summaryrefslogtreecommitdiffstats
path: root/src/etc/rc.php_ini_setup
diff options
context:
space:
mode:
Diffstat (limited to 'src/etc/rc.php_ini_setup')
-rwxr-xr-xsrc/etc/rc.php_ini_setup417
1 files changed, 417 insertions, 0 deletions
diff --git a/src/etc/rc.php_ini_setup b/src/etc/rc.php_ini_setup
new file mode 100755
index 0000000..0013b58
--- /dev/null
+++ b/src/etc/rc.php_ini_setup
@@ -0,0 +1,417 @@
+#!/bin/sh
+#
+# rc.php_ini_setup
+# Copyright (C) 2010 Scott Ullrich <sullrich@gmail.com>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+# AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+# Set our operating platform
+PLATFORM=`/bin/cat /etc/platform`
+MIN_REALMEM_FOR_OPCACHE=512
+
+if [ -d /usr/local/lib/php/20121212 ]; then
+ EXTENSIONSDIR="/usr/local/lib/php/20121212/"
+elif [ -d /usr/local/lib/php/20090626 ]; then
+ EXTENSIONSDIR="/usr/local/lib/php/20090626/"
+else
+ EXTENSIONSDIR="/usr/local/lib/php/20060613/"
+fi
+
+# Grab amount of memory that is detected
+if [ -f /var/log/dmesg.boot ]; then
+ AVAILMEM=`/bin/cat /var/log/dmesg.boot |/usr/bin/awk '/avail memory/ { memory=($4 / 1048576); printf("%0.0f\n", memory); exit}'`
+else
+ AVAILMEM=`/sbin/dmesg -a |/usr/bin/awk '/avail memory/ { memory=($4 / 1048576); printf("%0.0f\n", memory); exit}'`
+fi
+
+if [ -z "$AVAILMEM" ]; then
+ MEM=`/sbin/sysctl hw.physmem | cut -d':' -f2`
+ AVAILMEM=`/bin/expr $MEM / 1048576`
+fi
+
+
+# Get amount of ram installed on this system
+REALMEM=`/sbin/sysctl hw.realmem | /usr/bin/awk '{print $2/1048576}' | /usr/bin/awk -F '.' '{print $1}'`
+export REALMEM
+export LOWMEM
+
+if [ ${REALMEM} -lt $MIN_REALMEM_FOR_OPCACHE ]; then
+ LOWMEM="TRUE"
+ echo ">>> Under $MIN_REALMEM_FOR_OPCACHE megabytes of ram detected. Not enabling opcache"
+ echo ">>> Under $MIN_REALMEM_FOR_OPCACHE megabytes of ram detected. Not enabling opcache" | /usr/bin/logger -p daemon.info -i -t rc.php_ini_setup
+else
+
+ # Calculate opcache memory size according
+ # to detected memory values
+ if [ "$AVAILMEM" -gt "135" ]; then
+ OPCACHEMEMSIZE="10"
+ fi
+ if [ "$AVAILMEM" -gt "256" ]; then
+ OPCACHEMEMSIZE="20"
+ fi
+ if [ "$AVAILMEM" -gt "384" ]; then
+ OPCACHEMEMSIZE="25"
+ fi
+ if [ "$AVAILMEM" -gt "512" ]; then
+ OPCACHEMEMSIZE="30"
+ fi
+ if [ "$AVAILMEM" -gt "784" ]; then
+ OPCACHEMEMSIZE="50"
+ fi
+fi
+
+# Set upload directory
+if [ "$PLATFORM" = "nanobsd" ]; then
+ UPLOADTMPDIR=`/usr/bin/grep upload_path /etc/inc/globals.inc | /usr/bin/cut -d'"' -f4`
+else
+ UPLOADTMPDIR="/tmp"
+fi
+
+# Define php modules. Do not add .so, it will
+# be done automatically by the script below.
