| 1 |
jpp |
1.1 |
diff -Nur smeserver-phpki-ng-0.3.old/createlinks smeserver-phpki-ng-0.3/createlinks |
| 2 |
|
|
--- smeserver-phpki-ng-0.3.old/createlinks 2021-02-25 00:13:06.336000000 -0500 |
| 3 |
|
|
+++ smeserver-phpki-ng-0.3/createlinks 2021-02-25 01:38:34.722000000 -0500 |
| 4 |
|
|
@@ -36,6 +36,7 @@ |
| 5 |
|
|
/etc/systemd/system-preset/49-koozali.preset |
| 6 |
|
|
/etc/httpd/conf/httpd.conf |
| 7 |
|
|
/etc/httpd/pki-conf/httpd.conf |
| 8 |
|
|
+ /etc/opt/remi/php73/php-fpm.d/www.conf |
| 9 |
|
|
|
| 10 |
|
|
)) |
| 11 |
|
|
{ |
| 12 |
|
|
@@ -51,4 +52,4 @@ |
| 13 |
|
|
#services we need to restart |
| 14 |
|
|
safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/httpd-pki"); |
| 15 |
|
|
safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith"); |
| 16 |
|
|
- |
| 17 |
|
|
+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/php73-php-fpm"); |
| 18 |
|
|
diff -Nur smeserver-phpki-ng-0.3.old/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/20Modules smeserver-phpki-ng-0.3/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/20Modules |
| 19 |
|
|
--- smeserver-phpki-ng-0.3.old/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/20Modules 2021-02-25 00:13:06.337000000 -0500 |
| 20 |
|
|
+++ smeserver-phpki-ng-0.3/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/20Modules 2021-02-25 01:28:38.119000000 -0500 |
| 21 |
|
|
@@ -10,10 +10,8 @@ |
| 22 |
|
|
ServerRoot /etc/httpd |
| 23 |
|
|
ServerTokens ProductOnly |
| 24 |
|
|
|
| 25 |
|
|
-User www |
| 26 |
|
|
-Group www |
| 27 |
|
|
-#User phpki |
| 28 |
|
|
-#Group phpki |
| 29 |
|
|
+User phpki |
| 30 |
|
|
+Group phpki |
| 31 |
|
|
|
| 32 |
|
|
ErrorLog /var/log/httpd/pki_error_log |
| 33 |
|
|
LogLevel warn |
| 34 |
|
|
@@ -30,7 +28,6 @@ |
| 35 |
|
|
autoindex |
| 36 |
|
|
dir |
| 37 |
|
|
asis |
| 38 |
|
|
-# imap |
| 39 |
|
|
imagemap |
| 40 |
|
|
actions |
| 41 |
|
|
userdir |
| 42 |
|
|
@@ -38,9 +35,6 @@ |
| 43 |
|
|
proxy_http |
| 44 |
|
|
alias |
| 45 |
|
|
rewrite |
| 46 |
|
|
-# access |
| 47 |
|
|
-# authz_host |
| 48 |
|
|
-# authz_user |
| 49 |
|
|
auth |
| 50 |
|
|
auth_anon |
| 51 |
|
|
auth_digest |
| 52 |
|
|
@@ -55,6 +49,7 @@ |
| 53 |
|
|
access_compat |
| 54 |
|
|
authn_core |
| 55 |
|
|
authz_core |
| 56 |
|
|
+ authz_user |
| 57 |
|
|
proxy_ajp |
| 58 |
|
|
proxy_connect |
| 59 |
|
|
proxy_express |
| 60 |
|
|
@@ -70,26 +65,10 @@ |
| 61 |
|
|
$OUT .= "LoadModule ${_}_module modules/mod_${_}.so\n"; |
| 62 |
|
|
} |
| 63 |
|
|
|
| 64 |
|
|
-if (exists $php{status} and $php{status} eq "enabled"){ |
| 65 |
|
|
- my $modphp = '4'; |
| 66 |
|
|
- if ( -r "/usr/lib/httpd/modules/libphp5.so" || -r "/usr/lib64/httpd/modules/libphp5.so" ){ |
| 67 |
|
|
- $modphp = '5'; |
| 68 |
|
|
- } |
| 69 |
|
|
- $OUT .= "LoadModule php".$modphp."_module modules/libphp".$modphp.".so\n"; |
| 70 |
|
|
-} |
| 71 |
|
|
- |
| 72 |
|
|
+$OUT .= "# we do not use php module anymore, but php-fpm"; |
| 73 |
|
|
|
| 74 |
|
|
$OUT .=<<"HERE"; |
| 75 |
|
|
|
| 76 |
|
|
-<IfModule mod_php4.c> |
| 77 |
|
|
- AddIcon /icons/php4.gif .php3 .php4 .php .phtml |
| 78 |
|
|
- AddIcon /icons/phps.gif .phps |
| 79 |
|
|
-</IfModule> |
| 80 |
|
|
- |
| 81 |
|
|
-<IfModule mod_php5.c> |
| 82 |
|
|
- AddIcon /icons/php5.gif .php3 .php4 .php5 .php .phtml |
| 83 |
|
|
- AddIcon /icons/phps.gif .phps |
| 84 |
|
|
-</IfModule> |
| 85 |
|
|
|
| 86 |
|
|
|
| 87 |
|
|
PidFile /var/run/httpd-pki.pid |
| 88 |
|
|
@@ -125,7 +104,6 @@ |
| 89 |
|
|
AddIconByType (IMG,/icons/image2.gif) image/* |
| 90 |
|
|
AddIconByType (SND,/icons/sound2.gif) audio/* |
| 91 |
|
|
AddIconByType (VID,/icons/movie.gif) video/* |
| 92 |
|
|
-DefaultType text/plain |
| 93 |
|
|
TypesConfig /etc/mime.types |
| 94 |
|
|
|
| 95 |
|
|
AddEncoding x-compress Z |
| 96 |
|
|
diff -Nur smeserver-phpki-ng-0.3.old/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/90phpki smeserver-phpki-ng-0.3/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/90phpki |
| 97 |
|
|
--- smeserver-phpki-ng-0.3.old/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/90phpki 2021-02-25 00:13:06.337000000 -0500 |
| 98 |
|
|
+++ smeserver-phpki-ng-0.3/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/90phpki 2021-02-25 01:28:59.712000000 -0500 |
| 99 |
|
|
@@ -5,13 +5,19 @@ |
| 100 |
|
|
<Directory /opt/phpki/html> |
| 101 |
|
|
AddType application/x-httpd-php .php |
| 102 |
|
|
Options FollowSymLinks |
| 103 |
|
|
-<FilesMatch .php$> |
| 104 |
|
|
- SetHandler "proxy:unix:/var/run/php-fpm/php73.sock|fcgi://localhost" |
| 105 |
|
|
-</FilesMatch> |
| 106 |
|
|
- php_flag register_globals off |
| 107 |
|
|
- php_flag register_long_arrays on |
| 108 |
|
|
- php_admin_value session.save_path /var/lib/php/pki-session |
| 109 |
|
|
- php_admin_value openbase_dir /opt/phpki:/var/lib/php/pki-session |
| 110 |
|
|
+{ |
| 111 |
|
|
+ my $key = "phpki"; |
| 112 |
|
|
+ my $pool_name = lc $key; |
| 113 |
|
|
+ my $version = ${httpd-pki}{'PHPVersion'} || '73'; |
| 114 |
|
|
+ $OUT .=" |
| 115 |
|
|
+<FilesMatch .php\$> |
| 116 |
|
|
+ SetHandler \"proxy:unix:/var/run/php-fpm/php${version}-${pool_name}.sock|fcgi://localhost\" |
| 117 |
|
|
+</FilesMatch>\n"; |
| 118 |
|
|
+} |
| 119 |
|
|
+# php_flag register_globals off |
| 120 |
|
|
+# php_flag register_long_arrays on |
| 121 |
|
|
+# php_admin_value session.save_path /var/lib/php/pki-session |
| 122 |
|
|
+# php_admin_value openbase_dir /opt/phpki:/var/lib/php/pki-session |
| 123 |
|
|
AddType application/x-x509-ca-cert .crt .pem |
| 124 |
|
|
AddType application/pkix-crl .crl |
| 125 |
|
|
AddType application/pkix-cert .cer .der |
| 126 |
|
|
diff -Nur smeserver-phpki-ng-0.3.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/20pki smeserver-phpki-ng-0.3/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/20pki |
| 127 |
|
|
--- smeserver-phpki-ng-0.3.old/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/20pki 1969-12-31 19:00:00.000000000 -0500 |
| 128 |
|
|
+++ smeserver-phpki-ng-0.3/root/etc/e-smith/templates/etc/php-fpm.d/www.conf/20pki 2021-02-25 01:36:39.161000000 -0500 |
| 129 |
|
|
@@ -0,0 +1,66 @@ |
| 130 |
|
|
+{ |
| 131 |
|
|
+ use esmith::ConfigDB; |
| 132 |
|
|
+ my $c = esmith::ConfigDB->open_ro || die "Couldn't open the configuration database\n"; |
| 133 |
|
|
+ my $httpdpki = $c->get( 'httpd-pki' ); |
