# 2022-12-29: This file (php-settings.yml) is ALSO invoked on demand, by: # # roles/matomo/tasks/install.yml # roles/moodle/tasks/install.yml # roles/nextcloud/tasks/install.yml # roles/pbx/tasks/freepbx.yml # roles/wordpress/tasks/install.yml # 2022-12-30: FYI ansible_date_time.tz provides TZ ABBREVIATIONS (equivalent # to 'date +%Z' output) which leads to serious ambiguity -- and not just (A) # seasonal EST/EDT ambiguities, or (B) floods of geographic synonyms for the # very same time zone! More Seriously: (C) both commands above output "IST" # for both Israel Standard Time (+0200) AND India Standard Time (+0530). Etc! # # While Ansible provides 2 other vars that (slightly) help disambiguate # (ansible_date_time.tz_dst and ansible_date_time.tz_offset), there's a far # better way -- which is to read the System TZ directly from Linux: # # timedatectl show -p Timezone --value # # This takes care of essentially everything (e.g. output "America/New_York") # by checking (1) symlink /etc/localtime then (2) text file /etc/timezone if # nec, then (3) if neither exist, "UTC" is declated (correctly!) Potential # drawback: timedatectl is not easily usable within chroot environments. - name: Extract Time Zone from symlink /etc/localtime &/or text file /etc/timezone (or lack thereof!) command: timedatectl show -p Timezone --value register: tz_cli - name: Store 'date.timezone = {{ tz_cli.stdout }}' (from above) in /etc/php/{{ php_version }}/fpm/php.ini and /etc/php/{{ php_version }}/cli/php.ini ini_file: path: "{{ item }}" section: Date option: date.timezone value: "{{ tz_cli.stdout }}" # e.g. America/New_York or UTC with_items: - /etc/php/{{ php_version }}/fpm/php.ini - /etc/php/{{ php_version }}/cli/php.ini # WARNING: 'nginx_high_php_limits: True' (especially!) might cause excess use of # RAM/disk or other resources! Five original values below chosen by @kananigit # and @ericnitschke on 2018-09-19: https://github.com/iiab/iiab/issues/1147 # 2020-03-08: IIAB DOES NOT SUPPORT UNINSTALLING APPS, so additional clauses # (to reset/restore PHP's own defaults) are not necessary at this time. # 2021-06-28: WITH PHP 8.x, MOODLE'S CLI INSTALLER UNFORTUNATELY *REQUIRES* # editing /etc/php/{{ php_version }}/cli/php.ini (below) -- though during # regular operation it uses: .../fpm/php.ini # And in the past it used: .../apache2/php.ini - name: "Enact 'nginx_high_php_limits: False' in /etc/php/{{ php_version }}/fpm/php.ini for LIGHTWEIGHT use of Matomo/Nextcloud/PBX/WordPress (allow file size up to 100MB, 100s timeouts, with 2 PHP system defaults: memory_limit = 128M, max_input_vars = 1000)" lineinfile: path: /etc/php/{{ php_version }}/fpm/php.ini # COMPARE /etc/php/{{ php_version }}/cli/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini regexp: "{{ item.regexp }}" line: "{{ item.line }}" with_items: - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 100M ; default is 2M' } - { regexp: '^post_max_size', line: 'post_max_size = 100M ; default is 8M' } - { regexp: '^max_execution_time', line: 'max_execution_time = 100 ; default is 30' } - { regexp: '^max_input_time', line: 'max_input_time = 100 ; default is 60' } - { regexp: '^memory_limit', line: 'memory_limit = 128M ; default is 128M / Nextcloud requests 512M' } - { regexp: '^max_input_vars', line: 'max_input_vars = 1000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' } when: not nginx_high_php_limits and not moodle_install and not nextcloud_install - name: "Enact 'nginx_high_php_limits: False' in /etc/php/{{ php_version }}/cli/php.ini for LIGHTWEIGHT use of Matomo/Nextcloud/PBX/WordPress (allow file size up to 100MB, 100s timeouts, with 2 PHP system defaults: memory_limit = 128M, max_input_vars = 1000)" lineinfile: path: /etc/php/{{ php_version }}/cli/php.ini # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini regexp: "{{ item.regexp }}" line: "{{ item.line }}" with_items: - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 100M ; default is 2M' } - { regexp: '^post_max_size', line: 'post_max_size = 100M ; default is 8M' } - { regexp: '^max_execution_time', line: 'max_execution_time = 100 ; default is 30' } - { regexp: '^max_input_time', line: 'max_input_time = 100 ; default is 60' } - { regexp: '^memory_limit', line: 'memory_limit = 128M ; default is -1 (i.e. no limit) / Nextcloud