diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 851c59bff..2ef298066 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,45 +26,33 @@ jobs: - almalinux-8 - almalinux-9 - amazonlinux-2023 - - centos-stream-8 - centos-stream-9 - - debian-10 - debian-11 - debian-12 - fedora-latest - opensuse-leap-15 + - oraclelinux-8 + - oraclelinux-9 - rockylinux-8 - rockylinux-9 - - ubuntu-1804 - ubuntu-2004 - ubuntu-2204 suite: - basic-site - default - mod-auth-cas - - mod-php + - php - module-template - mod-wsgi - ports - ssl - install-override exclude: + # TODO: disabled due to https://github.com/chef/chef/pull/13691 - os: amazonlinux-2023 suite: mod-wsgi - # TODO: disabled due to https://github.com/chef/chef/pull/13691 - os: opensuse-leap-15 suite: mod-wsgi - # mod_php is considered old. PHP-FPM is the new hotness. - - os: amazonlinux-2023 - suite: mod-php - - os: almalinux-9 - suite: mod-php - - os: centos-stream-9 - suite: mod-php - - os: fedora-latest - suite: mod-php - - os: rockylinux-9 - suite: mod-php steps: - name: Check out code uses: actions/checkout@v4 diff --git a/CHANGELOG.md b/CHANGELOG.md index a8ec8bff5..e0dfb0e6a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,8 @@ This file is used to list changes made in each version of the apache2 cookbook. ## Unreleased +- Add example of how to configure php fpm pool config for rhel9 and derivatives + ## 9.3.3 - *2024-07-15* Standardise files with files in sous-chefs/repo-management diff --git a/documentation/resource_apache2_mod.md b/documentation/resource_apache2_mod.md index 4df5a29f6..efcdbda18 100644 --- a/documentation/resource_apache2_mod.md +++ b/documentation/resource_apache2_mod.md @@ -8,11 +8,11 @@ This will use a template resource to write the module's configuration file in th ## Properties -| Name | Type | Default | Description | -| ------------ | ------ | --------------------------- | ---------------------------------------------------------------------- | -| `template` | String | | Name of the template | -| `root_group` | String | `node['root_group']` | Set to override the platforms default root group for the template file | -| `template_cookbook` | String | `apache2` | Cookbook containing the template file +| Name | Type | Default | Description | +| ------------------- | ------ | --------------------------- | ---------------------------------------------------------------------- | +| `template` | String | | Name of the template | +| `root_group` | String | `node['root_group']` | Set to override the platforms default root group for the template file | +| `template_cookbook` | String | `apache2` | Cookbook containing the template file | ## Examples diff --git a/kitchen.yml b/kitchen.yml index f291e9df6..bc6acb4f3 100644 --- a/kitchen.yml +++ b/kitchen.yml @@ -16,17 +16,18 @@ platforms: - name: almalinux-8 - name: almalinux-9 - name: amazonlinux-2023 - - name: centos-stream-8 - name: centos-stream-9 - - name: debian-10 - name: debian-11 - name: debian-12 + - name: fedora-latest - name: opensuse-leap-15 + - name: oraclelinux-8 + - name: oraclelinux-9 - name: rockylinux-8 - name: rockylinux-9 - - name: ubuntu-18.04 - name: ubuntu-20.04 - name: ubuntu-22.04 + - name: ubuntu-24.04 suites: - name: default @@ -47,16 +48,9 @@ suites: - name: module_template run_list: - recipe[test::module_template] - - name: mod_php + - name: php run_list: - recipe[test::php] - excludes: - - almalinux-9 - - amazonlinux-2023 - - centos-stream-9 - - fedora-latest - - oraclelinux-9 - - rockylinux-9 - name: mod_wsgi run_list: - recipe[test::wsgi] diff --git a/spec/resources/mod_php_spec.rb b/spec/resources/mod_php_spec.rb index a9cdb5494..ff2fb3e70 100644 --- a/spec/resources/mod_php_spec.rb +++ b/spec/resources/mod_php_spec.rb @@ -32,8 +32,8 @@ it do is_expected.to enable_apache2_module('php').with( - identifier: 'php7_module', - mod_name: 'libphp7.4.so' + identifier: 'php_module', + mod_name: 'libphp8.1.so' ) end end diff --git a/test/cookbooks/test/metadata.rb b/test/cookbooks/test/metadata.rb index 73d89be6e..a082d3d9d 100644 --- a/test/cookbooks/test/metadata.rb +++ b/test/cookbooks/test/metadata.rb @@ -9,3 +9,4 @@ depends 'apache2' depends 'apt' # depends 'yum-ius' +depends 'php' diff --git a/test/cookbooks/test/recipes/php.rb b/test/cookbooks/test/recipes/php.rb index 58c192c04..bc7892ed9 100644 --- a/test/cookbooks/test/recipes/php.rb +++ b/test/cookbooks/test/recipes/php.rb @@ -3,8 +3,34 @@ notifies :restart, 'apache2_service[default]' end -apache2_mod_php '' do - notifies :reload, 'apache2_service[default]' +if apache_mod_php_supported? + apache2_mod_php '' do + notifies :reload, 'apache2_service[default]' + end +else + apache2_module 'proxy' do + notifies :reload, 'apache2_service[default]' + end + apache2_module 'proxy_fcgi' do + notifies :reload, 'apache2_service[default]' + end + apache2_mod_proxy 'proxy' do + notifies :reload, 'apache2_service[default]' + end + php_fpm_pool 'nagios' do + user default_apache_user + group default_apache_group + listen_user default_apache_user + listen_group default_apache_group + notifies :install, 'apache2_install[default]' + end + apache2_conf 'custom_php_pool' do + template_cookbook 'test' + options( + apache_php_handler: "proxy:unix:#{php_fpm_socket}|fcgi://localhost" + ) + notifies :reload, 'apache2_service[default]' + end end file "#{default_docroot_dir}/info.php" do diff --git a/test/cookbooks/test/templates/custom_php_pool.conf.erb b/test/cookbooks/test/templates/custom_php_pool.conf.erb new file mode 100644 index 000000000..b993567ce --- /dev/null +++ b/test/cookbooks/test/templates/custom_php_pool.conf.erb @@ -0,0 +1,3 @@ + + SetHandler "<%= @apache_php_handler %>" + diff --git a/test/integration/mod_auth_cas/controls/default.rb b/test/integration/mod_auth_cas/controls/default.rb index 344ded290..f4ad8746b 100644 --- a/test/integration/mod_auth_cas/controls/default.rb +++ b/test/integration/mod_auth_cas/controls/default.rb @@ -4,7 +4,7 @@ httpd_command = case os.family - when 'fedora', 'amazon' + when 'fedora', 'amazon', 'suse' 'httpd -M' when 'redhat' os.release.to_i >= 9 ? 'httpd -M' : 'apachectl -M' diff --git a/test/integration/mod_php/controls/default.rb b/test/integration/mod_php/controls/default.rb deleted file mode 100644 index c45d24d58..000000000 --- a/test/integration/mod_php/controls/default.rb +++ /dev/null @@ -1,35 +0,0 @@ -include_controls 'apache2-default' do - skip_control 'welcome-page' -end - -control 'PHP module enabled & running' do - impact 1 - desc 'php module should be enabled with config' - - describe command('apachectl -M') do - its('stdout') { should match(/php/) } - end - - case os['family'] - when 'debian', 'suse' - describe file('/etc/apache2/mods-available/php.conf') do - it { should exist } - its('content') { should match %r{SetHandler application/x-httpd-php} } - end - when 'freebsd' - describe file('/usr/local/etc/apache24/mods-available/php.conf') do - it { should exist } - its('content') { should match %r{SetHandler application/x-httpd-php} } - end - else - describe file('/etc/httpd/mods-available/php.conf') do - it { should exist } - its('content') { should match %r{SetHandler application/x-httpd-php} } - end - end - - describe http('localhost/info.php') do - its('status') { should eq 200 } - its('body') { should match /PHP Version/ } - end -end diff --git a/test/integration/php/controls/default.rb b/test/integration/php/controls/default.rb new file mode 100644 index 000000000..e55d23dd9 --- /dev/null +++ b/test/integration/php/controls/default.rb @@ -0,0 +1,69 @@ +include_controls 'apache2-default' do + skip_control 'welcome-page' +end + +httpd_command = + case os.family + when 'fedora', 'amazon', 'suse' + 'httpd -M' + when 'redhat' + os.release.to_i >= 9 ? 'httpd -M' : 'apachectl -M' + else + 'apachectl -M' + end + +control 'PHP module enabled & running' do + impact 1 + desc 'php module should be enabled with config' + + if (os['family'] == 'redhat' && os['release'].to_i >= 9) || os['family'] == 'fedora' + describe command httpd_command do + its('stdout') { should match(/proxy_fcgi/) } + end + else + describe command httpd_command do + its('stdout') { should match(/php/) } + end + end + + case os['family'] + when 'debian', 'suse' + describe file('/etc/apache2/mods-available/php.conf') do + it { should exist } + its('content') { should match %r{SetHandler application/x-httpd-php} } + end + when 'freebsd' + describe file('/usr/local/etc/apache24/mods-available/php.conf') do + it { should exist } + its('content') { should match %r{SetHandler application/x-httpd-php} } + end + when 'redhat', 'fedora' + if os['release'].to_i >= 9 + describe service('php-fpm') do + it { should be_installed } + it { should be_enabled } + it { should be_running } + end + + describe file('/etc/httpd/conf-available/custom_php_pool.conf') do + it { should exist } + its('content') { should match %r{proxy:unix:/var/run/php.*-fpm.sock|fcgi://localhost} } + end + else + describe file('/etc/httpd/mods-available/php.conf') do + it { should exist } + its('content') { should match %r{SetHandler application/x-httpd-php} } + end + end + else + describe file('/etc/httpd/mods-available/php.conf') do + it { should exist } + its('content') { should match %r{SetHandler application/x-httpd-php} } + end + end + + describe http('localhost/info.php') do + its('status') { should eq 200 } + its('body') { should match /PHP Version/ } + end +end diff --git a/test/integration/mod_php/inspec.yml b/test/integration/php/inspec.yml similarity index 91% rename from test/integration/mod_php/inspec.yml rename to test/integration/php/inspec.yml index 4a8ce4d63..6329a0802 100644 --- a/test/integration/mod_php/inspec.yml +++ b/test/integration/php/inspec.yml @@ -1,5 +1,5 @@ --- -name: apache2-mod-php +name: apache2-php title: Integration tests for apache2 cookbook summary: This InSpec profile contains integration tests for apache2 cookbook supports: