nextcloud: Entferne php-Kram

Ist in php-Rolle enthalten
2022-10-08 19:51:48 +02:00 · 2022-10-08 19:51:48 +02:00 · 4de618da86
commit 4de618da86
parent 32ac174e72
3 changed files with 0 additions and 86 deletions
--- a/files/systemd/php-fpm@.socket
+++ b/files/systemd/php-fpm@.socket
@ -1,11 +0,0 @@
-[Unit]
-After=network-online.target
-
-[Socket]
-SocketUser=%i
-SocketGroup=%i
-SocketMode=0660
-ListenStream=/run/php/php-fpm-%i.sock
-
-[Install]
-WantedBy=sockets.target
--- a/tasks/common.yml
+++ b/tasks/common.yml
@ -26,11 +26,6 @@
    state: link
  notify: reload apache

- name: common | Erstelle PHP-FPM-Log-Verzeichnis
-  file:
-    path: "{{ php_fpm_log_dir }}"
-    state: directory
-
 - name: "common | Kopiere PHP-CLI-Konfiguration"
  copy:
    src: ../roles/nextcloud/files/30-sao-nextcloud.ini
@ -42,33 +37,6 @@
    dest: "/etc/php/{{ php_version.stdout }}/cli/conf.d/30-sao-nextcloud.ini"
    state: link

- name: "common | Kopiere Template für systemd socket"
-  copy:
-    src: "../roles/nextcloud/files/systemd/php-fpm@.socket"
-    dest: /etc/systemd/system/php-fpm@.socket
-  notify:
-    - stop php-fpm-socket
-    - stop php-fpm-service
-    - start php-fpm-socket
-
- name: "common | Kopiere Template für systemd service"
-  template:
-    src: ../roles/nextcloud/templates/systemd/php-fpm@.service.j2
-    dest: /etc/systemd/system/php-fpm@.service
-  notify:
-    - stop php-fpm-socket
-    - stop php-fpm-service
-    - start php-fpm-socket
-
- name: "common | Aktiviere systemd Socket und Service"
-  systemd:
-    name: "{{ item }}"
-    enabled: true
-    daemon_reload: true
-  loop:
-    - php-fpm@.socket
-    - php-fpm@.service
-
 - name: "common | Kopiere Update-Skript"
  template:
    src: ../roles/nextcloud/templates/nextcloud-updater.j2
--- a/templates/systemd/php-fpm@.service.j2
+++ b/templates/systemd/php-fpm@.service.j2
@ -1,43 +0,0 @@
-# {{ ansible_managed }}
-#
-# This service can be enabled for Wordpress site.
-# It uses a single php-fpm configuration file.
-# User-specific settings can be overridden via environment variables (see "FPM_SOCKET_PATH" below).
-
-[Unit]
-Description=The PHP FastCGI Process Manager for %I
-Documentation=man:php-fpm{{ php_version.stdout }}(8)
-After=network.target
-Requires=php-fpm@%i.socket
-
-[Service]
-User=%i
-Group=%i
-Type=notify
-Environment="FPM_SOCKETS=/run/php/php-fpm-%i.sock=3"
-Environment="FPM_ERROR_LOG={{ php_fpm_log_dir }}/%i.log"
-# this variable is used in the pool configuration file
-Environment="FPM_SOCKET_PATH=/run/php/php-fpm-%i.sock"
-ExecStart=/usr/sbin/php-fpm{{ php_version.stdout }} --nodaemonize --fpm-config {{ php_fpm_pool_dir }}/%i.cfg
-ExecReload=/bin/kill -USR2 $MAINPID
-KillMode=process
-Restart=on-failure
-RestartSec=30s
-
-# Hardening
-# https://github.com/php/php-src/blob/master/sapi/fpm/php-fpm.service.in
-PrivateDevices=true
-PrivateTmp=true
-ProtectClock=true
-ProtectControlGroups=true
-ProtectKernelModules=true
-ProtectKernelTunables=true
-ProtectSystem=full
-RestrictRealtime=true
-RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
-RestrictNamespaces=true
-SystemCallFilter=@system-service
-SystemCallErrorNumber=EPERM
-
-[Install]
-WantedBy=multi-user.target