm) | dict2items }}"
-  notify: restart php-fpm
+  when: php_install_fpm | bool
+  notify: Restart php-fpm

 - name: TEMPLATE | Deploy pool configuration
-  template:
+  ansible.builtin.template:
    src: etc/__php__/fpm/pool.d/pool.conf.j2
    dest: '{{ php_fpm_pool_dir }}/{{ item.name }}.conf'
+    owner: root
+    group: root
+    mode: 0644
  loop: "{{ ansible_local.hanxhx_php.fpm_pool }}"
-  notify: restart php-fpm
+  when: php_install_fpm | bool
+  notify: Restart php-fpm

 - name: FILE | Delete default pool if necessary
-  file:
+  ansible.builtin.file:
    path: "{{ php_fpm_pool_dir }}/www.conf"
    state: absent
-  when: '"www" not in (ansible_local.hanxhx_php.fpm_pool | map(attribute="name") | list) and php_autoremove_default_pool'
-  notify: restart php-fpm
+  when:
+    - '"www" not in (ansible_local.hanxhx_php.fpm_pool | map(attribute="name") | list) and php_autoremove_default_pool'
+    - php_install_fpm | bool
+  notify: Restart php-fpm
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,17 +1,26 @@
 ---

+- name: SHELL | Check if we are in multiple PHP distribution
+  ansible.builtin.shell: set -o pipefail && apt-cache search php xdebug | grep 'php[[:digit:]].[[:digit:]]'
+  args:
+    executable: /bin/bash
+  failed_when: false
+  changed_when: false
+  register: multiple_php
+  when: ansible_os_family == 'Debian'
+
 - name: INCLUDE_VARS | Related to OS family
-  include_vars: "OS_Family_{{ ansible_os_family }}.yml"
+  ansible.builtin.include_vars: "OS_Family_{{ ansible_os_family }}.yml"

 - name: INCLUDE_VARS | Related to OS version
-  include_vars: "{{ item }}"
+  ansible.builtin.include_vars: "{{ item }}"
  with_first_found:
    - "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml"
    - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yml"
    - "{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"

 - name: SET_FACT | Transform data
-  set_fact:
+  ansible.builtin.set_fact:
    __php_fpm_full_pool: |
      [
      {% for p in php_fpm_poold %}
@ -20,10 +29,11 @@
          listen: "{{ p.listen | default(php_version | php_socket(p.name | default(p.pool_name))) }}",
          user: "{{ p.user | default(php_default_user_group) }}",
          group: "{% if p.user is defined %}{{ p.group | default(p.user) }}{% else %}{{ p.group | default(php_default_user_group) }}{% endif %}",
+          php_env: {% if p.php_env is defined %}{{ p.php_env | to_nice_json }}{% else %}{}{% endif %},
          php_value: {% if p.php_value is defined %}{{ p.php_value | to_nice_json }}{% else %}{}{% endif %},
          php_admin_value: {% if p.php_admin_value is defined %}{{ p.php_admin_value | to_nice_json }}{% else %}{}{% endif %},
          {% for k, v in p.items() | list %}
-          {% if k not in ['name', 'pool_name', 'listen', 'user', 'group', 'php_value', 'php_admin_value'] %}
+          {% if k not in ['name', 'pool_name', 'listen', 'user', 'group', 'php_env', 'php_value', 'php_admin_value'] %}
          {{ k }}: "{{ v }}"{% if not loop.last %},{% endif %}
          {% endif %}
          {% endfor %}
@ -32,80 +42,84 @@
      ]

 - name: SET_FACT | To YAML
-  set_fact:
+  ansible.builtin.set_fact:
    php_fpm_full_pool: "{{ __php_fpm_full_pool | from_yaml }}"

 - name: FILE | Creates ansible facts.d
-  file:
+  ansible.builtin.file:
    path: /etc/ansible/facts.d
    state: directory
-    recurse: yes
+    owner: root
+    group: root
+    mode: 0755

 - name: COPY | Manage facts
-  copy:
+  ansible.builtin.copy:
    content: "{ \"fpm_pool\": {{ php_fpm_full_pool | to_nice_json }} }"
    dest: /etc/ansible/facts.d/hanxhx_php.fact
+    owner: root
+    group: root
+    mode: 0644
  register: f
+  tags:
+    - skip_ansible_lint

