From caeaae61a5a58793692394e2ba0c82d096dadcad Mon Sep 17 00:00:00 2001 From: DirkAholic Date: Wed, 6 Jul 2016 12:26:39 +0200 Subject: [PATCH] Start fresh using the latest Ubuntu LTS version and ansible --- .gitmodules | 30 --- Readme.md | 62 ++---- Vagrantfile | 114 ++--------- conf/apt/dotdeb.list | 8 - conf/nginx/default | 70 ------- conf/php/custom.ini | 5 - conf/php/suhosin.ini | 110 ---------- playbooks/tasks/base.yml | 5 + playbooks/tasks/mysql.yml | 3 + playbooks/tasks/nginx.yml | 32 +++ playbooks/tasks/php-fpm.yml | 10 + playbooks/tasks/php.yml | 13 ++ playbooks/tasks/symfony.yml | 12 ++ playbooks/templates/nginx.conf.j2 | 73 +++++++ playbooks/templates/symfony.conf.j2 | 26 +++ playbooks/templates/symfony_parameters.yml.j2 | 12 ++ .../templates/www.conf.j2 | 42 ++-- playbooks/vagrant.yml | 22 ++ puppet/manifests/default.pp | 191 ------------------ puppet/modules/apache | 1 - puppet/modules/apt | 1 - puppet/modules/mongodb | 1 - puppet/modules/mysql | 1 - puppet/modules/nginx | 1 - puppet/modules/pear | 1 - puppet/modules/php | 1 - puppet/modules/phpqatools | 1 - puppet/modules/puppi | 1 - puppet/modules/stdlib | 1 - www/index.php | 1 - 30 files changed, 266 insertions(+), 585 deletions(-) delete mode 100644 .gitmodules delete mode 100644 conf/apt/dotdeb.list delete mode 100644 conf/nginx/default delete mode 100644 conf/php/custom.ini delete mode 100644 conf/php/suhosin.ini create mode 100644 playbooks/tasks/base.yml create mode 100644 playbooks/tasks/mysql.yml create mode 100644 playbooks/tasks/nginx.yml create mode 100644 playbooks/tasks/php-fpm.yml create mode 100644 playbooks/tasks/php.yml create mode 100644 playbooks/tasks/symfony.yml create mode 100644 playbooks/templates/nginx.conf.j2 create mode 100644 playbooks/templates/symfony.conf.j2 create mode 100644 playbooks/templates/symfony_parameters.yml.j2 rename conf/php/php-fpm/www.conf => playbooks/templates/www.conf.j2 (94%) create mode 100644 playbooks/vagrant.yml delete mode 100644 puppet/manifests/default.pp delete mode 160000 puppet/modules/apache delete mode 160000 puppet/modules/apt delete mode 160000 puppet/modules/mongodb delete mode 160000 puppet/modules/mysql delete mode 160000 puppet/modules/nginx delete mode 160000 puppet/modules/pear delete mode 160000 puppet/modules/php delete mode 160000 puppet/modules/phpqatools delete mode 160000 puppet/modules/puppi delete mode 160000 puppet/modules/stdlib delete mode 100644 www/index.php diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index 67d73cc..0000000 --- a/.gitmodules +++ /dev/null @@ -1,30 +0,0 @@ -[submodule "puppet/modules/apache"] - path = puppet/modules/apache - url = https://github.com/example42/puppet-apache -[submodule "puppet/modules/puppi"] - path = puppet/modules/puppi - url = https://github.com/example42/puppi -[submodule "puppet/modules/mysql"] - path = puppet/modules/mysql - url = https://github.com/example42/puppet-mysql -[submodule "puppet/modules/nginx"] - path = puppet/modules/nginx - url = https://github.com/example42/puppet-nginx -[submodule "puppet/modules/mongodb"] - path = puppet/modules/mongodb - url = https://github.com/puppetlabs/puppetlabs-mongodb.git -[submodule "puppet/modules/apt"] - path = puppet/modules/apt - url = https://github.com/puppetlabs/puppetlabs-apt.git -[submodule "puppet/modules/stdlib"] - path = puppet/modules/stdlib - url = https://github.com/puppetlabs/puppetlabs-stdlib.git -[submodule "puppet/modules/pear"] - path = puppet/modules/pear - url = https://github.com/rafaelfelix/puppet-pear.git -[submodule "puppet/modules/phpqatools"] - path = puppet/modules/phpqatools - url = https://github.com/rafaelfelix/puppet-phpqatools.git -[submodule "puppet/modules/php"] - path = puppet/modules/php - url = https://github.com/saz/puppet-php.git diff --git a/Readme.md b/Readme.md index ea683a7..e21ac4e 100644 --- a/Readme.md +++ b/Readme.md @@ -6,52 +6,28 @@ Installation ------------ * Install vagrant using the installation instructions in the [Getting Started document](http://vagrantup.com/v1/docs/getting-started/index.html) -* Add a Ubuntu Precise box using the [available official boxes](https://github.com/mitchellh/vagrant/wiki/Available-Vagrant-Boxes), for example: ```vagrant box add phpdevbox http://files.vagrantup.com/precise64.box``` (make sure it's named phpdevbox) -* Clone this repository -* Install submodules with ```git submodule update --init``` -* After running ```vagrant up``` the box is