diff --git a/defaults/main.yml b/defaults/main.yml index b24ec66..2df3690 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1 +1,3 @@ +--- # webserver_dehydrated_email: "" # required +webserver_php_enabled: false diff --git a/handlers/main.yml b/handlers/main.yml index 3ee3fc9..6006520 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -6,3 +6,8 @@ - name: dehydrated command: /usr/bin/dehydrated -c + +- name: restart php-fpm + systemd: + name: php-fpm + state: restarted diff --git a/tasks/main.yml b/tasks/main.yml index a77446d..2e74dcc 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -67,6 +67,10 @@ state: started enabled: yes +- name: php + import_tasks: php.yml + when: webserver_php_enabled + - name: enabled nginx systemd: name: nginx diff --git a/tasks/php.yml b/tasks/php.yml new file mode 100644 index 0000000..ea5a166 --- /dev/null +++ b/tasks/php.yml @@ -0,0 +1,34 @@ +--- +- name: Install php + package: + state: latest + name: + - php-fpm + - php-gd + - php-imap + +- name: enable extension + notify: restart php-fpm + lineinfile: + path: /etc/php/php.ini + regexp: ';extension={{ item }}' + line: "extension={{ item }}" + with_items: + - curl + - gd + - imap + - mysqli + - pdo_mysql + - zip + +- name: enabled and started php-fpm + systemd: + name: php-fpm + enabled: yes + state: started + +- name: templates php nginx + notify: reload nginx + template: + src: "php.nginx" + dest: "/etc/nginx/snippets/php.conf" diff --git a/templates/php.nginx b/templates/php.nginx new file mode 100644 index 0000000..c1703f1 --- /dev/null +++ b/templates/php.nginx @@ -0,0 +1,14 @@ +index index.html index.htm index.php; + +location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+.php)(/.+)$; + fastcgi_pass unix:/run/php-fpm/php-fpm.sock; + fastcgi_index index.php; + + include fastcgi.conf; + + fastcgi_param PHP_ADMIN_VALUE open_basedir=$document_root:/tmp:/usr/share/pear:/dev/urandom; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param HTTPS on; +}