First steps in supporting php-legacy in Arc

This sorts out HTTP servers, hopefully. Adaptation for systemd and documentation are still required
2024-12-22 05:02:40 +00:00 · 2023-12-22 13:27:02 -05:00 · 2023-12-22 13:27:02 -05:00 · 29fb134633
commit 29fb134633
parent 9951b44932
9 changed files with 71 additions and 20 deletions
--- a/dist/apache/arsse-fcgi.conf
+++ b/dist/apache/arsse-fcgi.conf
@ -0,0 +1,5 @@
+ProxyPreserveHost On
+ProxyFCGISetEnvIf "true"                    SCRIPT_FILENAME    "/usr/share/arsse/arsse.php"
+ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}"
+
+ProxyPass "unix:/var/run/php/arsse.sock|fcgi://localhost/usr/share/arsse/"
--- a/dist/apache/arsse-loc.conf
+++ b/dist/apache/arsse-loc.conf
@ -1,34 +1,34 @@
 # Nextcloud News protocol
 <Location "/index.php/apps/news/api">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>

 # Tiny Tiny RSS protocol
 <Location "/tt-rss/api">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>

 # Tiny Tiny RSS feed icons
 <Location "/tt-rss/feed-icons">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>

 # Fever protocol
 <Location "/fever">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>

 # Miniflux protocol
 <Location "/v1">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>

 # Miniflux version number
 <Location "/version">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>

 # Miniflux "health check"
 <Location "/healthcheck">
-    ProxyPass ${ARSSE_PROXY}
+    Include "/etc/arsse/apache/arsse-fcgi.conf"
 </Location>
--- a/dist/apache/arsse.conf
+++ b/dist/apache/arsse.conf
@ -3,9 +3,4 @@ DocumentRoot "/usr/share/arsse/www"
    Require all granted
 </Directory>

-Define ARSSE_PROXY "unix:/var/run/php/arsse.sock|fcgi://localhost/usr/share/arsse/"
-ProxyPreserveHost On
-ProxyFCGISetEnvIf "true"                    SCRIPT_FILENAME    "/usr/share/arsse/arsse.php"
-ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}"
-
 Include "/etc/arsse/apache/arsse-loc.conf"
--- a/dist/arch/PKGBUILD
+++ b/dist/arch/PKGBUILD
@ -14,7 +14,7 @@ optdepends=("nginx: HTTP server"
            "apache>=2.4: HTTP server"
            "percona-server: Alternate database"
            "postgresql>=10: Alternate database"
-            "php-pgsql>=7.3: PostgreSQL database support")
+            "php-pgsql-interpreter>=7.3: PostgreSQL database support")
 backup=("etc/webapps/arsse/config.php"
        "etc/php/php-fpm.d/arsse.conf"
        "etc/webapps/arsse/nginx/example.conf"
@ -23,13 +23,14 @@ backup=("etc/webapps/arsse/config.php"
        "etc/webapps/arsse/nginx/arsse-fcgi.conf"
        "etc/webapps/arsse/apache/example.conf"
        "etc/webapps/arsse/apache/arsse.conf"
+        "etc/webapps/arsse/apache/arsse-fcgi.conf"
        "etc/webapps/arsse/apache/arsse-loc.conf")
 source=("arsse-0.10.4.tar.gz")
 md5sums=("SKIP")