requests 512M' } - { regexp: '^max_input_vars', line: 'max_input_vars = 1000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' } when: not nginx_high_php_limits and not moodle_install and not nextcloud_install - name: "Enact 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/fpm/php.ini for Moodle/Nextcloud or INTENSIVE use of Matomo/PBX/WordPress (allow file size up to 10000MB, 300s timeouts, memory_limit = 512M for Nextcloud, max_input_vars = 5000 for Moodle)" lineinfile: path: /etc/php/{{ php_version }}/fpm/php.ini # COMPARE /etc/php/{{ php_version }}/cli/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini regexp: "{{ item.regexp }}" line: "{{ item.line }}" with_items: - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 10000M ; default is 2M' } - { regexp: '^post_max_size', line: 'post_max_size = 10000M ; default is 8M' } - { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' } - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } - { regexp: '^memory_limit', line: 'memory_limit = 512M ; default is 128M / Nextcloud requests 512M' } - { regexp: '^max_input_vars', line: 'max_input_vars = 5000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' } when: nginx_high_php_limits or moodle_install or nextcloud_install - name: "Enact 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/cli/php.ini for Moodle/Nextcloud or INTENSIVE use of Matomo/PBX/WordPress (allow file size up to 10000MB, 300s timeouts, memory_limit = 512M for Nextcloud, max_input_vars = 5000 for Moodle)" lineinfile: path: /etc/php/{{ php_version }}/cli/php.ini # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini regexp: "{{ item.regexp }}" line: "{{ item.line }}" with_items: - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 10000M ; default is 2M' } - { regexp: '^post_max_size', line: 'post_max_size = 10000M ; default is 8M' } - { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' } - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } - { regexp: '^memory_limit', line: 'memory_limit = 512M ; default is -1 (i.e. no limit) / Nextcloud requests 512M' } - { regexp: '^max_input_vars', line: 'max_input_vars = 5000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' } when: nginx_high_php_limits or moodle_install or nextcloud_install # To tweak .ini files, Ansible's ini_file is normally better than lineinfile: # https://docs.ansible.com/ansible/latest/collections/community/general/ini_file_module.html # # But for the 6 * 4 above, explanatory comments (inserted by lineinfile) offer # important context to implementers modifying both php.ini files after the fact. - name: Restart 'php{{ php_version }}-fpm' systemd service systemd: name: php{{ php_version }}-fpm state: restarted - name: "Set 'php_settings_done: True' so php-settings.yml runs just once (per Ansible run)" set_fact: php_settings_done: True # - debug: # msg: 'THE 5 ANSIBLE STANZAS BELOW ONLY RUN... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install' # - block: # 5-STANZA BLOCK BEGINS # # roles/nginx has installed pkg 'php{{ php_version }}-fpm' in 3-base-server # - name: "Enact 'nginx_high_php_limits: False' in /etc/php/{{ php_version }}/fpm/php.ini for LIGHTWEIGHT use of Matomo/Nextcloud/PBX/WordPress (allow photos/docs up to 100MB, 100s timeouts, with 2 PHP system defaults: memory_limit = 128M, max_input_vars = 1000)" # lineinfile: # path: /etc/php/{{ php_version }}/fpm/php.ini # COMPARE /etc/php/{{ php_version }}/cli/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini # regexp: "{{ item.regexp }}" # line: "{{ item.line }}" # with_items: # - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 100M ; default is 2M' } # - { regexp: '^post_max_size', line: 'post_max_size = 100M ; default is 8M' } # - { regexp: '^max_execution_time', line: 'max_execution_time = 100 ; default is 30' } # - { regexp: '^max_input_time', line: 'max_input_time = 100 ; default is 60' } # - { regexp: '^memory_limit', line: 'memory_limit = 128M ; default is 128M / Nextcloud requests 512M' } # - { regexp: '^max_input_vars', line: 'max_input_vars = 1000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' } # when: not nginx_high_php_limits and not moodle_install # REMINDER: THIS ENTIRE 5-STANZA BLOCK IS ONLY INVOKED... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # - name: "Enact 'nginx_high_php_limits: False' in /etc/php/{{ php_version }}/cli/php.ini for LIGHTWEIGHT use of Matomo/Nextcloud/PBX/WordPress (allow photos/docs up to 100MB, 100s timeouts, with 2 PHP system defaults: memory_limit = 128M, max_input_vars = 1000)" # lineinfile: # path: /etc/php/{{ php_version }}/cli/php.ini # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini # regexp: "{{ item.regexp }}" # line: "{{ item.line }}" # with_items: # - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 100M ; default is 2M' } # - { regexp: '^post_max_size', line: 'post_max_size = 100M ; default is 8M' } # - { regexp: '^max_execution_time', line: 'max_execution_time = 100 ; default is 30' } # - { regexp: '^max_input_time', line: 'max_input_time = 100 ; default is 60' } # - { regexp: '^memory_limit', line: 'memory_limit = 128M ; default is -1 (i.e. no limit) / Nextcloud requests 512M' } # - { regexp: '^max_input_vars', line: 'max_input_vars = 1000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' } # when: not nginx_high_php_limits and not moodle_install # REMINDER: THIS ENTIRE 5-STANZA BLOCK IS ONLY INVOKED... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # # WARNING: This might cause excess use of RAM/disk or other resources! # # The first 5 values below were chosen by @ericnitschke and @kananigit on # # 2018-09-19: https://github.com/iiab/iiab/issues/1147 # # 2020-03-08: IIAB DOES NOT SUPPORT UNINSTALLING APPS, so additional # # clauses (to reset/restore PHP's defaults) are not necessary at this time. # # 2021-06-28: WITH PHP 8, MOODLE'S CLI INSTALLER UNFORTUNATELY *REQUIRES* # # editing /etc/php/{{ php_version }}/cli/php.ini (below) -- though during # # regular operation it uses: .../fpm/php.ini # # And in the past it used: .../apache2/php.ini # - name: "Enact 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/fpm/php.ini for Moodle or INTENSIVE use of Matomo/Nextcloud/PBX/WordPress (allow photos/docs up to 500MB, 300s timeouts, memory_limit = 512M for Nextcloud, max_input_vars = 5000 for Moodle)" # lineinfile: # path: /etc/php/{{ php_version }}/fpm/php.ini # COMPARE /etc/php/{{ php_version }}/cli/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini # regexp: "{{ item.regexp }}" # line: "{{ item.line }}" # with_items: # - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 500M ; default is 2M' } # - { regexp: '^post_max_size', line: 'post_max_size = 500M ; default is 8M' } # - { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' } # - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } # - { regexp: '^memory_limit', line: 'memory_limit = 512M ; default is 128M / Nextcloud requests 512M' } # - { regexp: '^max_input_vars', line: 'max_input_vars = 5000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' } # when: nginx_high_php_limits or moodle_install # REMINDER: THIS ENTIRE 5-STANZA BLOCK IS ONLY INVOKED... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # - name: "Enact 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/cli/php.ini for Moodle or INTENSIVE use of Matomo/Nextcloud/PBX/WordPress (allow photos/docs up to 500MB, 300s timeouts, memory_limit = 512M for Nextcloud, max_input_vars = 5000 for Moodle)" # lineinfile: # path: /etc/php/{{ php_version }}/cli/php.ini # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini # regexp: "{{ item.regexp }}" # line: "{{ item.line }}" # with_items: # - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 500M ; default is 2M' } # - { regexp: '^post_max_size', line: 'post_max_size = 500M ; default is 8M' } # - { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' } # - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' } # - { regexp: '^memory_limit', line: 'memory_limit = 512M ; default is -1 (i.e. no limit) / Nextcloud requests 512M' } # - { regexp: '^max_input_vars', line: 'max_input_vars = 5000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' } # when: nginx_high_php_limits or moodle_install # REMINDER: THIS ENTIRE 5-STANZA BLOCK IS ONLY INVOKED... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # - name: Restart 'php{{ php_version }}-fpm' systemd service # systemd: # name: php{{ php_version }}-fpm # state: restarted # when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # 5-STANZA BLOCK ENDS. COMPARE apache_allow_sudo conditionals below.