Added role nginx/php-pool

5 years ago · 3f19422c0c
parent 692b9bf74b
commit 3f19422c0c
4 changed files with 85 additions and 0 deletions
--- a/roles/nginx/php-pool/defaults/main.yml
+++ b/roles/nginx/php-pool/defaults/main.yml
@ -0,0 +1,8 @@
+---
+
+# system_user: "www-data"
+# src: "/of/php/files"
+pool_name: "{{ system_user + '-' + domain | regex_findall('[a-zA-Z0-9]+') | join('_') }}"
+socket_directory: "{{ phpfpm_sockets_directory }}/{{ pool_name }}"
+socket: "{{ socket_directory }}/socket"
+includes: []
--- a/roles/nginx/php-pool/meta/main.yml
+++ b/roles/nginx/php-pool/meta/main.yml
@ -0,0 +1,9 @@
+---
+
+allow_duplicates: yes
+
+dependencies:
+  - role: nginx/upstream
+    backend_socket: "{{ socket }}"
+    upstream_name: "{{ pool_name }}"
+  - role: nginx/php-fpm
--- a/roles/nginx/php-pool/tasks/main.yml
+++ b/roles/nginx/php-pool/tasks/main.yml
@ -0,0 +1,38 @@
+---
+
+# TODO Remove
+#- name: Configure system user {{ system_user }}
+#  user:
+#    state: present
+#    name: "{{ system_user }}"
+#    groups:
+#      - www-data
+#    system: yes
+#    shell: /bin/false
+#    create_home: no
+#    move_home: no
+
+- name: Configure socket permission
+  file:
+    path: "{{ socket_directory }}"
+    state: directory
+    owner: "{{ system_user }}"
+    group: "{{ nginx_system_user }}"
+    mode: "u=rwx,g=rx"
+
+- name: Check if src is a directory
+  file:
+    path: "{{ src }}"
+    state: directory
+    owner: "{{ system_user }}"
+    group: "{{ system_user }}"
+    mode: "u=rwx,g=rx"
+
+- name: Configure pool in php-fpm
+  template:
+    src: pool.conf
+    dest: "{{ phpfpm_pools_directory }}/{{ pool_name }}.conf"
+    owner: root
+    group: root
+    mode: "u=rw,g=r,o=r"
+  notify: "reload {{ phpfpm_package }}"
--- a/roles/nginx/php-pool/templates/pool.conf
+++ b/roles/nginx/php-pool/templates/pool.conf
@ -0,0 +1,30 @@
+[{{ pool_name }}]
+
+user = {{ system_user }}
+group = {{ nginx_system_user }}
+
+listen = {{ socket }}
+listen.owner = {{ system_user }}
+listen.group = {{ nginx_system_user }}
+listen.mode = 0660
+
+pm = dynamic
+pm.max_children = 8
+pm.start_servers = 4
+pm.min_spare_servers = 2
+pm.max_spare_servers = 6
+pm.max_requests = 1000
+
+clear_env = no
+
+chdir = {{ src }}
+
+security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /tmp
+env[TMPDIR] = /tmp
+env[TEMP] = /tmp
+
+php_admin_value[include_path] = ".:{{ includes | join(':') }}:/usr/share/php"