update php-fpm config according to nextcloud docs

raise rclone mount poll interval
ansible-lint recommendations
2023-07-27 23:29:39 +00:00 · 2023-07-27 23:28:06 +00:00 · 2023-07-27 23:27:11 +00:00
32 changed files with 101 additions and 94 deletions
--- a/roles/lego/handlers/main.yml
+++ b/roles/lego/handlers/main.yml
@@ -1,12 +1,12 @@
 ---
- name: restart lego_timer
+- name: Restart lego_timer
  systemd:
    daemon_reload: true
    enabled: true
    name: lego.timer
    state: restarted
- name: restart lego_service
+- name: Restart lego_service
  systemd:
    daemon_reload: true
    enabled: true
--- a/roles/lego/tasks/main.yml
+++ b/roles/lego/tasks/main.yml
@@ -15,8 +15,8 @@
          {{ lego_version.tag }}/lego_{{ lego_version.tag }}\
          _linux_{{ deb_architecture }}.tar.gz"
    dest: "/var/tmp/lego.tar.gz"
-  register: _download_archive
+  register: lego_download_archive
-  until: _download_archive is succeeded
+  until: lego_download_archive is succeeded
  retries: 3
  delay: 5
@@ -59,4 +59,4 @@
    dest: "/etc/systemd/system/{{ item }}"
    mode: "0644"
  loop: [lego.service, lego.timer]
-  notify: [restart lego_service, restart lego_timer]
+  notify: [Restart lego_service, Restart lego_timer]
--- a/roles/mariadb/handlers/main.yml
+++ b/roles/mariadb/handlers/main.yml
@@ -1,15 +1,15 @@
 ---
- name: restart mariadb
+- name: Restart mariadb
  systemd:
    name: mariadb.service
    state: restarted
- name: reload mariadb
+- name: Reload mariadb
  systemd:
    name: mariadb.service
    state: reloaded
- name: restart mysqld_exporter
+- name: Restart mysqld_exporter
  systemd:
    daemon_reload: true
    enabled: true
--- a/roles/mariadb/tasks/mariadb.yml
+++ b/roles/mariadb/tasks/mariadb.yml
@@ -33,4 +33,4 @@
    owner: mysql
    group: mysql
    mode: "0600"
-  notify: restart mariadb
+  notify: Restart mariadb
--- a/roles/mariadb/tasks/mysqld_exporter.yml
+++ b/roles/mariadb/tasks/mysqld_exporter.yml
@@ -20,8 +20,8 @@
          v{{ mysqld_exporter_version.tag }}/mysqld_exporter-{{ mysqld_exporter_version.tag }}\
          .linux-{{ deb_architecture }}.tar.gz"
    dest: "/var/tmp/mysqld_exporter.tar.gz"
-  register: _download_archive
+  register: mysqld_exporter_download_archive
-  until: _download_archive is succeeded
+  until: mysqld_exporter_download_archive is succeeded
  retries: 3
  delay: 5
@@ -36,7 +36,7 @@
      --strip-components=1
    include:
      - "mysqld_exporter-{{ mysqld_exporter_version.tag }}.linux-{{ deb_architecture }}/mysqld_exporter"
-  notify: restart mysqld_exporter
+  notify: Restart mysqld_exporter
 - name: Copy the mysqld_exporter systemd service file
  template:
@@ -45,4 +45,4 @@
    owner: root
    group: root
    mode: "0644"
-  notify: restart mysqld_exporter
+  notify: Restart mysqld_exporter
--- a/roles/nextcloud/handlers/main.yml
+++ b/roles/nextcloud/handlers/main.yml
@@ -1,13 +1,13 @@
 ---
- name: restart rclone_mount_nextcloud
+- name: Restart rclone_mount_nextcloud
  systemd:
    daemon_reload: true
    enabled: true
    name: rclone_mount_nextcloud.service
    state: restarted
- name: restart nextcloudcron
+- name: Restart nextcloudcron
  systemd:
    daemon_reload: true
    enabled: true
@@ -15,28 +15,28 @@
    state: restarted
  loop: [nextcloudcron.service, nextcloudcron.timer]
- name: restart nextcloud_nightlycron
+- name: Restart nextcloud_nightlycron
  systemd:
    daemon_reload: true
    enabled: true
    name: nextcloud_nightlycron.timer
    state: restarted
- name: restart nextcloud_notify_push
+- name: Restart nextcloud_notify_push
  systemd:
    daemon_reload: true
    enabled: true
    name: nextcloud_notify_push.service
    state: restarted
- name: restart nextcloud_exporter
