New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Audit & Clean roles' PHP 7.x & 8.0 PHP module dependencies [MediaWiki, Moodle, MySQL, Nextcloud, NGINX, FreePBX] #2832
Conversation
…}-xmlrpc if PHP 8+
Also tested with:
|
28279bd time would be better spent on dropping apache as a dependency for moodle than adding this spaghetti code that would go away when apache does. Have you even tried https://github.com/iiab/iiab/blob/master/roles/moodle/templates/moodle-nginx.conf.j2.native as discussed in #2762? |
This is more or less the approach that moodlebox, which is running nginx, uses where php-imagick is not installed at all and ghostscript looks like it replaces the libmagick* libraries. |
Great news IIAB Apps like the following can now be installed truly independently (i.e. without blindly throwing the entire Kitchen Sink at dependency problems) which up until now was impossible:
In short: the above 3 IIAB fresh install tests (and many similar, especially on the latest pre-release of Ubuntu Server 21.10) confirm that IIAB Apps/Services' dependencies are becoming increasingly coherent — towards helping all contributors work together to sanity-check and put an end to Dependency Hell Spaghetti — allowing for increasingly "antifragile" roles/apps/services going forward. |
Such an approach could be extremely promising. Not that we can solve all of Nextcloud's "codependency" nightmares — and likewise Moodle's, etc — when so many of these products have very nebulous/shifty and imprecise (sometimes downright contradictory ;) specs around what PHP modules (etc) they truly require. Some are more forthcoming than others for sure (e.g. at least Nextcloud admits that But if http://MoodleBox.net has done solid work reconciling some of these mystery meat / potluck soups, let's definitely investigate and/or collaborate with open education community leaders like this. |
I wouldn't have believed it staring at this 4 days ago. But in the end it's certainly edifying to have learned that almost every line below from www_base/tasks/main.yml was misleading — providing a quite false sense of security and structure — arising from years of well-meaning but increasingly bogus and bitrotting assumptions:
This PR is certainly not the final word to "Spring Cleaning" CODEpendencies writ large. But it does clean out several years of abandonware (disentangling & clarifying PHP dependencies for common IIAB Apps/Sevices). So I'm merging it after having tested it intensively on 32-bit Raspberry Pi OS (PHP 7.3), Ubuntu 21.04 (PHP 7.4) and Ubuntu 21.10 (PHP 8.0) — including Desktop and Server versions — with an assortment of different local_vars.yml files to get at some very different scenarios. At least we now have a substantially more sane foundation, to better understanding what depends on what going forward. So IIAB App authors (and maintainers, most important!) can be more in tune with underlying dependencies, assumptions, reliability, and ever-changing ground truths just over the horizon~ ASIDE: in the 3.5 months until Ubuntu 21.10 is released on 2021-10-14, here are a couple IIAB App glitches we might keep an eye on: |
Things like that sound incredibly reasonable. However it happens. e.g. roles/captiveportal and Admin Console (etc) should really install (or at least declare) their own dependencies a.k.a. requirements. And not just to keep things from spinning out of control as months become years. But also (equally important) to provide an inviting/open/understandable IIAB platform for devs and schools/communities to get to know and trust, where we can.
Done: https://github.com/holta/iiab/blob/php7-and-php8-cleanup/roles/9-local-addons/tasks/main.yml#L33-L37 |
Isn't wordpress a heavy user of php? I don't see any dependencies listed within wordpress's role. |
https://wpassist.me/wordpress-required-php-extensions/ has bundled/external notes |
Great question. Unfortunately I don't know the answer. In the past I had the impression WordPress has all its own PHP dependencies built in here somehow??
But that may be nonsense. I don't know. Great if we can get an answer. |
/library/wordpress contains these 3 directories FWIW:
|
Note to self; Nextcloud 22 will be released a week from tomorrow, and should update its PHP requirements here: |
Why would you remove the old bloated php install if you don't know how it would affect all the roles that use php?
The list from #2832 (comment) and the above link looks suspiciously overlapping. |
Straight from upstream https://make.wordpress.org/hosting/handbook/server-environment/ |
FWIW the above 3-way breakdown between core/bundled/external breakdown doesn't really correspond to reality on Ubuntu 21.04 and other distros as well. Certainly WordPress works as part of IIAB as is. Still, if one wanted to follow the above story as a starting point to support a richer set of WordPress plugins out-of-the-box (e.g. taking "Critical PHP Extensions" at face value?) then these 4 would/could easily be added to IIAB's wordpress/tasks/install.yml :
And if the above story is truly meaningful, then these 2 (already installed, as we discovered over recent days) could/should also be declared within IIAB's wordpress/tasks/install.yml, to make the accounting more honest:
Finally, among the above so-called "Optional Extensions" everything's already covered except for gd, so this also can be added if it's universally appealing for IIAB's WordPress implementers:
But it sounds like we should talk to more authoritative WordPress professionals first? e.g. experienced IIAB field implementers to ground-truth the most useful PHP modules for WordPress. |
Thanks sending that. I was about to look for that. |
Tested on 32-bit RaspiOS Lite (PHP 7.3), Ubuntu Server 21.04 (PHP 7.4) and Ubuntu Server 21.10 pre-release (PHP 8.0).
Explanations are added to push role authors to be aware of AND declare their own evolving PHP dependencies — instead of blindly assuming things that were installed MANY years ago for "God knows what reason" (!) but too often nobody seems to remember why.
Forcing apps/services to live on their own 2 feet helps IIAB implementers installing diverse and unexpected sets of apps/services, rather than the proverbial kitchen sink (BIG-sized) which might make for really great "Get to Know" demos — but is just not appropriate in the field.
PHP modules that had no good reason to be there were removed. As we all have enough security/complexity nightmares in our lives as it stands.
Further testing is ongoing for the heck of it.
FYI this PR includes and supersedes PR #2830 to accommodate PHP 8.0's minor changes.
ASIDE: Admin Console should declare its own dependency on
php-pear
for Line 19 of https://github.com/iiab/iiab-admin-console/blob/master/roles/cmdsrv/tasks/main.yml#19 (likely by installing apt package php-pear in the stanza just above that). An interim patch is included until that happens: https://github.com/holta/iiab/blob/php7-and-php8-cleanup/roles/nginx/tasks/install.yml#L15 (LATER MOVED TO https://github.com/holta/iiab/blob/php7-and-php8-cleanup/roles/9-local-addons/tasks/main.yml#L33-L36)Somewhat Related: