commit 4196dc95870d67220681666e78b2281f88c7b6f5 Author: Ivan Grynenko Date: Wed Jul 6 09:19:35 2016 +1000 Squashed 'roles/ansible-role-apache-php-fpm/' content from commit 4b4158f git-subtree-dir: roles/ansible-role-apache-php-fpm git-subtree-split: 4b4158fe494695ff1e2f84255dbc551fafd6a58e diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..a74f406 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,53 @@ +--- +sudo: required + +env: + - distribution: centos + version: 7 + init: /usr/lib/systemd/systemd + run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" + - distribution: ubuntu + version: 14.04 + init: /sbin/init + run_opts: "" + - distribution: ubuntu + version: 12.04 + init: /sbin/init + run_opts: "" + +services: + - docker + +before_install: + # Pull container + - 'sudo docker pull ${distribution}:${version}' + # Customize container + - 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' + +script: + - container_id=$(mktemp) + # Run container in detached state. + - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' + + # Install required Galaxy roles. + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-galaxy install geerlingguy.repo-remi geerlingguy.apache geerlingguy.php' + + # Ansible syntax check. + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check' + + # Test role. + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml' + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml' + + # Test role idempotence. + - > + sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml + | grep -q 'changed=0.*failed=0' + && (echo 'Idempotence test: pass' && exit 0) + || (echo 'Idempotence test: fail' && exit 1) + + # Clean up + - 'sudo docker stop "$(cat ${container_id})"' + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/README.md b/README.md new file mode 100644 index 0000000..5591e6a --- /dev/null +++ b/README.md @@ -0,0 +1,57 @@ +# Ansible Role: Apache PHP-FPM + +[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-apache-php-fpm.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-apache-php-fpm) + +An Ansible Role that configures Apache for PHP-FPM usage on RHEL/CentOS and Debian/Ubuntu. + +## Requirements + +This role is dependent upon `geerlingguy.apache`, and also requires you have PHP running with PHP-FPM somewhere on the server or elsewhere (I usually configure PHP with the `geerlingguy.php` role). + +Additionally, this role will only work correctly if you have Apache 2.4.9+ installed; on older versions of Debian/Ubuntu Linux (e.g. 12.04), you can add `ppa:ondrej/apache2` prior to Apache installation to install Apache 2.4, for example: + + - name: Add repository for Apache 2.4 on Ubuntu 12.04. + apt_repository: repo='ppa:ondrej/apache2' + when: ansible_distribution_version == "12.04" + +When configuring your Apache virtual hosts, you can add the following line to any vhost definition to enable passthrough to PHP-FPM: + + # If using a TCP port: + ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/example" + + # If using a Unix socket: + ProxyPassMatch ^/(.*\.php(/.*)?)$ "unix:/var/run/php5-fpm.sock|fcgi://localhost/var/www/example" + +For a full usage example with the `geerlingguy.apache` role, see the Example Playbook later in this README. + +## Role Variables + +None. + +## Dependencies + +None. + +## Example Playbook + + - hosts: webservers + + vars: + apache_vhosts: + - servername: "www.example.com" + documentroot: "/var/www/example" + extra_parameters: | + ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/example" + + roles: + - { role: geerlingguy.apache } + - { role: geerlingguy.php } + - { role: geerlingguy.apache-fastcgi-php } + +## License + +MIT / BSD + +## Author Information + +This role was created in 2016 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://www.ansiblefordevops.com/). diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..153a07b --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,26 @@ +--- +dependencies: + - geerlingguy.apache + +galaxy_info: + author: geerlingguy + description: Apache 2.4+ PHP-FPM support for Linux. + company: "Midwestern Mac, LLC" + license: "license (BSD, MIT)" + min_ansible_version: 1.4 + platforms: + - name: EL + versions: + - 6 + - 7 + - name: Debian + versions: + - wheezy + - jessie + - name: Ubuntu + versions: + - precise + - trusty + - xenial + galaxy_tags: + - web diff --git a/tasks/configure-Debian.yml b/tasks/configure-Debian.yml new file mode 100644 index 0000000..f4eb185 --- /dev/null +++ b/tasks/configure-Debian.yml @@ -0,0 +1,10 @@ +--- +- name: Enable mod_proxy_fcgi. + file: + src: "{{ apache_server_root }}/mods-available/{{ item }}" + dest: "{{ apache_server_root }}/mods-enabled/{{ item }}" + state: link + with_items: + - proxy.load + - proxy_fcgi.load + notify: restart apache diff --git a/tasks/configure-RedHat.yml b/tasks/configure-RedHat.yml new file mode 100644 index 0000000..b42a7be --- /dev/null +++ b/tasks/configure-RedHat.yml @@ -0,0 +1,7 @@ +--- +# RHEL/CentOS 7 automatically installs and enables mod_proxy_fcgi by default. + +# RHEL/CentOS 6 installs Apache 2.2... and is much harder to get configured with +# FastCGI, but here are two guides: +# - Apache 2.2 + mod_fastcgi: http://stackoverflow.com/a/21409702/100134 +# - Apache 2.4 + mod_proxy_fcgi: http://unix.stackexchange.com/a/138903/16194 diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..545b65d --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,7 @@ +--- +# Configuration tasks. +- include: configure-Debian.yml + when: ansible_os_family == 'Debian' + +- include: configure-RedHat.yml + when: ansible_os_family == 'RedHat' diff --git a/tests/Dockerfile.centos-7 b/tests/Dockerfile.centos-7 new file mode 100644 index 0000000..8aa0654 --- /dev/null +++ b/tests/Dockerfile.centos-7 @@ -0,0 +1,27 @@ +FROM centos:7 + +# Install systemd -- See https://hub.docker.com/_/centos/ +RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs +RUN yum -y update; yum clean all; \ +(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ +rm -f /lib/systemd/system/multi-user.target.wants/*; \ +rm -f /etc/systemd/system/*.wants/*; \ +rm -f /lib/systemd/system/local-fs.target.wants/*; \ +rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ +rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ +rm -f /lib/systemd/system/basic.target.wants/*; \ +rm -f /lib/systemd/system/anaconda.target.wants/*; + +# Install Ansible +RUN yum -y install epel-release +RUN yum -y install git ansible sudo +RUN yum clean all + +# Disable requiretty +RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers + +# Install Ansible inventory file +RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts + +VOLUME ["/sys/fs/cgroup"] +CMD ["/usr/sbin/init"] diff --git a/tests/Dockerfile.ubuntu-12.04 b/tests/Dockerfile.ubuntu-12.04 new file mode 100644 index 0000000..d0c130c --- /dev/null +++ b/tests/Dockerfile.ubuntu-12.04 @@ -0,0 +1,11 @@ +FROM ubuntu:12.04 +RUN apt-get update + +# Install Ansible +RUN apt-get install -y software-properties-common python-software-properties git +RUN apt-add-repository -y ppa:ansible/ansible +RUN apt-get update +RUN apt-get install -y ansible + +# Install Ansible inventory file +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/Dockerfile.ubuntu-14.04 b/tests/Dockerfile.ubuntu-14.04 new file mode 100644 index 0000000..ca33287 --- /dev/null +++ b/tests/Dockerfile.ubuntu-14.04 @@ -0,0 +1,11 @@ +FROM ubuntu:14.04 +RUN apt-get update + +# Install Ansible +RUN apt-get install -y software-properties-common git +RUN apt-add-repository -y ppa:ansible/ansible +RUN apt-get update +RUN apt-get install -y ansible + +# Install Ansible inventory file +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..88f3d7c --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,27 @@ +--- +- hosts: all + + vars: + php_enablerepo: "remi,remi-php56" + apache_listen_port_ssl: 443 + apache_create_vhosts: true + apache_vhosts_filename: "vhosts.conf" + apache_vhosts: + - servername: "example.com" + documentroot: "/var/www/vhosts/example_com" + + pre_tasks: + - name: Add repository for PHP 5.5 + Apache 2.4 on Ubuntu 12.04. + apt_repository: repo='ppa:ondrej/php5' + when: ansible_distribution_version == "12.04" + + - name: Update apt cache on Ubuntu 12.04. + apt: update_cache=yes + when: ansible_distribution_version == "12.04" + + roles: + - role: geerlingguy.repo-remi + when: ansible_os_family == 'RedHat' + - role: geerlingguy.apache + - role: geerlingguy.php + - role: role_under_test