+- name: Restart nextcloud_exporter
  systemd:
    daemon_reload: true
    enabled: true
    name: nextcloud_exporter.service
    state: restarted
- name: restart nextcloud_backup_timer
+- name: Restart nextcloud_backup_timer
  systemd:
    daemon_reload: true
    enabled: true
--- a/roles/nextcloud/tasks/configure.yml
+++ b/roles/nextcloud/tasks/configure.yml
@@ -54,16 +54,19 @@
          v{{ nextcloud_exporter_version.tag }}/nextcloud-exporter-{{ nextcloud_exporter_version.tag }}\
          -{{ deb_architecture }}.bz2"
    dest: "/var/tmp/nextcloud-exporter.bz2"
-  register: _download_archive
+  register: nextcloud_exporter_download_archive
-  until: _download_archive is succeeded
+  until: nextcloud_exporter_download_archive is succeeded
  retries: 3
  delay: 5
- name: decompress nextcloud_exporter
+- name: Decompress nextcloud_exporter
  command:
    cmd: "bzip2 -dk nextcloud-exporter.bz2"
-    chdir: /var/tmp
+  args:
-    creates: /var/tmp/nextcloud-exporter
+    chdir: /var/tmp/
  register: nextcloud_exporter_decompress_archive
  changed_when: nextcloud_exporter_decompress_archive.rc != 0
  when: nextcloud_exporter_download_archive.changed  # noqa: no-handler
 - name: Copy nextcloud_exporter
  copy:
@@ -73,7 +76,7 @@
    owner: "{{ nextcloud_exporter_system_user }}"
    group: "{{ nextcloud_exporter_system_group }}"
    mode: "0755"
-  notify: restart nextcloud_exporter
+  notify: Restart nextcloud_exporter
 - name: Get latest nextcloud_notify_push version
  github_release:
@@ -91,12 +94,12 @@
 - name: "set deb_architecture alias"
  set_fact:
-    deb_architecture_alias: "x86_64"
+    deb_architecture_alias: "x86_64"  # noqa: var-naming[no-role-prefix]
  when: deb_architecture == "amd64"
 - name: "set deb_architecture alias"
  set_fact:
-    deb_architecture_alias: "{{ deb_architecture }}"
+    deb_architecture_alias: "{{ deb_architecture }}"  # noqa: var-naming[no-role-prefix]
  when: deb_architecture != "amd64"
 - name: Download nextcloud_notify_push {{ nextcloud_notify_push_version.tag }} from GitHub
@@ -104,8 +107,8 @@
    url: "https://github.com/nextcloud/notify_push/releases/download/v{{ nextcloud_notify_push_version.tag }}\
          /notify_push-{{ deb_architecture_alias }}-unknown-linux-musl"
    dest: "/var/tmp/notify_push-{{ deb_architecture_alias }}-unknown-linux-musl"
-  register: _download_archive
+  register: nextcloud_notify_push_download_archive
-  until: _download_archive is succeeded
+  until: nextcloud_notify_push_download_archive is succeeded
  retries: 3
  delay: 5
@@ -117,7 +120,7 @@
    owner: "{{ webserver_user }}"
    group: "{{ webserver_group }}"
    mode: "0700"
-  notify: restart nextcloud_notify_push
+  notify: Restart nextcloud_notify_push
 - name: Copy nextcloud_nightlycron
  template:
@@ -142,8 +145,8 @@
    - nextcloud_nightlycron.service
    - nextcloud_nightlycron.timer
  notify:
-    - restart {{ item | regex_replace ('\..*', '') }}
+    - Restart {{ item | regex_replace ('\..*', '') }}
-    - restart systemd_exporter
+    - Restart systemd_exporter
 - name: Copy Nextcloud logrotate file
  template:
--- a/roles/nextcloud/tasks/dependencies.yml
+++ b/roles/nextcloud/tasks/dependencies.yml
@@ -16,7 +16,7 @@
  lineinfile:
    path: /etc/php/{{ php_version }}/cli/conf.d/20-apcu.ini
    line: apc.enable_cli=1
-  notify: restart php-fpm
+  notify: Restart php-fpm
 - name: "Add {{ webserver_user }} user to redis group"
  user:
--- a/roles/nextcloud/tasks/nextcloud.yml
+++ b/roles/nextcloud/tasks/nextcloud.yml
@@ -1,5 +1,5 @@
 ---
-# flush handlers to restart code-server before install extensions
+# flush handlers to Restart code-server before install extensions
 - name: Flush handlers befor continue
  meta: flush_handlers
@@ -23,8 +23,8 @@
      get_url:
        url: "https://download.nextcloud.com/server/releases/latest.tar.bz2"
        dest: "/var/tmp/nextcloud.tar.gz"
-      register: _download_archive
+      register: nextcloud_download_archive
-      until: _download_archive is succeeded
+      until: nextcloud_download_archive is succeeded
      retries: 3
      delay: 5
--- a/roles/nextcloud/tasks/rclone.yml
+++ b/roles/nextcloud/tasks/rclone.yml
@@ -21,7 +21,7 @@
    src: rclone_mount_nextcloud.service.j2
    dest: /etc/systemd/system/rclone_mount_nextcloud.service
    mode: "0640"
-  notify: restart rclone_mount_nextcloud
+  notify: Restart rclone_mount_nextcloud
 - name: "Add {{ webserver_user }} user to rclone group"
  user:
--- a/roles/nextcloud/templates/nextcloud.config.json.j2
+++ b/roles/nextcloud/templates/nextcloud.config.json.j2
@@ -25,8 +25,8 @@
        "mail_sendmailmode": "smtp",
        "mail_domain": "{{ nextcloud_smtp_from_domain }}",
        "mail_smtpauth": 1,
-        "mail_smtpname": "{{ nextcloud_smtp_user }}",
+        "mail_smtpname": "{{ vault_nextcloud_smtp_user }}",
-        "mail_smtppassword": "{{ nextcloud_smtp_pass }}",
+        "mail_smtppassword": "{{ vault_nextcloud_smtp_pass }}",
        "mail_smtpsecure": "tls",
        "loglevel": 1,
        "logfile": {{ nextcloud_log_file | to_json }},
--- a/roles/nextcloud/templates/rclone_mount_nextcloud.service.j2
+++ b/roles/nextcloud/templates/rclone_mount_nextcloud.service.j2
@@ -13,13 +13,13 @@ ExecStart=/usr/bin/rclone mount DTSV_crypt:cloud_data {{ nextcloud_rclone_mount_
        --use-mmap \
        --default-permissions \
        --allow-other \
-        --uid {{ created_rclone_user.uid }} \
+        --uid {{ rclone_created_user.uid }} \
-        --gid {{ created_rclone_group.gid }} \
+        --gid {{ rclone_created_group.gid }} \
        --umask 0007 \
        --dir-perms 0770 \
        --file-perms 0660 \
        --dir-cache-time 8760h \
-        --poll-interval 1h \
+        --poll-interval 12h \
        --buffer-size 64M \
        --drive-chunk-size 256M \
        --drive-pacer-min-sleep 10ms \
--- a/roles/nextcloud/vars/main.yml
+++ b/roles/nextcloud/vars/main.yml
@@ -43,14 +43,14 @@ nextcloud_smtp_host: "{{ smtp_hostname }}"
 nextcloud_smtp_port: "{{ smtp_port }}"
 nextcloud_smtp_from_address: "cloud"
 nextcloud_smtp_from_domain: "twirling.de"
-nextcloud_smtp_user: !vault |
+vault_nextcloud_smtp_user: !vault |
  $ANSIBLE_VAULT;1.2;AES256;dtsv-dev
  37323762356630343133346634653965303530363966646236383962313163623637326165346439
  3234303935353134633238396365363036313363663031310a663339363665376564306565393538
  33663566663534383133623965316362383731303565326632623430303565343134393939343734
  3930376165653536310a656632373336623663356431333136303165653162333137626632333033
  35363439346237666662333537613363386266653865656238323638666533356535
-nextcloud_smtp_pass: !vault |
+vault_nextcloud_smtp_pass: !vault |
  $ANSIBLE_VAULT;1.2;AES256;dtsv-dev
  61303737376466646164313766373639376133633935313433356637323038626437663736363631
  3864616433353737666137663663666333366463626337630a643034323935613833633439306236
--- a/roles/nginx/handlers/main.yml
+++ b/roles/nginx/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
- name: reload nginx
+- name: Reload nginx
  systemd:
    name: nginx.service
    state: reloaded
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -35,10 +35,10 @@
    dest: /etc/nginx/global/ssl.conf
    src: ssl.conf.j2
    mode: "0644"
-  notify: reload nginx
+  notify: Reload nginx
 - name: Download pre-defined DHE group  # as recommended by IETF RFC 7919
  get_url:
    url: https://github.com/internetstandards/dhe_groups/raw/main/ffdhe4096.pem
    dest: "{{ nginx_ssl_dhparam }}"
-  notify: reload nginx
+  notify: Reload nginx
--- a/roles/node_exporter/handlers/main.yml
+++ b/roles/node_exporter/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
- name: restart node_exporter
+- name: Restart node_exporter
  systemd:
    daemon_reload: true
    enabled: true
--- a/roles/node_exporter/tasks/main.yml
+++ b/roles/node_exporter/tasks/main.yml
@@ -37,8 +37,8 @@
          v{{ node_exporter_version.tag }}/node_exporter-{{ node_exporter_version.tag }}\
          .linux-{{ deb_architecture }}.tar.gz"
    dest: "/var/tmp/node_exporter.tar.gz"
-  register: _download_archive
+  register: node_exporter_download_archive
-  until: _download_archive is succeeded
+  until: node_exporter_download_archive is succeeded
  retries: 3
  delay: 5
@@ -53,7 +53,7 @@
      - --strip-components=1
    include:
      - "node_exporter-{{ node_exporter_version.tag }}.linux-{{ deb_architecture }}/node_exporter"
-  notify: restart node_exporter
+  notify: Restart node_exporter
 - name: Copy node_exporter systemd service
  template:
@@ -62,4 +62,4 @@
    owner: root
    group: root
    mode: "0644"
-  notify: restart node_exporter
+  notify: Restart node_exporter
--- a/roles/php/handlers/main.yml
+++ b/roles/php/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
- name: restart php-fpm
+- name: Restart php-fpm
  systemd:
    name: php{{ php_version }}-fpm.service
    state: reloaded
--- a/roles/php/tasks/main.yml
+++ b/roles/php/tasks/main.yml
@@ -25,4 +25,4 @@
    src: php-handler.conf.j2
    mode: "0644"
  when: '"fpm" in php_modules'
-  notify: reload nginx
+  notify: Reload nginx
--- a/roles/postgresql/handlers/main.yml
+++ b/roles/postgresql/handlers/main.yml
@@ -1,15 +1,15 @@
 ---
- name: restart postgresql
+- name: Restart postgresql
  systemd:
    name: postgresql.service
    state: restarted
- name: reload postgresql
+- name: Reload postgresql
  systemd:
    name: postgresql.service
    state: reloaded
- name: restart postgres_exporter
+- name: Restart postgres_exporter
  systemd:
    daemon_reload: true
    enabled: true
--- a/roles/postgresql/tasks/postgres_exporter.yml
+++ b/roles/postgresql/tasks/postgres_exporter.yml
@@ -20,8 +20,8 @@
          v{{ postgres_exporter_version.tag }}/postgres_exporter-{{ postgres_exporter_version.tag }}\
          .linux-{{ deb_architecture }}.tar.gz"
    dest: "/var/tmp/postgres_exporter.tar.gz"
-  register: _download_archive
+  register: postgres_exporter_download_archive
-  until: _download_archive is succeeded
+  until: postgres_exporter_download_archive is succeeded
  retries: 3
  delay: 5
@@ -36,7 +36,7 @@
      --strip-components=1
    include:
      - "postgres_exporter-{{ postgres_exporter_version.tag }}.linux-{{ deb_architecture }}/postgres_exporter"
-  notify: restart postgres_exporter
+  notify: Restart postgres_exporter
 - name: Copy the postgres_exporter systemd service file
  template:
@@ -45,4 +45,4 @@
    owner: root
    group: root
    mode: "0644"
-  notify: restart postgres_exporter
+  notify: Restart postgres_exporter
--- a/roles/postgresql/tasks/postgresql.yml
+++ b/roles/postgresql/tasks/postgresql.yml
@@ -33,7 +33,7 @@
  become_user: postgres
  register: postgresql_set
  loop: "{{ pgsql_config }}"
-  notify: restart postgresql
+  notify: Restart postgresql
 - name: Set PostgreSQL Client Authentication
  community.postgresql.postgresql_pg_hba:
@@ -46,4 +46,4 @@
    contype: host
    # custom rules
    rules: "{{ pgsql_client_auth }}"
-  notify: reload postgresql
+  notify: Reload postgresql
--- a/roles/rclone/tasks/main.yml
+++ b/roles/rclone/tasks/main.yml
@@ -19,8 +19,8 @@
