Page MenuHomeDevCentral
Files F3753279

D3502.id9030.diff
No OneTemporary
Actions

D3502.id9030.diff
View Options

diff --git a/PORTS b/PORTS
--- a/PORTS
+++ b/PORTS
@@ -1,3 +1,6 @@
+webserver-alkane
+ 9253 php-fpm metrics
+
reserved-for-legacy-docker-migration-medium-priority
3000 Mastodon public HTTP
4000 Mastodon streaming HTTP
diff --git a/UIDs b/UIDs
--- a/UIDs
+++ b/UIDs
@@ -6,6 +6,7 @@
835 opensearch
3004 mediawiki
6000 mailbox
+8000 web-admin
9001 salt
9002 deploy
8900 zr LEGACY
diff --git a/pillar/observability/prometheus.sls b/pillar/observability/prometheus.sls
--- a/pillar/observability/prometheus.sls
+++ b/pillar/observability/prometheus.sls
@@ -56,6 +56,12 @@
- service: "docker:all"
port: 9323
+ php-fpm:
+ name: php-fpm
+ services_targets_list:
+ - service: "alkane"
+ port: 9253
+
postfix:
name: postfix
services_targets:
diff --git a/pillar/services/table.sls b/pillar/services/table.sls
--- a/pillar/services/table.sls
+++ b/pillar/services/table.sls
@@ -23,6 +23,12 @@
- 172.27.27.4
- 172.27.27.5
+ # Alkane
+ alkane:
+ - 172.27.27.3 # hervil for webmail clients
+ - 172.27.27.10 # web-001
+ - 172.27.27.35 # windriver
+
# Databases
db-A: 172.27.27.8
db-B: 172.27.27.9
diff --git a/roles/webserver-alkane/monitoring/files/rc/phpfpm_exporter.conf b/roles/webserver-alkane/monitoring/files/rc/phpfpm_exporter.conf
new file mode 100644
--- /dev/null
+++ b/roles/webserver-alkane/monitoring/files/rc/phpfpm_exporter.conf
@@ -0,0 +1,21 @@
+# -------------------------------------------------------------
+# phpfpm_exporter :: php-fpm metrics
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# Source file: roles/webserver-alkane/monitoring/files/rc/phpfpm_exporter.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+phpfpm_exporter_enable="YES"
+phpfpm_exporter_user="web-admin"
+phpfpm_exporter_sockets_root="/var/run/web"
+phpfpm_exporter_sockets_pattern="php-fpm.sock"
+phpfpm_exporter_status="/php-fpm-status"
+phpfpm_exporter_address="{{ ip }}:9253"
diff --git a/roles/webserver-alkane/monitoring/init.sls b/roles/webserver-alkane/monitoring/init.sls
new file mode 100644
--- /dev/null
+++ b/roles/webserver-alkane/monitoring/init.sls
@@ -0,0 +1,9 @@
+# -------------------------------------------------------------
+# Salt :: Alkane :: Nasqueron PaaS for static and PHP sites
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+include:
+ - .php-fpm
diff --git a/roles/webserver-alkane/monitoring/php-fpm.sls b/roles/webserver-alkane/monitoring/php-fpm.sls
new file mode 100644
--- /dev/null
+++ b/roles/webserver-alkane/monitoring/php-fpm.sls
@@ -0,0 +1,28 @@
+# -------------------------------------------------------------
+# Salt :: Alkane :: Nasqueron PaaS for static and PHP sites
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+{% from "map.jinja" import dirs, services with context %}
+
+{% set network = salt["node.resolve_network"]() %}
+
+# -------------------------------------------------------------
+# Export php-fpm metrics
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+phpfpm_exporter_lusitaniae:
+ pkg.installed
+
+{% if services["manager"] == "rc" %}
+
+/etc/rc.conf.d/phpfpm_exporter.conf:
+ file.managed:
+ - source: salt://roles/webserver-alkane/monitoring/files/rc/phpfpm_exporter.conf
+ - template: jinja
+ - context:
+ ip: {{ network.private_ipv4_address }}
+
+{% endif %}
diff --git a/roles/webserver-alkane/php/files/php-fpm-pool.conf b/roles/webserver-alkane/php/files/php-fpm-pool.conf
--- a/roles/webserver-alkane/php/files/php-fpm-pool.conf
+++ b/roles/webserver-alkane/php/files/php-fpm-pool.conf
@@ -27,6 +27,8 @@
pm.process_idle_timeout = 10s
pm.max_requests = 50
+pm.status_path = /php-fpm-status
+
slowlog = /var/log/www/{{ domain }}/{{ subdomain }}-php-slow.log
request_slowlog_timeout = {{ slow_delay }}
diff --git a/roles/webserver-core/nginx/config.sls b/roles/webserver-core/nginx/config.sls
--- a/roles/webserver-core/nginx/config.sls
+++ b/roles/webserver-core/nginx/config.sls
@@ -20,6 +20,9 @@
# - nginx process (configured in nginx.conf)
# - back-end UNIX sockets like php-fpm sockets can be 660
# - more private folders can use 007 as umask
+#
+# An user is created in that group to run tools needing access
+# to those resources.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
webserver_core_group:
@@ -28,6 +31,12 @@
- gid: 9003
- system: True
+webserver_core_user:
+ user.present:
+ - name: web-admin
+ - uid: 8000
+ - gid: 9003
+
# -------------------------------------------------------------
# Base configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

File Metadata

Mime Type
text/plain
Expires
Tue, Nov 19, 00:38 (20 h, 20 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2251425
Default Alt Text
D3502.id9030.diff (5 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator