Default variable details
Some of debops.php
default variables have more extensive configuration than
simple strings or lists, here you can find documentation and examples for them.
php__packages
The php__packages
, php__group_packages
, php__host_packages
and
php__dependent_packages
lists can be used to install APT packages. The role
automatically prepends the package names with correct prefix (php5-
or
php7.0-
) to install packages for currently active PHP version. Because of
that you should only use these lists to install PHP-related packages.
The packages with names in the form:
php-*
php5-*
php7.0-*
will be detected correctly. Any other package names will have the current PHP version prepended to their name, which might result in incorrect installation requests.
Examples
Install support for the MariaDB/MySQL and PostgreSQL databases for the current PHP version:
php__packages: [ 'mysql', 'pgsql' ]
Install support for the PEAR repository:
php__packages: [ 'php-pear' ]
php__configuration
The management of the php.ini
configuration is done using a set of YAML
lists, named php__configuration
, php__group_configuration
and
php__host_configuration
. Each element of a list is a YAML dictionary with
certain parameters.
The configuration is designed to allow easy creation of multiple configuration
files located in /etc/php5,/7.0/
directories. By default, all files are
created in the /etc/php5,/7.0/ansible/
directory with the .ini
extension, and symlinked to the respective PHP SAPI configuration directories.
If you need, you can create the configuration files directly in the PHP SAPI
directories as well.
The role recognizes the parameters below:
filename
Required. Name of the file to store the configuration data, for example
00-ansible
. The.ini
extension is added automatically at the end.path
Optional. Change the default path where a given configuration file should be created, relative to
/etc/php5,/7.0/
. By default this value is ansible/. You need to add the/
character at the end of the path for the role to work correctly.sections
Optional. List of YAML dictionaries, each one describing a part of the given configuration file.
The parameters below can be specified either in the main YAML dictionary, or in
one of the YAML dictionaries on the sections
list:
name
Optional. An INI section name, for example
PHP
which will be written as[PHP]
in the configuration file.options
A YAML text block with
php.ini
configuration options specified in the INI configuration file format.comment
Optional. A custom comment added before a specified configuration.
state
Optional, either
present
orabsent
. If not specified orpresent
, a given configuration file or its section will be created. Ifabsent
, a given configuration file or section will be removed.
Examples
Create custom configuration file symlinked to all PHP SAPI directories:
php__configuration:
- filename: '10-custom'
name: 'PHP'
options: |
display_errors = On
Create custom configuration file with multiple sections directly in PHP-FPM directory:
php__host_configuration:
- filename: '50-custom'
path: 'fpm/conf.d/'
sections:
- name: 'CLI server'
options: |
cli_server.color = On
- name: 'mail function'
options: |
SMTP = smtp.{{ ansible_domain }}
smtp_port = 25
php__pools
The php__pools
, php__group_pools
, php__host_pools
and
php__dependent_pools
lists can be used to create PHP-FPM pools. Each list
entry is a YAML dictionary with keys and values that represent options in the
pool configuration file (with some additional parameters used by the role
itself).
Most of the pool parameters have their corresponding default variables in the
php__fpm_*
namespace. To use them in the pool configuration, strip the
php__fpm_
prefix from their variable name, for example:
php__fpm_access_log: True
php__pools:
- name: 'www-data'
access_log: False
Below are some parameters that don't have their corresponding defaults or are otherwise different:
name
Required. Name of the PHP-FPM pool.
