From f2c668931f7264b28337ef0a28173082c74f2f15 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 13 Jul 2017 09:50:46 +0200 Subject: [PATCH] Switch to php71 (php-fpm) --- createlinks | 1 + .../httpd/conf/httpd.conf/68FastCGIConfig10ttrss | 9 ++++++ .../templates/etc/httpd/conf/httpd.conf/90tt-rss | 29 +++++++++++++---- .../etc/opt/remi/php71/php-fpm.d/tt-rss.conf/10All | 36 ++++++++++++++++++++++ root/var/service/tt-rss/run | 21 ++----------- smeserver-tt-rss.spec | 17 ++++++++-- 6 files changed, 86 insertions(+), 27 deletions(-) create mode 100644 root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig10ttrss create mode 100644 root/etc/e-smith/templates/etc/opt/remi/php71/php-fpm.d/tt-rss.conf/10All diff --git a/createlinks b/createlinks index caed9d3..4d62247 100644 --- a/createlinks +++ b/createlinks @@ -6,6 +6,7 @@ use esmith::Build::CreateLinks qw(:all); templates2events("/etc/e-smith/sql/init/tt-rss", qw(bootstrap-console-save webapps-update)); templates2events("/usr/share/tt-rss/config.php", qw(bootstrap-console-save webapps-update)); templates2events("/etc/cron.d/tt-rss", qw(bootstrap-console-save webapps-update)); +templates2events("/etc/opt/remi/php71/php-fpm.d/tt-rss.conf", qw(bootstrap-console-save webapps-update)); # tt-rss daemon safe_symlink("restart", "root/etc/e-smith/events/webapps-update/services2adjust/tt-rss"); diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig10ttrss b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig10ttrss new file mode 100644 index 0000000..3e099da --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig10ttrss @@ -0,0 +1,9 @@ +{ +if ($fastcgi_mod eq 'mod_fastcgi'){ + $OUT .=<<_EOF; +Action phptt-rss-fastcgi /php-cgi-bin/phptt-rss-wrapper +Alias /php-cgi-bin/phptt-rss-wrapper /var/www/php-cgi-bin/phptt-rss-wrapper +FastCgiExternalServer /var/www/php-cgi-bin/phptt-rss-wrapper -socket /var/run/php-fpm/php71-tt-rss.sock -pass-header Authorization -idle-timeout 120 +_EOF +} +} diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90tt-rss b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90tt-rss index e640fcd..4e411ad 100644 --- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90tt-rss +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90tt-rss @@ -9,15 +9,32 @@ if ((${'tt-rss'}{'status'} || 'enabled') eq 'enabled'){ " AuthExternal pwauth\n" . " Require valid-user\n" : ''; - $OUT .=<<"HERE"; - -$alias - - + my $php =<<'_EOF'; AddType application/x-httpd-php .php php_admin_value open_basedir /usr/share/tt-rss:/var/lock/tt-rss:/var/cache/tt-rss:/tmp php_admin_value memory_limit 80M php_admin_flag allow_url_fopen on +_EOF + + if ($fastcgi_mod eq 'mod_fastcgi'){ + $php =<<'_EOF'; + AddHandler phptt-rss-fastcgi .php +_EOF + } + elsif ($fastcgi_mod eq 'mod_proxy_fcgi'){ + $php =<<'_EOF'; + + SetHandler "proxy:unix:/var/run/php-fpm/php71-tt-rss.sock|fcgi://localhost" + +_EOF + } + + $OUT .=<<"_EOF"; + +$alias + + + $php SSLRequireSSL on Order deny,allow Deny from all @@ -27,7 +44,7 @@ $alias deny from all -HERE +_EOF } else{ $OUT .= " # TT-RSS is disabled\n"; diff --git a/root/etc/e-smith/templates/etc/opt/remi/php71/php-fpm.d/tt-rss.conf/10All b/root/etc/e-smith/templates/etc/opt/remi/php71/php-fpm.d/tt-rss.conf/10All new file mode 100644 index 0000000..80bb84c --- /dev/null +++ b/root/etc/e-smith/templates/etc/opt/remi/php71/php-fpm.d/tt-rss.conf/10All @@ -0,0 +1,36 @@ +[php71-tt-rss] +user = www +group = www +listen.owner = root +listen.group = www +listen.mode = 0660 +listen = /var/run/php-fpm/php71-tt-rss.sock +pm = dynamic +pm.max_children = 15 +pm.start_servers = 3 +pm.min_spare_servers = 3 +pm.max_spare_servers = 4 +pm.max_requests = 5000 +request_terminate_timeout = 30 +php_admin_value[session.save_path] = /var/lib/php/tt-rss/session +php_admin_value[soap.wsdl_cache_dir] = /var/lib/php/tt-rss/wsdlcache +php_admin_value[opcache.file_cache] = /var/lib/php/tt-rss/opcache +php_admin_value[upload_tmp_dir] = /var/lib/php/tt-rss/tmp +php_admin_value[error_log] = /var/log/php/tt-rss/error.log +slowlog = /var/log/php/tt-rss/slow.log +php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName } +php_admin_flag[display_errors] = off +php_admin_flag[log_errors] = on +php_admin_value[error_log] = syslog +php_admin_value[memory_limit] = 128M +php_admin_value[max_execution_time] = 30 +php_admin_value[post_max_size] = 2M +php_admin_value[upload_max_filesize] = 1M +php_admin_value[max_input_time] = 60 +php_admin_value[disable_functions] = system, show_source, symlink, exec, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd +php_admin_value[open_basedir] = /usr/share/tt-rss:/var/lock/tt-rss:/var/cache/tt-rss:/var/lib/php/tt-rss +php_admin_flag[allow_url_fopen] = on +php_admin_flag[file_upload] = off +php_admin_flag[session.cookie_httponly] = on +php_admin_flag[allow_url_include] = off +php_admin_value[session.save_handler] = files diff --git a/root/var/service/tt-rss/run b/root/var/service/tt-rss/run index 7873d17..dfceef6 100644 --- a/root/var/service/tt-rss/run +++ b/root/var/service/tt-rss/run @@ -1,25 +1,8 @@ #!/bin/sh #---------------------------------------------------------------------- -# copyright (C) 2010-2011 Firewall-Services +# copyright (C) 2010-2017 Firewall-Services # daniel@firewall-services.com -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -# -# Technical support for this program is available from Mitel Networks -# Please visit our web site www.mitel.com/sme/ for details. #---------------------------------------------------------------------- @@ -29,5 +12,5 @@ cd /usr/share/tt-rss exec \ /usr/local/bin/setuidgid www \ - /usr/bin/php ./update.php --daemon + /usr/bin/php71 ./update.php --daemon diff --git a/smeserver-tt-rss.spec b/smeserver-tt-rss.spec index 2848602..785fed4 100644 --- a/smeserver-tt-rss.spec +++ b/smeserver-tt-rss.spec @@ -2,8 +2,8 @@ # Name: Daniel Berteaud %define name smeserver-tt-rss -%define version 0.2.10 -%define release 1 +%define version 0.3.0 +%define release 0.beta1 Summary: sme server integration of tt-rss Name: %{name} Version: %{version} @@ -19,6 +19,7 @@ BuildRoot: /var/tmp/%{name}-%{version} Requires: e-smith-release Requires: tt-rss >= 20150629 Requires: smeserver-webapps-common +Requires: smeserver-php-fpm AutoReqProv: no %description @@ -26,6 +27,10 @@ smserver integration of TIny Tiny RSS Tiny Tiny RSS is a feature rich, web based feed reader %changelog +* Thu Jul 13 2017 Daniel Berteaud 0.3.0-1.sme +- Switch to php fpm, using PHP 7.1 +- Support tt-rss 20170713 + * Tue Feb 16 2016 Daniel Berteaud 0.2.10-1.sme - Remove CHECK_SESSION_ADDRESS @@ -93,12 +98,20 @@ Tiny Tiny RSS is a feature rich, web based feed reader %build perl ./createlinks %{__mkdir_p} root/var/log/tt-rss +%{__mkdir_p} root/var/log/php/tt-rss +%{__mkdir_p} root/var/lib/php/tt-rss/{tmp,wsdlcache,opcache,session} %install rm -rf $RPM_BUILD_ROOT (cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) rm -f %{name}-%{version}-filelist /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ + --dir /var/log/php/tt-rss 'attr(0770,root,www)' \ + --dir /var/lib/php/tt-rss 'attr(0770,root,www)' \ + --dir /var/lib/php/tt-rss/tmp 'attr(0770,root,www)' \ + --dir /var/lib/php/tt-rss/session 'attr(0770,root,www)' \ + --dir /var/lib/php/tt-rss/wsdlcache 'attr(0770,root,www)' \ + --dir /var/lib/php/tt-rss/opcache 'attr(0770,root,www)' \ --file /var/service/tt-rss/run 'attr(0755,root,root)' \ --file /var/service/tt-rss/log/run 'attr(0755,root,root)' \ --dir /var/log/tt-rss 'attr(0770,root,smelog)' \