├── .github └── workflows │ ├── galaxy.yml │ ├── lint.yml │ └── readme.yml ├── .gitignore ├── .pre-commit-config.yaml ├── .yamllint ├── LICENSE ├── Makefile ├── README.md ├── README.yaml ├── defaults └── main.yml ├── handlers └── main.yml ├── meta └── main.yml ├── tasks ├── configure.yml ├── install.yml ├── main.yml └── users.yml └── templates ├── config ├── php.ini └── pool.d │ ├── extra-config.ini │ └── zz-docker.conf ├── php └── php.service /.github/workflows/galaxy.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Release to Ansible Galaxy 3 | 4 | 'on': 5 | push: 6 | tags: 7 | - '*' 8 | 9 | jobs: 10 | release: 11 | runs-on: ubuntu-18.04 12 | steps: 13 | - name: galaxy 14 | uses: robertdebock/galaxy-action@1.0.1 15 | with: 16 | galaxy_api_key: ${{ secrets.galaxy_api_key }} 17 | -------------------------------------------------------------------------------- /.github/workflows/lint.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Lint 3 | 'on': 4 | pull_request: 5 | push: 6 | branches: 7 | - master 8 | 9 | jobs: 10 | 11 | yamllint: 12 | name: yamllint 13 | runs-on: ubuntu-latest 14 | steps: 15 | - name: Check out the codebase. 16 | uses: actions/checkout@v2 17 | 18 | - name: Set up Python 3.7. 19 | uses: actions/setup-python@v2 20 | with: 21 | python-version: '3.x' 22 | 23 | - name: Install yamllist 24 | run: pip3 install yamllint 25 | 26 | - name: Run yamllint. 27 | run: yamllint . 28 | 29 | ansible-lint: 30 | name: ansible-lint 31 | runs-on: ubuntu-latest 32 | steps: 33 | - name: Checkout the codebase. 34 | uses: actions/checkout@v2 35 | 36 | - name: Set up Python 3.7. 37 | uses: actions/setup-python@v2 38 | with: 39 | python-version: '3.x' 40 | 41 | - name: Install ansible and other packages 42 | run: pip3 install ansible ansible-lint 43 | 44 | - name: Run ansible-lint. 45 | run: ansible-lint 46 | 47 | pre-commit: 48 | name: 'Pre-Commit' 49 | needs: 50 | - yamllint 51 | - ansible-lint 52 | runs-on: ubuntu-latest 53 | steps: 54 | - name: 'Checkout' 55 | uses: actions/checkout@v2.3.4 56 | 57 | - name: Install ansible-lint 58 | run: pip3 install ansible-lint 59 | 60 | - name: 'Pre-Commit 🔎' 61 | uses: pre-commit/action@v2.0.3 62 | continue-on-error: true 63 | 64 | - name: 'Slack Notification' 65 | uses: clouddrove/action-slack@v2 66 | with: 67 | status: ${{ job.status }} 68 | fields: repo,author 69 | author_name: 'CloudDrove Inc.' 70 | env: 71 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 72 | SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_ANSIBLE }} 73 | if: always() 74 | -------------------------------------------------------------------------------- /.github/workflows/readme.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: 'Create README.md file' 3 | 'on': 4 | push: 5 | branches: 6 | - master 7 | 8 | jobs: 9 | readme-create: 10 | name: 'Autogenerate Readme file' 11 | runs-on: ubuntu-latest 12 | steps: 13 | - name: 'Checkout' 14 | uses: actions/checkout@master 15 | 16 | - name: Set up Python 3.7. 17 | uses: actions/setup-python@v2 18 | with: 19 | python-version: '3.x' 20 | 21 | - name: 'Generate readme.md from readme.yaml' 22 | uses: 'clouddrove/github-actions@v8.0' 23 | with: 24 | actions_subcommand: 'readme' 25 | github_token: '${{ secrets.GITHUB }}' 26 | env: 27 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 28 | 29 | - name: Install ansible-lint 30 | run: pip3 install ansible-lint 31 | 32 | - name: pre-commit check errors 33 | uses: pre-commit/action@v2.0.0 34 | continue-on-error: true 35 | 36 | - name: pre-commit fix errors 37 | uses: pre-commit/action@v2.0.0 38 | continue-on-error: true 39 | 40 | - name: 'push readme' 41 | uses: 'clouddrove/github-actions@v8.0' 42 | continue-on-error: true 43 | with: 44 | actions_subcommand: 'push' 45 | env: 46 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 47 | 48 | - name: 'Slack Notification' 49 | uses: clouddrove/action-slack@v2 50 | with: 51 | status: ${{ job.status }} 52 | fields: repo,author 53 | author_name: 'CloudDrove Inc.' 54 | env: 55 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 56 | SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_ANSIBLE }} 57 | if: always() 58 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # ignored files 2 | .idea 3 | *.iml 4 | *.zip 5 | .cache 6 | -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | repos: 3 | 4 | - repo: https://github.com/pre-commit/pre-commit-hooks.git 5 | rev: v3.4.0 6 | hooks: 7 | - id: end-of-file-fixer 8 | - id: trailing-whitespace 9 | - id: mixed-line-ending 10 | - id: check-byte-order-marker 11 | - id: check-executables-have-shebangs 12 | - id: check-merge-conflict 13 | - id: debug-statements 14 | - id: check-yaml 15 | - id: check-added-large-files 16 | 17 | - repo: https://github.com/ansible/ansible-lint.git 18 | rev: v5.0.8 19 | hooks: 20 | - id: ansible-lint 21 | files: \.