| 134 |
|
|
+ |
| 135 |
|
|
+ my $version = $httpdpki->prop('PHPVersion') || '73'; |
| 136 |
|
|
+ # we enable both the httpd server and php pool with same status |
| 137 |
|
|
+ my $status = $httpdpki->prop('status') || 'disabled'; |
| 138 |
|
|
+ return unless ($status eq 'enabled' && $version eq $PHP_VERSION); |
| 139 |
|
|
+ my $key = 'phpki'; |
| 140 |
|
|
+ my $pool_name = lc $key; |
| 141 |
|
|
+ my $include_path = ".:/usr/share/pear-addons:/usr/share/pear:/usr/share/pear-data:/usr/share/php"; |
| 142 |
|
|
+ my $open_basedir = "/opt/phpki:/var/lib/php/phpki:$include_path"; |
| 143 |
|
|
+ my $disabled_functions = 'show_source,dl,passthru' |
| 144 |
|
|
+; |
| 145 |
|
|
+ # Format vars |
| 146 |
|
|
+ $disabled_functions = join(', ', split /[,;:]/, $disabled_functions); |
| 147 |
|
|
+ $open_basedir = join(':', split(/[,;:]/, $open_basedir . ",/usr/share/php")); |
| 148 |
|
|
+ |
| 149 |
|
|
+ $OUT .=<<"_EOF" if ($version eq $PHP_VERSION); |
| 150 |
|
|
+ |
| 151 |
|
|
+[$pool_name] |
| 152 |
|
|
+user = phpki |
| 153 |
|
|
+group = phpki |
| 154 |
|
|
+listen.owner = root |
| 155 |
|
|
+listen.group = phpki |
| 156 |
|
|
+listen.mode = 0660 |
| 157 |
|
|
+listen = /var/run/php-fpm/php$version-$pool_name.sock |
| 158 |
|
|
+catch_workers_output = yes |
| 159 |
|
|
+pm = dynamic |
| 160 |
|
|
+pm.max_children = 15 |
| 161 |
|
|
+pm.start_servers = 3 |
| 162 |
|
|
+pm.min_spare_servers = 3 |
| 163 |
|
|
+pm.max_spare_servers = 4 |
| 164 |
|
|
+pm.max_requests = 1000 |
| 165 |
|
|
+slowlog = /var/log/$key/slow.log |
| 166 |
|
|
+php_admin_value[session.save_path] = /var/lib/php/$key/session |
| 167 |
|
|
+php_admin_value[opcache.file_cache] = /var/lib/php/$key/opcache |
| 168 |
|
|
+php_admin_value[upload_tmp_dir] = /var/lib/php/$key/tmp |
| 169 |
|
|
+php_admin_value[sys_temp_dir] = /var/lib/php/$key/tmp |
| 170 |
|
|
+php_admin_flag[display_errors] = off |
| 171 |
|
|
+php_admin_value[error_reporting] =E_ERROR | E_WARNING | E_PARSE |
| 172 |
|
|
+php_admin_value[error_log] = /var/log/$key/error.log |
| 173 |
|
|
+php_admin_flag[log_errors] = on |
| 174 |
|
|
+; php_admin_value[max_execution_time] = $max_execution_time |
| 175 |
|
|
+php_admin_value[disable_functions] = $disabled_functions |
| 176 |
|
|
+php_admin_flag[allow_url_fopen] = off |
| 177 |
|
|
+php_admin_flag[file_upload] = off |
| 178 |
|
|
+php_admin_flag[session.cookie_httponly] = on |
| 179 |
|
|
+php_admin_flag[allow_url_include] = off |
| 180 |
|
|
+php_admin_value[session.save_handler] = files |
| 181 |
|
|
+php_admin_value[open_basedir] = $open_basedir |
| 182 |
|
|
+ |
| 183 |
|
|
+php_admin_value[auto_prepend_file] = /usr/share/php/auth_translation.php |
| 184 |
|
|
+php_value[include_path] = $include_path |
| 185 |
|
|
+php_flag[magic_quotes_gpc] = off |
| 186 |
|
|
+php_flag[track_vars] = on |
| 187 |
|
|
+php_flag[session.use_trans_sid] = off |
| 188 |
|
|
+php_flag[register_globals] = off |
| 189 |
|
|
+php_flag[register_long_arrays] = on |
| 190 |
|
|
+ |
| 191 |
|
|
+_EOF |
| 192 |
|
|
+ |
| 193 |
|
|
+ |
| 194 |
|
|
+} |
| 195 |
|
|
+ |
Parent Directory
| 
Revision Log
| 
Revision Graph
