forked from ISTI-ansible-roles/ansible-roles
294 lines
13 KiB
Django/Jinja
294 lines
13 KiB
Django/Jinja
; Start a new pool named 'www'.
|
|
[{{ item.pool_name | default('www') }}]
|
|
|
|
; The address on which to accept FastCGI requests.
|
|
; Valid syntaxes are:
|
|
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
|
|
; a specific port;
|
|
; 'port' - to listen on a TCP socket to all addresses on a
|
|
; specific port;
|
|
; '/path/to/unix/socket' - to listen on a unix socket.
|
|
; Note: This value is mandatory.
|
|
listen = {{ item.listen | default ('127.0.0.1:9000') }}
|
|
|
|
; Set listen(2) backlog. A value of '-1' means unlimited.
|
|
; Default Value: -1
|
|
;listen.backlog = -1
|
|
|
|
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
|
|
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
|
|
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
|
|
; must be separated by a comma. If this value is left blank, connections will be
|
|
; accepted from any ip address.
|
|
; Default Value: any
|
|
listen.allowed_clients = {{ item.allowed_clients | default ('127.0.0.1') }}
|
|
|
|
; Set permissions for unix socket, if one is used. In Linux, read/write
|
|
; permissions must be set in order to allow connections from a web server. Many
|
|
; BSD-derived systems allow connections regardless of permissions.
|
|
; Default Values: user and group are set as the running user
|
|
; mode is set to 0666
|
|
;listen.owner = nobody
|
|
;listen.group = nobody
|
|
;listen.mode = 0666
|
|
|
|
; Unix user/group of processes
|
|
; Note: The user is mandatory. If the group is not set, the default user's group
|
|
; will be used.
|
|
; RPM: apache Choosed to be able to access some dir as httpd
|
|
user = {{ item.user | default('php-fpm') }}
|
|
; RPM: Keep a group allowed to write in log dir.
|
|
group = {{ item.group | default('php-fpm') }}
|
|
|
|
; Choose how the process manager will control the number of child processes.
|
|
; Possible Values:
|
|
; static - a fixed number (pm.max_children) of child processes;
|
|
; dynamic - the number of child processes are set dynamically based on the
|
|
; following directives:
|
|
; pm.max_children - the maximum number of children that can
|
|
; be alive at the same time.
|
|
; pm.start_servers - the number of children created on startup.
|
|
; pm.min_spare_servers - the minimum number of children in 'idle'
|
|
; state (waiting to process). If the number
|
|
; of 'idle' processes is less than this
|
|
; number then some children will be created.
|
|
; pm.max_spare_servers - the maximum number of children in 'idle'
|
|
; state (waiting to process). If the number
|
|
; of 'idle' processes is greater than this
|
|
; number then some children will be killed.
|
|
; Note: This value is mandatory.
|
|
pm = {{ item.pm | default('dynamic') }}
|
|
|
|
; The number of child processes to be created when pm is set to 'static' and the
|
|
; maximum number of child processes to be created when pm is set to 'dynamic'.
|
|
; This value sets the limit on the number of simultaneous requests that will be
|
|
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
|
|
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
|
|
; CGI.
|
|
; Note: Used when pm is set to either 'static' or 'dynamic'
|
|
; Note: This value is mandatory.
|
|
pm.max_children = {{ item.pm_max_children | default('50') }}
|
|
|
|
; The number of child processes created on startup.
|
|
; Note: Used only when pm is set to 'dynamic'
|
|
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
|
|
pm.start_servers = {{ item.pm_start_servers | default('3') }}
|
|
|
|
; The desired minimum number of idle server processes.
|
|
; Note: Used only when pm is set to 'dynamic'
|
|
; Note: Mandatory when pm is set to 'dynamic'
|
|
pm.min_spare_servers = {{ item.pm_min_spare | default('1') }}
|
|
|
|
; The desired maximum number of idle server processes.
|
|
; Note: Used only when pm is set to 'dynamic'
|
|
; Note: Mandatory when pm is set to 'dynamic'
|
|
pm.max_spare_servers = {{ item.pm_max_spare | default('10') }}
|
|
|
|
; The number of requests each child process should execute before respawning.
|
|
; This can be useful to work around memory leaks in 3rd party libraries. For
|
|
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
|
|
; Default Value: 0
|
|
pm.max_requests = {{ item.pm_max_requests | default('10000') }}
|
|
|
|
; The URI to view the FPM status page. If this value is not set, no URI will be
|
|
; recognized as a status page. By default, the status page shows the following
|
|
; information:
|
|
; accepted conn - the number of request accepted by the pool;
|
|
; pool - the name of the pool;
|
|
; process manager - static or dynamic;
|
|
; idle processes - the number of idle processes;
|
|
; active processes - the number of active processes;
|
|
; total processes - the number of idle + active processes.
