/src/etc/rc.php_ini_setup - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/rc.php_ini_setup @ db0cdbc8

1	40e46009	Scott Ullrich	#!/bin/sh
2	de96a790	Scott Ullrich	#
3	ac24dc24	Renato Botelho	# rc.php_ini_setup
4			#
5			# part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	# Copyright (c) 2014-2016 Electric Sheep Fencing
7	8f2f85c3	Luiz Otavio O Souza	# Copyright (c) 2014-2022 Rubicon Communications, LLC (Netgate)
8	ac24dc24	Renato Botelho	# All rights reserved.
9			#
10	b12ea3fb	Renato Botelho	# Licensed under the Apache License, Version 2.0 (the "License");
11			# you may not use this file except in compliance with the License.
12			# You may obtain a copy of the License at
13	ac24dc24	Renato Botelho	#
14	b12ea3fb	Renato Botelho	# http://www.apache.org/licenses/LICENSE-2.0
15	ac24dc24	Renato Botelho	#
16	b12ea3fb	Renato Botelho	# Unless required by applicable law or agreed to in writing, software
17			# distributed under the License is distributed on an "AS IS" BASIS,
18			# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19			# See the License for the specific language governing permissions and
20			# limitations under the License.
21	ac24dc24	Renato Botelho	#
22	40e46009	Scott Ullrich
23			# Set our operating platform
24	c3f83348	Renato Botelho do Couto	VERSION=$(/bin/cat /etc/version)
25	5436d37a	Renato Botelho	MIN_REALMEM_FOR_OPCACHE=512
26	c44417f8	Scott Ullrich
27	5586fce0	Renato Botelho do Couto	if /usr/local/sbin/pkg-static info -e php74; then
28			EXTENSIONSDIR="/usr/local/lib/php/20190902/"
29			elif /usr/local/sbin/pkg-static info -e php73; then
30	b2aae111	Renato Botelho	EXTENSIONSDIR="/usr/local/lib/php/20180731/"
31	cd91a57c	Renato Botelho do Couto	elif /usr/local/sbin/pkg-static info -e php72; then
32	ec29cf58	Renato Botelho	EXTENSIONSDIR="/usr/local/lib/php/20170718/"
33			fi
34	79454450	Scott Ullrich
35	0d60f50a	Seth Mos	# Grab amount of memory that is detected
36	47eee8fa	Scott Ullrich	if [ -f /var/log/dmesg.boot ]; then
37	c3f83348	Renato Botelho do Couto	AVAILMEM=$(/bin/cat /var/log/dmesg.boot \|/usr/bin/awk '/avail memory/ { memory=($4 / 1048576); printf("%0.0f\n", memory); exit}')
38	e173dd74	Phil Davis	else
39	c3f83348	Renato Botelho do Couto	AVAILMEM=$(/sbin/dmesg -a \|/usr/bin/awk '/avail memory/ { memory=($4 / 1048576); printf("%0.0f\n", memory); exit}')
40	47eee8fa	Scott Ullrich	fi
41	c44417f8	Scott Ullrich
42	b713d790	Scott Ullrich	if [ -z "$AVAILMEM" ]; then
43	c3f83348	Renato Botelho do Couto	MEM=$(/sbin/sysctl -q hw.physmem \| cut -d':' -f2)
44			AVAILMEM=$(/bin/expr $MEM / 1048576)
45	b713d790	Scott Ullrich	fi
46
47	73fa0178	Individual IT Services
48			# Get amount of ram installed on this system
49	c3f83348	Renato Botelho do Couto	REALMEM=$(/sbin/sysctl -q hw.realmem \| /usr/bin/awk '{print $2/1048576}' \| /usr/bin/awk -F '.' '{print $1}')
50	73fa0178	Individual IT Services	export REALMEM
51			export LOWMEM
52
53	5436d37a	Renato Botelho	if [ ${REALMEM} -lt $MIN_REALMEM_FOR_OPCACHE ]; then
54	73fa0178	Individual IT Services	LOWMEM="TRUE"
55	5436d37a	Renato Botelho	echo ">>> Under $MIN_REALMEM_FOR_OPCACHE megabytes of ram detected. Not enabling opcache"
56			echo ">>> Under $MIN_REALMEM_FOR_OPCACHE megabytes of ram detected. Not enabling opcache" \| /usr/bin/logger -p daemon.info -i -t rc.php_ini_setup