(yaml|yml)$ 22 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | extends: default 3 | 4 | rules: 5 | line-length: 6 | max: 140 7 | level: warning 8 | truthy: 9 | allowed-values: ['true', 'false', 'yes', 'no'] 10 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 Cloud Drove 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | export GENIE_PATH ?= $(shell 'pwd')/../../../genie 2 | 3 | include $(GENIE_PATH)/Makefile 4 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 |

5 | 6 |

7 | Ansible Role Docker PHP 8 |

9 | 10 |

11 | This Ansible role install PHP On Ubuntu, CentOS Amazon-Linux With Docker. 12 |

13 | 14 |

15 | 16 | 17 | Ansible 18 | 19 | 20 | Licence 21 | 22 | 23 | Distribution 24 | 25 | 26 | Distribution 27 | 28 | 29 | Distribution 30 | 31 | 32 | Actions 33 | 34 | 35 | 36 |

37 |

38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 |

50 |
51 | 52 | 53 | 54 | We eat, drink, sleep and most importantly love **DevOps**. DevOps always promotes automation and standardisation. While setting up various environments like local, dev, testing, production, etc. it is critical to maintain the same environment across. This can easily be achieved using automating the environment setup & installation with the help of ansible-playbooks. 55 | 56 | Smaller roles are created for each environment elements; which also include tasks & tests. These roles can then be grouped together in [ansible-playbook](https://docs.ansible.com/ansible/latest/user_guide/playbooks_intro.html) to achieve the desired yet consistent results. 57 | 58 | 59 | 60 | ## Prerequisites 61 | 62 | This module has a few dependencies: 63 | 64 | - [Ansible2.9](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html) 65 | - [Python](https://www.python.org/downloads) 66 | - [Docker](https://docs.docker.com/install/linux/docker-ce/ubuntu) 67 | 68 | 69 | 70 | 71 | ## What Includes 72 | 73 | Following things includes in this role: 74 | 75 | - Php-8.0 76 | - Php-fpm 77 | - Pecl 78 | - Composer 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | ## Example Playbook 87 | 88 | **IMPORTANT:** Since the `master` branch used in `source` varies based on new modifications, we suggest that you use the release versions [here](https://github.com/clouddrove/ansible-role-docker-php/releases). 89 | 90 | 91 | ```yaml 92 | - hosts: localhost 93 | remote_user: root 94 | roles: 95 | - clouddrove.ansible_role_docker_php 96 | ``` 97 | 98 | 99 | ## Variables 100 | 101 | ```yaml 102 | php_version: 8.0.7-fpm 103 | php_user: www-data 104 | php_group: www-data 105 | php_opt_dir: "/opt/php" 106 | php_config_dir: "{{ php_opt_dir }}/config" 107 | ``` 108 | 109 | 110 | ## Installation 111 | 112 | ```console 113 | $ ansible-galaxy install clouddrove.ansible_role_docker_php 114 | ``` 115 | 116 | 117 | 118 | 119 | 120 | 121 | ## Feedback 122 | If you come accross a bug or have any feedback, please log it in our [issue tracker](https://github.com/clouddrove/ansible-role-docker-php/issues), or feel free to drop us an email at [hello@clouddrove.com](mailto:hello@clouddrove.com). 123 | 124 | If you have found it worth your time, go ahead and give us a ★ on [our GitHub](https://github.com/clouddrove/ansible-role-docker-php)! 125 | 126 | ## About us 127 | 128 | At [CloudDrove][website], we offer expert guidance, implementation support and services to help organisations accelerate their journey to the cloud. Our services include docker and container orchestration, cloud migration and adoption, infrastructure automation, application modernisation and remediation, and performance engineering. 129 | 130 |

We are The Cloud Experts!

