Merge pull request #5 from CaptainSifff/suse15.4-php8

php8 support on Suse 15.4

defaults/main.yml

@@ -5,6 +5,9 @@ configure_php_ini: true
 configure_php_fpm: true
 enable_php_fpm: true
 
+# The pool to configure
+php_fpm_pool: "www"
+
 # memcache
 apcu_enable: false
 apcu_shm_size: "32M"
@@ -15,7 +18,7 @@ php_uploads: "On"
 php_maxuploadsize: "256M"
 php_maxuploads: "20"
 
-php_socket: "/run/php-fpm/php-fpm.sock"
+php_socket_path: "/run/php-fpm/"
 
 php_allowed_clients: ""
 php_niceness: ""
@@ -28,7 +31,7 @@ php_process_idle_timeout: "10s"
 php_max_requests: ""
 
 php_chroot: ""
-php_limit_extensions: ".php .php3 .php4 .php5 .php7"
+php_limit_extensions: "{{ '.php .php3 .php4 .php5 .php7 .php8' if php_ver == 'php8' else  '.php .php3 .php4 .php5 .php7' }}"
 
 php_env_PATH: "/usr/local/bin:/usr/bin:/bin"
 

molecule/default/molecule.yml

@@ -49,4 +49,4 @@ verifier:
   lint:
     name: flake8
 lint: |
-  yamllint -d "{extends: relaxed, rules: {line-length: {max: 200}}}" .
+  yamllint -d "{extends: relaxed, rules: {line-length: {max: disabled}}}" .

tasks/main.yml

@@ -32,10 +32,10 @@
   tags: ['php-fpm']
   when: configure_php_fpm == true
 
-- name: Ensure www.conf is configured
+- name: Ensure {{php_fpm_pool}}.conf is configured
   template:
     src: www.conf.j2
-    dest: "{{php_www_conf}}"
+    dest: "{{php_pool_conf_path}}/{{php_fpm_pool}}.conf"
     owner: root
     group: root
     mode: 0644
@@ -43,6 +43,33 @@
   tags: ['php-fpm']
   when: configure_php_fpm == true
 
+- name: Ensure AppArmor knows about our new config file, the socket, and some log files it tries to create
+  ansible.builtin.blockinfile:
+    path: /etc/apparmor.d/local/php-fpm
+    marker: "# {mark} ANSIBLE MANAGED BLOCK {{php_fpm_pool}}"
+    state: present
+    block: |
+      /var/log/php-fpm/{{php_fpm_pool}}.access.log rw,
+      /var/log/php-fpm/{{php_fpm_pool}}.log.slow rw,
+      /var/log/{{php_fpm_pool}}.log rw,
+      @{run}/php{,-fpm}/{{php_fpm_pool}}.pid rw,
+      @{run}/{{php_fpm_pool}}.pid rw,
+      @{run}/php{,-fpm}/{{php_fpm_pool}}.sock rwlk,
+
+- name: create log directory for php-fpm
+  ansible.builtin.file:
+    path: "/var/log/php-fpm/"
+    state: directory
+    mode: '0755'
+    group: 'www'
+    owner: 'wwwrun'
+
+- name: Ensure AppArmor is reloaded
+  systemd:
+    name: apparmor
+    state: restarted
+    enabled: true
+
 - name: Ensure php-fpm is enabled
   systemd:
     name: php-fpm

templates/php-fpm.conf.j2

@@ -15,9 +15,10 @@
 ;;;;;;;;;;;;;;;;;;
 
 [global]
-pid = run/php-fpm/php-fpm.pid
+pid = run/php-fpm.pid
 error_log = log/php-fpm.log
 syslog.facility = daemon
+syslog.ident = php-fpm
 log_level = {{ php_log_level }}
 
 ;emergency_restart_threshold = 0
@@ -47,4 +48,4 @@ systemd_interval = 10
 ; Pool Definitions ;
 ;;;;;;;;;;;;;;;;;;;;
 
-include=/etc/php7/fpm/php-fpm.d/*.conf
+include=/etc/{{ php_ver }}/fpm/php-fpm.d/*.conf

templates/php.ini.j2

@@ -74,7 +74,7 @@ default_charset = "UTF-8"
 ; Paths and Directories ;
 ;;;;;;;;;;;;;;;;;;;;;;;;;
 
-include_path = ".:/usr/share/php7:/usr/share/php7/PEAR"
+include_path = ".:/usr/share/{{ php_ver }}:/usr/share/php/PEAR"
 enable_dl = Off
 
 ;;;;;;;;;;;;;;;;
@@ -101,17 +101,17 @@ default_socket_timeout = 60
 ;extension=bz2
 ;extension=curl
 ;extension=fileinfo
-;extension=gd2
+;extension=gd
 ;extension=gettext
 ;extension=gmp
 ;extension=intl
 ;extension=imap
-;extension=interbase
 ;extension=ldap
 ;extension=mbstring
 ;extension=exif      ; Must be after mbstring as it depends on it
 ;extension=mysqli
 ;extension=oci8_12c  ; Use with Oracle Database 12c Instant Client
+;extension=oci8_19   ; Use with Oracle Database 19 Instant Client
 ;extension=odbc
 ;extension=openssl
 ;extension=pdo_firebird
@@ -131,7 +131,7 @@ default_socket_timeout = 60
 ;extension=sockets
 ;extension=sqlite3
 ;extension=tidy
-;extension=xmlrpc
+;extension=sodium
 ;extension=xsl
 
 {% if apcu_enable == true %}
@@ -319,36 +319,6 @@ odbc.defaultbinmode = 1
 
 ;birdstep.max_links = -1
 
-[Interbase]
-; Allow or prevent persistent links.
-ibase.allow_persistent = 1
-
-; Maximum number of persistent links.  -1 means no limit.
-ibase.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-ibase.max_links = -1
-
-; Default database name for ibase_connect().
-;ibase.default_db =
-
-; Default username for ibase_connect().
-;ibase.default_user =
-
-; Default password for ibase_connect().
-;ibase.default_password =
-
-; Default charset for ibase_connect().
-;ibase.default_charset =
-
-; Default timestamp format.
-ibase.timestampformat = "%Y-%m-%d %H:%M:%S"
-
-; Default date format.
-ibase.dateformat = "%Y-%m-%d"
-
-; Default time format.
-ibase.timeformat = "%H:%M:%S"
 
 [MySQLi]
 

templates/www.conf.j2

@@ -2,7 +2,7 @@
 ; ## This file is managed by ansible. Local changes will be overwritten       ##
 ; ##############################################################################
 
-[www]
+[{{ php_fpm_pool }}]
 
 ; Unix user/group of processes
 
@@ -11,7 +11,7 @@ user = {{ php_user }}
 group = {{ php_group }}
 {% endif %}
 
-listen = {{ php_socket }}
+listen = {{ php_socket_path }}/$pool.sock
 listen.backlog = 511
 
 ; Set permissions for unix socket, if one is used

vars/openSUSE Leap_15.3.yml

@@ -3,6 +3,8 @@
 
 ## Software packages
 
+# php version
+php_ver: "php7"
 # Rich set of packages, intended to cover most use cases (e.g. Mediawiki, Nextcloud)
 packages: ['php7', 'php7-fpm', 'php7-gd', 'php7-gettext', 'php7-mbstring', 'php7-mysql', 'php7-pear', 'php7-json', 'php7-pear', 'php7-intl', 'php7-mbstring', 'php7-zip', 'php7-sqlite', 'php7-gd', 'php7-bz2', 'php7-ctype', 'php7-iconv', 'php7-fileinfo', 'php7-dom', 'php7-openssl', 'php7-xmlreader', 'php7-xmlwriter', 'php7-curl', 'php7-posix', 'php7-imagick', 'php7-opcache', 'php7-APCu', 'php7-exif']
 

vars/openSUSE Leap_15.4.yml

@@ -1,14 +1,16 @@
 ---
-# openSUSE Leap 15.2 specific variables
+# openSUSE Leap 15.4 specific veriables
 
 ## Software packages
+# php version
+php_ver: "php8"
 
 # Rich set of packages, intended to cover most use cases (e.g. Mediawiki, Nextcloud)
-packages: ['php7', 'php7-fpm', 'php7-gd', 'php7-gettext', 'php7-mbstring', 'php7-mysql', 'php7-pear', 'php7-json', 'php7-pear', 'php7-intl', 'php7-mbstring', 'php7-zip', 'php7-sqlite', 'php7-gd', 'php7-bz2', 'php7-ctype', 'php7-iconv', 'php7-fileinfo', 'php7-dom', 'php7-openssl', 'php7-xmlreader', 'php7-xmlwriter', 'php7-curl', 'php7-posix', 'php7-imagick', 'php7-opcache', 'php7-APCu', 'php7-exif']
+packages: ['{{ php_ver }}', '{{ php_ver }}-fpm', '{{ php_ver }}-gd', '{{ php_ver }}-gettext', '{{ php_ver }}-mbstring', '{{ php_ver }}-mysql', '{{ php_ver }}-intl', '{{ php_ver }}-mbstring', '{{ php_ver }}-zip', '{{ php_ver }}-sqlite', '{{ php_ver }}-bz2', '{{ php_ver }}-ctype', '{{ php_ver }}-iconv', '{{ php_ver }}-fileinfo', '{{ php_ver }}-dom', '{{ php_ver }}-openssl', '{{ php_ver }}-xmlreader', '{{ php_ver }}-xmlwriter', '{{ php_ver }}-curl', '{{ php_ver }}-posix', '{{ php_ver }}-imagick', '{{ php_ver }}-opcache', '{{ php_ver }}-exif']
 
 ## OS-Specific directories
 
-php_ini: "/etc/php7/cli/php.ini"
-php_fpm_conf: "/etc/php7/fpm/php-fpm.conf"
-php_www_conf: "/etc/php7/fpm/php-fpm.d/www.conf"
+php_ini: "/etc/{{ php_ver }}/cli/php.ini"
+php_fpm_conf: "/etc/{{ php_ver }}/fpm/php-fpm.conf"
+php_pool_conf_path: "/etc/{{ php_ver }}/fpm/php-fpm.d/"
 php_chdir: "/srv/www"