Version information
This version is compatible with:
- Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2016.4.x
- Puppet >= 4.10.0 < 6.0.0
- OpenSUSE, Archlinux , , , , , ,
Start using this module
Add this module to your Puppetfile:
mod 'puppet-php', '6.0.0'
Learn more about managing modules with a PuppetfileDocumentation
Current Status
As the original creators of puppet-php
are no longer maintaining the module, it has been handed over into the care of Vox Pupuli.
Please be sure to update all your links to the new location.
voxpupuli/php Puppet Module
voxpupuli/php is a Puppet module for managing PHP with a strong focus
on php-fpm. The module aims to use sane defaults for the supported
architectures. We strive to support all recent versions of Debian,
Ubuntu, RedHat/CentOS, openSUSE/SLES and FreeBSD. Managing Apache
with mod_php
is not supported.
This originally was a fork of jippi/puppet-php (nodes-php on Puppet Forge) but has since been rewritten in large parts.
Usage
Quickest way to get started is simply include
'ing the php
class.
include '::php'
Or, you can override defaults and specify additional custom
configurations by declaring class { '::php': }
with parameters:
class { '::php':
ensure => latest,
manage_repos => true,
fpm => true,
dev => true,
composer => true,
pear => true,
phpunit => false,
}
Optionally the PHP version or configuration root directory can be changed also:
class { '::php::globals':
php_version => '7.0',
config_root => '/etc/php/7.0',
}->
class { '::php':
manage_repos => true
}
There are more configuration options available. Please refer to the auto-generated documentation at http://php.puppet.mayflower.de/.
Defining php.ini
settings
PHP configuration parameters in php.ini
files can be defined as parameter
settings
on the main php
class, or php::fpm
/ php::cli
classes,
or php::extension
resources for each component independently.
These settings are written into their respective php.ini
file. Global
settings in php::settings
are merged with the settings of all components.
Please note that settings of extensions are always independent.
In the following example the PHP options and timezone will be set in all PHP configurations, i.e. the PHP cli application and all php-fpm pools.
class { '::php':
settings => {
'PHP/max_execution_time' => '90',
'PHP/max_input_time' => '300',
'PHP/memory_limit' => '64M',
'PHP/post_max_size' => '32M',
'PHP/upload_max_filesize' => '32M',
'Date/date.timezone' => 'Europe/Berlin',
},
}
Installing extensions
PHP configuration parameters in php.ini
files can be defined
as parameter extensions
on the main php
class. They are
activated for all activated SAPIs.
class { '::php':
extensions => {
bcmath => { },
imagick => {
provider => pecl,
},
xmlrpc => { },
memcached => {
provider => 'pecl',
header_packages => [ 'libmemcached-devel', ],
},
apc => {
provider => 'pecl',
settings => {
'apc/stat' => '1',
'apc/stat_ctime' => '1',
},
sapi => 'fpm',
},
},
}
See the documentation
of the php::extension
resource for all available parameters and default
values.
Defining php-fpm pools
If different php-fpm pools are required, you can use php::fpm::pool
defined resource type. A single pool called www
will be configured
by default. Specify additional pools like so:
php::fpm::pool { 'www2':
listen => '127.0.1.1:9000',
}
For an overview of all possible parameters for php::fpm::pool
resources
please see its documention.
Overriding php-fpm user
By default, php-fpm is set up to run as Apache. If you need to customize that user, you can do that like so:
class { '::php':
fpm_user => 'nginx',
fpm_group => 'nginx',
}
PHP with one FPM pool per user
This will create one vhost. $users is an array of people having php files at $fqdn/$user. This codesnipped uses voxpupuli/php and voxpupuli/nginx to create the vhost and one php fpm pool per user. This was tested on Archlinux with nginx 1.13 and PHP 7.2.3.
$users = ['bob', 'alice']
class { 'php':
ensure => 'present',
manage_repos => false,
fpm => true,
dev => false,
composer => false,
pear => true,
phpunit => false,
fpm_pools => {},
}
include nginx
nginx::resource::server{$facts['fqdn']:
www_root => '/var/www',
autoindex => 'on',
}
nginx::resource::location{'dontexportprivatedata':
server => $facts['fqdn'],
location => '~ /\.',
location_deny => ['all'],
}
$users.each |$user| {
# create one fpm pool. will be owned by the specific user
# fpm socket will be owned by the nginx user 'http'
php::fpm::pool{$user:
user => $user,
group => $user,
listen_owner => 'http',
listen_group => 'http',
listen_mode => '0660',
listen => "/var/run/php-fpm/${user}-fpm.sock",
}
nginx::resource::location { "${name}_root":
ensure => 'present',
server => $facts['fqdn'],
location => "~ .*${user}\/.*\.php$",
index_files => ['index.php'],
fastcgi => "unix:/var/run/php-fpm/${user}-fpm.sock",
include => ['fastcgi.conf'],
}
}
Alternative examples using Hiera
Alternative to the Puppet DSL code examples above, you may optionally define your PHP configuration using Hiera.
Below are all the examples you see above, but defined in YAML format for use with Hiera.
---
php::ensure: latest
php::manage_repos: true
php::fpm: true
php::fpm_user: 'nginx'
php::fpm_group: 'nginx'
php::dev: true
php::composer: true
php::pear: true
php::phpunit: false
php::settings:
'PHP/max_execution_time': '90'
'PHP/max_input_time': '300'
'PHP/memory_limit': '64M'
'PHP/post_max_size': '32M'
'PHP/upload_max_filesize': '32M'
'Date/date.timezone': 'Europe/Berlin'
php::extensions:
bcmath: {}
xmlrpc: {}
imagick:
provider: pecl
memcached:
provider: pecl
header_packages:
- libmemcached-dev
apc:
provider: pecl
settings:
'apc/stat': 1
'apc/stat_ctime': 1
sapi: 'fpm'
php::fpm::pools:
www2:
listen: '127.0.1.1:9000'
Notes
Debian squeeze & Ubuntu precise come with PHP 5.3
On Debian-based systems, we use php5enmod
to enable extension-specific
configuration. This script is only present in php5
packages beginning with
version 5.4. Furthermore, PHP 5.3 is not supported by upstream anymore.
We strongly suggest you use a recent PHP version, even if you're using an
older though still supported distribution release. Our default is to have
php::manage_repos
enabled to add apt sources for
Dotdeb on Debian and
ppa:ondrej/php5 on
Ubuntu with packages for the current stable PHP version closely tracking
upstream.
Ubuntu systems and Ondřej's PPA
The older Ubuntu PPAs run by Ondřej have been deprecated (ondrej/php5, ondrej/php5.6) in favor of a new PPA: ondrej/php which contains all 3 versions of PHP: 5.5, 5.6, and 7.0 Here's an example in hiera of getting PHP 5.6 installed with php-fpm, pear/pecl, and composer:
php::globals::php_version: '5.6'
php::fpm: true
php::dev: true
php::composer: true
php::pear: true
php::phpunit: false
If you do not specify a php version, in Ubuntu the default will be 7.0 if you are running Xenial (16.04), otherwise PHP 5.6 will be installed (for other versions)
Apache support
Apache with mod_php
is not supported by this module. Please use
puppetlabs/apache instead.
We prefer using php-fpm. You can find an example Apache vhost in
manifests/apache_vhost.pp
that shows you how to use mod_proxy_fcgi
to
connect to php-fpm.
RedHat/CentOS SCL Users
If you plan to use the SCL repositories with this module you must do the following adjustments:
General config
This ensures that the module will create configurations in the directory `/etc/opt/rh/<php_version>/
(also in php.d/
for extensions). Anyway you have to manage the SCL repo's by your own.
class { '::php::globals':
php_version => 'rh-php71',
rhscl_mode => 'rhscl',
}
-> class { '::php':
manage_repos => false
}
Extensions
Extensions in SCL are being installed with packages that cover 1 or more .so files. This is kinda incompatible with this module, since this module specifies an extension by name and derives the name of the package and the config (.ini) from it. To manage extensions of SCL packages you must use the following parameters:
class { '::php':
...
extensions => {
'soap' => {
ini_prefix => '20-',
},
}
}
By this you tell the module to configure bz2 and calender while ensuring only the package common
. Additionally to the
installation of 'common' the inifiles 'calender.ini' and 'bz2.ini' will be created by the scheme
<config_file_prefix><extension_title>
.