+PHPMODULES="standard"
+if [ "$LOWMEM" != "TRUE" ]; then
+ PHPMODULES="$PHPMODULES opcache"
+fi
+# Config read/write
+PHPMODULES="$PHPMODULES xml libxml dom"
+PHPMODULES="$PHPMODULES SimpleXML xmlreader xmlwriter"
+# Downloading via HTTP/FTP (pkg mgr, etc)
+PHPMODULES="$PHPMODULES curl date"
+# Internationalization
+PHPMODULES="$PHPMODULES gettext"
+# User manager
+PHPMODULES="$PHPMODULES ldap openssl pcntl"
+PHPMODULES="$PHPMODULES hash"
+PHPMODULES="$PHPMODULES mcrypt"
+# Regexs, PERL style!
+PHPMODULES="$PHPMODULES pcre"
+# The mighty posix!
+PHPMODULES="$PHPMODULES posix"
+PHPMODULES="$PHPMODULES readline"
+# Login sessions
+PHPMODULES="$PHPMODULES session"
+# Extra sanity seatbelts
+PHPMODULES="$PHPMODULES suhosin"
+# Firewall rules edit
+PHPMODULES="$PHPMODULES ctype"
+# firewall_rules_edit.php
+PHPMODULES="$PHPMODULES mbstring"
+# Synchronization primitives
+PHPMODULES="$PHPMODULES shmop"
+# Page compression
+PHPMODULES="$PHPMODULES zlib"
+# SQLlite & Database
+PHPMODULES="$PHPMODULES spl"
+PHPMODULES="$PHPMODULES PDO"
+PHPMODULES="$PHPMODULES sqlite3"
+# RADIUS
+PHPMODULES="$PHPMODULES radius"
+# ZeroMQ
+PHPMODULES="$PHPMODULES zmq"
+# SSH2
+PHPMODULES="$PHPMODULES ssh2"
+# pfSense extensions
+PHPMODULES="$PHPMODULES pfSense"
+# json
+PHPMODULES="$PHPMODULES json"
+# bcmath
+PHPMODULES="$PHPMODULES bcmath"
+# filter
+PHPMODULES="$PHPMODULES filter"
+
+PHP_ZEND_MODULES="ioncube_loader"
+PHP_ZEND_MODULES_TS="ioncube_loader_ts"
+
+# Modules previously included.
+# can be turned on by touching
+# /etc/php_dynamodules/$modulename
+# sysvmsg \
+# sysvsem \
+# sysvshm \
+# bcmath \
+# tokenizer \
+# uploadprogress \
+# sockets \
+# Reflection \
+# mysql \
+# bz2 \
+
+# Clear the .ini file to make sure we are clean
+if [ -f /usr/local/etc/php.ini ]; then
+ /bin/rm /usr/local/etc/php.ini
+fi
+if [ -f /usr/local/lib/php.ini ]; then
+ /bin/rm /usr/local/lib/php.ini
+fi
+LOADED_MODULES=`/usr/local/bin/php-cgi -m | /usr/bin/grep -v "\["`
+
+# Fetch the timezone from the XML and set it here. We set it later too in the running scripts
+TIMEZONE=`cat /conf/config.xml | egrep -E '<timezone>(.*?)</timezone>' | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'`
+
+# Get a loaded module list in the stock php
+# Populate a dummy php.ini to avoid
+# the file being clobbered and the firewall
+# not being able to boot back up.