|
|
; The values of 'idle processes', 'active processes' and 'total processes' are
|
|
; updated each second. The value of 'accepted conn' is updated in real time.
|
|
; Example output:
|
|
; accepted conn: 12073
|
|
; pool: www
|
|
; process manager: static
|
|
; idle processes: 35
|
|
; active processes: 65
|
|
; total processes: 100
|
|
; By default the status page output is formatted as text/plain. Passing either
|
|
; 'html' or 'json' as a query string will return the corresponding output
|
|
; syntax. Example:
|
|
; http://www.foo.bar/status
|
|
; http://www.foo.bar/status?json
|
|
; http://www.foo.bar/status?html
|
|
; Note: The value must start with a leading slash (/). The value can be
|
|
; anything, but it may not be a good idea to use the .php extension or it
|
|
; may conflict with a real PHP file.
|
|
; Default Value: not set
|
|
pm.status_path = {{ item.pm_status_path | default('/status') }}
|
|
|
|
; The ping URI to call the monitoring page of FPM. If this value is not set, no
|
|
; URI will be recognized as a ping page. This could be used to test from outside
|
|
; that FPM is alive and responding, or to
|
|
; - create a graph of FPM availability (rrd or such);
|
|
; - remove a server from a group if it is not responding (load balancing);
|
|
; - trigger alerts for the operating team (24/7).
|
|
; Note: The value must start with a leading slash (/). The value can be
|
|
; anything, but it may not be a good idea to use the .php extension or it
|
|
; may conflict with a real PHP file.
|
|
; Default Value: not set
|
|
ping.path = {{ item.ping_path | default('/ping') }}
|
|
|
|
; This directive may be used to customize the response of a ping request. The
|
|
; response is formatted as text/plain with a 200 response code.
|
|
; Default Value: pong
|
|
ping.response = {{ item.ping_response | default('www') }}
|
|
|
|
access.log = /var/log/php-fpm/$pool-access.log
|
|
|
|
; The access log format.
|
|
; The following syntax is allowed
|
|
; %%: the '%' character
|
|
; %C: %CPU used by the request
|
|
; it can accept the following format:
|
|
; - %{user}C for user CPU only
|
|
; - %{system}C for system CPU only
|
|
; - %{total}C for user + system CPU (default)
|
|
; %d: time taken to serve the request
|
|
; it can accept the following format:
|
|
; - %{seconds}d (default)
|
|
; - %{miliseconds}d
|
|
; - %{mili}d
|
|
; - %{microseconds}d
|
|
; - %{micro}d
|
|
; %e: an environment variable (same as $_ENV or $_SERVER)
|
|
; it must be associated with embraces to specify the name of the env
|
|
; variable. Some exemples:
|
|
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
|
|
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
|
|
; %f: script filename
|
|
; %l: content-length of the request (for POST request only)
|
|
; %m: request method
|
|
; %M: peak of memory allocated by PHP
|
|
; it can accept the following format:
|
|
; - %{bytes}M (default)
|
|
; - %{kilobytes}M
|
|
; - %{kilo}M
|
|
; - %{megabytes}M
|
|
; - %{mega}M
|
|
; %n: pool name
|
|
; %o: ouput header
|
|
; it must be associated with embraces to specify the name of the header:
|
|
; - %{Content-Type}o
|
|
; - %{X-Powered-By}o
|
|
; - %{Transfert-Encoding}o
|
|
; - ....
|
|
; %p: PID of the child that serviced the request
|
|
; %P: PID of the parent of the child that serviced the request
|
|
; %q: the query string
|
|
; %Q: the '?' character if query string exists
|
|
; %r: the request URI (without the query string, see %q and %Q)
|
|
; %R: remote IP address
|
|
; %s: status (response code)
|
|
; %t: server time the request was received
|
|
; it can accept a strftime(3) format:
|
|
; %d/%b/%Y:%H:%M:%S %z (default)
|
|
; %T: time the log has been written (the request has finished)
|
|
; it can accept a strftime(3) format:
|
|
; %d/%b/%Y:%H:%M:%S %z (default)
|
|
; %u: remote user
|
|
;
|
|
; Default: "%R - %u %t \"%m %r\" %s"
|
|
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
|
|
|
|
; The timeout for serving a single request after which the worker process will
|
|
; be killed. This option should be used when the 'max_execution_time' ini option
|
|
; does not stop script execution for some reason. A value of '0' means 'off'.