57	73fa0178	Individual IT Services	else
58
59	5436d37a	Renato Botelho	# Calculate opcache memory size according
60	73fa0178	Individual IT Services	# to detected memory values
61			if [ "$AVAILMEM" -gt "135" ]; then
62	5436d37a	Renato Botelho	OPCACHEMEMSIZE="10"
63	73fa0178	Individual IT Services	fi
64			if [ "$AVAILMEM" -gt "256" ]; then
65	5436d37a	Renato Botelho	OPCACHEMEMSIZE="20"
66	73fa0178	Individual IT Services	fi
67			if [ "$AVAILMEM" -gt "384" ]; then
68	5436d37a	Renato Botelho	OPCACHEMEMSIZE="25"
69	73fa0178	Individual IT Services	fi
70			if [ "$AVAILMEM" -gt "512" ]; then
71	5436d37a	Renato Botelho	OPCACHEMEMSIZE="30"
72	73fa0178	Individual IT Services	fi
73			if [ "$AVAILMEM" -gt "784" ]; then
74	5436d37a	Renato Botelho	OPCACHEMEMSIZE="50"
75	73fa0178	Individual IT Services	fi
76	2b11ff4d	Scott Ullrich	fi
77	40e46009	Scott Ullrich
78	31c96a14	Scott Ullrich	# Set upload directory
79	dc61252a	Renato Botelho	UPLOADTMPDIR="/tmp"
80	31c96a14	Scott Ullrich
81	e173dd74	Phil Davis	# Define php modules. Do not add .so, it will
82	de96a790	Scott Ullrich	# be done automatically by the script below.
83	a4fc6ec7	Ermal	PHPMODULES="standard"
84	c25197ba	smos	# Config read/write
85			PHPMODULES="$PHPMODULES xml libxml dom"
86	e115bd22	Renato Botelho	PHPMODULES="$PHPMODULES SimpleXML xmlreader xmlwriter"
87	be1db1d3	Scott Ullrich	# Downloading via HTTP/FTP (pkg mgr, etc)
88	5556f3a1	Ermal	PHPMODULES="$PHPMODULES curl date"
89	e173dd74	Phil Davis	# Internationalization
90	5556f3a1	Ermal	PHPMODULES="$PHPMODULES gettext"
91	be1db1d3	Scott Ullrich	# User manager
92	5556f3a1	Ermal	PHPMODULES="$PHPMODULES ldap openssl pcntl"
93	b3765f4c	Roberto Nunnari	PHPMODULES="$PHPMODULES mcrypt"
94	be1db1d3	Scott Ullrich	# Regexs, PERL style!
95	5556f3a1	Ermal	PHPMODULES="$PHPMODULES pcre"
96	be1db1d3	Scott Ullrich	# The mighty posix!
97	5556f3a1	Ermal	PHPMODULES="$PHPMODULES posix"
98			PHPMODULES="$PHPMODULES readline"
99	be1db1d3	Scott Ullrich	# Login sessions
100	5556f3a1	Ermal	PHPMODULES="$PHPMODULES session"
101	fca48a65	Scott Ullrich	# Firewall rules edit
102	5556f3a1	Ermal	PHPMODULES="$PHPMODULES ctype"
103	16058a05	Scott Ullrich	# firewall_rules_edit.php
104	5556f3a1	Ermal	PHPMODULES="$PHPMODULES mbstring"
105			# Synchronization primitives
106			PHPMODULES="$PHPMODULES shmop"
107	be1db1d3	Scott Ullrich	# Page compression
108	5556f3a1	Ermal	PHPMODULES="$PHPMODULES zlib"
109			# SQLlite & Database
110			PHPMODULES="$PHPMODULES spl"
111	e115bd22	Renato Botelho	PHPMODULES="$PHPMODULES PDO"
112	6f657dfd	Renato Botelho	PHPMODULES="$PHPMODULES sqlite3"
113	04747c75	Warren Baker	# RADIUS
114			PHPMODULES="$PHPMODULES radius"
115	5556f3a1	Ermal	# pfSense extensions
116			PHPMODULES="$PHPMODULES pfSense"
117	a1f77238	Darren Embry	# json
118			PHPMODULES="$PHPMODULES json"
119	c1993935	jim-p	# bcmath
120			PHPMODULES="$PHPMODULES bcmath"
121	c28da0a7	Matt Smith	# filter
122			PHPMODULES="$PHPMODULES filter"
123	475f0b6d	Renato Botelho	# rrd
124			PHPMODULES="$PHPMODULES rrd"
125	e83dca8c	Scott Ullrich
126	aee36a29	Renato Botelho	PHP_ZEND_MODULES=""
127	8ef700da	Scott Ullrich
128	80d887d1	Scott Ullrich	# Modules previously included.
129	fcdf9492	Scott Ullrich	# can be turned on by touching
130	80d887d1	Scott Ullrich	# /etc/php_dynamodules/$modulename
131			# sysvmsg \
132			# sysvsem \
133			# sysvshm \
134			# bcmath \
135			# tokenizer \
136			# uploadprogress \
137			# sockets \
138			# Reflection \
139			# mysql \
140			# bz2 \
141
142	5556f3a1	Ermal	# Clear the .ini file to make sure we are clean
143	69b27c16	Scott Ullrich	if [ -f /usr/local/etc/php.ini ]; then
144	51d0f816	Ermal	/bin/rm /usr/local/etc/php.ini
145	69b27c16	Scott Ullrich	fi
146	c3f83348	Renato Botelho do Couto	LOADED_MODULES=$(/usr/local/bin/php-cgi -m \| /usr/bin/grep -v "\[")
147	e83dca8c	Scott Ullrich
148	a5c36eb2	Renato Botelho	unset TIMEZONE
149	339b8893	Renato Botelho	# Fetch the timezone from /var/db/zoneinfo if present
150			if [ -f /var/db/zoneinfo ]; then
151			TIMEZONE=$(cat /var/db/zoneinfo)
152	a5c36eb2	Renato Botelho	fi
153
154			if [ -z "${TIMEZONE}" ]; then
155			# Second option is from config.xml
156			TIMEZONE=$(/usr/local/sbin/read_xml_tag.sh string system/timezone)
157			fi
158
159			if [ -z "${TIMEZONE}" ]; then
160	e4121dde	Renato Botelho	# Last option, use default value from $g or Etc/UTC
161			TIMEZONE=$(/usr/local/sbin/read_global_var default_timezone "Etc/UTC")
162	a5c36eb2	Renato Botelho	fi
163
164	45c4bc38	Renato Botelho	if echo "${VERSION}" \| grep -q RELEASE; then
165			error_reporting="error_reporting = E_ERROR \| E_PARSE"
166			else
167			error_reporting=""
168			fi
169
170	5556f3a1	Ermal	# Get a loaded module list in the stock php
171	2ed3203c	Scott Ullrich	# Populate a dummy php.ini to avoid
172			# the file being clobbered and the firewall
173			# not being able to boot back up.
174	3646fbcb	Renato Botelho	/bin/cat >/usr/local/etc/php.ini <<EOF
175	4b29393a	Scott Ullrich	; File generated from /etc/rc.php_ini_setup
176	40e46009	Scott Ullrich	output_buffering = "0"
177			expose_php = Off
178			implicit_flush = true
179			magic_quotes_gpc = Off
180	9d0be827	smos	max_execution_time = 900
181	062a5434	Chris Buechler	request_terminate_timeout = 900
182	7e824233	smos	max_input_time = 1800
183	e56374a8	NewEraCracker	max_input_vars = 5000
184	40e46009	Scott Ullrich	register_argc_argv = On
185	aa205c3b	Ermal	register_long_arrays = Off
186	362ec35d	Ermal	variables_order = "GPCS"
187	40e46009	Scott Ullrich	file_uploads = On
188	31c96a14	Scott Ullrich	upload_tmp_dir = ${UPLOADTMPDIR}
189	96325dba	Warren Baker	upload_max_filesize = 200M
190			post_max_size = 200M
191	40e46009	Scott Ullrich	html_errors = Off
192	f4015bd7	Scott Ullrich	zlib.output_compression = Off
193	40e46009	Scott Ullrich	zlib.output_compression_level = 1
194	7e0da288	Christian McDonald	include_path = ".:/etc/inc:/usr/local/pfSense/include:/usr/local/pfSense/include/www:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form:/usr/local/share/pear:/usr/local/share/openssl_x509_crl/"
195	8919256f	Scott Ullrich	display_startup_errors=on
196			display_errors=on
197	baa2dba2	Scott Ullrich	log_errors=on
198			error_log=/tmp/PHP_errors.log
199	0804f515	Scott Ullrich	extension_dir=${EXTENSIONSDIR}
200	9d0be827	smos	date.timezone="${TIMEZONE}"
201	3e582e4f	NewEraCracker	session.hash_bits_per_character = 5
202			session.hash_function = 1
203	45c4bc38	Renato Botelho	${error_reporting}
204	40e46009	Scott Ullrich
205	4b29393a	Scott Ullrich	; Extensions
206	a8e61346	Ermal
207	40e46009	Scott Ullrich	EOF
208
209	e83dca8c	Scott Ullrich	# Loop through and generate modules to load.