+/bin/cat >/usr/local/lib/php.ini <<EOF
+; File generated from /etc/rc.php_ini_setup
+output_buffering = "0"
+expose_php = Off
+implicit_flush = true
+magic_quotes_gpc = Off
+max_execution_time = 900
+max_input_time = 1800
+register_argc_argv = On
+register_long_arrays = Off
+variables_order = "GPCS"
+file_uploads = On
+upload_tmp_dir = ${UPLOADTMPDIR}
+upload_max_filesize = 200M
+post_max_size = 200M
+html_errors = Off
+zlib.output_compression = Off
+zlib.output_compression_level = 1
+include_path = ".:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg"
+display_startup_errors=on
+display_errors=on
+log_errors=on
+error_log=/tmp/PHP_errors.log
+extension_dir=${EXTENSIONSDIR}
+date.timezone="${TIMEZONE}"
+
+; Extensions
+
+EOF
+
+# Copy php.ini file to etc/ too (cli)
+/bin/cp /usr/local/lib/php.ini /usr/local/etc/php.ini
+
+# Ensure directory exists
+if [ ! -d /etc/php_dynamodules ]; then
+ /bin/mkdir /etc/php_dynamodules
+fi
+if [ ! -d /etc/php_dynamodules_zend ]; then
+ /bin/mkdir /etc/php_dynamodules_zend
+fi
+if [ ! -d /etc/php_dynamodules_zend_ts ]; then
+ /bin/mkdir /etc/php_dynamodules_zend_ts
+fi
+
+# Read in dynamodules
+if [ -d /etc/php_dynamodules ]; then
+ DYNA_MODULES=`/bin/ls -Utr /etc/php_dynamodules/`
+ PHPMODULES="$PHPMODULES $DYNA_MODULES"
+fi
+
+# Read in zend modules
+if [ -d /etc/php_dynamodules_zend ]; then
+ DYNA_MODULES=`/bin/ls /etc/php_dynamodules_zend/`
+ PHP_ZEND_MODULES="$PHP_ZEND_MODULES $DYNA_MODULES"
+fi
+
+# Read in zend threaded modules
+if [ -d /etc/php_dynamodules_zend_ts ]; then
+ DYNA_MODULES=`/bin/ls /etc/php_dynamodules_zend_ts/`
+ PHP_ZEND_MODULES_TS="$PHP_ZEND_MODULES_TS $DYNA_MODULES"
+fi
+
+# Loop through and generate modules to load.
+# Take into account modules built into php.
+for EXT in $PHPMODULES; do
+ SHOULDADD="true"
+ # Check to see if module is compiled into php statically
+ for LM in $LOADED_MODULES; do
+ if [ "$EXT" = "$LM" ]; then
+ SHOULDADD="false"
+ fi
+ done
+ if [ "$SHOULDADD" = "true" ]; then
+ # Ensure extension exists before adding.
+ if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then
+ echo "extension=${EXT}.so" >> /usr/local/lib/php.ini
+ fi
+ fi
+done
+
+# Zend modules
+for EXT in $PHP_ZEND_MODULES; do
+ # Ensure extension exists before adding.
+ if [ -f "${EXTENSIONSDIR}/ioncube/${EXT}.so" ]; then
+ echo "zend_extension=${EXTENSIONSDIR}/ioncube/${EXT}.so" >> /usr/local/lib/php.ini
+ fi
+done
+
+# Zend threaded modules
+for EXT in $PHP_ZEND_MODULES_TS; do
+ # Ensure extension exists before adding.
+ if [ -f "${EXTENSIONSDIR}/ioncube/${EXT}.so" ]; then
+ echo "zend_extension_ts=${EXTENSIONSDIR}/ioncube/${EXT}.so" >> /usr/local/lib/php.ini
+ fi
+done
+
+
+if [ "$LOWMEM" != "TRUE" ]; then
+
+ /bin/cat >>/usr/local/lib/php.ini <<EOF
+
+; opcache Settings
+opcache.enabled="1"
+opcache.enable_cli="0"
+opcache.memory_consumption="${OPCACHEMEMSIZE}"
+
+EOF
+fi
+
+ /bin/cat >>/usr/local/lib/php.ini <<EOF
+
+[suhosin]
+suhosin.get.max_array_depth = 5000
+suhosin.get.max_array_index_length = 256
+suhosin.get.max_vars = 5000