 package() {
    # define runtime dependencies
-    depends=("php>=7.3" "php-intl>=7.3" "php-sqlite>=7.3" "php-fpm>=7.3")
+    depends=("php-interpreter>=7.3" "php-sqlite-interpreter>=7.3" "php-fpm-interpreter>=7.3")
    # create most directories necessary for the final package
    cd "$pkgdir"
    mkdir -p "usr/share/webapps/arsse" "usr/share/doc/arsse" "usr/share/licenses/arsse" "usr/lib/systemd/system" "usr/lib/sysusers.d" "usr/lib/tmpfiles.d" "etc/php/php-fpm.d" "etc/webapps/arsse"
@ -47,11 +48,14 @@ package() {
    cd "$pkgdir"
    # copy files requiring special permissions
    cd "$srcdir/arsse"
-    install -Dm755 dist/arsse "$pkgdir/usr/bin/arsse"
    install -Dm640 dist/config.php "$pkgdir/etc/webapps/arsse"
    # patch generic configuration files to use Arch-specific paths and identifiers
-    sed -i -se 's/\/\(etc\|usr\/share\)\/arsse\//\/\1\/webapps\/arsse\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/usr/lib/tmpfiles.d/arsse.conf" "$pkgdir/usr/lib/systemd/system/"* "$pkgdir/usr/bin/"*
+    sed -i -se 's/\/\(etc\|usr\/share\)\/arsse\//\/\1\/webapps\/arsse\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/usr/lib/tmpfiles.d/arsse.conf" "$pkgdir/usr/lib/systemd/system/"*
    sed -i -se 's/\/var\/run\/php\//\/run\/php-fpm\//g' "$pkgdir/etc/webapps/arsse/nginx/"* "$pkgdir/etc/webapps/arsse/apache/"* "$pkgdir/etc/php/php-fpm.d/arsse.conf"
    sed -i -se 's/www-data/http/g' "$pkgdir/etc/php/php-fpm.d/arsse.conf"
    sed -i -e 's/^WorkingDirectory=.*$/WorkingDirectory=\/usr\/share\/webapps\/arsse/g' -e 's/^ConfigurationDirectory=.*$/ConfigurationDirectory=webapps\/arsse/g' "$pkgdir/usr/lib/systemd/system/arsse-fetch.service"
+    # copy Arch-specific versions of files
+    install -Dm755 dist/arch/arsse "$pkgdir/usr/bin/arsse"
+    cp dist/arch/nginx-arsse-fcgi.conf "$pkgdir/etc/webapps/arsse/nginx/arsse-fcgi.conf"
+    cp dist/arch/apache-arsse-fcgi.conf "$pkgdir/etc/webapps/arsse/apache/arsse-fcgi.conf"
 }
--- a/dist/arch/apache-arsse-fcgi.conf
+++ b/dist/arch/apache-arsse-fcgi.conf
@ -0,0 +1,6 @@
+ProxyPreserveHost On
+ProxyFCGISetEnvIf "true"                    SCRIPT_FILENAME    "/usr/share/webapps/arsse/arsse.php"
+ProxyFCGISetEnvIf "-n req('Authorization')" HTTP_AUTHORIZATION "%{req:Authorization}"
+
+# Modify the below line to begin with "unix:/run/php-fpm-legacy/" if using the php-legacy package
+ProxyPass "unix:/run/php/arsse.sock|fcgi://localhost/usr/share/webapps/arsse/"
--- a/dist/arch/arsse
+++ b/dist/arch/arsse
@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+readonly default_php="/usr/bin/php"
+php=""
+
+check_sudo() {
+  if ! command -v sudo > /dev/null; then
+    printf "The sudo command is not available.\n"
+    exit 1
+  fi
+}
+
+# allow overriding the php executable
+if [[ -n "${ARSSE_PHP}" ]] && command -v "${ARSSE_PHP}" > /dev/null; then
+  php="${ARSSE_PHP}"
+else
+  php="${default_php}"
+fi
+
+if [[ "${UID}" -eq 0 ]]; then
+  runuser -u "arsse" -- "$php" /usr/share/webapps/arsse/arsse.php "$@"
+else
+  check_sudo
+  sudo -u "arsse" "$php" /usr/share/webapps/arsse/arsse.php "$@"
+fi
+
--- a/dist/arch/ngninx-arsse-fcgi.conf
+++ b/dist/arch/ngninx-arsse-fcgi.conf
@ -0,0 +1,16 @@
+fastcgi_pass_header Authorization; # required if the Arsse is to perform its own HTTP authentication
+fastcgi_pass_request_body on;
+fastcgi_pass_request_headers on;
+fastcgi_intercept_errors off;
+fastcgi_buffering off;
+fastcgi_param REQUEST_METHOD  $request_method;
+fastcgi_param CONTENT_TYPE    $content_type;
+fastcgi_param CONTENT_LENGTH  $content_length;
+fastcgi_param REQUEST_URI     $uri;
+fastcgi_param QUERY_STRING    $query_string;
+fastcgi_param HTTPS           $https if_not_empty;
+fastcgi_param REMOTE_USER     $remote_user;
+fastcgi_param SCRIPT_FILENAME /usr/share/webapps/arsse/arsse.php;
+
+# Modify the below line to begin with "/run/php-fpm-legacy/" if using the php-legacy package
+fastcgi_pass unix:/run/php/arsse.sock;
--- a/dist/nginx/arsse-fcgi.conf
+++ b/dist/nginx/arsse-fcgi.conf
@ -10,3 +10,6 @@ fastcgi_param REQUEST_URI     $uri;
 fastcgi_param QUERY_STRING    $query_string;
 fastcgi_param HTTPS           $https if_not_empty;
 fastcgi_param REMOTE_USER     $remote_user;
+
+fastcgi_pass unix:/var/run/php/arsse.sock;
+fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php;
--- a/dist/nginx/arsse.conf
+++ b/dist/nginx/arsse.conf
@ -2,15 +2,11 @@ root /usr/share/arsse/www;

 location @arsse {
    # HTTP authentication may be enabled for this location, though this may impact some features
-    fastcgi_pass unix:/var/run/php/arsse.sock;
-    fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php;
    include /etc/arsse/nginx/arsse-fcgi.conf;
 }

 location @arsse_public {
    # HTTP authentication should not be enabled for this location
-    fastcgi_pass unix:/var/run/php/arsse.sock;
-    fastcgi_param SCRIPT_FILENAME /usr/share/arsse/arsse.php;
    include /etc/arsse/nginx/arsse-fcgi.conf;
 }