 - name: SETUP | Gathers new facts
-  setup:
+  ansible.builtin.setup:
  when: f.changed
  tags:
    - skip_ansible_lint

 - name: APT | Install PHP packages
-  apt:
+  ansible.builtin.apt:
    pkg: "{{ pkgs }}"
    state: present
-    update_cache: yes
+    update_cache: true
    cache_valid_time: 3600
+    install_recommends: false
  vars:
    pkgs: "{{ php_packages + php_extra_packages | flatten }}"
-  notify: restart php-fpm
+  notify: Restart php-fpm
  when: ansible_os_family == 'Debian'

 - name: PKGNG | Install PHP packages
-  pkgng:
+  community.general.pkgng:
    name: "{{ php_packages + php_extra_packages | flatten | join(',') }}"
-  notify: restart php-fpm
+  notify: Restart php-fpm
  when: ansible_os_family == 'FreeBSD'

 - name: IMPORT_TASKS | PHP-FPM
-  import_tasks: fpm.yml
+  ansible.builtin.import_tasks: fpm.yml

 - name: LINEINFILE | PHP CLI configuration
-  lineinfile:
+  ansible.builtin.lineinfile:
    dest: '{{ php_cli_ini }}'
    regexp: '^;?{{ item.key }}'
    line: '{{ item.key }} = {{ item.value }}'
  loop: "{{ php_ini | combine(php_ini_cli) | dict2items }}"

 - name: IMPORT_TASKS | Xdebug
-  import_tasks: xdebug.yml
+  ansible.builtin.import_tasks: xdebug.yml

 - name: APT | Install and configure opcache
-  import_tasks: opcache.yml
+  ansible.builtin.import_tasks: opcache.yml

 - name: SERVICE | Ensure PHP-FPM is started
-  service:
+  ansible.builtin.service:
    name: '{{ php_fpm_service }}'
    state: started
  when: php_install_fpm and ansible_virtualization_type != 'docker'

- block:
-
-  - name: COMMAND | Check if PHP-FPM is started (Docker)
-    command: 'service {{ php_fpm_service }} status'
-    args:
-      warn: false
-    register: dps
-    changed_when: false
-    failed_when: false
-
-  - name: COMMAND | Ensure PHP-FPM is started (Docker)
-    command: 'service {{ php_fpm_service }} start'
-    args:
-      warn: false
-    when: dps.stdout.find('is not running') != -1
-
+- name: BLOCK | Ensure PHP-FPM is started if running on Docker
  when: php_install_fpm and ansible_virtualization_type == 'docker'
+  block:
+
+    - name: COMMAND | Check if PHP-FPM is started (Docker)  # noqa: command-instead-of-module
+      ansible.builtin.command: 'service {{ php_fpm_service }} status'
+      register: dps
+      changed_when: false
+      failed_when: false
+
+    - name: COMMAND | Ensure PHP-FPM is started (Docker)  # noqa: command-instead-of-module no-changed-when
+      ansible.builtin.command: 'service {{ php_fpm_service }} start'
+      when: dps.stdout.find('is not running') != -1
--- a/tasks/opcache.yml
+++ b/tasks/opcache.yml
@ -1,37 +1,46 @@
 ---

- block:
-
-  - name: APT | Install APCu
-    apt:
-      pkg: "php-apcu"
-
-  - name: APT | Install Opcache
-    apt:
-      pkg: "{{ php_package_prefix }}opcache"
-
+- name: Install opcache/apcu on Debian
  when: ansible_os_family == 'Debian'
+  block:

- block:
+    - name: APT | Install APCu
+      ansible.builtin.apt:
+        pkg: "{{ php_apcu_package }}"
+        install_recommends: false

-  - name: PKGNG | Install APCu
-    pkgng:
-      name: "php{{ php_version | replace('.', '') }}-pecl-APCu"
+    - name: APT | Install Opcache
+      ansible.builtin.apt:
+        pkg: "{{ php_package_prefix }}opcache"
+        install_recommends: false