210			# Take into account modules built into php.
211			for EXT in $PHPMODULES; do
212			SHOULDADD="true"
213	de96a790	Scott Ullrich	# Check to see if module is compiled into php statically
214	e83dca8c	Scott Ullrich	for LM in $LOADED_MODULES; do
215			if [ "$EXT" = "$LM" ]; then
216			SHOULDADD="false"
217			fi
218			done
219			if [ "$SHOULDADD" = "true" ]; then
220	de96a790	Scott Ullrich	# Ensure extension exists before adding.
221	69b27c16	Scott Ullrich	if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then
222	3646fbcb	Renato Botelho	echo "extension=${EXT}.so" >> /usr/local/etc/php.ini
223	0804f515	Scott Ullrich	fi
224	e83dca8c	Scott Ullrich	fi
225			done
226
227	8ef700da	Scott Ullrich	# Zend modules
228			for EXT in $PHP_ZEND_MODULES; do
229			# Ensure extension exists before adding.
230	aee36a29	Renato Botelho	if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then
231	3646fbcb	Renato Botelho	echo "zend_extension=${EXT}.so" >> /usr/local/etc/php.ini
232	8ef700da	Scott Ullrich	fi
233			done
234
235	73fa0178	Individual IT Services	if [ "$LOWMEM" != "TRUE" ]; then
236	40e46009	Scott Ullrich
237	3646fbcb	Renato Botelho	/bin/cat >>/usr/local/etc/php.ini <<EOF
238	e83dca8c	Scott Ullrich
239	5436d37a	Renato Botelho	; opcache Settings
240			opcache.enabled="1"
241			opcache.enable_cli="0"
242			opcache.memory_consumption="${OPCACHEMEMSIZE}"
243	40e46009	Scott Ullrich
244	a5c53d26	Renato Botelho	EOF
245			else
246	3646fbcb	Renato Botelho	/bin/cat >>/usr/local/etc/php.ini <<EOF
247	a5c53d26	Renato Botelho	; opcache Settings
248			opcache.enabled="0"
249	5556f3a1	Ermal	EOF
250			fi
251
252	6d7ee1ab	Ermal	PHPFPMMAX=3
253	2c131b10	marjohn56	PHPFPMIDLE=30
254			PHPFPMSTART=1
255			PHPFPMSPARE=2
256			PHPFPMREQ=500
257	7b03748b	Ermal	if [ $REALMEM -lt 250 ]; then
258	6d7ee1ab	Ermal	PHPFPMMAX=2
259	2c131b10	marjohn56	PHPFPMIDLE=5
260			PHPFPMSTART=1
261			PHPFPMSPARE=1
262			PHPFPMREQ=500
263	4aea91d8	Ermal	elif [ ${REALMEM} -gt 1000 ]; then
264	2c131b10	marjohn56	PHPFPMMAX=8
265			PHPFPMIDLE=3600
266			PHPFPMSTART=2
267			PHPFPMSPARE=7
268	179377b0	robjarsen	PHPFPMREQ=5000
269	4aea91d8	Ermal	fi
270
271			/bin/cat > /usr/local/lib/php-fpm.conf <<EOF
272
273			[global]
274			pid = run/php-fpm.pid
275			error_log=syslog
276			syslog.facility = daemon
277	9e0fb701	Ermal	syslog.ident = system
278	3ffae79b	Ermal	log_level = error
279	4aea91d8	Ermal	daemonize = yes
280			events.mechanism = kqueue
281			process.max = ${PHPFPMMAX}
282
283	40880eec	Renato Botelho	[nginx]
284	4aea91d8	Ermal	user = root
285			group = wheel
286			;mode = 0600
287
288			listen = /var/run/php-fpm.socket
289			listen.owner = root
290			listen.group = wheel
291			listen.mode = 0600
292
293			security.limit_extensions =
294
295	5293c5c7	Warren Baker	; Pass environment variables
296			env[PATH] = /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
297	75b8eb83	Renato Botelho	env[LOGNAME] = root
298	5293c5c7	Warren Baker
299	4aea91d8	Ermal	EOF
300
301	5be2085a	Ermal	if [ $REALMEM -lt 350 ]; then
