Skip to content
Snippets Groups Projects
Commit b536a275 authored by Chris Croome's avatar Chris Croome
Browse files

test and restart php-fpm after conf is edited

parent b33c0f03
No related branches found
No related tags found
1 merge request!1Merge Sury
Pipeline #25798 passed
Stage: lint
Hide whitespace changes
Inline Side-by-side
defaults/main.yml
+ 2
1
View file @ b536a275
......@@ -45,7 +45,8 @@ php_config:
state: edited
conf:
PHP:
max_input_time: "600"
max_execution_time: "120"
max_input_time: "601"
memory_limit: "512M"
- name: PHP 7.4 configuration
version: "7.4"
......
tasks/file_edited.yml
+ 97
1
View file @ b536a275
......@@ -47,16 +47,112 @@
var: php_conf_file_proposed_vars.keys()
verbosity: "{% if ansible_check_mode | bool %}1{% else %}2{% endif %}"
- name: Set fact for PHP configuration file
ansible.builtin.set_fact:
php_conf_file_backup: "{{ php_conf_file | ansible.builtin.dirname }}/.{{ php_conf_file | ansible.builtin.basename }}.{{ ansible_date_time.iso8601_basic_short }}.bak"
php_conf_file_changed: false
php_conf_file_sapi: "{{ php_conf_file | ansible.builtin.split(php_file_path_separator) | ansible.builtin.json_query('[4]') }}"
php_conf_file_version: "{{ php_conf_file | ansible.builtin.split(php_file_path_separator) | ansible.builtin.json_query('[3]') }}"
- name: Debug the PHP configuration file backup path
ansible.builtin.debug:
var: php_conf_file_backup
verbosity: "{% if ansible_check_mode | bool %}1{% else %}2{% endif %}"
- name: Debug the PHP configuration file PHP SAPI
ansible.builtin.debug:
var: php_conf_file_sapi
verbosity: "{% if ansible_check_mode | bool %}1{% else %}2{% endif %}"
- name: Debug the PHP configuration file PHP version
ansible.builtin.debug:
var: php_conf_file_version
verbosity: "{% if ansible_check_mode | bool %}1{% else %}2{% endif %}"
- name: Debug the proposed PHP configuration file sections
ansible.builtin.debug:
var: php_conf_file_proposed_vars.keys()
verbosity: "{% if ansible_check_mode | bool %}1{% else %}2{% endif %}"
- name: File backup present
ansible.builtin.copy:
src: "{{ php_conf_file }}"
dest: "{{ php_conf_file_backup }}"
remote_src: true
mode: 0644
owner: root
group: root
changed_when: false
# TODO Use the community.general.dependent lookup to replace the looped include and the loop in the included file...
# https://docs.ansible.com/ansible/latest/collections/community/general/dependent_lookup.html
- name: Include the file section edited tasks
- name: Include the PHP configuration file section edited tasks
ansible.builtin.include_tasks: file_section_edited.yml
loop: "{{ php_conf_file_proposed_vars | dict2items }}"
loop_control:
loop_var: php_conf_section
when: php_conf_file_proposed_vars.keys() | length != 0
- name: File backup absent when the PHP configuration file is unchanged
ansible.builtin.file:
path: "{{ php_conf_file_backup }}"
state: absent
changed_when: false
when: not php_conf_file_changed | bool
- name: Test and reload PHP configuration file when file is in a FPM directory
block:
- name: Test PHP configuration
block:
- name: PHP FPM configtest
ansible.builtin.command: "php-fpm{{ php_conf_file_version }} --test"
check_mode: false
changed_when: false
register: php_fpm_test
failed_when: >-
( php_fpm_test.rc != 0 ) or
( "Failed" in php_fpm_test.stderr )
rescue:
- name: Copy broken PHP configuration file
ansible.builtin.copy:
src: "{{ php_conf_file }}"
dest: "{{ php_conf_file_backup }}.broken"
remote_src: true
mode: 0644
owner: root
group: root
- name: Copy backup file over edited file as the configuration test failed
ansible.builtin.copy:
src: "{{ php_conf_file_backup }}"
dest: "{{ php_conf_file }}"
remote_src: true
mode: 0644
owner: root
group: root
- name: Debug PHP configuration file test failure
ansible.builtin.debug:
var: php_fpm_test.stderr_lines
- name: Fail as there was a problem with the updated configuration file
ansible.builtin.fail:
msg: "The original configuration has been restored and the broken file is available at {{ php_conf_file_backup }}.broken"
- name: PHP FPM reloaded
ansible.builtin.service:
name: "php{{ php_conf_file_version }}-fpm"
state: reloaded
when:
- php_conf_file_sapi is defined
- php_conf_file_sapi == "fpm"
tags:
- php
- php_cfg
......
tasks/file_section_edited.yml
+ 7
1
View file @ b536a275
......@@ -32,7 +32,7 @@
section: "{{ php_conf_section.key }}"
option: "{{ php_conf_variable_pair.key }}"
value: "{{ php_conf_variable_pair.value }}"
no_extra_spaces: true
no_extra_spaces: false
mode: 0644
owner: root
group: root
......@@ -42,6 +42,12 @@
loop: "{{ php_conf_section.value | ansible.builtin.dict2items }}"
loop_control:
loop_var: php_conf_variable_pair
register: php_conf_file_edited
- name: Set a fact to indicate that the file has changed
ansible.builtin.set_fact:
php_conf_file_changed: true
when: php_conf_file_edited.changed | bool
tags:
- php
......
tasks/file_templated.yml
+ 7
7
View file @ b536a275
......@@ -8,11 +8,11 @@
#
# You should have received a copy of the GNU General Public License along with the Webarchitects PHP Ansible role. If not, see <https://www.gnu.org/licenses/>.
---
- name: PHP configuration file templated
block:
tags:
- php
- php_cfg
- php_conf
# - name: PHP configuration file templated
# block:
#
# tags:
# - php
# - php_cfg
# - php_conf
...
vars/main.yml
+ 2
0
View file @ b536a275
......@@ -8,6 +8,8 @@
#
# You should have received a copy of the GNU General Public License along with the Webarchitects PHP Ansible role. If not, see <https://www.gnu.org/licenses/>.
---
php_file_path_separator: '/'
# PHP versions absent
# cat defaults/main.yml | yq -o=json | jp "php_versions[?state=='absent'].version"
php_ver_absent: "{{ php_versions | ansible.builtin.json_query('[?state==`absent`].version') | sort }}"
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Webarchitects | Forum | Status | SSH Fingerprints