|
|
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
|
|
; Default Value: 0
|
|
request_terminate_timeout = {{ item.req_term_timeout | default('240s') }}
|
|
|
|
; The timeout for serving a single request after which a PHP backtrace will be
|
|
; dumped to the 'slowlog' file. A value of '0s' means 'off'.
|
|
; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
|
|
; Default Value: 0
|
|
request_slowlog_timeout = {{ item.slowlog_timeout | default('20s') }}
|
|
|
|
; The log file for slow requests
|
|
; Default Value: not set
|
|
; Note: slowlog is mandatory if request_slowlog_timeout is set
|
|
slowlog = /var/log/php-fpm/$pool-slow.log
|
|
|
|
; Set open file descriptor rlimit.
|
|
; Default Value: system defined value
|
|
rlimit_files = {{ item.rlimit_files | default('4096') }}
|
|
|
|
; Set max core size rlimit.
|
|
; Possible Values: 'unlimited' or an integer greater or equal to 0
|
|
; Default Value: system defined value
|
|
;rlimit_core = 0
|
|
|
|
; Chroot to this directory at the start. This value must be defined as an
|
|
; absolute path. When this value is not set, chroot is not used.
|
|
; Note: chrooting is a great security feature and should be used whenever
|
|
; possible. However, all PHP paths will be relative to the chroot
|
|
; (error_log, sessions.save_path, ...).
|
|
; Default Value: not set
|
|
;chroot =
|
|
|
|
; Chdir to this directory at the start. This value must be an absolute path.
|
|
; Default Value: current directory or / when chroot
|
|
;chdir = /var/www
|
|
|
|
; Redirect worker stdout and stderr into main error log. If not set, stdout and
|
|
; stderr will be redirected to /dev/null according to FastCGI specs.
|
|
; Default Value: no
|
|
catch_workers_output = yes
|
|
|
|
; Limits the extensions of the main script FPM will allow to parse. This can
|
|
; prevent configuration mistakes on the web server side. You should only limit
|
|
; FPM to .php extensions to prevent malicious users to use other extensions to
|
|
; exectute php code.
|
|
; Note: set an empty value to allow all extensions.
|
|
; Default Value: .php
|
|
security.limit_extensions = {{ item.php_extensions | default('.php') }}
|
|
|
|
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
|
|
; the current environment.
|
|
; Default Value: clean env
|
|
;env[HOSTNAME] = $HOSTNAME
|
|
;env[PATH] = /usr/local/bin:/usr/bin:/bin
|
|
;env[TMP] = /tmp
|
|
;env[TMPDIR] = /tmp
|
|
;env[TEMP] = /tmp
|
|
|
|
; Additional php.ini defines, specific to this pool of workers. These settings
|
|
; overwrite the values previously defined in the php.ini. The directives are the
|
|
; same as the PHP SAPI:
|
|
; php_value/php_flag - you can set classic ini defines which can
|
|
; be overwritten from PHP call 'ini_set'.
|
|
; php_admin_value/php_admin_flag - these directives won't be overwritten by
|
|
; PHP call 'ini_set'
|
|
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
|
|
|
|
; Defining 'extension' will load the corresponding shared extension from
|
|
; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
|
|
; overwrite previously defined php.ini values, but will append the new value
|
|
; instead.
|
|
|
|
; Default Value: nothing is defined by default except the values in php.ini and
|
|
; specified at startup with the -d argument
|
|
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
|
|
php_flag[display_errors] = {{ item.display_errors | default('off') }}
|
|
php_admin_value[error_log] = {{ phpfpm_logdir }}/$pool-error.log
|
|
php_admin_flag[log_errors] = {{ item.log_errors | default('on') }}
|
|
php_admin_value[memory_limit] = {{ item.memory_limit | default('64M') }}
|
|
php_admin_value[upload_max_filesize] = {{ item.upload_max_filesize | default('20M') }}
|
|
php_admin_value[post_max_size] = {{ item.upload_max_filesize | default('20M') }}
|
|
php_admin_value[upload_tmp_dir] = {{ item.upload_tmp_dir | default('/var/tmp') }}
|
|
; Set session path to a directory owned by process user
|
|
php_value[session.save_handler] = '{{ item.session_save_handler | default('files') }}'
|
|
{% if phpfpm_session_prefix is defined %}
|
|
php_value[session.save_path] = '{{ phpfpm_session_prefix }}/{{ item.pool_name }}'
|
|
{% else %}
|
|
php_value[session.save_path] = '/var/lib/php/www'
|
|
{% endif %}
|
|
{% if item.define_custom_variables is defined and item.define_custom_variables %}
|
|
{% for php_var in phpfpm_php_variables %}
|
|
php_value[{{ php_var.prop }}] = {{ php_var.value }}
|
|
{% endfor %}
|
|
{% endif %}
|