__php_fpm{,_pool}: initial implementation.

2022-03-22 16:24:00 +01:00 · 2022-03-22 16:24:00 +01:00 · 3bc9a9ff4a
commit 3bc9a9ff4a
parent f01f110463
14 changed files with 331 additions and 0 deletions
--- a/type/__php_fpm/files/php.ini.sh
+++ b/type/__php_fpm/files/php.ini.sh
@ -0,0 +1,45 @@
+#!/bin/sh
+
+cat <<EOF
+; This file is managed by cdist, and has been shortened for readability.
+; The fine manual is at http://php.net/configuration.file.
+
+[PHP]
+
+; Production recommended defaults
+display_errors = Off
+display_startup_errors = Off
+enable_dl = Off
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+log_errors = On
+output_buffering = 4096
+register_argc_argv = Off
+request_order = "GP"
+short_open_tag = Off
+variables_order = "GPCS"
+zend.assertions = -1
+
+; Local custom variations
+include_path = ".:/usr/share/php${PHPVER:?}"
+memory_limit = ${MEMORY_LIMIT:?}
+post_max_size = ${UPLOAD_MAX_FILESIZE:?}
+upload_max_filesize = ${UPLOAD_MAX_FILESIZE:?}
+
+EOF
+
+if [ -f "${__object:?}/parameter/enable-opcache" ]; then
+	cat <<-EOF
+		; opcache enabled by type flag
+		opcache.enable=1
+		opcache.enable_cli=1
+	EOF
+fi
+
+if [ -f "${__object:?}/parameter/enable-apcu" ]; then
+	cat <<-EOF
+		; acpu enabled by type flag
+		apc.enabled=1
+		apc.enable_cli=1
+		apc.shm_size=512M
+	EOF
+fi
--- a/type/__php_fpm/man.rst
+++ b/type/__php_fpm/man.rst
@ -0,0 +1,75 @@
+cdist-type__php_fpm(7)
+======================
+
+NAME
+----
+cdist-type__php_fpm - Setup and configure PHP-FPM
+
+
+DESCRIPTION
+-----------
+This type installs and configures PHP-FPM for a given version of PHP. It is
+expected to be used in combination with cdist-type__php_fpm_pool, which
+configures specific pools.
+
+Note that currently, this type is only implemented for Alpine Linux.
+
+
+REQUIRED PARAMETERS
+-------------------
+php-version
+        The PHP version for which the type is working. Will impact installed
+        packages, configuration files, &c
+
+
+OPTIONAL PARAMETERS
+-------------------
+memory-limit
+        The system-wide memory limit for PHP-FPM. Can be overriden per-pool.
+        Default is 512M.
+
+upload-max-filesize
+        The maximum filesize accepted by PHP-FPM for file uploads. Default is
+        2M.
+
+BOOLEAN PARAMETERS
+------------------
+enable-opcache
+        Enable PHP opcache.
+
+enable-apcu
+        Enable PHP APCu.
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+    # Dead simple setup
+    __php_fpm --php-version 8.1
+
+    # Custom setup
+    __php_fpm \
+        --php-version 8.1 \
+        --memory-limit 768M \
+        --upload-max-filesize 200M \
+        --enable-opcache \
+        --enable-apcu
+
+SEE ALSO
+--------
+cdist-type__php_fpm_pool(7)
+
+
+AUTHORS
+-------
+Joachim Desroches <joachim.desroches@epfl.ch>
+
+
+COPYING
+-------
+Copyright \(C) 2022 Joachim Desroches. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
--- a/type/__php_fpm/manifest
+++ b/type/__php_fpm/manifest
@ -0,0 +1,47 @@
+#!/bin/sh
+
+os=$(cat "${__global:?}/explorer/os")
+
+PHPVER=$(cat "${__object:?}/parameter/php-version")
+export PHPVER
+
+case "$os" in
+'alpine')
+	package="php${PHPVER}-fpm"
+	service="php-fpm${PHPVER}"
+	opcache_package="php${PHPVER}-opcache"
+	apcu_package="php${PHPVER}-pecl-apcu"
+	;;
+
+*)
+	printf "Your operating system is currently not supported by this type\n" >&2
+	printf "Please contribute an implementation for it if you can.\n" >&2
+	exit 1
+	;;
+esac
+
+__package "$package"
+require="__package/$package" __start_on_boot "$service"
+
+if [ -f "${__object:?}/parameter/enable-opcache" ]; then
+	__package "$opcache_package"
+fi
+
+if [ -f "${__object:?}/parameter/enable-apcu" ]; then
+	__package "$apcu_package"
+fi
+
+MEMORY_LIMIT=$(cat "${__object:?}/parameter/memory-limit")
+export MEMORY_LIMIT
+
+UPLOAD_MAX_FILESIZE=$(cat "${__object:?}/parameter/upload-max-filesize")
+export UPLOAD_MAX_FILESIZE
+
+mkdir -p "${__object:?}/files"
+"${__type:?}/files/php.ini.sh" >"${__object:?}/files/php.ini"
+
+require="__package/$package" __file "/etc/php${PHPVER}/php.ini" \
+	--mode 644 --source "${__object:?}/files/php.ini" \
+	--onchange "service $service restart"
+
+require="__file/etc/php${PHPVER}/php.ini" __service "$service" --action start
--- a/type/__php_fpm/parameter/boolean
+++ b/type/__php_fpm/parameter/boolean
@ -0,0 +1,2 @@
+enable-opcache
+enable-apcu
--- a/type/__php_fpm/parameter/default/memory-limit
+++ b/type/__php_fpm/parameter/default/memory-limit
@ -0,0 +1 @@
+512M
--- a/type/__php_fpm/parameter/default/upload-max-filesize
+++ b/type/__php_fpm/parameter/default/upload-max-filesize
@ -0,0 +1 @@
+2M
--- a/type/__php_fpm/parameter/optional
+++ b/type/__php_fpm/parameter/optional
@ -0,0 +1,2 @@
+upload-max-filesize
+memory-limit
--- a/type/__php_fpm/parameter/required
+++ b/type/__php_fpm/parameter/required
@ -0,0 +1 @@
+php-version
--- a/type/__php_fpm/singleton
+++ b/type/__php_fpm/singleton
--- a/type/__php_fpm_pool/files/www.conf.sh
+++ b/type/__php_fpm_pool/files/www.conf.sh
@ -0,0 +1,34 @@
+#!/bin/sh
+
+cat <<EOF
+; PHP-FPM configuration file for $POOL_NAME, PHP version $PHPVER.
+; This file is managed by cdist, do not edit by hand!
+[$POOL_NAME]
+
+; Local non-default configuration
+user = $POOL_USER
+group = $POOL_GROUP
+listen = $POOL_LISTEN_ADDR
+listen.owner = $POOL_LISTEN_OWNER
+
+; Mandatory configuration options with default production values
+pm = dynamic
+pm.max_children = 10
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+env[HOSTNAME] = \$HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /tmp
+env[TMPDIR] = /tmp
+env[TEMP] = /tmp
+
+EOF
+
+if [ -f "${__object:?}/parameter/memory-limit" ]; then
+	echo "php_admin_value[memory_limit] = $(cat "$__object/parameter/memory-limit")"
+fi
+
+if [ -f "${__object:?}/parameter/open-basedir" ]; then
+	echo "php_admin_value[open_basedir] = $(cat "${__object:?}/parameter/open-basedir")"
+fi
--- a/type/__php_fpm_pool/man.rst
+++ b/type/__php_fpm_pool/man.rst
@ -0,0 +1,79 @@
+cdist-type__php_fpm_pool(7)
+===========================
+
+NAME
+----
+cdist-type__php_fpm_pool - Setup and configure a PHP-FPM pool
+
+
+DESCRIPTION
+-----------
+
+This type configures a pool named after the `__object_id` for a specified PHP
+version. Note that this types expects a same-version cdist-type__php_fpm type
+to have been run first: the user is responsible for doing so.
+
+Note that currently, this type is only implemented for Alpine Linux.
+
+
+REQUIRED PARAMETERS
+-------------------
+php-version
+        The PHP version for which the type is working. Will impact installed
+        packages, configuration files, &c
+
+pool-user
+        The local user under which the pool processes should run.
+
+pool-group
+        The local group under which the pool processes should run.
+
+pool-listen-addr
+        The socket or address to which the pool should bind for listening.
+
+pool-listen-owner
+        The owner of the socket if a socket is used.
+
+OPTIONAL PARAMETERS
+-------------------
+memory-limit
+        The pool memory limit for PHP-FPM. Will default to the setting in the
+        system-wide php.ini file.
+
+openbasedir
+        Limit the files that can be accessed by PHP to the specified
+        directory-tree, including the file itself.
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+    # Setup PHP-FPM
+    __php_fpm --php-version 8
+
+    # Setup the pool
+    __php_fpm_pool www \
+        --php-version 8 \
+        --pool-user nextcloud \
+        --pool-group www-data \
+        --pool-listen-addr "/run/php8/php-fpm.sock" \
+        --pool-listen-owner nginx \
+        --memory-limit 1G
+
+SEE ALSO
+--------
+cdist-type__php_fpm(7)
+
+
+AUTHORS
+-------
+Joachim Desroches <joachim.desroches@epfl.ch>
+
+
+COPYING
+-------
+Copyright \(C) 2022 Joachim Desroches. You can redistribute it
+and/or modify it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3 of the
+License, or (at your option) any later version.
--- a/type/__php_fpm_pool/manifest
+++ b/type/__php_fpm_pool/manifest
@ -0,0 +1,37 @@
+#!/bin/sh
+
+# XXX: this type does not configure or install php-fpm: it expects the
+# __recycledcloud_php_fpm type to be used first before pools are configured.
+
+os=$(cat "${__global:?}/explorer/os")
+name=${__object_id:?}
+
+PHPVER=$(cat "${__object:?}/parameter/php-version")
+export PHPVER
+
+case "$os" in
+'alpine')
+	service="php-fpm${PHPVER}"
+	:
+	;;
+
+*)
+	printf "Your operating system is currently not supported by this type\n" >&2
+	printf "Please contribute an implementation for it if you can.\n" >&2
+	exit 1
+	;;
+esac
+
+POOL_NAME="$name"
+POOL_USER=$(cat "${__object:?}/parameter/pool-user")
+POOL_GROUP=$(cat "${__object:?}/parameter/pool-group")
+POOL_LISTEN_ADDR=$(cat "${__object:?}/parameter/pool-listen-addr")
+POOL_LISTEN_OWNER=$(cat "${__object:?}/parameter/pool-listen-owner")
+export POOL_USER POOL_GROUP POOL_LISTEN_ADDR POOL_LISTEN_OWNER POOL_NAME
+
+mkdir -p "${__object:?}/files"
+"${__type:?}/files/www.conf.sh" >"${__object:?}/files/www.conf"
+
+__file "/etc/php${PHPVER:?}/php-fpm.d/${name}.conf" \
+	--mode 644 --source "${__object:?}/files/www.conf" \
+	--onchange "service $service reload"
--- a/type/__php_fpm_pool/parameter/optional
+++ b/type/__php_fpm_pool/parameter/optional
@ -0,0 +1,2 @@
+memory-limit
+open-basedir
--- a/type/__php_fpm_pool/parameter/required
+++ b/type/__php_fpm_pool/parameter/required
@ -0,0 +1,5 @@
+php-version
+pool-user
+pool-group
+pool-listen-addr
+pool-listen-owner