A list of commonly used modules:
{
extensions => {
'xml' => {
ini_prefix => '20-',
multifile_settings => true,
settings => {
'dom' => {},
'simplexml' => {},
'xmlwriter' => {},
'xsl' => {},
'wddx' => {},
'xmlreader' => {},
},
},
'soap' => {
ini_prefix => '20-',
},
'imap' => {
ini_prefix => '20-',
},
'intl' => {
ini_prefix => '20-',
},
'gd' => {
ini_prefix => '20-',
},
'mbstring' => {
ini_prefix => '20-',
},
'xmlrpc' => {
ini_prefix => '20-',
},
'pdo' => {
ini_prefix => '20-',
multifile_settings => true,
settings => {
'pdo' => {},
'pdo_sqlite' => {},
'sqlite3' => {},
},
},
'process' => {
ini_prefix => '20-',
multifile_settings => true,
settings => {
'posix' => {},
'shmop' => {},
'sysvmsg' => {},
'sysvsem' => {},
'sysvshm' => {},
},
},
'mysqlnd' => {
ini_prefix => '30-',
multifile_settings => true,
settings => {
'mysqlnd' => {},
'mysql' => {},
'mysqli' => {},
'pdo_mysql' => {},
'sysvshm' => {},
},
},
'mysqlnd' => {
ini_prefix => '30-',
multifile_settings => true,
settings => {
'mysqlnd' => {},
'mysql' => {},
'mysqli' => {},
'pdo_mysql' => {},
'sysvshm' => {},
},
},
}
}
Facts
We deliver a phpversion
fact with this module. This is explicitly NOT intended
to be used within your puppet manifests as it will only work on your second puppet
run. Its intention is to make querying PHP versions per server easy via PuppetDB or Foreman.
FreeBSD support
On FreeBSD systems we purge the system-wide extensions.ini
in favour of
per-module configuration files.
Please also note that support for Composer and PHPUnit on FreeBSD is untested and thus likely incomplete.
Running the test suite
To run the tests install the ruby dependencies with bundler
and execute
rake
:
bundle install --path vendor/bundle
bundle exec rake
Bugs & New Features
If you happen to stumble upon a bug, please feel free to create a pull request with a fix (optionally with a test), and a description of the bug and how it was resolved.
Or if you're not into coding, simply create an issue adding steps to let us reproduce the bug and we will happily fix it.
If you have a good idea for a feature or how to improve this module in general, please create an issue to discuss it. We are very open to feedback. Pull requests are always welcome.
We hate orphaned and unmaintained Puppet modules as much as you do and therefore promise that we will continue to maintain this module and keep response times to issues short. If we happen to lose interest, we will write a big fat warning into this README to let you know.
License
The project is released under the permissive MIT license.
The source can be found at github.com/voxpupuli/puppet-php.
This Puppet module was originally maintained by some fellow puppeteers at Mayflower GmbH and is now maintained by Vox Pupuli.
Changelog
All notable changes to this project will be documented in this file. Each new release typically also includes the latest modulesync defaults. These should not affect the functionality of the module.
