diff --git a/pillar/prod/logrotate.sls b/pillar/prod/logrotate.sls index 7eb1fc4..165d309 100644 --- a/pillar/prod/logrotate.sls +++ b/pillar/prod/logrotate.sls @@ -105,6 +105,16 @@ logrotate: - postrotate - /usr/lib/php/php7.4-fpm-reopenlogs - endscript + php8.1-fpm: + path: + - /var/log/php8.1-fpm.log + config: + - missingok + - notifempty + - sharedscripts + - postrotate + - /usr/lib/php/php8.1-fpm-reopenlogs + - endscript salt-common: path: - /var/log/salt/master diff --git a/pillar/prod/php80.sls b/pillar/prod/php80.sls deleted file mode 100644 index ce57510..0000000 --- a/pillar/prod/php80.sls +++ /dev/null @@ -1,129 +0,0 @@ -# vim: ft=yaml ---- -php: - use_external_repo: true - external_repo_name: 'ondrej/php' - - version: '8.0' - lookup: - pkgs: - curl: - - php8.0-curl - - curl - cli: - - php8.0-cli - - php8.0-common - xml: - - php8.0-xml - - fpm: - conf: /etc/php/8.0/fpm/php-fpm.conf - ini: /etc/php/8.0/fpm/php.ini - pools: /etc/php/8.0/fpm/pool.d - service: php8.0-fpm.service - - defaults: - global: - pid: /run/php/php8.0-fpm.pid - - cli: - ini: /etc/php/8.0/cli/php.ini - - fpm: - service: - enabled: true - opts: - reload: true - - config: - ini: - opts: - recurse: true - settings: - PHP: - engine: 'On' - expose_php: 'Off' - extension_dir: '/usr/lib/php/20200930/' - conf: - opts: - recurse: true - settings: - global: - pid: /run/php/php8.0-fpm.pid - error_log: /var/log/php8.0-fpm.log - - # settings for fpm-pools - pools: - 'opensourcewebsite.org.conf': - enabled: true - opts: - replace: true - - settings: - opensourcewebsite.org: - user: opensourcewebsite.org - group: opensourcewebsite.org - listen: /run/php/php8.0-opensourcewebsite.org.sock - listen.owner: opensourcewebsite.org - listen.group: opensourcewebsite.org - listen.mode: '0660' - pm: dynamic - pm.max_children: 5 - pm.start_servers: 2 - pm.min_spare_servers: 2 - pm.max_spare_servers: 5 - slowlog: /www/opensourcewebsite.org/logs/slow.log - request_slowlog_timeout: 5s - 'php_admin_value[memory_limit]': 4096M - - 'www.conf': - enabled: true - opts: - replace: true - - settings: - www: - user: www-data - group: www-data - listen: /run/php/php8.0-fpm.sock - listen.owner: www-data - listen.group: www-data - listen.mode: '0660' - pm: dynamic - pm.max_children: 5 - pm.start_servers: 2 - pm.min_spare_servers: 2 - pm.max_spare_servers: 5 - slowlog: /var/log/php8.0-fpm.slow.log - request_slowlog_timeout: 5s - 'php_admin_value[memory_limit]': 128M - - # php-cli settings - cli: - ini: - opts: - replace: false - settings: - PHP: - engine: 'On' - expose_php: 'Off' - - # global php.ini settings - ini: - defaults: - PHP: - engine: 'On' - output_buffering: 4096 - disable_functions: - - pcntl_alarm - - pcntl_fork - - pcntl_wait - post_max_size: '210M' - upload_max_filesize: '200M' - max_execution_time: 360 - max_input_time: 360 - default_socket_timeout: 360 - 'CLI Server': - cli_server_color: 'On' - 'Date': - 'date.timezone': 'UTC' diff --git a/pillar/prod/php81.sls b/pillar/prod/php81.sls index 24ad550..10d115b 100644 --- a/pillar/prod/php81.sls +++ b/pillar/prod/php81.sls @@ -13,8 +13,10 @@ php: cli: - php8.1-cli - php8.1-common - xml: + modules: - php8.1-xml + - php8.1-soap + - php8.1-bcmath fpm: conf: /etc/php/8.1/fpm/php-fpm.conf diff --git a/pillar/prod/users.sls b/pillar/prod/users.sls index 6fff673..30c967b 100644 --- a/pillar/prod/users.sls +++ b/pillar/prod/users.sls @@ -4,6 +4,9 @@ users: www-data: groups: - opensourcewebsite.org + git-auto-deploy: + groups: + - opensourcewebsite.org opensourcewebsite.org: fullname: opensourcewebsite org diff --git a/salt/backup/init.sls b/salt/backup/init.sls index c4e5b92..7ae6387 100644 --- a/salt/backup/init.sls +++ b/salt/backup/init.sls @@ -19,13 +19,18 @@ backup_dir: {{ pillar['backup_dir'] }} backup_site_list: {{ pillar['backup_sites'] | join(' ') }} +#backup-mysql: +# cron.present: +# - name: /root/backup_mysql.sh +# - user: root +# - minute: random +# - hour: 1 +# - identifier: backup-mysql + backup-mysql: - cron.present: + cron.absent: - name: /root/backup_mysql.sh - user: root - - minute: random - - hour: 1 - - identifier: backup-mysql backup-site: cron.present: @@ -35,17 +40,21 @@ backup-site: - hour: 2 - identifier: backup-site +#{{ pillar['backup_dir'] }}/mysql: +# file.directory: +# - user: root +# - group: root +# - dir_mode: 750 +# - file_mode: 640 +# - makedirs: True +# - recurse: +# - user +# - group +# - mode + {{ pillar['backup_dir'] }}/mysql: - file.directory: - - user: root - - group: root - - dir_mode: 750 - - file_mode: 640 - - makedirs: True - - recurse: - - user - - group - - mode + file.absent: + - name: {{ pillar['backup_dir'] }}/mysql {{ pillar['backup_dir'] }}/sites: file.directory: diff --git a/salt/gitautodeploy/files/git-auto-deploy-opensourcewebsite.org.conf.json b/salt/gitautodeploy/files/git-auto-deploy-opensourcewebsite.org.conf.json index c402b20..7dcc21d 100644 --- a/salt/gitautodeploy/files/git-auto-deploy-opensourcewebsite.org.conf.json +++ b/salt/gitautodeploy/files/git-auto-deploy-opensourcewebsite.org.conf.json @@ -3,9 +3,10 @@ "http-host": "0.0.0.0", "http-port": 8005, "pid-file": "/www/opensourcewebsite.org/tmp/.gitautodeploy.pid", + "ssl-cert": "/etc/git-auto-deploy/cert.pem", "repositories": [{ - "url": "git@github.com:opensourcewebsite-org/opensourcewebsite-org.git", + "url": "https://github.com/opensourcewebsite-org/opensourcewebsite-org.git", "branch": "master", "remote": "origin", "path": "/www/opensourcewebsite.org/htdocs/", diff --git a/salt/top.sls b/salt/top.sls index 604bfbc..5b4c9d7 100644 --- a/salt/top.sls +++ b/salt/top.sls @@ -12,6 +12,7 @@ base: - sysctl - users.log_acl - update_motd_d + - users.directory - users.selected_editor 'opensourcewebsite.org or osw-devops-ci': - match: compound diff --git a/salt/users/directory.sls b/salt/users/directory.sls new file mode 100644 index 0000000..c5c1cae --- /dev/null +++ b/salt/users/directory.sls @@ -0,0 +1,20 @@ +/www/opensourcewebsite.org/htdocs/: + file.directory: + - mode: 770 + - user: opensourcewebsite.org + - group: opensourcewebsite.org + - makedirs: True + +/www/opensourcewebsite.org/logs/: + file.directory: + - mode: 770 + - user: opensourcewebsite.org + - group: opensourcewebsite.org + - makedirs: True + +/www/opensourcewebsite.org/tmp/: + file.directory: + - mode: 770 + - user: opensourcewebsite.org + - group: opensourcewebsite.org + - makedirs: True diff --git a/salt/users/files/opensourcewebsite.org/htdocs/.keep b/salt/users/files/opensourcewebsite.org/htdocs/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/salt/users/files/opensourcewebsite.org/logs/.keep b/salt/users/files/opensourcewebsite.org/logs/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/salt/users/files/opensourcewebsite.org/tmp/.keep b/salt/users/files/opensourcewebsite.org/tmp/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/test/integration/default/controls/cron.rb b/test/integration/default/controls/cron.rb index 840dd3d..2b42535 100644 --- a/test/integration/default/controls/cron.rb +++ b/test/integration/default/controls/cron.rb @@ -3,8 +3,7 @@ control 'osw cron entries' do title 'The cron entries should be present' - cron_entries = ['^\d{1,2} 1 \* \* \* /root/backup_mysql.sh$', - '^\d{1,2} 2 \* \* \* /root/backup_site.sh$'] + cron_entries = ['^\d{1,2} 2 \* \* \* /root/backup_site.sh$'] cron_entries.each do |c| describe cron do