Fedora 44 baseline update

This commit is contained in:
2026-05-04 21:09:35 -05:00
parent 0d874aa552
commit 42ecc990c6
7 changed files with 92 additions and 62 deletions
@@ -13,7 +13,7 @@
# IndexOptions: Controls the appearance of server-generated directory
# listings.
#
IndexOptions FancyIndexing HTMLTable VersionSort
IndexOptions FancyIndexing HTMLTable VersionSort Charset=UTF-8
# We include the /icons/ alias for FancyIndexed directory listings. If
# you do not use FancyIndexing, you may comment this out.
@@ -21,7 +21,7 @@ IndexOptions FancyIndexing HTMLTable VersionSort
Alias /icons/ "/usr/share/httpd/icons/"
<Directory "/usr/share/httpd/icons">
Options Indexes MultiViews FollowSymlinks
Options MultiViews FollowSymlinks
AllowOverride None
Require all granted
</Directory>
@@ -10,11 +10,6 @@
#
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
# worker MPM: Multi-Processing Module implementing a hybrid
# multi-threaded multi-process web server
# See: http://httpd.apache.org/docs/2.4/mod/worker.html
#
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
# event MPM: A variant of the worker MPM with the goal of consuming
# threads only for connections with active processing
@@ -199,6 +199,7 @@ LogLevel warn
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" PID: %P %{tid}P %T" combined_ext
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
@@ -216,10 +217,11 @@ LogLevel warn
#CustomLog "logs/access_log" common
#
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
# If you prefer a logfile with access, agent, referer, and process/thread
# information (an extended Combined Logfile Format), you can use the
# following directive.
#
CustomLog "logs/access_log" combined
CustomLog "logs/access_log" combined_ext
</IfModule>
<IfModule alias_module>
+9 -5
View File
@@ -1,6 +1,3 @@
; Enable Zend OPcache extension module
zend_extension=opcache
; Determines if Zend OPCache is enabled
opcache.enable=1
@@ -54,8 +51,6 @@ opcache.enable_cli=1
; passes
;opcache.optimization_level=0x7FFFBFFF
; This hack should only be enabled to work around "Cannot redeclare class"
; errors.
;opcache.dups_fix=0
; The location of the OPcache blacklist file (wildcards allowed).
@@ -99,6 +94,15 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
; for php-fpm, see /etc/php-fpm.d/*conf
;opcache.file_cache=
; Enables or disables read-only mode for the second level cache directory.
; It should improve performance for read-only containers,
; when the cache is pre-warmed and packaged alongside the application.
; Best used with `opcache.validate_timestamps=0`, `opcache.enable_file_override=1`
; and `opcache.file_cache_consistency_checks=0`.
; Note: A cache generated with a different build of PHP, a different file path,
; or different settings (including which extensions are loaded), may be ignored.
;opcache.file_cache_read_only=0
; Enables or disables opcode caching in shared memory.
;opcache.file_cache_only=0
+59 -47
View File
@@ -107,7 +107,7 @@
; error_reporting
; Default Value: E_ALL
; Development Value: E_ALL
; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
; Production Value: E_ALL & ~E_DEPRECATED
; log_errors
; Default Value: Off
@@ -119,16 +119,16 @@
; Development Value: 60 (60 seconds)
; Production Value: 60 (60 seconds)
; mysqlnd.collect_memory_statistics
; Default Value: Off
; Development Value: On
; Production Value: Off
; output_buffering
; Default Value: Off
; Development Value: 4096
; Production Value: 4096
; register_argc_argv
; Default Value: On
; Development Value: Off
; Production Value: Off
; request_order
; Default Value: None
; Development Value: "GP"
@@ -322,11 +322,6 @@ serialize_precision = -1
; https://php.net/disable-functions
disable_functions =
; This directive allows you to disable certain classes.
; It receives a comma-delimited list of class names.
; https://php.net/disable-classes
disable_classes =
; Colors for Syntax Highlighting mode. Anything that's acceptable in
; <span style="color: ???????"> would work.
; https://php.net/syntax-highlighting
@@ -433,6 +428,7 @@ max_input_time = 60
; Maximum amount of memory a script may consume
; https://php.net/memory-limit
memory_limit = 128M
max_memory_limit = -1
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Error handling and logging ;
@@ -444,7 +440,7 @@ memory_limit = 128M
; operators. The error level constants are below here for convenience as well as
; some common settings and their meanings.
; By default, PHP is set to take action on all errors, notices and warnings EXCEPT
; those related to E_NOTICE and E_STRICT, which together cover best practices and
; those related to E_NOTICE, which together cover best practices and
; recommended coding standards in PHP. For performance reasons, this is the
; recommend error reporting setting. Your production server shouldn't be wasting
; resources complaining about best practices and coding standards. That's what
@@ -464,9 +460,6 @@ memory_limit = 128M
; intentional (e.g., using an uninitialized variable and
; relying on the fact it is automatically initialized to an
; empty string)
; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best interoperability
; and forward compatibility of your code
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
; initial startup
@@ -482,13 +475,12 @@ memory_limit = 128M
; Common Values:
; E_ALL (Show all errors, warnings and notices including coding standards.)
; E_ALL & ~E_NOTICE (Show all errors, except for notices)
; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.)
; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors)
; Default Value: E_ALL
; Development Value: E_ALL
; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT
; Production Value: E_ALL & ~E_DEPRECATED
; https://php.net/error-reporting
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
error_reporting = E_ALL & ~E_DEPRECATED
; This directive controls whether or not and where PHP will output errors,
; notices and warnings too. Error output is very useful during development, but
@@ -537,12 +529,6 @@ ignore_repeated_errors = Off
; https://php.net/ignore-repeated-source
ignore_repeated_source = Off
; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This is only effective in a debug compile, and if
; error reporting includes E_WARNING in the allowed list
; https://php.net/report-memleaks
report_memleaks = On
; This setting is off by default.
;report_zend_debug = 0
@@ -621,6 +607,12 @@ report_memleaks = On
; Development value: 0
; Production value: 0
; This directive controls whether PHP will output the backtrace of fatal errors.
; Default Value: On
; Development Value: On
; Production Value: On
;fatal_error_backtraces = On
;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;
@@ -670,14 +662,12 @@ request_order = "GP"
; that were passed when the script was invoked. These arrays are extremely
; useful when running scripts from the command line. When this directive is
; enabled, registering these variables consumes CPU cycles and memory each time
; a script is executed. For performance reasons, this feature should be disabled
; on production servers.
; Note: This directive is hardcoded to On for the CLI SAPI
; Default Value: On
; Development Value: Off
; Production Value: Off
; a script is executed. For security reasons, this feature should be disabled
; for non-CLI SAPIs.
; Note: This directive is ignored for the CLI SAPI
; This directive is deprecated.
; https://php.net/register-argc-argv
register_argc_argv = Off
;register_argc_argv = Off
; When enabled, the ENV, REQUEST and SERVER variables are created when they're
; first used (Just In Time) instead of when the script starts. If these
@@ -818,6 +808,12 @@ enable_dl = Off
; https://php.net/fastcgi.impersonate
;fastcgi.impersonate = 1
; Prevent decoding of SCRIPT_FILENAME when using Apache ProxyPass or
; ProxyPassMatch. This should only be used if script file paths are already
; stored in an encoded format on the file system.
; Default is 0.
;fastcgi.script_path_encoded = 1
; Disable logging through FastCGI connection. PHP's default behavior is to enable
; this feature.
;fastcgi.logging = 0
@@ -968,20 +964,17 @@ cli_server.color = On
; otherwise output encoding conversion cannot be performed.
;iconv.output_encoding =
[imap]
; rsh/ssh logins are disabled by default. Use this INI entry if you want to
; enable them. Note that the IMAP library does not filter mailbox names before
; passing them to rsh/ssh command, thus passing untrusted data to this function
; with rsh/ssh enabled is insecure.
;imap.enable_insecure_rsh=0
[intl]
;intl.default_locale =
; This directive allows you to produce PHP errors when some error
; happens within intl functions. The value is the level of the error produced.
; Default is 0, which does not produce any errors.
; This directive is deprecated.
;intl.error_level = E_WARNING
;intl.use_exceptions = 0
; If enabled this directive indicates that when an error occurs within an
; intl function a IntlException should be thrown.
; Default is Off, which means errors need to be handled manually.
;intl.use_exceptions = On
[sqlite3]
; Directory pointing to SQLite3 extensions
@@ -1049,6 +1042,14 @@ mail.add_x_header = Off
; RFC 2822 non conformant MTA.
mail.mixed_lf_and_crlf = Off
; Control line ending mode for mail messages and headers.
; Possible values: "crlf" (default), "lf", "mixed", "os"
; - crlf: Use CRLF line endings
; - lf: Use LF line endings only (converts CRLF in message to LF)
; - mixed: Same as mail.mixed_lf_and_crlf = On
; - os: Use CRLF on Windows, LF on other systems
mail.cr_lf_mode = crlf
; The path to a log file that will log all mail() calls. Log entries include
; the full path of the script, line number, To address and headers.
;mail.log =
@@ -1118,10 +1119,7 @@ mysqli.allow_persistent = On
; https://php.net/mysqli.max-links
mysqli.max_links = -1
; Default port number for mysqli_connect(). If unset, mysqli_connect() will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order). Win32 will only look
; at MYSQL_PORT.
; Default port number for mysqli_connect().
; https://php.net/mysqli.default-port
mysqli.default_port = 3306
@@ -1130,15 +1128,15 @@ mysqli.default_port = 3306
; https://php.net/mysqli.default-socket
mysqli.default_socket =
; Default host for mysqli_connect() (doesn't apply in safe mode).
; Default host for mysqli_connect().
; https://php.net/mysqli.default-host
mysqli.default_host =
; Default user for mysqli_connect() (doesn't apply in safe mode).
; Default user for mysqli_connect().
; https://php.net/mysqli.default-user
mysqli.default_user =
; Default password for mysqli_connect() (doesn't apply in safe mode).
; Default password for mysqli_connect().
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
; and reveal this password! And of course, any users with read access to this
@@ -1158,6 +1156,9 @@ mysqlnd.collect_statistics = On
; Enable / Disable collection of memory usage statistics by mysqlnd which can be
; used to tune and monitor MySQL operations.
; Default Value: Off
; Development Value: On
; Production Value: Off
mysqlnd.collect_memory_statistics = Off
; Records communication from all extensions using mysqlnd to the specified log
@@ -1276,6 +1277,9 @@ session.use_cookies = 1
; https://php.net/session.cookie-secure
;session.cookie_secure =
; https://php.net/session.cookie-partitioned
;session.cookie_partitioned = 0
; This option forces PHP to fetch and use a cookie for storing and maintaining
; the session id. We encourage this operation as it's very helpful in combating
; session hijacking when not specifying and managing your own session id. It is
@@ -1541,7 +1545,7 @@ zend.assertions = -1
; With mbstring support this will automatically be converted into the encoding
; given by corresponding encode setting. When empty mbstring.internal_encoding
; is used. For the decode settings you can distinguish between motorola and
; intel byte order. A decode setting cannot be empty.
; intel byte order. A decode setting must not be empty.
; https://php.net/exif.encode-unicode
;exif.encode_unicode = ISO-8859-15
@@ -1629,5 +1633,13 @@ ldap.max_links = -1
; SSL stream context option.
;openssl.capath=
; The libctx is an OpenSSL library context. OpenSSL defines a default library
; context, but PHP OpenSSL also defines its own library context to avoid
; interference with other libraries using OpenSSL and to provide an independent
; context for each thread in ZTS. Possible values:
; "custom" - use a custom library context (default)
; "default" - use the default OpenSSL library context
;openssl.libctx=custom
[ffi]
; see /etc/php.d/20-ffi.ini
@@ -0,0 +1,12 @@
# This file provides default configuration and will be overwritten on package upgrades.
# Do not edit it directly.
#
# To customize:
# 1. Copy this file, preserving its name, to /etc/systemd/system/<unit>.d/
# (create the directory if it does not exist)
# 2. Edit the copy as needed
# 3. Run: systemctl daemon-reload
[Unit]
Wants=php-fpm.service
+5
View File
@@ -220,6 +220,11 @@ template_list:
mode: '0644'
owner: 'root'
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd@.service'
- dest: '/usr/lib/systemd/system/httpd.service.d/php-fpm.conf'
group: 'root'
mode: '0644'
owner: 'root'
src: '{{ ansible_facts["distribution"] }}/{{ ansible_facts["distribution_major_version"] }}/usr/lib/systemd/system/httpd.socket.d/php-fpm.conf'
- dest: '/usr/lib/systemd/system/httpd.socket.d/10-listen443.conf'
group: 'root'
mode: '0644'