state
Optional. If not specified or
present
, the PHP-FPM pool will be created. If specified andabsent
, the PHP-FPM pool will be removed.user
Optional. Name of the system user account which will be used to execute the given PHP-FPM pool. This account needs to exist before the pool will start correctly. If not specified, the
item.name
value will be used.group
Optional. The main group in which the PHP-FPM pool will be running in. If not specified, the
item.name
value will be used instead.owner
,home
Optional. If specified, role will create an user account with specified home directory before restarting the PHP-FPM service. This permits easy creation of new PHP-FPM pools on separate user accounts. Ideally the
item.owner
value should be the same asitem.user
oritem.name
. It's defined separately to better control user/group creation process.system
Optional, boolean. If defined and
True
, the account and group will be created as a "system" account with UID/GID < 1000; this is the default. IfFalse
, the created user and group will have "normal" UID/GID selected.listen
Optional. Path to the PHP-FPM socket or IP:port on which a given pool should listen for connections. By default it's autogenerated in the format:
/run/php5,7.0-fpm-{ item.name }.sock
.listen_owner
Optional. The system user that will be the owner of the PHP-FPM socket. This should be the username of the webserver account, so that it can use the socket to communicate with the PHP-FPM process. This account needs to exist before the PHP-FPM process is started (the
www-data
account is created by default on Debian/Ubuntu systems). If not specified, thephp__fpm_listen_owner
value will be used instead.listen_group
Optional. The system group that will be the primary group of the PHP-FPM socket. This should be the group that the webserver belongs to, so that it can use the socket to communicate with the PHP-FPM process. This group needs to exist before the PHP-FPM process is started (the
www-data
group is created by default on Debian/Ubuntu systems). If not specified, thephp__fpm_listen_group
value will be used instead.listen_acl_users
Optional. Set POSIX Access Control Lists. If specified, listen_owner is ignored. The value must be a list of names.
listen_acl_groups
Optional. Set POSIX Access Control Lists. If specified, listen_group is ignored. The value must be a list of names.
listen_mode
Optional. The permissions applied to the PHP-FPM pool sockets. If not specified, the
php__fpm_listen_mode
value will be used instead.listen_backlog
Optional. The limit for socket connection backlog. If you tune this parameter, you should also consider sysctl parameters
net.ipv4.tcp_max_syn_backlog
,net.ipv4.ip_local_port_range
,net.ipv4.tcp_tw_reuse
andnet.core.somaxconn
. If not specified, thephp__fpm_listen_backlog
will be used instead.environment
Optional. A YAML dictionary with custom environment variables that should be specified in the PHP-FPM pool. Each dictionary key is a variable name and dictionary value is the variable value.
php_flags
Optional. A YAML dictionary with custom
php.ini
flags that should be defined in the PHP-FPM pool. Each dictionary key is the flag name, and each dictionary value is the flag value.php_values
Optional. A YAML dictionary with custom
php.ini
values that should be defined in the PHP-FPM pool. Each dictionary key is the value name, and each dictionary value is the value contents.php_admin_flags
Optional. A YAML dictionary with custom
php.ini
admin flags that should be defined in the PHP-FPM pool. Each dictionary key is the admin flag name, and each dictionary value is the admin flag value.php_admin_values
Optional. A YAML dictionary with custom
php.ini
admin values that should be defined in the PHP-FPM pool. Each dictionary key is the admin value name, and each dictionary value is the admin value contents.open_basedir
Optional. String or list of paths which can be accessed by the PHP interpreter. By default not set.
pm_status
Optional. If
True
, PHP-FPM status page is enabled. If not specified, thephp__fpm_pm_status
will be used instead.pm_status_path
Optional. URI path of PHP-FPM status page. If not specified, the
php__fpm_pm_status_path
will be used instead.
Examples
Create a new PHP-FPM pool with custom user account:
php__host_pools:
- name: 'custom-php-app'
owner: 'custom-php-app'
home: '/srv/custom-php-app'
Modify default PHP-FPM pool with custom environment variables:
php__default_pools:
- name: 'www-data'
environment:
HOME: '/var/www'
MAIL: 'root@{{ ansible_domain }}'
Remove the default PHP-FPM pool (you should have at least 1 pool configured, otherwise the PHP-FPM process manager won't start correctly):
php__default_pools:
- name: 'www-data'
state: 'absent'