302	4aea91d8	Ermal	/bin/cat >> /usr/local/lib/php-fpm.conf <<EOF
303
304			pm = ondemand
305	2c131b10	marjohn56	pm.process_idle_timeout = $PHPFPMIDLE
306	6d7ee1ab	Ermal	pm.max_children = $PHPFPMMAX
307	2c131b10	marjohn56	pm.max_requests = $PHPFPMREQ
308	4aea91d8	Ermal	EOF
309
310			elif [ $REALMEM -gt 1000 ]; then
311			/bin/cat >> /usr/local/lib/php-fpm.conf <<EOF
312
313			pm = dynamic
314	2c131b10	marjohn56	pm.process_idle_timeout = $PHPFPMIDLE
315	6d7ee1ab	Ermal	pm.max_children = $PHPFPMMAX
316	2c131b10	marjohn56	pm.start_servers = $PHPFPMSTART
317			pm.max_requests = $PHPFPMREQ
318	4aea91d8	Ermal	pm.min_spare_servers=1
319	2c131b10	marjohn56	pm.max_spare_servers= $PHPFPMSPARE
320
321	4aea91d8	Ermal	EOF
322			else
323
324			/bin/cat >> /usr/local/lib/php-fpm.conf <<EOF
325
326			pm = static
327	6d7ee1ab	Ermal	pm.max_children = $PHPFPMMAX
328	2c131b10	marjohn56	pm.max_requests = $PHPFPMREQ
329	4aea91d8	Ermal	EOF
330
331			fi
332
333	418fdfb3	PiBa-NL	# Add status url for php-fpm this will only be made available from localhost through nginx 'allow 127.0.0.1'
334			/bin/cat >> /usr/local/lib/php-fpm.conf <<EOF
335			pm.status_path = /status
336
337			EOF
338
339	e1fda0c0	Scott Ullrich	# Remove old log file if it exists.
340			if [ -f /var/run/php_modules_load_errors.txt ]; then
341	51d0f816	Ermal	/bin/rm /var/run/php_modules_load_errors.txt
342	e173dd74	Phil Davis	fi
343	e1fda0c0	Scott Ullrich
344	7030262c	Scott Ullrich	for EXT in $PHPMODULES; do
345	c3f83348	Renato Botelho do Couto	PHPMODULESLC="$PHPMODULESLC $(echo "$EXT" \| /usr/bin/tr '[:upper:]' '[:lower:]')"
346	7030262c	Scott Ullrich	done
347
348	e1fda0c0	Scott Ullrich	# Check loaded modules and remove anything that did not load correctly
349	c3f83348	Renato Botelho do Couto	LOADED_MODULES=$(/usr/local/bin/php-cgi -m \| /usr/bin/tr '[:upper:]' '[:lower:]' 2>/dev/null \| /usr/bin/grep -v "\[")
350	7030262c	Scott Ullrich	for EXT in $PHPMODULESLC; do
351	e1fda0c0	Scott Ullrich	SHOULDREMOVE="true"
352			for LM in $LOADED_MODULES; do
353			if [ "$EXT" = "$LM" ]; then
354			SHOULDREMOVE="false"
355	14dd1631	Renato Botelho	break
356	e173dd74	Phil Davis	fi
357	e1fda0c0	Scott Ullrich	done
358	1e86e897	Scott Ullrich	# Handle low memory situations
359	8ee1dc80	Scott Ullrich	if [ "$LOWMEM" = "TRUE" ]; then
360	5436d37a	Renato Botelho	if [ "$EXT" = "opcache" ]; then
361	8ee1dc80	Scott Ullrich	SHOULDREMOVE="true"
362			fi
363			if [ "$EXT" = "xcache" ]; then
364			SHOULDREMOVE="true"
365			fi
366			fi
367	e1fda0c0	Scott Ullrich	if [ "$SHOULDREMOVE" = "true" ]; then
368			if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then
369			echo ">>> ${EXT} did not load correctly. Removing from php.ini..." >> /var/run/php_modules_load_errors.txt
370	3646fbcb	Renato Botelho	/bin/cat /usr/local/etc/php.ini \| /usr/bin/grep -v $EXT > /tmp/php.ini
371			/bin/rm -f /usr/local/etc/php.ini
372			/bin/mv /tmp/php.ini /usr/local/etc/php.ini
373	e1fda0c0	Scott Ullrich	fi
374			fi
375			done

Project

General

Profile

pfSense