    url: "https://downloads.rclone.org/v{{ rclone_version }}/\
          rclone-v{{ rclone_version }}-linux-{{ deb_architecture }}.deb"
    dest: "/var/tmp/rclone.deb"
-  register: _download_deb
+  register: rclone_download_deb
-  until: _download_deb is succeeded
+  until: rclone_download_deb is succeeded
  retries: 3
  delay: 5
@@ -45,7 +45,7 @@
    name: "{{ rclone_system_group }}"
    state: present
    system: true
-  register: created_rclone_group
+  register: rclone_created_group
  when: rclone_system_group != "root"
 - name: Create rclone user
@@ -58,7 +58,7 @@
    system: true
    create_home: false
    home: /
-  register: created_rclone_user
+  register: rclone_created_user
 - name: adding existing user {{ main_user }} to group rclone
  user:
--- a/roles/redis/handlers/main.yml
+++ b/roles/redis/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
- name: restart redis
+- name: Restart redis
  systemd:
    name: redis-server.service
    state: restarted
--- a/roles/redis/tasks/main.yml
+++ b/roles/redis/tasks/main.yml
@@ -11,4 +11,4 @@
    owner: redis
    group: redis
    mode: "0640"
-  notify: restart redis
+  notify: Restart redis
--- a/roles/systemd_exporter/handlers/main.yml
+++ b/roles/systemd_exporter/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
- name: restart systemd_exporter
+- name: Restart systemd_exporter
  systemd:
    daemon_reload: true
    enabled: true
--- a/roles/systemd_exporter/tasks/main.yml
+++ b/roles/systemd_exporter/tasks/main.yml
@@ -20,8 +20,8 @@
          v{{ systemd_exporter_version.tag }}/systemd_exporter-{{ systemd_exporter_version.tag }}\
          .linux-{{ deb_architecture }}.tar.gz"
    dest: "/var/tmp/systemd_exporter.tar.gz"
-  register: _download_archive
+  register: systemd_exporter_download_archive
-  until: _download_archive is succeeded
+  until: systemd_exporter_download_archive is succeeded
  retries: 3
  delay: 5
@@ -36,7 +36,7 @@
      - --strip-components=1
    include:
      - "systemd_exporter-{{ systemd_exporter_version.tag }}.linux-{{ deb_architecture }}/systemd_exporter"
-  notify: restart systemd_exporter
+  notify: Restart systemd_exporter
 - name: Copy the systemd_exporter systemd service file
  template:
@@ -45,4 +45,4 @@
    owner: root
    group: root
    mode: "0644"
-  notify: restart systemd_exporter
+  notify: Restart systemd_exporter
--- a/roles/webserver/handlers/main.yml
+++ b/roles/webserver/handlers/main.yml
@@ -1,10 +1,10 @@
 ---
- name: reload nginx
+- name: Reload nginx
  systemd:
    name: nginx.service
    state: reloaded
- name: restart nginx
+- name: Restart nginx
  systemd:
    name: nginx.service
    daemon_reload: true
--- a/roles/webserver/tasks/nginx.yml
+++ b/roles/webserver/tasks/nginx.yml
@@ -11,7 +11,7 @@
    - {src: "header.conf.j2", dest: "/etc/nginx/global/header.conf"}
    - {src: "proxy.conf.j2", dest: "/etc/nginx/global/proxy.conf"}
    - {src: "php_optimization.j2", dest: "/etc/nginx/global/php_optimization"}
-  notify: reload nginx
+  notify: Reload nginx
 - name: Copy virtual server configs
  template:
@@ -19,7 +19,7 @@
    dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2$', '') }}
    mode: "0644"
  with_fileglob: "../templates/conf.d/*.j2"
-  notify: reload nginx
+  notify: Reload nginx
 ## Certificates
@@ -39,7 +39,7 @@
    group: root
    mode: "0600"
  loop: [crt, key, issuer.crt]
-  notify: reload nginx
+  notify: Reload nginx
 - name: Create nginx.service.d directory
  file:
@@ -52,4 +52,4 @@
    src: nginx_systemd.conf.j2
    dest: /etc/systemd/system/nginx.service.d/nginx.conf
    mode: "0644"
-  notify: restart nginx
+  notify: Restart nginx
--- a/roles/webserver/tasks/php.yml
+++ b/roles/webserver/tasks/php.yml
@@ -7,18 +7,19 @@
    option: "{{ item.option }}"
    value: "{{ item.value }}"
    state: "{{ item.state | default('present') }}"
    mode: "0644"
  loop: "{{ php_fpm_ini_options }}"
  when: '"fpm" in php_modules'
-  notify: restart php-fpm
+  notify: Restart php-fpm
 - name: Configure FPM pool
  lineinfile:
    path: /etc/php/{{ php_version }}/fpm/pool.d/www.conf
-    regexp: '^{{ item.option }}\s'
+    regexp: '^;?{{ item.option }} = .*'
    line: '{{ item.option }} = {{ item.value }}'
  loop: "{{ php_fpm_pool_options }}"
  when: '"fpm" in php_modules'
-  notify: restart php-fpm
+  notify: Restart php-fpm
 - name: Configure FPM environment variables
  replace:
@@ -29,7 +30,7 @@
    - {regexp: ";env", replace: "env"}
    - {regexp: ";clear_env", replace: "clear_env"}
  when: '"fpm" in php_modules'
-  notify: restart php-fpm
+  notify: Restart php-fpm
 - name: Install imagemagick package
  apt:
--- a/roles/webserver/tasks/volume.yml
+++ b/roles/webserver/tasks/volume.yml
@@ -5,7 +5,7 @@
    api_token: "{{ vault_hcloud_token }}"
    name: "{{ hcloud_webserver_volume_name }}"
  delegate_to: localhost
-  register: web_hcloud_volume
+  register: webserver_hcloud_volume_info
 - name: Creates mount directory
  file:
@@ -16,7 +16,7 @@
 - name: Mount hcloud volume
  ansible.posix.mount:
    path: "{{ hcloud_webserver_volume_path }}"
-    src: "{{ web_hcloud_volume.hcloud_volume_info[0].linux_device }}"
+    src: "{{ webserver_hcloud_volume_info.hcloud_volume_info[0].linux_device }}"
    fstype: ext4
    opts: discard,nofail,defaults
    state: mounted
--- a/roles/webserver/vars/main.yml
+++ b/roles/webserver/vars/main.yml
@@ -38,24 +38,27 @@ webserver_nginx_worker_rlimit_nofile: "100000"
 # PHP
 php_fpm_ini_options:
-  - {option: post_max_size, value: 512M}
+  - {option: upload_tmp_dir, value: "\"/tmp\""}
  - {option: upload_max_filesize, value: 512M}
  - {option: post_max_size, value: 512M}
  - {option: memory_limit, value: 512M}
  - {section: opcache, option: opcache.enable, value: 1}
-  - {section: opcache, option: opcache.interned_strings_buffer, value: 32}
+  - {section: opcache, option: opcache.interned_strings_buffer, value: 64}
  - {section: opcache, option: opcache.max_accelerated_files, value: 10000}
  - {section: opcache, option: opcache.memory_consumption, value: 256}
  - {section: opcache, option: opcache.save_comments, value: 1}
-  - {section: opcache, option: opcache.revalidate_freq, value: 1}
+  - {section: opcache, option: opcache.revalidate_freq, value: 60}
  - {section: opcache, option: opcache.validate_timestamps, value: 0}
  - {section: opcache, option: opcache.jit, value: 1255}
  - {section: opcache, option: opcache.jit_buffer_size, value: 128M}
  - {section: redis, option: redis.session.locking_enabled, value: 1}
  - {section: redis, option: redis.session.lock_retries, value: -1}
  - {section: redis, option: redis.session.lock_wait_time, value: 10000}
 php_fpm_pool_options:
  - {option: pm, value: dynamic}
-  - {option: pm.max_children, value: 60}
+  - {option: pm.max_children, value: 20}
-  - {option: pm.start_servers, value: 20}
+  - {option: pm.start_servers, value: 5}
-  - {option: pm.min_spare_servers, value: 10}
+  - {option: pm.min_spare_servers, value: 5}
-  - {option: pm.max_spare_servers, value: 30}
+  - {option: pm.max_spare_servers, value: 15}
-  - {option: pm.max_requests, value: 1000}
+  - {option: pm.max_requests, value: 200}
Author	SHA1	Message	Date
Oli	27d1200dc1	update php-fpm config according to nextcloud docs	2023-07-27 23:29:39 +00:00
Oli	1d37dfa5b8	raise rclone mount poll interval	2023-07-27 23:28:06 +00:00
Oli	3e747a1069	ansible-lint recommendations	2023-07-27 23:27:11 +00:00