131 |
132 |

We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.

133 | 134 | [website]: https://clouddrove.com 135 | [github]: https://github.com/clouddrove 136 | [linkedin]: https://cpco.io/linkedin 137 | [twitter]: https://twitter.com/clouddrove/ 138 | [email]: https://clouddrove.com/contact-us.html 139 | [terraform_modules]: https://github.com/clouddrove?utf8=%E2%9C%93&q=terraform-&type=&language= 140 | -------------------------------------------------------------------------------- /README.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # 3 | # This is the canonical configuration for the `README.md` 4 | # Run `make readme` to rebuild the `README.md` 5 | # 6 | 7 | # Name of this project 8 | name: Ansible Role Docker PHP 9 | 10 | # License of this project 11 | license: "MIT" 12 | 13 | # Canonical GitHub repo 14 | 15 | github_repo: clouddrove/ansible-role-docker-php 16 | 17 | # Badges to display 18 | badges: 19 | - name: "Ansible" 20 | image: "https://img.shields.io/badge/Ansible-2.9-green?style=flat&logo=ansible" 21 | url: "https://www.ansible.com" 22 | - name: "Licence" 23 | image: "https://img.shields.io/badge/License-MIT-blue.svg" 24 | url: "LICENSE.md" 25 | - name: "Distribution" 26 | image: "https://img.shields.io/badge/ubuntu-20.x-orange?style=flat&logo=ubuntu" 27 | url: "https://ubuntu.com/" 28 | - name: "Distribution" 29 | image: "https://img.shields.io/badge/CentOS-8-green?style=flat&logo=centos" 30 | url: "https://www.centos.org/" 31 | - name: "Distribution" 32 | image: "https://img.shields.io/badge/Amazon_linux-2-yellow?style=flat&logo=linux" 33 | url: "https://aws.amazon.com/amazon-linux-ami/" 34 | - name: "Actions" 35 | image: "https://github.com/clouddrove/ansible-role-docker-php/actions/workflows/lint.yml/badge.svg" 36 | url: "https://github.com/clouddrove/ansible-role-docker-php/actions/workflows/lint.yml" 37 | # Prerequesties to display 38 | # yamllint disable 39 | prerequesties: 40 | - name: "Ansible2.9" 41 | url: "https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html" 42 | - name: "Python" 43 | url: "https://www.python.org/downloads" 44 | - name: "Docker" 45 | url: "https://docs.docker.com/install/linux/docker-ce/ubuntu" 46 | # yamllint enable 47 | # What Includes to display 48 | what_includes: 49 | - name: "Php-8.0" 50 | - name: "Php-fpm" 51 | - name: "Pecl" 52 | - name: "Composer" 53 | 54 | # description of this project 55 | description: |- 56 | This Ansible role install PHP On Ubuntu, CentOS Amazon-Linux With Docker. 57 | 58 | # How to use this project 59 | usage: |- 60 | ```yaml 61 | - hosts: localhost 62 | remote_user: root 63 | roles: 64 | - clouddrove.ansible_role_docker_php 65 | ``` 66 | # Variables use in the project 67 | variables: |- 68 | ```yaml 69 | php_version: 8.0.7-fpm 70 | php_user: www-data 71 | php_group: www-data 72 | php_opt_dir: "/opt/php" 73 | php_config_dir: "{{ php_opt_dir }}/config" 74 | ``` 75 | 76 | # How to install project 77 | installation: |- 78 | ```console 79 | $ ansible-galaxy install clouddrove.ansible_role_docker_php 80 | ``` 81 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | php_version: 8.0.7-fpm 4 | php_user: www-data 5 | php_group: www-data 6 | php_opt_dir: "/opt/php" 7 | php_config_dir: "{{ php_opt_dir }}/config" 8 | max_children: 300 9 | start_servers: 6 10 | min_spare_servers: 4 11 | max_spare_servers: 140 12 | max_requests: 10000 13 | memory_limit: 2048M 14 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart php 3 | service: 4 | name: php 5 | state: restarted 6 | enabled: true 7 | 8 | - name: start php 9 | service: 10 | name: php 11 | state: started 12 | 13 | - name: reload php 14 | service: 15 | name: php 16 | state: reloaded 17 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | dependencies: [] 3 | 4 | galaxy_info: 5 | author: Anmol Nagpal 6 | description: This Ansible role install PHP On Ubuntu, CentOS Amazon-Linux With Docker 7 | company: "CloudDrove Inc." 8 | license: "license (BSD, MIT)" 9 | role_name: ansible_role_docker_php 10 | namespace: CloudDrove 11 | min_ansible_version: 2.8 12 | 13 | platforms: 14 | - name: Debian 15 | versions: 16 | - jessie 17 | - stretch 18 | - name: Ubuntu 19 | versions: 20 | - trusty 21 | - xenial 22 | - bionic 23 | - name: CentOS 24 | versions: 25 | - 7 26 | - 8 27 | - name: Amazonlinux 28 | versions: 29 | - 2 30 | - name: EL 31 | versions: 32 | - 6 33 | - 7 34 | - 8 35 | galaxy_tags: 36 | - php 37 | - composer 38 | - docker 39 | - ubuntu 40 | - cenos 41 | - linux 42 | - amazon 43 | -------------------------------------------------------------------------------- /tasks/configure.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: create php dirs 3 | file: 4 | path: "{{ item|safe|trim }}" 5 | state: directory 6 | owner: "{{ php_user }}" 7 | group: "{{ php_group }}" 8 | mode: 0755 9 | recurse: true 10 | changed_when: "False" 11 | with_items: 12 | - "{{ php_opt_dir }}" 13 | - "{{ php_config_dir }}" 14 | - "{{ php_config_dir }}/pool" 15 | 16 | - name: transfer pool.d php configuration 17 | template: 18 | src: "{{ item }}" 19 | dest: "{{ php_config_dir }}/pool/{{ item | basename }}" 20 | mode: 0755 21 | force: true 22 | with_fileglob: 23 | - ../templates/config/pool.d/*.conf 24 | 25 | 26 | - name: transfer php.ini php-fpm configuration 27 | template: 28 | src: config/php.ini 29 | dest: "{{ php_config_dir }}/php.ini" 30 | mode: 0755 31 | force: true 32 | -------------------------------------------------------------------------------- /tasks/install.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: copy php script 4 | template: 5 | src: "php" 6 | dest: /usr/local/bin/php 7 | mode: 0755 8 | owner: root 9 | group: root 10 | 11 | - name: copy php script 12 | template: 13 | src: "php.service" 14 | dest: /etc/systemd/system/php.service 15 | mode: 0644 16 | owner: root 17 | group: root 18 | notify: 19 | - start php 20 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - import_tasks: users.yml 4 | - import_tasks: configure.yml 5 | - import_tasks: install.yml 6 | -------------------------------------------------------------------------------- /tasks/users.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: setup group 4 | group: 5 | name: "{{ php_group }}" 6 | system: true 7 | 8 | - name: setup user 9 | user: 10 | name: "{{ php_user }}" 11 | system: true 12 | group: "{{ php_group }}" 13 | -------------------------------------------------------------------------------- /templates/config/php.ini: -------------------------------------------------------------------------------- 1 | ;{{ ansible_managed }} 2 | [PHP] 3 | 4 | ;;;;;;;;;;;;;;;;;;; 5 | ; About this file ; 6 | ;;;;;;;;;;;;;;;;;;; 7 | ; PHP comes packaged with two INI files. One that is recommended to be used 8 | ; in production environments and one that is recommended to be used in 9 | ; development environments. 10 | 11 | ; php.ini-production contains settings which hold security, performance and 12 | ; best practices at its core. But please be aware, these settings may break 13 | ; compatibility with older or less security conscience applications. We 14 | ; recommending using the production ini in production and testing environments. 15 | 16 | ; php.ini-development is very similar to its production variant, except it is 17 | ; much more verbose when it comes to errors. We recommend using the 18 | ; development version only in development environments, as errors shown to 19 | ; application users can inadvertently leak otherwise secure information. 20 | 21 | ; This is the php.ini-production INI file. 22 | 23 | ;;;;;;;;;;;;;;;;;;;; 24 | ; php.ini Options ; 25 | ;;;;;;;;;;;;;;;;;;;; 26 | ;user_ini.filename = ".user.ini" 27 | ;user_ini.filename = 28 | ;user_ini.cache_ttl = 300 29 | 30 | ;;;;;;;;;;;;;;;;;;;; 31 | ; Language Options ; 32 | ;;;;;;;;;;;;;;;;;;;; 33 | engine = On 34 | short_open_tag = Off 35 | precision = 14 36 | output_buffering = 4096 37 | zlib.output_compression = Off 38 | disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals, 39 | disable_classes = 40 | implicit_flush = Off 41 | unserialize_callback_func = 42 | serialize_precision = -1 43 | zend.enable_gc = On 44 | ;zlib.output_compression_level = -1 45 | ;zlib.output_handler = 46 | ;open_basedir = 47 | ;highlight.string = #DD0000 48 | ;highlight.comment = #FF9900 49 | ;highlight.keyword = #007700 50 | ;highlight.default = #0000BB 51 | ;highlight.html = #000000 52 | ;ignore_user_abort = On 53 | ;realpath_cache_size = 4096k 54 | ;realpath_cache_ttl = 120 55 | ;;;;;;;;;;;;;;;;; 56 | ; Miscellaneous ; 57 | ;;;;;;;;;;;;;;;;; 58 | expose_php = Off 59 | 60 | ;;;;;;;;;;;;;;;;;;; 61 | ; Resource Limits ; 62 | ;;;;;;;;;;;;;;;;;;; 63 | max_execution_time = 600 64 | max_input_time = -1 65 | max_input_vars = 5000 66 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 67 | ; Error handling and logging ; 68 | ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; 69 | error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT 70 | display_errors = Off 71 | display_startup_errors = Off 72 | log_errors = On 73 | log_errors_max_len = 1024 74 | ignore_repeated_errors = Off 75 | ignore_repeated_source = Off 76 | report_memleaks = On 77 | ;report_zend_debug = 0 78 | ;xmlrpc_errors = 0 79 | xmlrpc_error_number = 0 80 | html_errors = On 81 | 82 | ;;;;;;;;;;;;;;;;; 83 | ; Data Handling ; 84 | ;;;;;;;;;;;;;;;;; 85 | variables_order = "GPCS" 86 | request_order = "GP" 87 | register_argc_argv = Off 88 | auto_globals_jit = On 89 | post_max_size = 300M 90 | auto_prepend_file = 91 | auto_append_file = 92 | default_mimetype = "text/html" 93 | default_charset = "UTF-8" 94 | doc_root = 95 | user_dir = 96 | enable_dl = Off 97 | ;arg_separator.output = "&" 98 | ;arg_separator.input = ";&" 99 | 100 | ;;;;;;;;;;;;;;;; 101 | ; File Uploads ; 102 | ;;;;;;;;;;;;;;;; 103 | file_uploads = On 104 | upload_max_filesize = 500M 105 | max_file_uploads = 300 106 | 107 | ;;;;;;;;;;;;;;;;;; 108 | ; Fopen wrappers ; 109 | ;;;;;;;;;;;;;;;;;; 110 | allow_url_fopen = On 111 | allow_url_include = On 112 | default_socket_timeout = 60 113 | ;auto_detect_line_endings = Off 114 | 115 | ;;;;;;;;;;;;;;;;;;; 116 | ; Module Settings ; 117 | ;;;;;;;;;;;;;;;;;;; 118 | 119 | [CLI Server] 120 | ; Whether the CLI web server uses ANSI color coding in its terminal output. 121 | cli_server.color = On 122 | 123 | [Date] 124 | ;date.timezone = 125 | ;date.default_latitude = 31.7667 126 | ;date.default_longitude = 35.2333 127 | ;date.sunrise_zenith = 90.583333 128 | ;date.sunset_zenith = 90.583333 129 | [filter] 130 | ;filter.default = unsafe_raw 131 | ;filter.default_flags = 132 | 133 | [iconv] 134 | ;iconv.input_encoding 135 | ;iconv.internal_encoding = 136 | ;iconv.output_encoding = 137 | 138 | [imap] 139 | ;imap.enable_insecure_rsh=0 140 | 141 | [intl] 142 | ;intl.default_locale = 143 | ;intl.error_level = E_WARNING 144 | ;intl.use_exceptions = 0 145 | 146 | [sqlite3] 147 | ;sqlite3.extension_dir = 148 | ;sqlite3.defensive = 1 149 | 150 | [Pcre] 151 | ;pcre.backtrack_limit=100000 152 | ;pcre.recursion_limit=100000 153 | ;pcre.jit=1 154 | 155 | [Pdo] 156 | ;pdo_odbc.connection_pooling=strict 157 | ;pdo_odbc.db2_instance_name 158 | 159 | [Pdo_mysql] 160 | pdo_mysql.default_socket= 161 | 162 | [Phar] 163 | ;phar.readonly = On 164 | ;phar.require_hash = On 165 | ;phar.cache_list = 166 | 167 | [mail function] 168 | 169 | SMTP = localhost 170 | smtp_port = 25 171 | mail.add_x_header = Off 172 | ;sendmail_from = me@example.com 173 | ;sendmail_path = 174 | ;mail.force_extra_parameters = 175 | ;mail.log = 176 | ;mail.log = syslog 177 | 178 | [ODBC] 179 | odbc.allow_persistent = On 180 | odbc.check_persistent = On 181 | odbc.max_persistent = -1 182 | odbc.max_links = -1 183 | odbc.defaultlrl = 4096 184 | odbc.defaultbinmode = 1 185 | ;odbc.default_db = Not yet implemented 186 | ;odbc.default_user = Not yet implemented 187 | ;odbc.default_pw = Not yet implemented 188 | ;odbc.default_cursortype 189 | 190 | [Interbase] 191 | ibase.allow_persistent = 1 192 | ibase.max_persistent = -1 193 | ibase.max_links = -1 194 | ibase.timestampformat = "%Y-%m-%d %H:%M:%S" 195 | ibase.dateformat = "%Y-%m-%d" 196 | ibase.timeformat = "%H:%M:%S" 197 | ;ibase.default_db = 198 | ;ibase.default_user = 199 | ;ibase.default_password = 200 | ;ibase.default_charset = 201 | 202 | 203 | [MySQLi] 204 | mysqli.max_persistent = -1 205 | mysqli.allow_persistent = On 206 | mysqli.max_links = -1 207 | mysqli.default_port = 3306 208 | mysqli.default_socket = 209 | mysqli.default_host = 210 | mysqli.default_user = 211 | mysqli.default_pw = 212 | mysqli.reconnect = Off 213 | ;mysqli.allow_local_infile = On 214 | 215 | 216 | [mysqlnd] 217 | mysqlnd.collect_statistics = On 218 | mysqlnd.collect_memory_statistics = Off 219 | sha256_server_public_key = 220 | ;mysqlnd.debug = 221 | ;mysqlnd.log_mask = 0 222 | ;mysqlnd.mempool_default_size = 16000 223 | ;mysqlnd.net_cmd_buffer_size = 2048 224 | ;mysqlnd.net_read_buffer_size = 32768 225 | ;mysqlnd.net_read_timeout = 31536000 226 | 227 | [OCI8] 228 | ;oci8.privileged_connect = Off 229 | ;oci8.max_persistent = -1 230 | ;oci8.persistent_timeout = -1 231 | ;oci8.ping_interval = 60 232 | ;oci8.connection_class = 233 | ;oci8.events = Off 234 | ;oci8.statement_cache_size = 20 235 | ;oci8.default_prefetch = 100 236 | ;oci8.old_oci_close_semantics = Off 237 | 238 | [PostgreSQL] 239 | pgsql.allow_persistent = On 240 | pgsql.auto_reset_persistent = Off 241 | pgsql.max_persistent = -1 242 | pgsql.max_links = -1 243 | pgsql.ignore_notice = 0 244 | pgsql.log_notice = 0 245 | 246 | [bcmath] 247 | bcmath.scale = 0 248 | 249 | [browscap] 250 | ;browscap = extra/browscap.ini 251 | 252 | [Session] 253 | session.save_handler = files 254 | session.sid_bits_per_character = 5 255 | session.use_strict_mode = 0 256 | session.use_cookies = 1 257 | session.use_only_cookies = 1 258 | session.name = PHPSESSID 259 | session.auto_start = 0 260 | session.cookie_lifetime = 0 261 | session.cookie_path = / 262 | session.cookie_domain = 263 | session.cookie_httponly = 264 | session.cookie_samesite = 265 | session.serialize_handler = php 266 | session.gc_probability = 0 267 | session.gc_divisor = 1000 268 | session.gc_maxlifetime = 1440 269 | session.referer_check = 270 | session.cache_limiter = nocache 271 | session.cache_expire = 180 272 | session.use_trans_sid = 0 273 | session.sid_length = 26 274 | session.trans_sid_tags = "a=href,area=href,frame=src,form=" 275 | ;session.save_path = "/var/lib/php/sessions" 276 | ;session.cookie_secure = 277 | ;session.trans_sid_hosts="" 278 | ;session.upload_progress.enabled = On 279 | ;session.upload_progress.cleanup = On 280 | ;session.upload_progress.prefix = "upload_progress_" 281 | ;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" 282 | ;session.upload_progress.freq = "1%" 283 | ;session.upload_progress.min_freq = "1" 284 | ;session.lazy_write = On 285 | 286 | [Assertion] 287 | zend.assertions = -1 288 | ;assert.active = On 289 | ;assert.exception = On 290 | ;assert.warning = On 291 | ;assert.bail = Off 292 | ;assert.callback = 0 293 | ;assert.quiet_eval = 0 294 | 295 | [COM] 296 | ;com.typelib_file = 297 | ;com.allow_dcom = true 298 | ;com.autoregister_typelib = true 299 | ;com.autoregister_casesensitive = false 300 | ;com.autoregister_verbose = true 301 | ;com.code_page= 302 | 303 | [mbstring] 304 | ;mbstring.language = Japanese 305 | ;mbstring.internal_encoding = 306 | ;mbstring.http_input = 307 | ;mbstring.http_output = 308 | ;mbstring.encoding_translation = Off 309 | ;mbstring.detect_order = auto 310 | ;mbstring.substitute_character = none 311 | ;mbstring.func_overload = 0 312 | ;mbstring.strict_detection = On 313 | ;mbstring.http_output_conv_mimetype= 314 | ;mbstring.regex_stack_limit=100000 315 | 316 | [gd] 317 | ;gd.jpeg_ignore_warning = 1 318 | 319 | [exif] 320 | ;exif.encode_unicode = ISO-8859-15 321 | ;exif.decode_unicode_motorola = UCS-2BE 322 | ;exif.decode_unicode_intel = UCS-2LE 323 | ;exif.encode_jis = 324 | ;exif.decode_jis_motorola = JIS 325 | ;exif.decode_jis_intel = JIS 326 | 327 | [Tidy] 328 | tidy.clean_output = Off 329 | 330 | [soap] 331 | soap.wsdl_cache_enabled=1 332 | soap.wsdl_cache_dir="/tmp" 333 | soap.wsdl_cache_ttl=86400 334 | soap.wsdl_cache_limit = 5 335 | 336 | [sysvshm] 337 | ;sysvshm.init_mem = 10000 338 | 339 | [ldap] 340 | ldap.max_links = -1 341 | 342 | [dba] 343 | ;dba.default_handler= 344 | 345 | [opcache] 346 | ;opcache.enable=1 347 | ;opcache.enable_cli=0 348 | ;opcache.memory_consumption=128 349 | ;opcache.interned_strings_buffer=8 350 | ;opcache.max_accelerated_files=10000 351 | ;opcache.max_wasted_percentage=5 352 | ;opcache.use_cwd=1 353 | ;opcache.validate_timestamps=1 354 | ;opcache.revalidate_freq=2 355 | ;opcache.revalidate_path=0 356 | ;opcache.save_comments=1 357 | ;opcache.enable_file_override=0 358 | ;opcache.optimization_level=0x7FFFBFFF 359 | ;opcache.dups_fix=0 360 | ;opcache.blacklist_filename= 361 | ;opcache.max_file_size=0 362 | ;opcache.consistency_checks=0 363 | ;opcache.force_restart_timeout=180 364 | ;opcache.error_log= 365 | ;opcache.log_verbosity_level=1 366 | ;opcache.preferred_memory_model= 367 | ;opcache.protect_memory=0 368 | ;opcache.restrict_api= 369 | ;opcache.mmap_base= 370 | ;opcache.file_cache= 371 | ;opcache.file_cache_only=0 372 | ;opcache.file_cache_consistency_checks=1 373 | ;opcache.file_cache_fallback=1 374 | ;opcache.huge_code_pages=1 375 | ;opcache.validate_permission=0 376 | ;opcache.validate_root=0 377 | ;opcache.opt_debug_level=0 378 | 379 | [curl] 380 | ;curl.cainfo = 381 | 382 | [openssl] 383 | ;openssl.cafile= 384 | ;openssl.capath= 385 | ; End: 386 | -------------------------------------------------------------------------------- /templates/config/pool.d/extra-config.ini: -------------------------------------------------------------------------------- 1 | ; mongodb 2 | mongo.allow_empty_keys=1 3 | mongodb.allow_empty_keys=1 4 | 5 | 6 | ; apcu 7 | apc.enabled = 1 8 | apc.enable_cli = 1 9 | apc.stat = 0 10 | apc.max_file_size = 4M 11 | apc.localcache = 1 12 | apc.localcache.size = 512 13 | apc.shm_segments = 1 14 | apc.ttl = 3600 15 | apc.user_ttl = 7200 16 | apc.gc_ttl = 3600 17 | apc.cache_by_default = 1 18 | apc.write_lock = 1 19 | apc.num_files_hint = 0 20 | apc.user_entries_hint = 0 21 | apc.shm_size = 512M 22 | apc.mmap_file_mask =/tmp/apc.XXXXXX 23 | apc.include_once_override = 0 24 | apc.file_update_protection = 2 25 | apc.canonicalize = 1 26 | apc.report_autofilter = 0 27 | apc.stat_ctime = 0 28 | 29 | 30 | ;; Opache 31 | ;; https://medium.com/appstract/make-your-laravel-app-fly-with-php-opcache-9948db2a5f93 32 | ;opcache.enable=1 33 | ;opcache.memory_consumption=512 34 | ;opcache.interned_strings_buffer=64 35 | ;opcache.max_accelerated_files=32531 36 | ;opcache.validate_timestamps=0 37 | ;opcache.save_comments=1 38 | ;opcache.fast_shutdown=0 39 | 40 | ; soap 41 | soap.wsdl_cache_enabled=1 42 | soap.wsdl_cache_dir="/tmp" 43 | soap.wsdl_cache_ttl=86400 44 | 45 | ; 46 | expose_php=off 47 | memory_limit = -1 48 | 49 | ; 50 | upload_max_filesize = 20M 51 | post_max_size = 21M 52 | max_input_vars = 5000 53 | -------------------------------------------------------------------------------- /templates/config/pool.d/zz-docker.conf: -------------------------------------------------------------------------------- 1 | [global] 2 | daemonize = no 3 | 4 | [www] 5 | ; if we send this to /proc/self/fd/1, it never appears 6 | ; access.log = /proc/self/fd/2 7 | 8 | clear_env = no 9 | 10 | ; Ensure worker stdout and stderr are sent to the main error log. 11 | catch_workers_output = yes 12 | 13 | user = www-data 14 | group = www-data 15 | 16 | listen = [::]:9000 17 | listen.mode = 0666 18 | 19 | listen.backlog = -1 20 | 21 | pm = dynamic 22 | pm.max_children = "{{ max_children }}" 23 | pm.start_servers = "{{ start_servers }}" 24 | pm.min_spare_servers = "{{ min_spare_servers }}" 25 | pm.max_spare_servers = "{{ max_spare_servers }}" 26 | pm.max_requests = "{{ max_requests }}" 27 | pm.status_path = /php-status 28 | 29 | ping.path = /ping-www 30 | 31 | ping.response = pong-www 32 | 33 | rlimit_core = 0 34 | 35 | ; Default Value: clean env 36 | env[HOSTNAME] = $HOSTNAME 37 | ;env[PATH] = /usr/local/bin:/usr/bin:/bin 38 | env[TMP] = /tmp 39 | env[TMPDIR] = /tmp 40 | env[TEMP] = /tmp 41 | 42 | ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com 43 | ;php_flag[display_errors] = off 44 | ;php_admin_value[error_log] = /var/log/php-pool-www.error.log 45 | php_admin_flag[log_errors] = on 46 | php_admin_value[memory_limit] = "{{ memory_limit }}" 47 | -------------------------------------------------------------------------------- /templates/php: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | chmod -R 777 /var/log/ 4 | mkdir -p /var/run/php/ 5 | mkdir -p /run/php/ 6 | set -eux -o pipefail 7 | 8 | # pull the image before so we dont first remove the container and then pull 9 | docker pull clouddrove/php:"{{ php_version }}" 10 | 11 | docker rm -f -v php || : 12 | 13 | docker run -u root --net=host --rm --name=php \ 14 | -v /var/www:/var/www:rw \ 15 | -v /etc/ssh/ssh_config:/etc/ssh/ssh_config:rw \ 16 | -v {{ php_config_dir }}/php.ini:/usr/local/etc/php/php.ini \ 17 | -v {{ php_config_dir }}/pool/zz-docker.conf:/usr/local/etc/php-fpm.d/zz-docker.conf \ 18 | -v {{ php_config_dir }}/pool/extra-config.ini:/usr/local/etc/php-fpm.d/extra-config.ini \ 19 | clouddrove/php:"{{ php_version }}" 20 | -------------------------------------------------------------------------------- /templates/php.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=PHP Server 3 | 4 | [Service] 5 | TimeoutStartSec=0 6 | Restart=always 7 | ExecStart=/usr/local/bin/php 8 | 9 | [Install] 10 | WantedBy=multi-user.target 11 | --------------------------------------------------------------------------------