From 28024df3e000935e2c6c88eece1154bd28557b44 Mon Sep 17 00:00:00 2001
From: Craig Comstock <craig.comstock@northern.tech>
Date: Thu, 12 Sep 2024 10:45:48 -0500
Subject: [PATCH] libre

---
 cfe_internal/enterprise/mission_portal.cf     | 14 +++++
 ...ustache => php-fpm-pool-www.conf.mustache} |  0
 lib/service_config.cf                         | 51 +++++++++++++++++++
 templates/cf-apache.service.mustache          |  6 +++
 4 files changed, 71 insertions(+)
 rename cfe_internal/enterprise/templates/{www.conf.mustache => php-fpm-pool-www.conf.mustache} (100%)
 create mode 100644 lib/service_config.cf

diff --git a/cfe_internal/enterprise/mission_portal.cf b/cfe_internal/enterprise/mission_portal.cf
index 88a9d132d9..fb67302065 100644
--- a/cfe_internal/enterprise/mission_portal.cf
+++ b/cfe_internal/enterprise/mission_portal.cf
@@ -15,6 +15,20 @@ bundle agent cfe_internal_enterprise_mission_portal
         handle => "cfe_internal_management_web_server",
         comment => "Manage Apache Web server (on/off)";
 
+    "PHP FastCGI process manager"
+      usebundle => service_config(
+"cf-php-fpm",
+"$(this.promise_dirname)/templates/php-fpm.conf.mustache",
+"$(sys.workdir)/httpd/php/etc/php-fpm.conf",
+"$(sys.workdir)/httpd/php/sbin/php-fpm -t --fpm-config ");
+
+    "PHP FastCGI www pool config"
+      usebundle => service_config(
+"cf-php-fpm",
+"$(this.promise_dirname)/templates/php-fpm-pool-www.conf.mustache",
+"$(sys.workdir)/httpd/php/etc/php-fpm.d/www.conf",
+"$(sys.workdir)/httpd/php/sbin/php-fpm -t --fpm-config ");
+
 }
 bundle agent apachectl_patched_for_upgrade
 # @brief Ensure that apacehctl is patched so that it is able to re-start services
diff --git a/cfe_internal/enterprise/templates/www.conf.mustache b/cfe_internal/enterprise/templates/php-fpm-pool-www.conf.mustache
similarity index 100%
rename from cfe_internal/enterprise/templates/www.conf.mustache
rename to cfe_internal/enterprise/templates/php-fpm-pool-www.conf.mustache
diff --git a/lib/service_config.cf b/lib/service_config.cf
new file mode 100644
index 0000000000..bea0bcbaf5
--- /dev/null
+++ b/lib/service_config.cf
@@ -0,0 +1,51 @@
+# todo, maybe chmod, user, group for config_final_path
+# check pid file for service stop/start?
+bundle agent service_config(service_name,
+                            config_template_path,
+                            config_final_path,
+                            validate_config_command)
+{
+  vars:
+    "staged_config" string => "$(config_final_path).staged";
+    "data" data => datastate();
+  methods:
+    "staged config rendered" usebundle => file_make_mustache( $(staged_config), $(config_template_path), @(data) );
+    "final config and restart" usebundle => validate_config_and_restart_service(
+        $(staged_config),
+        $(validate_config_command),
+        $(config_final_path),
+        $(service_name)
+    );
+
+
+}
+bundle agent validate_config_and_restart_service( staged_config, validate_config_command, config_final_path, service_name )
+{
+  files:
+    "$(config_final_path)"
+      copy_from => local_dcp( $(staged_config) ),
+      if => and(
+                isnewerthan( $(config_final_path), $(staged_config) ),
+                returnszero("$(validate_config_command) $(staged_config)", "useshell")
+               ),
+               classes => results("bundle", "$(service_name)_config");
+
+  services:
+    "$(service_name)"
+      service_policy => "stop",
+      if => and(
+                isnewerthan( $(config_final_path), $(staged_config) ),
+                returnszero("$(validate_config_command) $(staged_config)", "useshell")
+               ),
+     classes => results("bundle", "$(service_name)_stopped_after_validated_config");
+
+    "$(service_name)"
+      service_policy => "start",
+      if => and( "$(service_name)_config_repaired",
+                 "$(service_name)_stopped_after_validated_config_repaired");
+
+    "$(service_name)"
+      service_policy => "restart",
+      if => and( "$(service_name)_config_repaired",
+                 not( "$(service_name)_stoppoed_after_validated_config_repaired") );
+}
diff --git a/templates/cf-apache.service.mustache b/templates/cf-apache.service.mustache
index 9ebeb7e3da..9169be66b4 100644
--- a/templates/cf-apache.service.mustache
+++ b/templates/cf-apache.service.mustache
@@ -1,8 +1,14 @@
 [Unit]
 Description=CFEngine Enterprise Webserver
 After=syslog.target
+{{#classes.mission_portal_http2_enabled}}
+Wants=cf-php-fpm.service
+After=cf-php-fpm.service
+{{/classes.mission_portal_http2_enabled}}
+{{^classes.mission_portal_http2_enabled}}
 Wants=cf-postgres.service
 After=cf-postgres.service
+{{/classes.mission_portal_http2_enabled}}
 ConditionPathExists={{{vars.sys.workdir}}}/httpd/bin/apachectl
 PartOf=cfengine3.service