75 lines
2.3 KiB
YAML
75 lines
2.3 KiB
YAML
---
|
|
- name: Configure php-fpm
|
|
blockinfile:
|
|
dest: '{{ php_dir }}/fpm/pool.d/www.conf'
|
|
insertafter: '^; Default Value: clean env$'
|
|
marker: '; {mark} ANSIBLE MANAGED BLOCK'
|
|
block: |
|
|
env[HOSTNAME] = $HOSTNAME
|
|
env[PATH] = $PATH
|
|
env[TMP] = /tmp
|
|
env[TMPDIR] = /tmp
|
|
env[TEMP] = /tmp
|
|
notify: reload php-fpm
|
|
|
|
- name: Enable APC for php CLI
|
|
copy:
|
|
dest: '{{ php_dir }}/cli/conf.d/10-local.ini'
|
|
content: 'apc.enable_cli = 1'
|
|
notify: reload php-fpm
|
|
|
|
- name: Configure cache and memory for PHP
|
|
lineinfile:
|
|
dest: '{{ php_dir }}/fpm/php.ini'
|
|
state: present
|
|
regexp: '{{ item.regexp }}'
|
|
line: '{{ item.line }}'
|
|
backrefs: yes
|
|
loop:
|
|
- { regexp: 'opcache.enable=0', line: 'opcache.enable=1' }
|
|
- { regexp: 'opcache.enable_cli', line: 'opcache.enable_cli=1' }
|
|
- { regexp: 'opcache.interned_strings_buffer', line: 'opcache.interned_strings_buffer=8' }
|
|
- { regexp: 'opcache.max_accelerated_files', line: 'opcache.max_accelerated_files=10000' }
|
|
- { regexp: 'opcache.memory_consumption', line: 'opcache.memory_consumption=128' }
|
|
- { regexp: 'opcache.save_comments', line: 'opcache.save_comments=1' }
|
|
- { regexp: 'opcache.revalidate_freq', line: 'opcache.revalidate_freq=1' }
|
|
- { regexp: 'memory_limit', line: 'memory_limit={{ php_memory_limit }}'}
|
|
notify: reload php-fpm
|
|
|
|
- name: Generate Diffie-Hellman parameters (slow)
|
|
command: "openssl dhparam -out {{ tls_dhparam }} 2048"
|
|
args:
|
|
creates: '{{ tls_dhparam }}'
|
|
|
|
- name: Configure nginx for php-fpm handling
|
|
template:
|
|
src: nginx_php_handler.j2
|
|
dest: /etc/nginx/sites-available/php_handler.cnf
|
|
notify: reload http
|
|
|
|
- name: Enable php-fpm handling in nginx
|
|
file:
|
|
path: /etc/nginx/sites-enabled/php_handler
|
|
src: /etc/nginx/sites-available/php_handler.cnf
|
|
state: link
|
|
notify: reload http
|
|
|
|
- name: Configure nextcloud in nginx
|
|
template:
|
|
dest: /etc/nginx/sites-available/nextcloud.cnf
|
|
src: 'nginx_nc.j2'
|
|
notify: reload http
|
|
|
|
- name: Enable Nextcloud in nginx conf
|
|
file:
|
|
path: /etc/nginx/sites-enabled/nextcloud
|
|
src: /etc/nginx/sites-available/nextcloud.cnf
|
|
state: link
|
|
notify: reload http
|
|
|
|
- name: Disable nginx default site
|
|
file:
|
|
path: /etc/nginx/sites-enabled/default
|
|
state: absent
|
|
notify: reload http
|