-  - name: PKGNG | Install Opcache
-    pkgng:
-      name: "{{ php_package_prefix }}opcache"

+- name: Install opcache/apcu on FreeBSD
  when: ansible_os_family == 'FreeBSD'
+  block:
+
+    - name: PKGNG | Install APCu
+      community.general.pkgng:
+        name: "php{{ php_version | replace('.', '') }}-pecl-APCu"
+
+    - name: PKGNG | Install Opcache
+      community.general.pkgng:
+        name: "{{ php_package_prefix }}opcache"

 - name: TEMPLATE | Configure Opcache
-  template:
+  ansible.builtin.template:
    src: "etc/__php__/mods-available/opcache.ini.j2"
    dest: "{{ php_mods_dir }}/opcache.ini"
-  notify: restart php-fpm
+    owner: root
+    group: root
+    mode: 0644
+  notify: Restart php-fpm

 - name: TEMPLATE | Configure APCu
-  template:
+  ansible.builtin.template:
    src: "etc/__php__/mods-available/apcu.ini.j2"
    dest: "{{ php_mods_dir }}/apcu.ini"
-  notify: restart php-fpm
+    owner: root
+    group: root
+    mode: 0644
+  notify: Restart php-fpm
--- a/tasks/xdebug.yml
+++ b/tasks/xdebug.yml
@ -1,42 +1,44 @@
 ---

- block:
-
-  - name: APT | Install xdebug
-    apt:
-      pkg: "{{ php_xdebug_package }}"
-      state: present
-      update_cache: yes
-      cache_valid_time: 3600
-    when: ansible_os_family == 'Debian'
-
-  - name: PKGNG | Install xdebug
-    pkgng:
-      name: "{{ php_xdebug_package }}"
-    when: ansible_os_family == 'FreeBSD' and php_xdebug_package is defined
-
-  - name: TEMPLATE | Deploy module configurations
-    template:
-      src: "etc/__php__/mods-available/xdebug.ini.j2"
-      dest: "{{ php_mods_dir }}/xdebug.ini"
-      owner: root
-      mode: 0644
-    notify: restart php-fpm
-
+- name: BLOCK | Uninstall xdebug
  when: php_install_xdebug
+  block:

- block:
+    - name: APT | Install xdebug
+      ansible.builtin.apt:
+        pkg: "{{ php_xdebug_package }}"
+        state: present
+        update_cache: true
+        cache_valid_time: 3600
+        install_recommends: false
+      when: ansible_os_family == 'Debian'

-  - name: APT | Uninstall xdebug
-    apt:
-      pkg: "{{ php_xdebug_package }}"
-      state: absent
-    when: ansible_os_family == 'Debian'
+    - name: PKGNG | Install xdebug
+      community.general.pkgng:
+        name: "{{ php_xdebug_package }}"
+      when: ansible_os_family == 'FreeBSD' and php_xdebug_package is defined

-  - name: PKGNG | Uninstall xdebug
-    pkgng:
-      name: "{{ php_xdebug_package }}"
-      state: absent
-    when: ansible_os_family == 'FreeBSD'
+    - name: TEMPLATE | Deploy module configurations
+      ansible.builtin.template:
+        src: "etc/__php__/mods-available/xdebug.ini.j2"
+        dest: "{{ php_mods_dir }}/xdebug.ini"
+        owner: root
+        mode: 0644
+      notify: Restart php-fpm

+
+- name: BLOCK | Uninstall xdebug
  when: not php_install_xdebug
+  block:
+
+    - name: APT | Uninstall xdebug
+      ansible.builtin.apt:
+        pkg: "{{ php_xdebug_package }}"
+        state: absent
+      when: ansible_os_family == 'Debian'
+
+    - name: PKGNG | Uninstall xdebug
+      community.general.pkgng:
+        name: "{{ php_xdebug_package }}"
+        state: absent
+      when: ansible_os_family == 'FreeBSD'
--- a/templates/etc/php/fpm/pool.d/pool.conf.j2
+++ b/templates/etc/php/fpm/pool.d/pool.conf.j2
@ -132,7 +132,7 @@ pm.process_idle_timeout = {{ item.pm_process_idle_timeout | default('10s') }};
 ; This can be useful to work around memory leaks in 3rd party libraries. For
 ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
 ; Default Value: 0
-;pm.max_requests = 500
+pm.max_requests = {{ item.pm_max_requests | default('0') }}