+suhosin.get.max_value_length = 500000
+suhosin.post.max_array_depth = 5000
+suhosin.post.max_array_index_length = 256
+suhosin.post.max_vars = 5000
+suhosin.post.max_value_length = 500000
+suhosin.request.max_array_depth = 5000
+suhosin.request.max_array_index_length = 256
+suhosin.request.max_vars = 5000
+suhosin.request.max_value_length = 500000
+suhosin.memory_limit = 512435456
+
+EOF
+
+
+PHPFPMMAX=3
+if [ $REALMEM -lt 250 ]; then
+ PHPFPMMAX=2
+elif [ ${REALMEM} -gt 1000 ]; then
+ PHPFPMMAX=4
+fi
+
+/bin/cat > /usr/local/lib/php-fpm.conf <<EOF
+
+[global]
+pid = run/php-fpm.pid
+error_log=syslog
+syslog.facility = daemon
+syslog.ident = system
+log_level = error
+daemonize = yes
+events.mechanism = kqueue
+process.max = ${PHPFPMMAX}
+
+[lighty]
+user = root
+group = wheel
+;mode = 0600
+
+listen = /var/run/php-fpm.socket
+listen.owner = root
+listen.group = wheel
+listen.mode = 0600
+
+security.limit_extensions =
+
+; Pass environment variables
+env[PATH] = /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
+env[LOGNAME] = root
+
+EOF
+
+if [ $REALMEM -lt 350 ]; then
+ /bin/cat >> /usr/local/lib/php-fpm.conf <<EOF
+
+pm = ondemand
+pm.process_idle_timeout = 5
+pm.max_children = $PHPFPMMAX
+pm.max_requests = 500
+
+EOF
+
+elif [ $REALMEM -gt 1000 ]; then
+ /bin/cat >> /usr/local/lib/php-fpm.conf <<EOF
+
+pm = dynamic
+pm.process_idle_timeout = 5
+pm.max_children = $PHPFPMMAX
+pm.start_servers = 1
+pm.max_requests = 500
+pm.min_spare_servers=1
+pm.max_spare_servers=1
+
+EOF
+else
+
+ /bin/cat >> /usr/local/lib/php-fpm.conf <<EOF
+
+pm = static
+pm.max_children = $PHPFPMMAX
+pm.max_requests = 500
+
+EOF
+
+fi
+
+# Copy php.ini file to etc/ too (cli)
+/bin/cp /usr/local/lib/php.ini /usr/local/etc/php.ini
+
+# Remove old log file if it exists.
+if [ -f /var/run/php_modules_load_errors.txt ]; then
+ /bin/rm /var/run/php_modules_load_errors.txt
+fi
+
+for EXT in $PHPMODULES; do
+ PHPMODULESLC="$PHPMODULESLC `echo "$EXT" | /usr/bin/tr '[:upper:]' '[:lower:]'`"
+done
+
+# Check loaded modules and remove anything that did not load correctly
+LOADED_MODULES=`/usr/local/bin/php-cgi -m | /usr/bin/tr '[:upper:]' '[:lower:]' 2>/dev/null | /usr/bin/grep -v "\["`
+for EXT in $PHPMODULESLC; do
+ SHOULDREMOVE="true"
+ for LM in $LOADED_MODULES; do
+ if [ "$EXT" = "$LM" ]; then
+ SHOULDREMOVE="false"
+ fi
+ done
+ # Handle low memory situations
+ if [ "$LOWMEM" = "TRUE" ]; then
+ if [ "$EXT" = "opcache" ]; then
+ SHOULDREMOVE="true"
+ fi
+ if [ "$EXT" = "xcache" ]; then
+ SHOULDREMOVE="true"
+ fi
+ fi
+ if [ "$SHOULDREMOVE" = "true" ]; then
+ if [ -f "${EXTENSIONSDIR}${EXT}.so" ]; then
+ echo ">>> ${EXT} did not load correctly. Removing from php.ini..." >> /var/run/php_modules_load_errors.txt
+ /bin/cat /usr/local/lib/php.ini | /usr/bin/grep -v $EXT > /tmp/php.ini
+ /bin/rm -f /usr/local/lib/php.ini
+ /bin/mv /tmp/php.ini /usr/local/lib/php.ini
+ fi
+ fi
+done
+
+# Copy php.ini file to etc/ too (cli)
+/bin/cp /usr/local/lib/php.ini /usr/local/etc/php.ini
OpenPOWER on IntegriCloud