external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-03-09 15:40:17 +00:00
Code Issues Releases Wiki Activity
iiab/roles/www_options/tasks/php-settings.yml

210 lines
14 KiB
YAML
Raw Blame History

# 2022-12-29: This file (php-settings.yml) is ALSO invoked on demand, by:
#
# roles/matomo/tasks/install.yml
# roles/moodle/tasks/install.yml
# roles/nextcloud/tasks/install.yml
# roles/pbx/tasks/freepbx.yml
# roles/wordpress/tasks/install.yml
# 2022-12-30: FYI ansible_date_time.tz provides TZ ABBREVIATIONS (equivalent
# to 'date +%Z' output) which leads to serious ambiguity -- and not just (A)
# seasonal EST/EDT ambiguities, or (B) floods of geographic synonyms for the
# very same time zone! More Seriously: (C) both commands above output "IST"
# for both Israel Standard Time (+0200) AND India Standard Time (+0530). Etc!
#
# While Ansible provides 2 other vars that (slightly) help disambiguate
# (ansible_date_time.tz_dst and ansible_date_time.tz_offset), there's a far
# better way -- which is to read the System TZ directly from Linux:
#
# timedatectl show -p Timezone --value
#
# This takes care of essentially everything (e.g. output "America/New_York")
# by checking (1) symlink /etc/localtime then (2) text file /etc/timezone if
# nec, then (3) if neither exist, "UTC" is declated (correctly!) Potential
# drawback: timedatectl is not easily usable within chroot environments.
- name: Extract Time Zone from symlink /etc/localtime &/or text file /etc/timezone (or lack thereof!)
command: timedatectl show -p Timezone --value
register: tz_cli
- name: Store 'date.timezone = {{ tz_cli.stdout }}' (from above) in /etc/php/{{ php_version }}/fpm/php.ini and /etc/php/{{ php_version }}/cli/php.ini
ini_file:
path: "{{ item }}"
section: Date
option: date.timezone
value: "{{ tz_cli.stdout }}" # e.g. America/New_York or UTC
with_items:
- /etc/php/{{ php_version }}/fpm/php.ini
- /etc/php/{{ php_version }}/cli/php.ini
# WARNING: 'nginx_high_php_limits: True' (especially!) might cause excess use of
# RAM/disk or other resources! Five original values below chosen by @kananigit
# and @ericnitschke on 2018-09-19: https://github.com/iiab/iiab/issues/1147
# 2020-03-08: IIAB DOES NOT SUPPORT UNINSTALLING APPS, so additional clauses
# (to reset/restore PHP's own defaults) are not necessary at this time.
# 2021-06-28: WITH PHP 8.x, MOODLE'S CLI INSTALLER UNFORTUNATELY *REQUIRES*
# editing /etc/php/{{ php_version }}/cli/php.ini (below) -- though during
# regular operation it uses: .../fpm/php.ini
# And in the past it used: .../apache2/php.ini
- name: "Enact 'nginx_high_php_limits: False' in /etc/php/{{ php_version }}/fpm/php.ini for LIGHTWEIGHT use of Matomo/Nextcloud/PBX/WordPress (allow file size up to 100MB, 100s timeouts, with 2 PHP system defaults: memory_limit = 128M, max_input_vars = 1000)"
lineinfile:
path: /etc/php/{{ php_version }}/fpm/php.ini # COMPARE /etc/php/{{ php_version }}/cli/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 100M ; default is 2M' }
- { regexp: '^post_max_size', line: 'post_max_size = 100M ; default is 8M' }
- { regexp: '^max_execution_time', line: 'max_execution_time = 100 ; default is 30' }
- { regexp: '^max_input_time', line: 'max_input_time = 100 ; default is 60' }
- { regexp: '^memory_limit', line: 'memory_limit = 128M ; default is 128M / Nextcloud requests 512M' }
- { regexp: '^max_input_vars', line: 'max_input_vars = 1000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
when: not nginx_high_php_limits and not moodle_install and not nextcloud_install
- name: "Enact 'nginx_high_php_limits: False' in /etc/php/{{ php_version }}/cli/php.ini for LIGHTWEIGHT use of Matomo/Nextcloud/PBX/WordPress (allow file size up to 100MB, 100s timeouts, with 2 PHP system defaults: memory_limit = 128M, max_input_vars = 1000)"
lineinfile:
path: /etc/php/{{ php_version }}/cli/php.ini # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 100M ; default is 2M' }
- { regexp: '^post_max_size', line: 'post_max_size = 100M ; default is 8M' }
- { regexp: '^max_execution_time', line: 'max_execution_time = 100 ; default is 30' }
- { regexp: '^max_input_time', line: 'max_input_time = 100 ; default is 60' }
- { regexp: '^memory_limit', line: 'memory_limit = 128M ; default is -1 (i.e. no limit) / Nextcloud requests 512M' }
- { regexp: '^max_input_vars', line: 'max_input_vars = 1000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
when: not nginx_high_php_limits and not moodle_install and not nextcloud_install
- name: "Enact 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/fpm/php.ini for Moodle/Nextcloud or INTENSIVE use of Matomo/PBX/WordPress (allow file size up to 10000MB, 300s timeouts, memory_limit = 512M for Nextcloud, max_input_vars = 5000 for Moodle)"
lineinfile:
path: /etc/php/{{ php_version }}/fpm/php.ini # COMPARE /etc/php/{{ php_version }}/cli/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 10000M ; default is 2M' }
- { regexp: '^post_max_size', line: 'post_max_size = 10000M ; default is 8M' }
- { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' }
- { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' }
- { regexp: '^memory_limit', line: 'memory_limit = 512M ; default is 128M / Nextcloud requests 512M' }
- { regexp: '^max_input_vars', line: 'max_input_vars = 5000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
when: nginx_high_php_limits or moodle_install or nextcloud_install
- name: "Enact 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/cli/php.ini for Moodle/Nextcloud or INTENSIVE use of Matomo/PBX/WordPress (allow file size up to 10000MB, 300s timeouts, memory_limit = 512M for Nextcloud, max_input_vars = 5000 for Moodle)"
lineinfile:
path: /etc/php/{{ php_version }}/cli/php.ini # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
with_items:
- { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 10000M ; default is 2M' }
- { regexp: '^post_max_size', line: 'post_max_size = 10000M ; default is 8M' }
- { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' }
- { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' }
- { regexp: '^memory_limit', line: 'memory_limit = 512M ; default is -1 (i.e. no limit) / Nextcloud requests 512M' }
- { regexp: '^max_input_vars', line: 'max_input_vars = 5000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
when: nginx_high_php_limits or moodle_install or nextcloud_install
# To tweak .ini files, Ansible's ini_file is normally better than lineinfile:
# https://docs.ansible.com/ansible/latest/collections/community/general/ini_file_module.html
#
# But for the 6 * 4 above, explanatory comments (inserted by lineinfile) offer
# important context to implementers modifying both php.ini files after the fact.
- name: Restart 'php{{ php_version }}-fpm' systemd service
systemd:
name: php{{ php_version }}-fpm
state: restarted
- name: "Set 'php_settings_done: True' so php-settings.yml runs just once (per Ansible run)"
set_fact:
php_settings_done: True
# - debug:
# msg: 'THE 5 ANSIBLE STANZAS BELOW ONLY RUN... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install'
# - block: # 5-STANZA BLOCK BEGINS
# # roles/nginx has installed pkg 'php{{ php_version }}-fpm' in 3-base-server
# - name: "Enact 'nginx_high_php_limits: False' in /etc/php/{{ php_version }}/fpm/php.ini for LIGHTWEIGHT use of Matomo/Nextcloud/PBX/WordPress (allow photos/docs up to 100MB, 100s timeouts, with 2 PHP system defaults: memory_limit = 128M, max_input_vars = 1000)"
# lineinfile:
# path: /etc/php/{{ php_version }}/fpm/php.ini # COMPARE /etc/php/{{ php_version }}/cli/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini
# regexp: "{{ item.regexp }}"
# line: "{{ item.line }}"
# with_items:
# - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 100M ; default is 2M' }
# - { regexp: '^post_max_size', line: 'post_max_size = 100M ; default is 8M' }
# - { regexp: '^max_execution_time', line: 'max_execution_time = 100 ; default is 30' }
# - { regexp: '^max_input_time', line: 'max_input_time = 100 ; default is 60' }
# - { regexp: '^memory_limit', line: 'memory_limit = 128M ; default is 128M / Nextcloud requests 512M' }
# - { regexp: '^max_input_vars', line: 'max_input_vars = 1000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
# when: not nginx_high_php_limits and not moodle_install # REMINDER: THIS ENTIRE 5-STANZA BLOCK IS ONLY INVOKED... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install
# - name: "Enact 'nginx_high_php_limits: False' in /etc/php/{{ php_version }}/cli/php.ini for LIGHTWEIGHT use of Matomo/Nextcloud/PBX/WordPress (allow photos/docs up to 100MB, 100s timeouts, with 2 PHP system defaults: memory_limit = 128M, max_input_vars = 1000)"
# lineinfile:
# path: /etc/php/{{ php_version }}/cli/php.ini # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini
# regexp: "{{ item.regexp }}"
# line: "{{ item.line }}"
# with_items:
# - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 100M ; default is 2M' }
# - { regexp: '^post_max_size', line: 'post_max_size = 100M ; default is 8M' }
# - { regexp: '^max_execution_time', line: 'max_execution_time = 100 ; default is 30' }
# - { regexp: '^max_input_time', line: 'max_input_time = 100 ; default is 60' }
# - { regexp: '^memory_limit', line: 'memory_limit = 128M ; default is -1 (i.e. no limit) / Nextcloud requests 512M' }
# - { regexp: '^max_input_vars', line: 'max_input_vars = 1000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
# when: not nginx_high_php_limits and not moodle_install # REMINDER: THIS ENTIRE 5-STANZA BLOCK IS ONLY INVOKED... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install
# # WARNING: This might cause excess use of RAM/disk or other resources!
# # The first 5 values below were chosen by @ericnitschke and @kananigit on
# # 2018-09-19: https://github.com/iiab/iiab/issues/1147
# # 2020-03-08: IIAB DOES NOT SUPPORT UNINSTALLING APPS, so additional
# # clauses (to reset/restore PHP's defaults) are not necessary at this time.
# # 2021-06-28: WITH PHP 8, MOODLE'S CLI INSTALLER UNFORTUNATELY *REQUIRES*
# # editing /etc/php/{{ php_version }}/cli/php.ini (below) -- though during
# # regular operation it uses: .../fpm/php.ini
# # And in the past it used: .../apache2/php.ini
# - name: "Enact 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/fpm/php.ini for Moodle or INTENSIVE use of Matomo/Nextcloud/PBX/WordPress (allow photos/docs up to 500MB, 300s timeouts, memory_limit = 512M for Nextcloud, max_input_vars = 5000 for Moodle)"
# lineinfile:
# path: /etc/php/{{ php_version }}/fpm/php.ini # COMPARE /etc/php/{{ php_version }}/cli/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini
# regexp: "{{ item.regexp }}"
# line: "{{ item.line }}"
# with_items:
# - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 500M ; default is 2M' }
# - { regexp: '^post_max_size', line: 'post_max_size = 500M ; default is 8M' }
# - { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' }
# - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' }
# - { regexp: '^memory_limit', line: 'memory_limit = 512M ; default is 128M / Nextcloud requests 512M' }
# - { regexp: '^max_input_vars', line: 'max_input_vars = 5000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
# when: nginx_high_php_limits or moodle_install # REMINDER: THIS ENTIRE 5-STANZA BLOCK IS ONLY INVOKED... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install
# - name: "Enact 'nginx_high_php_limits: True' in /etc/php/{{ php_version }}/cli/php.ini for Moodle or INTENSIVE use of Matomo/Nextcloud/PBX/WordPress (allow photos/docs up to 500MB, 300s timeouts, memory_limit = 512M for Nextcloud, max_input_vars = 5000 for Moodle)"
# lineinfile:
# path: /etc/php/{{ php_version }}/cli/php.ini # COMPARE /etc/php/{{ php_version }}/fpm/php.ini AND /etc/php/{{ php_version }}/apache2/php.ini
# regexp: "{{ item.regexp }}"
# line: "{{ item.line }}"
# with_items:
# - { regexp: '^upload_max_filesize', line: 'upload_max_filesize = 500M ; default is 2M' }
# - { regexp: '^post_max_size', line: 'post_max_size = 500M ; default is 8M' }
# - { regexp: '^max_execution_time', line: 'max_execution_time = 300 ; default is 30' }
# - { regexp: '^max_input_time', line: 'max_input_time = 300 ; default is 60' }
# - { regexp: '^memory_limit', line: 'memory_limit = 512M ; default is -1 (i.e. no limit) / Nextcloud requests 512M' }
# - { regexp: '^max_input_vars', line: 'max_input_vars = 5000 ; default is 1000 / Moodle 3.11+ requires 5000+ with PHP 8+' }
# when: nginx_high_php_limits or moodle_install # REMINDER: THIS ENTIRE 5-STANZA BLOCK IS ONLY INVOKED... when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install
# - name: Restart 'php{{ php_version }}-fpm' systemd service
# systemd:
# name: php{{ php_version }}-fpm
# state: restarted
# when: matomo_install or moodle_install or nextcloud_install or pbx_install or wordpress_install # 5-STANZA BLOCK ENDS. COMPARE apache_allow_sudo conditionals below.
Reference in a new issue View git blame Copy permalink