v6.0.0 (2018-07-29)
Breaking changes:
Implemented enhancements:
- Compatibility with Software collections (SCL) #451 (oranenj)
- Add Debian 9 support #440 (SimonHoenscheid)
- Add initial ubuntu 18.04 support #428 (jkroepke)
Fixed bugs:
- php.ini not updated #422
- Error: Could not upgrade module 'puppet-php' (v4.0.0 -> v5.0.0) #378
- Fix paths for phpunit on FreeBSD #291 (bitnexus)
Closed issues:
- Debian 9 (Stretch) support #439
- Repository class switch failing on Ubuntu #392
- Next stable release? #352
- PHP extensions loaded twice #341
- PECL/Extension checks for beta packages #73
Merged pull requests:
- Update README.md with working RHSCL example. #463 (Tamerz)
- enable ubuntu 18.04 acceptance tests #462 (bastelfreak)
- drop EOL OSs; fix puppet version range #453 (bastelfreak)
- Rely on beaker-hostgenerator for docker nodesets #452 (ekohl)
- mark private classes with assert_private() #447 (bastelfreak)
- migrate vars from topscope to relative scope #444 (bastelfreak)
- bump puppet to latest supported version 4.10.0 #443 (bastelfreak)
- Update puppet/archive dependency #438 (marknl)
- switch the dotdeb repo url to https #431 (bastelfreak)
v5.3.0 (2018-03-06)
Implemented enhancements:
- mark Ubuntu 16.04 as supported and fix its tests #221
- Using the new facts hash instead of the global var in repo/debian.pp #425 (c33s)
- Add Acceptance tests #414 (bastelfreak)
Fixed bugs:
- Fix Archlinux support #423 (bastelfreak)
- Fix wrongly named parameters for apt::source/key #420 (bitcrush)
- manage software-properties-common on ubuntu #419 (bastelfreak)
Merged pull requests:
- add examples for php-fpm/nginx #424 (bastelfreak)
- add tests for php5.6 #418 (bastelfreak)
v5.2.0 (2018-02-14)
Implemented enhancements:
- add ubuntu 16.04 support #412 (bastelfreak)
- Add PHP 7.1 support on Debian #293 (fstr)
Fixed bugs:
- Auto_update not idempotent #402
- use correct require arguments #415 (bastelfreak)
- fix composer auto_update idempotency in case no update is available #408 (joekohlsdorf)
- Fixing wrong pear package name in Amazon Linux #399 (gdurandvadas)
Closed issues:
- Upgrade to work with Puppet5 #406
- php 7.2 + ubuntu 16.04 - pdo-mysql extension not installing correctly #405
- config_root parameter does nothing on RHEL7 #397
Merged pull requests:
- Deprecate hiera_hash functions #410 (minorOffense)
- mark Puppet 5 as supported #407 (joekohlsdorf)
- Change default RedHat params to use config_root #398 (DALUofM)
v5.1.0 (2017-11-10)
Fixed bugs:
- Fix syntax issues with data types #385 (craigwatson)
- fix ubuntu 17.04 version for php7 #383 (arudat)
- Fix OS fact comparison for Ubuntu 12 and 14 #375 (dbeckham)
- Fix OS facts usage when selecting repo class for Ubuntu systems #374 (dbeckham)
- Confine pecl provider to where pear command is available #364 (walkamongus)
- fix default value of php::fpm::pool::access_log_format #361 (lesinigo)
Closed issues:
- Debian repository classes are being selected on Ubuntu systems #373
- Changes in #357 break Ubuntu version dependent resources #372
Merged pull requests:
- Proposed fix for failing parallel spec tests #386 (wyardley)
- update dependencies in metadata #379 (mmoll)
- Bump metadata.json version to 5.0.1-rc #377 (dhollinger)
- bump dep on puppet/archive to '\< 3.0.0' #376 (costela)
- Add missing php-fpm user and group class param docs #346 (dbeckham)
v5.0.0 (2017-08-07)
Summary
This backwards-incompatible release drops puppet 3, PHP 5.5 on Ubuntu, and the deprecated php::extension
parameter pecl_source
. It improves much of the internal code quality, and adds several useful features the most interesting of which is probably the php::extension
parameter ini_prefix
.
Changed
- Drop puppet 3 compatibility.
- Bumped puppetlabs-apt lower bound to 4.1.0
- Bumped puppetlabs-stdlib lower bound to 4.13.1
Removed
- Deprecated
php::extension
define parameterspecl_source
. Usesource
instead. - PHP 5.5 support on ubuntu.
Added
php
class parametersfpm_user
andfpm_group
to customize php-fpm user/group.php::fpm
class parametersuser
andgroup
.php::fpm::pool
define parameterpm_process_idle_timeout
and pool.confpm.process_idle_timeout
directive.php::extension
class parametersini_prefix
andinstall_options
.- Archlinux compatibility.
- Bumped puppetlabs-apt upper bound to 5.0.0
Fixed
- Replaced validate functions with data types.
- Linting issues.
- Replace legacy facts with facts hash.
- Simplify
php::extension
- Only apt dependency when
manage_repos => true
- No more example42/yum dependency
2017-02-11 Release 4.0.0
This is the last release with Puppet3 support!
- Fix a bug turning
manage_repos
off on wheezy - Fix a deprecation warning on
apt::key
when usingmanage_repos
on wheezy (#110). This change requires puppetlabs/apt at >= 1.8.0 - Allow removal of config values (#124)
- Add
phpversion
fact, for querying through PuppetDB or Foreman (#119) - Allow configuring the fpm pid file (#123)
- Add embedded SAPI support (#115)
- Add options to fpm config and pool configs (#139)
- Add parameter logic for PHP 7 on Ubuntu/Debian (#180)
- add SLES PHP 7.0 Support (#220)
- allow packaged extensions to be loaded as zend extensions
- Fix command to enable php extensions (#226)
- Fix many rucocop warnings
- Update module Ubuntu 14.04 default to official repository setup
- Fix dependency for extentions with no package source
- Allow packaged extensions to be loaded as Zend extensions
- Support using an http proxy for downloading composer
- Refactor classes php::fpm and php::fpm:service
- Manage apache/PHP configurations on Debian and RHEL systems
- use voxpupuli/archive to download composer
- respect $manage_repos, do not include ::apt if set to false
- Bump min version_requirement for Puppet + deps
- allow pipe param for pecl extensions
- Fix: composer auto_update: exec's environment must be array
Breaking Changes
- Deep merge
php::extensions
the same way asphp::settings
. This technically is a breaking change but should not affect many people. - PHP 5.6 is the default version on all systems now (except Ubuntu 16.04, where 7.0 is the default).
- There's a php::globals class now, where global paramters (like the PHP version) are set. (#132)
- Removal of php::repo::ubuntu::ppa (#218)
3.4.2
- Fix a bug that changed the default of
php::manage_repos
tofalse
on Debian-based operating systems except wheezy. It should be turned on by default. (#116) - Fix a bug that prevented reloading php-fpm on Ubuntu in some cases. (#117, #107)
3.4.1
- Fix reloading php-fpm on Ubuntu trusty & utopic (#107)
3.4.0
- New parameter
ppa
for classphp::repo::ubuntu
to specify the ppa name to use. We default toondrej/php5-oldstable
for precise andondrej/php5
otherwise. - New parameter
include
forphp::fpm::pool
resources to specify custom configuration files.
3.3.1
- Make
systemd_interval
parameter for classphp::fpm::config
optional
3.3.0
php::extension
resources:- New boolean parameter
settings_prefix
to automatically prefix all settings keys with the extensions names. Defaults to false to ensurre the current behaviour. - New string parameter
so_name
to set the DSO name of an extension if it doesn't match the package name. - New string parameter
php_api_version
to set a custom api version. If notundef
, theso_name
is prefixed with the full module path in the ini file. Defaults toundef
.
- New boolean parameter
- The default of the parameter
listen_allowed_clients
ofphp::fpm::pool
resources is nowundef
instead of'127.0.0.1'
. This way it is more intuitive to change the default tcp listening socket at127.0.0.1:9000
to a unix socket by only setting thelisten
parameter instead of additionally needing to unsetlisten_allowed_clients
. This has no security implications. - New parameters for the
php::fpm::config
class:error_log
syslog_facility
syslog_ident
systemd_interval
- A bug that prevented merging the global
php::settings
parameter into SAPI configs forphp::cli
andphp::fpm
was fixed. - The dotdeb repos are now only installed for Debian wheezy as Debian jessie has a sufficiently recent PHP version.
3.2.2
- Fix a typo in hiera keys
php::settings
&php::fpm::settings
(#83)
3.2.1
- Fixed default
yum_repo
key inphp::repo::redhat
- On Ubuntu precise we now use the ondrej/php5-oldstable ppa. This can be
manually enabled with by setting
$php::repo::ubuntu::oldstable
totrue
. $php::ensure
now defaults topresent
instead oflatest
. Though, strictly speaking, this represents a functional change, we consider this to be a bugfix because automatic updates should be enabled explicitely.$php::ensure
is not anymore passed tophp::extension
resources as default ensure parameter because this doesn't make sense.
3.2.0
- Support for FreeBSD added by Frank Wall
- RedHat now uses remi-php56 yum repo by default
- The resource
php::fpm::pool
is now public, you can use it in your manifests without using$php::fpm::pools
- We now have autogenerated documentation using
puppetlabs/strings
3.1.0
- New parameter
pool_purge
forphp::extension
to remove files not managed by puppet from the pool directory. - The
pecl_source
parameter forphp::extension
was renamend tosource
because it is also useful for PEAR extensions.pecl_source
can still be used but is deprecated and will be removed in the next major release. - Parameters referring to time in
php::fpm::config
can now be specified with units (i.e.'60s'
,'1d'
):emergency_restart_threshold
emergency_restart_interval
process_control_timeout
- The PEAR version is not independant of
$php::ensure
and can be configured with$php::pear_ensure
- Give special thanks to the contributors of this release:
- Petr Sedlacek
- Sherlan Moriah
3.0.1
- Fix typo in package suffix for php-fpm on RHEL in params.pp
3.0.0
- Removes
$php::fpm::pool::error_log
. Use thephp_admin_flag
andphp_admin_value
parameters to set the php settingslog_errors
anderror_log
instead. - Removes support for PHP 5.3 on Debian-based systems. See the notes in the README for more information.
- Removes the
php_version
fact which had only worked on the later puppet runs. - Moves CLI-package handling to
php::packages
- Allows changing the package prefix via
php::package_prefix
. - Moves FPM-package handling from
php::fpm::package
tophp::fpm
- Changes
php::packages
, so thatphp::packages::packages
becomesphp::packages::names
and are installed andphp::packages::names_to_prefix
are installed prefixed byphp::package_prefix
. - PHPUnit is now installed as phar in the same way composer is installed, causing all parameters to change
- The
php::extension
resource has a new parameter:zend
. If set to true, exenstions that were installed with pecl are loaded withzend_extension
.
2.0.4
- Style fixes all over the place
- Module dependencies are now bound to the current major version
2.0.3
- Some issues & bugs with extensions were fixed
- If you set the
provider
parameter of an extension to"none"
, no extension packages will be installed - The EPEL yum repo has been added for RedHat systems
2.0.2
- Adds support for
header_packages
on all extensions - Adds
install_options
to pear package provider
2.0.1
- This is a pure bug fix release
- Fix for CVE 2014-0185 (https://bugs.php.net/bug.php?id=67060)
2.0.0
- Remove augeas and switch to puppetlabs/inifile for configs
- Old:
settings => [‘set PHP/short_open_tag On‘]
- New:
settings => {‘PHP/short_open_tag’ => ‘On‘}
- Old:
- Settings parmeter cleanups
- The parameter
config
ofphp::extension
resources is now calledsettings
- The parameters
user
andgroup
ofphp::fpm
have been moved tophp::fpm::config
- New parameter
php::settings
for global settings (i.e. CLI & FPM)
- The parameter
- New parameter
php::cli
to disable CLI if supported
1.1.2
- SLES: PHP 5.5 will now be installed
- Pecl extensions now autoload the .so based on $name instead of $title
1.1.1
- some nasty bugs with the pecl php::extension provider were fixed
- php::extension now has a new pecl_source parameter for specifying custom source channels for the pecl provider
1.1.0
- add phpunit to main class
- fix variable access for augeas
1.0.2
- use correct suse apache service name
- fix anchoring of augeas
1.0.1
- fixes #9 undefined pool_base_dir
1.0.0
Initial release
* This Changelog was automatically generated by github_changelog_generator
Dependencies
- puppetlabs/stdlib (>= 4.16.0 < 5.0.0)
- puppetlabs/apt (>= 4.4.0 < 5.0.0)
- puppetlabs/inifile (>= 1.4.1 < 3.0.0)
- puppet/zypprepo (>= 2.0.0 < 3.0.0)
- puppet/archive (>= 1.0.0 < 4.0.0)