intégration de forgehook \o/

2020-04-28 14:48:45 +02:00 · 2020-04-28 14:48:45 +02:00 · a74ae14b48
parent 03ff3d2a7d
commit a74ae14b48
3 changed files with 75 additions and 0 deletions
--- a/roles/.custom/files/forgehook/php.conf
+++ b/roles/.custom/files/forgehook/php.conf
@ -0,0 +1,22 @@
+[forgehook]
+user = __forgehook
+group = __forgehook
+listen = /opt/forgehook/php.sock
+listen.owner = www-data
+listen.group = www-data
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+pm.max_requests = 30
+request_terminate_timeout = 10s
+
+catch_workers_output = yes
+
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+php_admin_value[error_log] = /opt/forgehook/php.err.log
+php_admin_flag[log_errors] = on
+php_admin_value[memory_limit] = 32M
--- a/roles/.custom/tasks/forgehook/main.yml
+++ b/roles/.custom/tasks/forgehook/main.yml
@ -0,0 +1,50 @@
+- name: custom-forgehook-user
+  user:
+    name: __forgehook
+    state: present
+    shell: /bin/bash
+    system: no
+    createhome: yes
+    home: /opt/forgehook
+
+- name: custom-forgehook-clone
+  git:
+    repo: https://tildegit.org/southerntofu/webhook
+    dest: /opt/forgehook/source
+  register: repo_update
+
+- name: custom-forgehook-setup
+  shell:
+    chdir: /opt/forgehook/source
+    cmd: bash setup.sh
+  when: repo_updated.changed
+
+# TODO: Ici on présume très très fortement que webserver est activé et PHP installé -> mettre en place un vrai système d'interface entre rôles
+# TODO: Here we strongly assume webserver is enabled and PHP setup -> need a real interface/dependency system between roles
+
+- name: custom-forgehook-phpconf
+  copy:
+    src: ../../files/forgehook/php.conf
+    dest: /etc/php/7.3/fpm/pool.d/forgehook.conf
+  notify: webserver-reload-php
+  failed_when: "webserver" not in roles
+
+- name: custom-forgehook-endpoint
+  copy:
+    remote_src: yes
+    src: /opt/forgehook/source/endpoints/endpoint.php
+    dest: /opt/forgehook/source/public/index.php
+
+- name: custom-forgehook-nginx
+  blockinfile:
+    validate: nginx -t
+    insertbefore: "location / {"
+    block: |
+      location /.well-known/forgehook {
+          include snippets/fastcgi-php.conf;
+          root /opt/forgehook/source/public;
+          try_files $uri $uri/ /index.php;
+          fastcgi_pass unix:/opt/forgehook/php.sock;
+      }
+  notify: webserver-reload-nginx
+  failed_when: "webserver" not in roles
--- a/roles/webserver/handlers/main.yml
+++ b/roles/webserver/handlers/main.yml
@ -1,2 +1,5 @@
 - name: webserver-reload-nginx
  service: name=nginx state=restarted
+
+- name: webserver-reload-php
+  service: name=php-fpm state=restarted