From a30c96eb88e9a026d7a3b51654cbc7b870737cd1 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Fri, 27 Jan 2017 01:59:20 +0100 Subject: [PATCH] library/roles: apache, composer, php-fpm. Various fixes. --- apache/defaults/main.yml | 2 +- composer/defaults/main.yml | 1 - composer/templates/composer-installer.j2 | 18 +++++++++++++----- php-fpm/defaults/main.yml | 2 ++ php-fpm/tasks/main.yml | 2 +- 5 files changed, 17 insertions(+), 8 deletions(-) diff --git a/apache/defaults/main.yml b/apache/defaults/main.yml index 16737023..e036830c 100644 --- a/apache/defaults/main.yml +++ b/apache/defaults/main.yml @@ -16,10 +16,10 @@ apache_packages: # Only one can be present at the same time. It needs to be listed as the last one apache_worker_modules: + - { name: 'mpm_{{ apache_mpm_mode }}', state: 'present' } # - { name: 'mpm_itm', state: 'absent' } - { name: 'mpm_event', state: 'absent' } - { name: 'mpm_prefork', state: 'absent' } - - { name: 'mpm_{{ apache_mpm_mode }}', state: 'present' } apache_default_modules: - headers diff --git a/composer/defaults/main.yml b/composer/defaults/main.yml index 0a4572dd..0d765041 100644 --- a/composer/defaults/main.yml +++ b/composer/defaults/main.yml @@ -6,6 +6,5 @@ composer_get_url: https://getcomposer.org/installer composer_dest_dir: /usr/local/bin composer_exec_name: composer composer_signature_type: SHA384 -composer_signature: 'e115a8dc7871f15d853148a7fbac7da27d6c0030b848d9b3dc09e2a0388afed865e6a3d6b3c0fad45c48e2b5fc1196ae' composer_setup: composer-setup.php diff --git a/composer/templates/composer-installer.j2 b/composer/templates/composer-installer.j2 index 54406df2..e770f452 100644 --- a/composer/templates/composer-installer.j2 +++ b/composer/templates/composer-installer.j2 @@ -1,10 +1,18 @@ #!/bin/bash +EXPECTED_SIGNATURE=$(wget -q -O - https://composer.github.io/installer.sig) php -r "copy('{{ composer_get_url }}', '{{ composer_setup }}');" -php -r "if (hash_file('{{ composer_signature_type }}', '{{ composer_setup }}') === '{{ composer_signature }}') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('{{ composer_setup }}'); } echo PHP_EOL;" -php {{ composer_setup }} --install-dir={{ composer_dest_dir }} --filename={{ composer_exec_name }} +ACTUAL_SIGNATURE=$(php -r "echo hash_file('{{ composer_signature_type }}', 'composer-setup.php');") + +if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ] +then + >&2 echo 'ERROR: Invalid installer signature' + rm composer-setup.php + exit 1 +fi + +php {{ composer_setup }} --install-dir={{ composer_dest_dir }} --filename={{ composer_exec_name }} --quiet +RESULT=$? php -r "unlink('{{ composer_setup }}');" - chmod 755 {{ composer_dest_dir }}/{{ composer_exec_name }} - -exit 0 +exit $RESULT diff --git a/php-fpm/defaults/main.yml b/php-fpm/defaults/main.yml index e0b0d304..f5c40dde 100644 --- a/php-fpm/defaults/main.yml +++ b/php-fpm/defaults/main.yml @@ -19,6 +19,8 @@ php_fpm_packages: #php_global_settings: # - { option='', value='', state='' } +#php_cli_global_settings: +# - { option='', value='', state='' } # Main confign file settings # It can be 'syslog' diff --git a/php-fpm/tasks/main.yml b/php-fpm/tasks/main.yml index 2a1acf87..5cd6f17b 100644 --- a/php-fpm/tasks/main.yml +++ b/php-fpm/tasks/main.yml @@ -29,7 +29,7 @@ - name: Modify the global php cli settings ini_file: dest={{ phpfpm_cli_dir }}/php.ini section={{ item.section | default('PHP') }} option={{ item.option }} value={{ item.value }} backup=yes state={{ item.state | default('present') }} - with_items: '{{ php_global_settings | default([]) }}' + with_items: '{{ php_cli_global_settings | default([]) }}' tags: [ 'php', 'php_ini' ] - name: Activate the memcache sessions support and redundancy if needed