91 lines
2.4 KiB
Plaintext
91 lines
2.4 KiB
Plaintext
{% from "php/ng/map.jinja" import php with context %}
|
|
|
|
include:
|
|
- php.ng.deprecated
|
|
- php.ng
|
|
- php.ng.dev
|
|
|
|
{% set phpng_version = salt['pillar.get']('php:ng:version', '7.0')|string %}
|
|
|
|
{% if salt['grains.get']('os') == "Ubuntu" %}
|
|
{% if phpng_version >= '7.0' %}
|
|
{% set suhosin_ext = php.lookup.pkgs.suhosin7_ext %}
|
|
{% set suhosin_name = 'suhosin7' %}
|
|
{% set suhosin_repo = php.lookup.pkgs.suhosin7_repo %}
|
|
{% set tmppath = '/tmp/suhosin7' %}
|
|
{% else %}
|
|
{% set suhosin_ext = php.lookup.pkgs.suhosin5_ext %}
|
|
{% set suhosin_name = 'suhosin' %}
|
|
{% set suhosin_repo = php.lookup.pkgs.suhosin5_repo %}
|
|
{% set tmppath = '/tmp/suhosin5' %}
|
|
{% endif %}
|
|
{% elif salt['grains.get']('os_family') == "RedHat" %}
|
|
{% if grains['osmajorrelease'] == "7" %}
|
|
{% set suhosin_ext = php.lookup.pkgs.suhosin5_ext %}
|
|
{% set suhosin_name = 'suhosin' %}
|
|
{% set suhosin_repo = php.lookup.pkgs.suhosin5_repo %}
|
|
{% set tmppath = '/tmp/suhosin5' %}
|
|
{% else %}
|
|
{# RHEL version 6 contains PHP 5.3, which is not supported by Suhosin #}
|
|
{% endif %}
|
|
{% else %}
|
|
{% set suhosin_ext = php.lookup.pkgs.suhosin5_ext %}
|
|
{% set suhosin_name = 'suhosin' %}
|
|
{% set suhosin_repo = php.lookup.pkgs.suhosin5_repo %}
|
|
{% set tmppath = '/tmp/suhosin5' %}
|
|
{% endif %}
|
|
|
|
build-pkgs:
|
|
pkg.installed:
|
|
- pkgs: {{ php.lookup.pkgs.build_pkgs }}
|
|
|
|
git:
|
|
pkg.installed: []
|
|
|
|
suhosin-source:
|
|
git.latest:
|
|
- name: {{ suhosin_repo }}
|
|
- target: {{ tmppath }}
|
|
- unless:
|
|
- test -d {{ tmppath }}
|
|
- require:
|
|
- pkg: git
|
|
|
|
install-suhosin:
|
|
cmd.run:
|
|
- name: |
|
|
phpize
|
|
./configure
|
|
make
|
|
make install
|
|
- cwd: {{ tmppath }}
|
|
- shell: /bin/bash
|
|
- runas: root
|
|
- unless:
|
|
- test -e {{ php.lookup.pkgs.ext_conf_path }}/{{ suhosin_name }}.ini
|
|
- require:
|
|
- pkg: build-pkgs
|
|
- git: suhosin-source
|
|
|
|
php-suhosin-conf:
|
|
file.managed:
|
|
- name: {{ php.lookup.pkgs.ext_conf_path }}/{{ suhosin_name }}.ini
|
|
- contents: |
|
|
extension={{ suhosin_ext }}
|
|
suhosin.executor.include.whitelist=phar
|
|
- require:
|
|
- pkg: php
|
|
- cmd: install-suhosin
|
|
- unless:
|
|
- test -e {{ php.lookup.pkgs.ext_conf_path }}/{{ suhosin_name }}.ini
|
|
|
|
{% if salt['grains.get']('os_family') == "Debian" %}
|
|
|
|
php-suhosin-enable:
|
|
cmd.run:
|
|
- name: {{ php.lookup.pkgs.phpenmod_command }} {{ suhosin_name }}
|
|
- require:
|
|
- file: php-suhosin-conf
|
|
|
|
{% endif %}
|