 ; The URI to view the FPM status page. If this value is not set, no URI will be
 ; recognized as a status page. It shows the following informations:
@ -421,10 +421,19 @@ catch_workers_output = {{ item.catch_workers_output | default('no') }}
 ;php_admin_value[error_log] = /var/log/fpm-php.www.log
 ;php_admin_flag[log_errors] = on
 ;php_admin_value[memory_limit] = 32M
+{% if item.php_env is defined %}
+{% for k, v in item.php_env.items() | list %}
+env[{{ k }}] = {{ v }}
+{% endfor %}
+{% endif %}
+{% if item.php_value is defined %}
 {% for k, v in item.php_value.items() | list %}
 php_value[{{ k }}] = {{ v }}
 {% endfor %}
+{% endif %}
+{% if item.php_admin_value is defined %}
 {% for k, v in item.php_admin_value.items() | list %}
 php_admin_value[{{ k }}] = {{ v }}
 {% endfor %}
+{% endif %}
 ; vim:filetype=dosini
--- a/tests/includes/Debian/sury.yml
+++ b/tests/includes/Debian/sury.yml
@ -1,9 +1,9 @@
 ---

 - name: APT | Install Sury key
-  apt_key:
+  ansible.builtin.apt_key:
    url: 'https://packages.sury.org/php/apt.gpg'

 - name: APT_REPOSITORY | Add Sury repository
-  apt_repository:
+  ansible.builtin.apt_repository:
    repo: 'deb https://packages.sury.org/php/ {{ ansible_distribution_release }} main'
--- a/tests/includes/pre_Debian.yml
+++ b/tests/includes/pre_Debian.yml
@ -1,25 +1,24 @@
 ---

 - name: SET_FACT | Prepare test vars
-  set_fact:
+  ansible.builtin.set_fact:
    __nginx_conf: /etc/nginx/nginx.conf

 - name: APT | Install packages
-  apt:
+  ansible.builtin.apt:
    pkg: "{{ p }}"
-    update_cache: yes
+    update_cache: true
    cache_valid_time: 3600
  vars:
    p:
      - apt-transport-https
      - ca-certificates
      - curl
+      - gpg
      - lsb-release
      - nginx
      - vim

- name: INCLUDE_TASKS | Sury
-  include_tasks: Debian/sury.yml
-  when:
-    ((ansible_distribution_major_version is version('9', 'eq')) and (php_version is version('7.1', 'ge'))) or
-    ((ansible_distribution_major_version is version('10', 'eq')) and (php_version is version('7.4', 'ge')))
+- name: INCLUDE_TASKS | Sury (only if a specific php_version is defined)
+  ansible.builtin.include_tasks: Debian/sury.yml
+  when: php_version is defined
--- a/tests/includes/pre_FreeBSD.yml
+++ b/tests/includes/pre_FreeBSD.yml
@ -1,10 +1,10 @@
 ---

 - name: SET_FACT | Prepare test vars
-  set_fact:
+  ansible.builtin.set_fact:
    __nginx_conf: /usr/local/etc/nginx/nginx.conf
    php_xdebug_package: 'php72-pecl-xdebug-2.6.1'

 - name: PKGNG | Install packages
-  pkgng:
+  community.general.pkgng:
    name: ['curl', 'nginx']
--- a/tests/templates/nginx.conf.j2
+++ b/tests/templates/nginx.conf.j2
@ -2,7 +2,7 @@ events {
    worker_connections  1024;
 }

-user {{ php_default_user_group }};
+user root;

 http {
    include       mime.types;
--- a/tests/test.yml
+++ b/tests/test.yml
@ -1,6 +1,7 @@
 ---

 - hosts: all
+  name: Test all
  vars:
    vhost: 'test.local'
    php_extra_packages:
@ -24,6 +25,8 @@
        ping_response: 'ok'
      - name: 'test_ansible2'
        user: 'foo'
+        php_env:
+          foo: bar
        php_value:
          display_errors: 'Off'
        php_admin_value:
@ -32,73 +35,70 @@
  pre_tasks:

    - name: INCLUDE_TASKS | Pre tasks related to OS
-      include_tasks: "includes/pre_{{ ansible_os_family }}.yml"
+      ansible.builtin.include_tasks: "includes/pre_{{ ansible_os_family }}.yml"

    - name: USER | Create PHP user
-      user:
+      ansible.builtin.user:
        name: 'foo'
-        system: yes
-        create_home: no
+        system: true
+        create_home: false
        shell: '/usr/sbin/nologin'

  tasks:

    - name: TEMPLATE | Nginx site config
-      template:
+      ansible.builtin.template:
        src: "templates/nginx.conf.j2"
-        dest: "{{ __nginx_conf  }}"
-      notify: reload nginx
+        dest: "{{ __nginx_conf }}"
+        mode: 0644
+        owner: root
+        group: root
+      notify: Reload nginx

    - name: COMMAND | Fix nginx config
-      command: "cp {{ __nginx_conf | dirname }}/fastcgi_params {{ __nginx_conf | dirname }}/fastcgi.conf"
+      ansible.builtin.command: "cp {{ __nginx_conf | dirname }}/fastcgi_params {{ __nginx_conf | dirname }}/fastcgi.conf"
      args:
        creates: "{{ __nginx_conf | dirname }}/fastcgi.conf"
-      notify: reload nginx
+      notify: Reload nginx

    - name: LINEINFILE | Fix nginx config (second step)
-      lineinfile:
+      ansible.builtin.lineinfile:
        regexp: '^fastcgi_param\s+SCRIPT_FILENAME'
        line: "fastcgi_param  SCRIPT_FILENAME    $realpath_root$fastcgi_script_name;"
        dest: "{{ __nginx_conf | dirname }}/fastcgi.conf"
-      notify: reload nginx
+      notify: Reload nginx

    - name: SERVICE | Ensure nginx is started
-      service:
+      ansible.builtin.service:
        name: nginx
        state: started
      when: ansible_virtualization_type != 'docker'

-    - block:
-
-      - name: COMMAND | Docker nginx status
-        command: service nginx status
-        args:
-          warn: false
-        changed_when: false
-        failed_when: false
-        register: ngs
-
-      - name: COMMAND | Docker start nginx
-        command: service nginx start
-        args:
-          warn: false
-        when: ngs.stdout.find('nginx is not running') != -1
-
+    - name: Start nginx if testing with Docker
      when: ansible_virtualization_type == 'docker'
+      block:
+
+        - name: COMMAND | Docker nginx status  # noqa: command-instead-of-module
+          ansible.builtin.command: service nginx status
+          changed_when: false
+          failed_when: false
+          register: ngs
+
+        - name: COMMAND | Docker start nginx  # noqa: command-instead-of-module no-changed-when
+          ansible.builtin.command: service nginx start
+          when: ngs.stdout.find('nginx is not running') != -1

  handlers:

-    - name: reload nginx
-      service:
+    - name: Reload nginx
+      ansible.builtin.service:
        name: nginx
        state: reloaded
-      notify: docker reload nginx
+      notify: Docker reload nginx

-    - name: docker reload nginx
-      command: service nginx reload
-      args:
-        warn: false
-      notify: docker reload nginx
+    - name: Docker reload nginx  # noqa: command-instead-of-module no-changed-when
+      ansible.builtin.command: service nginx reload
+      notify: Docker reload nginx
      when: ansible_virtualization_type == 'docker'

  roles:
@ -107,48 +107,75 @@
  post_tasks:

    - name: SHELL | Test php-cli
-      shell: php -i | grep '^PHP Version => {{ php_version }}' | head -n 1
+      ansible.builtin.shell: set -o pipefail && php -i | grep '^PHP Version => {{ php_version }}' | head -n 1
      changed_when: false
      register: p
      failed_when: p.stdout == ''
+      args:
+        executable: /bin/bash

    - name: FILE | Create /var/www
-      file:
+      ansible.builtin.file:
        dest: /var/www
        state: directory
+        owner: root
+        group: root
+        mode: 0755

    - name: COPY | Add phpinfo
-      copy:
+      ansible.builtin.copy:
        dest: /var/www/phpinfo.php
        content: '<?php phpinfo();'
+        owner: root
+        group: root
+        mode: 0644

    - name: COPY | Add ini test file
-      copy:
+      ansible.builtin.copy:
        dest: /var/www/ini.php
        content: '<?php echo ini_get("memory_limit") . "\n";'
+        owner: root
+        group: root
+        mode: 0644

    - name: SHELL | Check vhost
-      shell: "curl -v -H 'Host: {{ vhost }}' http://127.0.0.1/phpinfo.php 2> /dev/null | grep h1 | grep -o 'PHP Version {{ php_version }}' | sed -r 's/<//g'"
+      ansible.builtin.shell: "set -o pipefail && curl -v -H 'Host: {{ vhost }}' http://127.0.0.1/phpinfo.php 2> /dev/null | grep h1 | grep -o 'PHP Version {{ php_version }}' | sed -r 's/<//g'"
      args:
-        warn: false
+        executable: /bin/bash
      changed_when: false
      register: c
      failed_when: c.stdout == ''

-    - name: SHELL | Check custom php value
-      shell: "curl -H 'Host: {{ vhost }}' http://127.0.0.1/ini.php 2> /dev/null"
-      args:
-        warn: false
+    - name: SHELL | Check custom php value  # noqa: command-instead-of-module
+      ansible.builtin.shell: "curl -H 'Host: {{ vhost }}' http://127.0.0.1/ini.php 2> /dev/null"
      changed_when: false
      register: c
      failed_when: 'php_fpm_poold.1.php_admin_value.memory_limit not in c.stdout'

    - name: URI | Check ping
-      uri:
+      ansible.builtin.uri:
        url: "http://localhost{{ php_fpm_poold.0.ping_path }}"
      when: php_fpm_poold.0.ping_path is defined

    - name: URI | Check status
-      uri:
+      ansible.builtin.uri:
        url: "http://localhost{{ php_fpm_poold.0.status_path }}"
      when: php_fpm_poold.0.status_path is defined
+
+    - name: Debian extra checks
+      when: ansible_os_family == 'Debian'
+      block:
+
+        - name: SHELL | Check if we installed multiple PHP versions
+          ansible.builtin.shell: set -o pipefail && (dpkg -l | grep 'php[[:digit:]].*common' | wc -l)
+          args:
+            executable: /bin/bash
+          failed_when: false
+          changed_when: false
+          register: check_multiple_php
+
+
+        - name: FAIL | If we have multiple PHP version
+          ansible.builtin.fail:
+            msg: "Multiple PHP versions detected"
+          when: check_multiple_php.stdout != '1'
--- a/vars/Debian-bookworm.yml
+++ b/vars/Debian-bookworm.yml
@ -0,0 +1,3 @@
+---
+
+php_default_version: '8.2'
--- a/vars/Debian-bullseye.yml
+++ b/vars/Debian-bullseye.yml
@ -0,0 +1,3 @@
+---
+
+php_default_version: '7.4'
--- a/vars/Debian-buster.yml
+++ b/vars/Debian-buster.yml
@ -1 +1,3 @@
+---
+
 php_default_version: '7.3'
--- a/vars/Debian-stretch.yml
+++ b/vars/Debian-stretch.yml
@ -1 +0,0 @@
-php_default_version: '7.0'
--- a/vars/FreeBSD-11.yml
+++ b/vars/FreeBSD-11.yml
@ -1 +1,3 @@
+---
+
 php_default_version: '7.2'
--- a/vars/FreeBSD-12.yml
+++ b/vars/FreeBSD-12.yml
@ -1 +1,3 @@
+---
+
 php_default_version: '7.2'
--- a/vars/OS_Family_Debian.yml
+++ b/vars/OS_Family_Debian.yml
@ -7,7 +7,8 @@ php_packages:
  - '{{ php_package_prefix }}mysql'
  - '{{ php_package_prefix }}intl'

-php_xdebug_package: 'php-xdebug'
+php_xdebug_package: '{% if multiple_php.rc == 0 %}{{ php_package_prefix }}{% else %}php-{% endif %}xdebug'
+php_apcu_package: '{% if multiple_php.rc == 0 %}{{ php_package_prefix }}{% else %}php-{% endif %}apcu'

 php_package_prefix: 'php{{ php_version }}-'

--- a/vars/Ubuntu-bionic.yml
+++ b/vars/Ubuntu-bionic.yml
@ -1 +1,3 @@
+---
+
 php_default_version: '7.2'
--- a/vars/Ubuntu-focal.yml
+++ b/vars/Ubuntu-focal.yml
@ -0,0 +1,3 @@
+---
+
+php_default_version: '7.4'
--- a/vars/Ubuntu-jammy.yml
+++ b/vars/Ubuntu-jammy.yml
@ -0,0 +1,3 @@
+---
+
+php_default_version: '8.1'
--- a/vars/Ubuntu-xenial.yml
+++ b/vars/Ubuntu-xenial.yml
@ -1 +1,3 @@
+---
+
 php_default_version: '7.0'
Author	SHA1	Message	Date
Emilien M	f6652efe77	Merge pull request #21 from HanXHX/improvements/misc Many improvements	2023-05-30 13:22:51 +02:00
Emilien Mantel	0a9a5c7aaf	🚀 Manages Ubuntu 20.04 + 22.04	2023-05-30 12:55:12 +02:00
Emilien Mantel	726d769d26	💚 Fix linters errors	2023-05-30 12:52:46 +02:00
Emilien Mantel	b363238e10	📝 Add build status (master branch) on README	2023-05-30 12:46:24 +02:00
Emilien Mantel	73355bfe30	🔥 Remove TravisCI	2023-05-30 12:45:04 +02:00
Emilien Mantel	f54176c880	👷 Add Github Action	2023-05-30 12:44:15 +02:00
Emilien Mantel	ec779b858a	✅ Add Ansible molecule	2023-05-30 12:43:45 +02:00
Emilien Mantel	539dc205f5	🚀 Manage Debian 12	2023-05-30 12:33:43 +02:00
Emilien Mantel	85378ac422	🚨 Fix crashes on latest ansible versions and fixes lint	2023-05-30 10:56:48 +02:00
Emilien Mantel	483b6c78b5	🙈 Ignore pycharm files	2023-05-30 10:50:00 +02:00
Klaus Zerwes	746b05ca4a	fix pool.conf template in case some VARs are not defined (#20 ) vars not defined in defaults should be processed only if they are defined (avoid AnsibleUndefinedVariable errors) Co-authored-by: Klaus Zerwes <Klaus.Zerwes@rosalux.org>	2022-11-07 17:22:57 +01:00
Klaus Zerwes	b4afb45dd4	honor php_install_fpm in case it is set to 'false' (#19 ) Co-authored-by: Klaus Zerwes <Klaus.Zerwes@rosalux.org>	2022-11-07 11:03:58 +01:00
Totooow	0a51826e2f	Add env vars on PHP-FPM pool template (#17 ) Co-authored-by: Théo Adolphe <theo.adolphe@skilleos.com>	2022-10-06 16:36:02 +02:00
Emilien M	e9e74e2db6	Modernize * Fix lint errors due to ansible-lint latest version * Drop debian stretch support	2022-10-06 14:47:06 +02:00
Emilien Mantel	4aef107c1a	🐛 Fix multiple PHP versions install With Sury packages...	2022-02-22 13:41:02 +01:00
Emilien Mantel	28caf6d9c9	⚡ Remove useless provision in Vagrant	2022-02-22 13:31:19 +01:00
Emilien M	309824dabf	New release (#14 ) * Manages Debian 11 * Migrate to new TravisCI version * Fix lint errors * Use FQCN builtins * Drop Ubuntu Xenial support (16.04)	2021-09-01 09:57:23 +02:00
Emilien Mantel	3209f6b010	Quickfix	2020-05-27 13:06:19 +02:00
Emilien Mantel	759a85a325	Fix FPM ini file	2020-05-27 12:59:25 +02:00
Emilien Mantel	704ebb3937	Manage pm.max_requests on PHP pool	2020-05-27 10:15:42 +02:00