set up using Puppet -* You should now have your working Symfony2 Standard Edition under http://localhost:8181/app_dev.php (You have to uncomment or remove some lines at the beginning of web/app_dev.php that restrict access to this file. Is no risk as you should not deploy that file to prodution anyway.) +* Clone this repository and cd into it +* Run ```vagrant up``` in order to set up the box using the ansible provisioner +* You should now have your working Symfony2 Standard Edition under http://192.168.50.4/ + +The installation process will create a folder symfony-standard inside +the main directory of the repository. You can now start working inside +this folder directly on your host computer using your favourite IDE. +Changes done there will be reflected directly on the vagrant box as the +directory is mounted in the vagrant box under '''/vagrant'''. Also you +can login into the box using ```vagrant ssh``` and have the full control +over processes etc. + +As the provisioning using the ansible provisioner is very fast you can +repeat the whole procedure at any time. In order to start fresh just run +```vagrant destroy``` and ```vagrant up```. This will undo all you manual +changes done on the vagrant box and provide you with a clean setup. Installed components -------------------- -* [Nginx](http://nginx.org) using puppet module (https://github.com/example42/puppet-nginx) -* [Apache](http://httpd.apache.org/) using puppet module (https://github.com/example42/puppet-apache) -* [php-fpm](http://php-fpm.org) using puppet module (https://github.com/saz/puppet-php) +* [Nginx](http://nginx.org) +* [MySQL](http://dev.mysql.com/downloads/mysql/) +* [php-fpm](http://php-fpm.org) * [git](http://git-scm.com/) -* [pear](http://pear.php.net/) using puppet module (https://github.com/rafaelfelix/puppet-pear) -* [Node.js](http://nodejs.org/) -* [npm](http://npmjs.org/) -* [less](http://lesscss.org/) * [Symfony2 Standard Edition](https://github.com/symfony/symfony-standard) -* [MySQL](http://dev.mysql.com/downloads/mysql/) using puppet module (https://github.com/example42/puppet-mysql) -* [MongoDB](http://www.mongodb.org/) using puppet module (https://github.com/puppetlabs/puppetlabs-mongodb) -* [Capistrano](https://github.com/capistrano/capistrano) -* [capifony](http://capifony.org/) -* Most of the [phpqatools](http://www.phpqatools.org) using puppet module (https://github.com/rafaelfelix/puppet-phpqatools) -* [xdebug](http://xdebug.org/) - -Debugging ---------- - -If you want to debug your cli application using xdebug for example with Netbeans just run this command before executing the cli app: - -```bash -$ export XDEBUG_CONFIG="idekey=netbeans-xdebug remote_host=192.168.33.1 profiler_enable=1 default_enable=1 remote_enable=1 remote_handler=dbgp remote_port=9000 remote_autostart=0" -``` - -Hints ------ - -**Startup speed** - -To speed up the startup process use - -```bash -$ vagrant up --no-provision -``` - -after the first run. It just starts the virtual machine without provisioning of the recipes. - -TODO ----- diff --git a/Vagrantfile b/Vagrantfile index 8daab4b..a985db8 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,106 +1,20 @@ -# -*- mode: ruby -*- -# vi: set ft=ruby : +# Optimized for Vagrant 1.7 and above. +Vagrant.require_version ">= 1.7.0" -Vagrant::Config.run do |config| - # All Vagrant configuration is done here. The most common configuration - # options are documented and commented below. For a complete reference, - # please see the online documentation at vagrantup.com. +Vagrant.configure(2) do |config| - # Every Vagrant virtual environment requires a box to build off of. - config.vm.box = "phpdevbox" + config.vm.box = "ubuntu/trusty64" - # The url from where the 'config.vm.box' box will be fetched if it - # doesn't already exist on the user's system. - # config.vm.box_url = "http://domain.com/path/to/above.box" + # Disable the new default behavior introduced in Vagrant 1.7, to + # ensure that all Vagrant machines will use the same SSH key pair. + # See https://github.com/mitchellh/vagrant/issues/5005 + config.ssh.insert_key = false - # Boot with a GUI so you can see the screen. (Default is headless) - # config.vm.boot_mode = :gui - - # Assign this VM to a host-only network IP, allowing you to access it - # via the IP. Host-only networks can talk to the host machine as well as - # any other machines on the same network, but cannot be accessed (through this - # network interface) by any external networks. - config.vm.network :hostonly, "192.168.33.10" - - # Assign this VM to a bridged network, allowing you to connect directly to a - # network using the host's network device. This makes the VM appear as another - # physical device on your network. - # config.vm.network :bridged - - # Forward a port from the guest to the host, which allows for outside - # computers to access the VM, whereas host only networking does not. - config.vm.forward_port 80, 8080 #apache - config.vm.forward_port 81, 8181 #nginx - config.vm.forward_port 27017, 27017 #mongodb - config.vm.forward_port 3306, 3306 #mysql - - # Share an additional folder to the guest VM. The first argument is - # an identifier, the second is the path on the guest to mount the - # folder, and the third is the path on the host to the actual folder. - # config.vm.share_folder "v-data", "/vagrant_data", "../data" - - # Enable provisioning with Puppet stand alone. Puppet manifests - # are contained in a directory path relative to this Vagrantfile. - # You will need to create the manifests directory and a manifest in - # the file precise64.pp in the manifests_path directory. - # - # An example Puppet manifest to provision the message of the day: - # - # # group { "puppet": - # # ensure => "present", - # # } - # # - # # File { owner => 0, group => 0, mode => 0644 } - # # - # # file { '/etc/motd': - # # content => "Welcome to your Vagrant-built virtual machine! - # # Managed by Puppet.\n" - # # } - # - config.vm.provision :puppet do |puppet| - puppet.manifests_path = "puppet/manifests" - puppet.module_path = "puppet/modules" - puppet.options = ['--verbose'] + config.vm.provision "ansible" do |ansible| + ansible.verbose = "vv" + ansible.playbook = "playbooks/vagrant.yml" end - # Enable provisioning with chef solo, specifying a cookbooks path, roles - # path, and data_bags path (all relative to this Vagrantfile), and adding - # some recipes and/or roles. - # - # config.vm.provision :chef_solo do |chef| - # chef.cookbooks_path = "../my-recipes/cookbooks" - # chef.roles_path = "../my-recipes/roles" - # chef.data_bags_path = "../my-recipes/data_bags" - # chef.add_recipe "mysql" - # chef.add_role "web" - # - # # You may also specify custom JSON attributes: - # chef.json = { :mysql_password => "foo" } - # end - - # Enable provisioning with chef server, specifying the chef server URL, - # and the path to the validation key (relative to this Vagrantfile). - # - # The Opscode Platform uses HTTPS. Substitute your organization for - # ORGNAME in the URL and validation key. - # - # If you have your own Chef Server, use the appropriate URL, which may be - # HTTP instead of HTTPS depending on your configuration. Also change the - # validation key to validation.pem. - # - # config.vm.provision :chef_client do |chef| - # chef.chef_server_url = "https://api.opscode.com/organizations/ORGNAME" - # chef.validation_key_path = "ORGNAME-validator.pem" - # end - # - # If you're using the Opscode platform, your validator client is - # ORGNAME-validator, replacing ORGNAME with your organization name. - # - # IF you have your own Chef Server, the default validation client name is - # chef-validator, unless you changed the configuration. - # - # chef.validation_client_name = "ORGNAME-validator" - - # allow symlinks in vm - config.vm.customize ["setextradata", :id, "VBoxInternal2/SharedFoldersEnableSymlinksCreate/v-root", "1"] -end + config.vm.network "forwarded_port", guest: 80, host: 8080 + config.vm.network "private_network", ip: "192.168.50.4" +end \ No newline at end of file diff --git a/conf/apt/dotdeb.list b/conf/apt/dotdeb.list deleted file mode 100644 index 4aabf0b..0000000 --- a/conf/apt/dotdeb.list +++ /dev/null @@ -1,8 +0,0 @@ -deb http://packages.dotdeb.org squeeze all -deb-src http://packages.dotdeb.org squeeze all - -# Uncomment if you need php5.4 - since `apt-get update` runs upon every boot -# this might end up breaking your vagrant box -# -# deb http://packages.dotdeb.org squeeze-php54 all -# deb-src http://packages.dotdeb.org squeeze-php54 all \ No newline at end of file diff --git a/conf/nginx/default b/conf/nginx/default deleted file mode 100644 index 5d72eb2..0000000 --- a/conf/nginx/default +++ /dev/null @@ -1,70 +0,0 @@ -server { - listen 81; - sendfile off; - server_name localhost; - access_log /var/log/nginx/localhost.access.log; - error_log /var/log/nginx/localhost.error.log error; - - # strip app.php/ prefix if it is present - rewrite ^/app\.php/?(.*)$ /$1 permanent; - -## Default location - location / { - root /vagrant/www/symfony/web; - index app.php; - try_files $uri @rewriteapp; - } - - location @rewriteapp { - rewrite ^(.*)$ /app.php/$1 last; - } - -## Images and static content is treated different - location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ { - access_log off; - expires 30d; - root /vagrant/www/symfony/web; - } - -## Parse all .php file in the /vagrant/www/symfony/web directory - location ~ ^/(app|app_dev)\.php(/|$) { - root /vagrant/www/symfony/web; - fastcgi_split_path_info ^(.+\.php)(.*)$; - fastcgi_pass backend; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME /vagrant/www/symfony/web$fastcgi_script_name; - include fastcgi_params; - fastcgi_param QUERY_STRING $query_string; - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param CONTENT_TYPE $content_type; - fastcgi_param CONTENT_LENGTH $content_length; - fastcgi_intercept_errors on; - fastcgi_ignore_client_abort off; - fastcgi_connect_timeout 60; - fastcgi_send_timeout 180; - fastcgi_read_timeout 180; - fastcgi_buffer_size 128k; - fastcgi_buffers 4 256k; - fastcgi_busy_buffers_size 256k; - fastcgi_temp_file_write_size 256k; - } - -# Prevent php files from being downloaded - location ~ \.php$ { - include /etc/nginx/fastcgi_params; - fastcgi_index index.php; - if (-f $request_filename) { - fastcgi_pass 127.0.0.1:9000; - } - } - -## Disable viewing .htaccess & .htpassword - location ~ /\.ht { - deny all; - } -} - -## php-fpm backend -upstream backend { - server 127.0.0.1:9000; -} diff --git a/conf/php/custom.ini b/conf/php/custom.ini deleted file mode 100644 index f8a82b3..0000000 --- a/conf/php/custom.ini +++ /dev/null @@ -1,5 +0,0 @@ -date.timezone = "Europe/Berlin" - -short_open_tag = Off - -extension=mongo.so diff --git a/conf/php/suhosin.ini b/conf/php/suhosin.ini deleted file mode 100644 index 06811aa..0000000 --- a/conf/php/suhosin.ini +++ /dev/null @@ -1,110 +0,0 @@ -; configuration for php suhosin module -extension=suhosin.so - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; -; the following values are the internal default settings and set implicit -; feel free to modify to your needs -; documentation can be found at: -; http://www.hardened-php.net/suhosin/configuration.html -; or have a look into /usr/share/doc/php5-suhosin/examples/suhosin.ini.gz - -[suhosin] -; Logging Configuration -;suhosin.log.syslog = -;suhosin.log.syslog.facility = 9 -;suhosin.log.syslog.priority = 1 -;suhosin.log.sapi = -;suhosin.log.script = 0 -;suhosin.log.phpscript = 0 -;suhosin.log.script.name = -;suhosin.log.phpscript.name = -;suhosin.log.use-x-forwarded-for = off - -; Executor Options -;suhosin.executor.max_depth = 0 -;suhosin.executor.include.max_traversal = 0 -suhosin.executor.include.whitelist = phar -;suhosin.executor.include.blacklist = -;suhosin.executor.include.allow_writable_files = on -;suhosin.executor.func.whitelist = -;suhosin.executor.func.blacklist = -;suhosin.executor.eval.whitelist = -;suhosin.executor.eval.blacklist = -;suhosin.executor.disable_eval = off -;suhosin.executor.disable_emodifier = off -;suhosin.executor.allow_symlink = off - -; Misc Options -;suhosin.simulation = off -;suhosin.apc_bug_workaround = off -;suhosin.sql.bailout_on_error = off -;suhosin.sql.user_prefix = -;suhosin.sql.user_postfix = -;suhosin.multiheader = off -;suhosin.mail.protect = 0 -;suhosin.memory_limit = 0 - -; Transparent Encryption Options -;suhosin.session.encrypt = on -;suhosin.session.cryptkey = -;suhosin.session.cryptua = on -;suhosin.session.cryptdocroot = on -;suhosin.session.cryptraddr = 0 -;suhosin.session.checkraddr = 0 -;suhosin.cookie.encrypt = on -;suhosin.cookie.cryptkey = -;suhosin.cookie.cryptua = on -;suhosin.cookie.cryptdocroot = on -;suhosin.cookie.cryptraddr = 0 -;suhosin.cookie.checkraddr = 0 -;suhosin.cookie.cryptlist = -;suhosin.cookie.plainlist = - -; Randomness -;suhosin.srand.ignore = on -;suhosin.mt_srand.ignore = on - -; Filtering Options -;suhosin.filter.action = -;suhosin.cookie.max_array_depth = 100 -;suhosin.cookie.max_array_index_length = 64 -;suhosin.cookie.max_name_length = 64 -;suhosin.cookie.max_totalname_length = 256 -;suhosin.cookie.max_value_length = 10000 -;suhosin.cookie.max_vars = 100 -;suhosin.cookie.disallow_nul = on -;suhosin.get.max_array_depth = 50 -;suhosin.get.max_array_index_length = 64 -;suhosin.get.max_name_length = 64 -;suhosin.get.max_totalname_length = 256 -;suhosin.get.max_value_length = 512 -;suhosin.get.max_vars = 100 -;suhosin.get.disallow_nul = on -;suhosin.post.max_array_depth = 100 -;suhosin.post.max_array_index_length = 64 -;suhosin.post.max_name_length = 64 -;suhosin.post.max_totalname_length = 256 -;suhosin.post.max_value_length = 1000000 -;suhosin.post.max_vars = 1000 -;suhosin.post.disallow_nul = on -;suhosin.request.max_array_depth = 100 -;suhosin.request.max_array_index_length = 64 -;suhosin.request.max_totalname_length = 256 -;suhosin.request.max_value_length = 1000000 -;suhosin.request.max_vars = 1000 -;suhosin.request.max_varname_length = 64 -;suhosin.request.disallow_nul = on -;suhosin.server.encode = on -;suhosin.server.strip = on -;suhosin.upload.max_uploads = 25 -;suhosin.upload.disallow_elf = on -;suhosin.upload.disallow_binary = off -;suhosin.upload.remove_binary = off -;suhosin.upload.verification_script = -;suhosin.session.max_id_length = 128 -;suhosin.coredump = off -;suhosin.protectkey = 1 -;suhosin.stealth = 1 -;suhosin.perdir = "0" \ No newline at end of file diff --git a/playbooks/tasks/base.yml b/playbooks/tasks/base.yml new file mode 100644 index 0000000..688ff7a --- /dev/null +++ b/playbooks/tasks/base.yml @@ -0,0 +1,5 @@ +- name: Install required base packages + apt: name={{ item }} state=present + with_items: + - curl + - git \ No newline at end of file diff --git a/playbooks/tasks/mysql.yml b/playbooks/tasks/mysql.yml new file mode 100644 index 0000000..a95217b --- /dev/null +++ b/playbooks/tasks/mysql.yml @@ -0,0 +1,3 @@ +--- +- name: Install MySQL + apt: name=mysql-server state=present diff --git a/playbooks/tasks/nginx.yml b/playbooks/tasks/nginx.yml new file mode 100644 index 0000000..effcb02 --- /dev/null +++ b/playbooks/tasks/nginx.yml @@ -0,0 +1,32 @@ +--- +- name: Install nginx + apt: name=nginx state=present + +- name: Copy across new nginx config + template: + src=nginx.conf.j2 + dest=/etc/nginx/nginx.conf + notify: + - restart nginx + +- name: Copy across new virtual host + template: + src=symfony.conf.j2 + dest=/etc/nginx/sites-available/symfony.conf + notify: + - restart nginx + +- name: Remove default virtual host + file: + path=/etc/nginx/sites-enabled/default + state=absent + notify: + - restart nginx + +- name: Enable new vagrant virtual host + file: + src=/etc/nginx/sites-available/symfony.conf + dest=/etc/nginx/sites-enabled/symfony.conf + state=link + notify: + - restart nginx \ No newline at end of file diff --git a/playbooks/tasks/php-fpm.yml b/playbooks/tasks/php-fpm.yml new file mode 100644 index 0000000..2495bd9 --- /dev/null +++ b/playbooks/tasks/php-fpm.yml @@ -0,0 +1,10 @@ +--- +- name: Install php-fpm + apt: name=php5-fpm state=present + +- name: Copy across new php-fpm pool config + template: + src=www.conf.j2 + dest=/etc/php5/fpm/pool.d/www.conf + notify: + - restart php-fpm \ No newline at end of file diff --git a/playbooks/tasks/php.yml b/playbooks/tasks/php.yml new file mode 100644 index 0000000..cbe6e83 --- /dev/null +++ b/playbooks/tasks/php.yml @@ -0,0 +1,13 @@ +--- +- name: Install php + apt: name=php5 state=present + +- name: Install required php packages + apt: name={{ item }} state=present + with_items: + - php5-mysql + - php5-intl + - php5-cli + +- name: Install composer + shell: curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer \ No newline at end of file diff --git a/playbooks/tasks/symfony.yml b/playbooks/tasks/symfony.yml new file mode 100644 index 0000000..23fbbb3 --- /dev/null +++ b/playbooks/tasks/symfony.yml @@ -0,0 +1,12 @@ +--- +- name: Clone Symfony2 standard edition + git: repo=https://github.com/symfony/symfony-standard.git + dest=/vagrant/symfony-standard + +- name: Copy across new parameters.yml + template: + src=symfony_parameters.yml.j2 + dest=/vagrant/symfony-standard/app/config/parameters.yml + +- name: Install Symfony2 project dependencies + shell: cd /vagrant/symfony-standard && composer install \ No newline at end of file diff --git a/playbooks/templates/nginx.conf.j2 b/playbooks/templates/nginx.conf.j2 new file mode 100644 index 0000000..fdbdf3b --- /dev/null +++ b/playbooks/templates/nginx.conf.j2 @@ -0,0 +1,73 @@ +user {{ www_user }}; +worker_processes 4; +pid /run/nginx.pid; + +events { + worker_connections 768; + # multi_accept on; +} + +http { + + ## + # Basic Settings + ## + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + # server_tokens off; + + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # Logging Settings + ## + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + ## + # Gzip Settings + ## + + gzip on; + gzip_disable "msie6"; + + # gzip_vary on; + # gzip_proxied any; + # gzip_comp_level 6; + # gzip_buffers 16 8k; + # gzip_http_version 1.1; + # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; + + ## + # nginx-naxsi config + ## + # Uncomment it if you installed nginx-naxsi + ## + + #include /etc/nginx/naxsi_core.rules; + + ## + # nginx-passenger config + ## + # Uncomment it if you installed nginx-passenger + ## + + #passenger_root /usr; + #passenger_ruby /usr/bin/ruby; + + ## + # Virtual Host Configs + ## + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; +} \ No newline at end of file diff --git a/playbooks/templates/symfony.conf.j2 b/playbooks/templates/symfony.conf.j2 new file mode 100644 index 0000000..145ec8e --- /dev/null +++ b/playbooks/templates/symfony.conf.j2 @@ -0,0 +1,26 @@ +server { + listen 80 default_server; + listen [::]:80 default_server ipv6only=on; + + server_name 192.168.50.4; + root {{ document_root }}/web; + + location / { + # try to serve file directly, fallback to app.php + try_files $uri /app.php$is_args$args; + } + + location ~ ^/app\.php(/|$) { + fastcgi_pass unix:/var/run/php5-symfony.sock; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + # Prevents URIs that include the front controller. This will 404: + # http://domain.tld/app.php/some-path + # Remove the internal directive to allow URIs like this + internal; + } + + error_log /var/log/nginx/symfony_error.log; + access_log /var/log/nginx/symfony_access.log; +} diff --git a/playbooks/templates/symfony_parameters.yml.j2 b/playbooks/templates/symfony_parameters.yml.j2 new file mode 100644 index 0000000..744e3ed --- /dev/null +++ b/playbooks/templates/symfony_parameters.yml.j2 @@ -0,0 +1,12 @@ +# This file is auto-generated during the composer install +parameters: + database_host: 127.0.0.1 + database_port: null + database_name: symfony + database_user: root + database_password: null + mailer_transport: smtp + mailer_host: 127.0.0.1 + mailer_user: null + mailer_password: null + secret: a0888cfd6538f2ded11ed14b163eee30f732c5b8 diff --git a/conf/php/php-fpm/www.conf b/playbooks/templates/www.conf.j2 similarity index 94% rename from conf/php/php-fpm/www.conf rename to playbooks/templates/www.conf.j2 index ee51433..c6de810 100644 --- a/conf/php/php-fpm/www.conf +++ b/playbooks/templates/www.conf.j2 @@ -19,8 +19,8 @@ ; Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user's group ; will be used. -user = vagrant -group = vagrant +user = {{ www_user }} +group = {{ www_group }} ; The address on which to accept FastCGI requests. ; Valid syntaxes are: @@ -30,20 +30,20 @@ group = vagrant ; specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -listen = 127.0.0.1:9000 +listen = /var/run/php5-symfony.sock -; Set listen(2) backlog. A value of '-1' means unlimited. -; Default Value: 128 (-1 on FreeBSD and OpenBSD) -;listen.backlog = -1 +; Set listen(2) backlog. +; Default Value: 65535 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 65535 ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many ; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user -; mode is set to 0666 -;listen.owner = www-data -;listen.group = www-data -;listen.mode = 0666 +; mode is set to 0660 +listen.owner = {{ www_user }} +listen.group = {{ www_group }} +;listen.mode = 0660 ; List of ipv4 addresses of FastCGI clients which are allowed to connect. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original @@ -53,6 +53,14 @@ listen = 127.0.0.1:9000 ; Default Value: any ;listen.allowed_clients = 127.0.0.1 +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; priority = -19 + ; Choose how the process manager will control the number of child processes. ; Possible Values: ; static - a fixed number (pm.max_children) of child processes; @@ -88,22 +96,22 @@ pm = dynamic ; forget to tweak pm.* to fit your needs. ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' ; Note: This value is mandatory. -pm.max_children = 10 +pm.max_children = 5 ; The number of child processes created on startup. ; Note: Used only when pm is set to 'dynamic' ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2 -pm.start_servers = 4 +pm.start_servers = 2 ; The desired minimum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.min_spare_servers = 2 +pm.min_spare_servers = 1 ; The desired maximum number of idle server processes. ; Note: Used only when pm is set to 'dynamic' ; Note: Mandatory when pm is set to 'dynamic' -pm.max_spare_servers = 6 +pm.max_spare_servers = 3 ; The number of seconds after which an idle process will be killed. ; Note: Used only when pm is set to 'ondemand' @@ -267,7 +275,7 @@ pm.max_spare_servers = 6 ; - %{megabytes}M ; - %{mega}M ; %n: pool name -; %o: ouput header +; %o: output header ; it must be associated with embraces to specify the name of the header: ; - %{Content-Type}o ; - %{X-Powered-By}o @@ -289,7 +297,7 @@ pm.max_spare_servers = 6 ; %u: remote user ; ; Default: "%R - %u %t \"%m %r\" %s" -;access.format = %R - %u %t "%m %r%Q%q" %s %f %{mili}d %{kilo}M %C%% +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" ; The log file for slow requests ; Default Value: not set @@ -381,4 +389,4 @@ chdir = / ;php_flag[display_errors] = off ;php_admin_value[error_log] = /var/log/fpm-php.www.log ;php_admin_flag[log_errors] = on -;php_admin_value[memory_limit] = 32M +;php_admin_value[memory_limit] = 32M \ No newline at end of file diff --git a/playbooks/vagrant.yml b/playbooks/vagrant.yml new file mode 100644 index 0000000..b75e4b4 --- /dev/null +++ b/playbooks/vagrant.yml @@ -0,0 +1,22 @@ +--- +- hosts: all + sudo: true + vars: + document_root: /vagrant/symfony-standard + www_user: vagrant + www_group: vagrant + handlers: + - name: restart nginx + service: name=nginx state=restarted + - name: restart php-fpm + service: name=php5-fpm state=restarted + pre_tasks: + - name: update apt cache + apt: update_cache=yes + tasks: + - include: tasks/base.yml + - include: tasks/nginx.yml + - include: tasks/mysql.yml + - include: tasks/php.yml + - include: tasks/php-fpm.yml + - include: tasks/symfony.yml \ No newline at end of file diff --git a/puppet/manifests/default.pp b/puppet/manifests/default.pp deleted file mode 100644 index e77f161..0000000 --- a/puppet/manifests/default.pp +++ /dev/null @@ -1,191 +0,0 @@ -# Basic Puppet manifest - -Exec { path => [ "/bin/", "/sbin/" , "/usr/bin/", "/usr/sbin/" ] } - -class system-update { - - file { "/etc/apt/sources.list.d/dotdeb.list": - owner => root, - group => root, - mode => 664, - source => "/vagrant/conf/apt/dotdeb.list", - } - - exec { 'dotdeb-apt-key': - cwd => '/tmp', - command => "wget http://www.dotdeb.org/dotdeb.gpg -O dotdeb.gpg && - cat dotdeb.gpg | apt-key add -", - unless => 'apt-key list | grep dotdeb', - require => File['/etc/apt/sources.list.d/dotdeb.list'], - notify => Exec['apt_update'], - } - - exec { 'apt-get update': - command => 'apt-get update', - } - - $sysPackages = [ "build-essential" ] - package { $sysPackages: - ensure => "installed", - require => Exec['apt-get update'], - } -} - -class nginx-setup { - - include nginx - - file { "/etc/nginx/sites-available/php-fpm": - owner => root, - group => root, - mode => 664, - source => "/vagrant/conf/nginx/default", - require => Package["nginx"], - notify => Service["nginx"], - } - - file { "/etc/nginx/sites-enabled/default": - owner => root, - ensure => link, - target => "/etc/nginx/sites-available/php-fpm", - require => Package["nginx"], - notify => Service["nginx"], - } -} - -class development { - - $devPackages = [ "curl", "git", "nodejs", "npm", "capistrano", "rubygems", "openjdk-7-jdk", "libaugeas-ruby" ] - package { $devPackages: - ensure => "installed", - require => Exec['apt-get update'], - } - - exec { 'install less using npm': - command => 'npm install less -g', - require => Package["npm"], - } - - exec { 'install capifony using RubyGems': - command => 'gem install capifony', - require => Package["rubygems"], - } - - exec { 'install capistrano_rsync_with_remote_cache using RubyGems': - command => 'gem install capistrano_rsync_with_remote_cache', - require => Package["capistrano"], - } -} - -class symfony-standard { - - exec { 'git clone symfony standard': - command => 'git clone https://github.com/symfony/symfony-standard.git /vagrant/www/symfony', - creates => "/vagrant/www/symfony" - } - - exec { 'install composer for symfony when needed': - command => 'curl -s http://getcomposer.org/installer | php -- --install-dir=/vagrant/www/symfony', - onlyif => "test -e /vagrant/www/symfony/composer.json", - } - - exec { 'run composer for symfony when composer is used': - command => 'php composer.phar --verbose install', - cwd => "/vagrant/www/symfony", - onlyif => "test -e /vagrant/www/symfony/composer.json", - timeout => 0, - tries => 10, - require => Exec['install composer for symfony when needed'], - } - - exec { 'run vendor installation from deps when composer is not used': - command => 'php bin/vendors update', - cwd => "/vagrant/www/symfony", - unless => "test -e /vagrant/www/symfony/composer.json", - } -} - -class devbox_php_fpm { - - php::module { [ - 'curl', 'gd', 'mcrypt', 'memcached', 'mysql', - 'tidy', 'xhprof', 'imap', - ]: - notify => Class['php::fpm::service'], - } - - php::module { [ 'memcache', 'apc', ]: - notify => Class['php::fpm::service'], - source => '/etc/php5/conf.d/', - } - - php::module { [ 'xdebug', ]: - notify => Class['php::fpm::service'], - source => '/etc/php5/conf.d/', - } - - php::module { [ 'suhosin', ]: - notify => Class['php::fpm::service'], - source => '/vagrant/conf/php/', - } - - exec { 'pecl-mongo-install': - command => 'pecl install mongo', - unless => "pecl info mongo", - notify => Class['php::fpm::service'], - require => Package['php-pear'], - } - - exec { 'pecl-xhprof-install': - command => 'pecl install xhprof-0.9.2', - unless => "pecl info xhprof", - notify => Class['php::fpm::service'], - require => Package['php-pear'], - } - - php::conf { [ 'mysqli', 'pdo', 'pdo_mysql', ]: - require => Package['php-mysql'], - notify => Class['php::fpm::service'], - } - - file { "/etc/php5/conf.d/custom.ini": - owner => root, - group => root, - mode => 664, - source => "/vagrant/conf/php/custom.ini", - notify => Class['php::fpm::service'], - } - - file { "/etc/php5/fpm/pool.d/www.conf": - owner => root, - group => root, - mode => 664, - source => "/vagrant/conf/php/php-fpm/www.conf", - notify => Class['php::fpm::service'], - } -} - -class { 'apt': - always_apt_update => true -} - -Exec["apt-get update"] -> Package <| |> - -include system-update - -include php::fpm -include devbox_php_fpm - -include nginx-setup -include apache -include mysql - -class {'mongodb': - enable_10gen => true, -} - -include phpqatools -include development -include symfony-standard - - diff --git a/puppet/modules/apache b/puppet/modules/apache deleted file mode 160000 index 8bdeccd..0000000 --- a/puppet/modules/apache +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 8bdeccdeeb20b81b0db054241647f9751308ca53 diff --git a/puppet/modules/apt b/puppet/modules/apt deleted file mode 160000 index 75b1e78..0000000 --- a/puppet/modules/apt +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 75b1e7886e3107f49e19d1db885d89e9f6f9dd62 diff --git a/puppet/modules/mongodb b/puppet/modules/mongodb deleted file mode 160000 index 3a0574a..0000000 --- a/puppet/modules/mongodb +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 3a0574a4a664cfcff197829eb70976c4862db57a diff --git a/puppet/modules/mysql b/puppet/modules/mysql deleted file mode 160000 index 768dc2c..0000000 --- a/puppet/modules/mysql +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 768dc2c335aebda4f4d86e5a8bf8f83f0a03b5ff diff --git a/puppet/modules/nginx b/puppet/modules/nginx deleted file mode 160000 index a9563bf..0000000 --- a/puppet/modules/nginx +++ /dev/null @@ -1 +0,0 @@ -Subproject commit a9563bf9050226efe2886a885da6f6be57ad883b diff --git a/puppet/modules/pear b/puppet/modules/pear deleted file mode 160000 index fb04d87..0000000 --- a/puppet/modules/pear +++ /dev/null @@ -1 +0,0 @@ -Subproject commit fb04d87e085c3ab6b3591a8f8df8bfb073e76e09 diff --git a/puppet/modules/php b/puppet/modules/php deleted file mode 160000 index 1f6ca01..0000000 --- a/puppet/modules/php +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 1f6ca01195d38ced5276b5e675d3cc5117018b83 diff --git a/puppet/modules/phpqatools b/puppet/modules/phpqatools deleted file mode 160000 index bc1a394..0000000 --- a/puppet/modules/phpqatools +++ /dev/null @@ -1 +0,0 @@ -Subproject commit bc1a3947805ddbec980d1a756f79dcef6410b559 diff --git a/puppet/modules/puppi b/puppet/modules/puppi deleted file mode 160000 index accfa77..0000000 --- a/puppet/modules/puppi +++ /dev/null @@ -1 +0,0 @@ -Subproject commit accfa77254ef25b6ac0c1f69e1fb95bdbbf56e57 diff --git a/puppet/modules/stdlib b/puppet/modules/stdlib deleted file mode 160000 index 2df66c0..0000000 --- a/puppet/modules/stdlib +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 2df66c041109ecca1099bf3977657572cc32ad24 diff --git a/www/index.php b/www/index.php deleted file mode 100644 index 147cebc..0000000 --- a/www/index.php +++ /dev/null @@ -1 +0,0 @@ -