Move php.ini custom setup into /etc/php/sellyoursaas.ini

doc/Documentation SellYourSaas - Master and Deployment Servers - EN.asciidoc

@@ -3163,29 +3163,14 @@ chmod +t /dev/shm /var/lib/php/sessions
 
 ==== Define size of upload and session options
 
-Modify the file *`+/etc/php/*.*/*/php.ini+`* (the one for *apache*, the one for *cli* and for the *fpm*) to allow upload of bigger files:
+Create a file */etc/php/sellyoursaas.ini* and enable it by adding the symlinks into *`/etc/php/*.*/*/php.ini+`* (the one for *apache*, the one for *cli* and for the *fpm*) to allow upload of bigger files:
 
 [source,bash]
 ---------------
-upload_max_filesize = 50M
-
-post_max_size = 60M
-max_input_vars = 4000
-
-memory_limit = 256M
-
-session.gc_maxlifetime = 3600
-
-session.use_strict_mode = 1 
-session.use_only_cookies = 1
-session.cookie_httponly = 1
-session.cookie_samesite = Lax
-
-opcache.memory_consumption = 1024
-opcache.max_accelerated_files = 100000
-opcache.file_update_protection = 2
+include::repository_root/etc/apparmor.d/usr.bin.secureBash[]
 ---------------
 
+
 ==== Disable some functions (optionnal)
 
 Complete also the parameter *disable_functions* for the *apache* and *fpm* file (NOT for the *cli*) by adding:
@@ -3236,23 +3221,23 @@ ln /home/admin/wwwroot/dolibarr/htdocs/custom/sellyoursaas/scripts/phpsendmailpr
 ln /home/admin/wwwroot/dolibarr/htdocs/custom/sellyoursaas/scripts/phpsendmail.php /usr/local/bin/
 ---------------
 
-Modify the file *php.ini* (the one for *apache* and the one for *cli*) with:
+Create a file */etc/php/sellyoursaas.ini* with this content:
 
 [source,bash]
 ---------------
-; Automatically add files before PHP document.
-; http://php.net/auto-prepend-file
-auto_prepend_file = /usr/local/bin/phpsendmailprepend.php
+include::repository_root/etc/apparmor.d/usr.bin.secureBash[]
+---------------
 
-; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
-; http://php.net/sendmail-path
-sendmail_path = /usr/local/bin/phpsendmail.php
+Then enable it by adding the symlinks into *`/etc/php/*.*/*/php.ini+`* (the one for *apache*, the one for *cli* and for the *fpm*) to allow upload of bigger files:
 
-; The path to a log file that will log all mail() calls. Log entries include
-; the full path of the script, line number, To address and headers.
-mail.log = /var/log/phpmail.log
+[source,bash]
+---------------
+cd /etc/php/8.1/cli/conf.d/; ln -fs /etc/php/sellyoursaas.ini;
+cd /etc/php/8.1/apache/conf.d/; ln -fs /etc/php/sellyoursaas.ini;
+#cd /etc/php/8.1/fpm/conf.d/; ln -fs /etc/php/sellyoursaas.ini;
 ---------------
 
+
 Create the files *phpmail.log* and *phpsendmail.log*:
 
 [source,bash]

doc/Documentation SellYourSaas - Web portal - EN.asciidoc

@@ -1509,20 +1509,21 @@ Mettre les droits en *drwx-wx-wt* sur le répertoire des sessions php */dev/shm/
 
 ==== Define size of upload and session duration
 
-Modify the file *php.ini* (the one for *apache* and the one for *cli*) to allow upload of bigger files:
+Create a file */etc/php/sellyoursaas.ini* 
 
 [source,bash]
 ---------------
-upload_max_filesize = 20M
+include::repository_root/etc/apparmor.d/usr.bin.secureBash[]
+---------------
 
-post_max_size = 25M
-max_input_vars = 4000
+But comment the line related to parameter *auto_prepend_file* and *sendmail_path*.
 
-memory_limit = 256M
+Then enable it by adding the symlinks into *`/etc/php/*.*/*/php.ini+`* (the one for *apache*, the one for *cli* and for the *fpm*) to allow upload of bigger files:
 
-session.gc_maxlifetime = 3600
+[source,bash]
+---------------
+cd /etc/php/8.1/fpm/conf.d/; ln -fs /etc/php/sellyoursaas.ini;
 ---------------
-
 
 
 === Setup of logrotate
@@ -1999,3 +2000,18 @@ We can see this error into */var/log/syslog.log*.
 
 Check the configuration file */etc/default/opendkim* and verify that the socket is SOCKET="inet:12345@localhost"
 
+== Error fpm after upgrade
+
+If you have such kind of error:
+
+[Tue Aug 20 11:25:18.555744 2024] [proxy:error] [pid 1741] (2)No such file or directory: AH02454: FCGI: attempt to connect to Unix domain socket /run/php/php7.4-fpm.sock (*) failed
+[Tue Aug 20 11:25:18.555877 2024] [proxy_fcgi:error] [pid 1741] [client 82.64.109.15:46810] AH01079: failed to make connection to backend: httpd-UDS
+
+Check into /etc/apache2/conf-enabled that the correct version of php-fpm is enabled. If not, switch to the correct version, example:
+
+[source,bash]
+---------------
+/usr/sbin/a2disconf php7.4-fpm; /usr/sbin/a2enconf php8.1-fpm;
+---------------
+
+

etc/php/sellyoursaas.ini

@@ -0,0 +1,31 @@
+disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,passthru,shell_exec,system,proc_open,popen,dl,apache_note,apache_setenv,show_source,virtual
+
+post_max_size = 20M
+upload_max_filesize = 20M
+max_input_vars = 4000
+
+memory_limit = 256M
+
+session.gc_maxlifetime = 7200
+
+session.use_strict_mode = 1 
+session.use_only_cookies = 1
+session.cookie_httponly = 1
+session.cookie_samesite = Lax
+
+opcache.memory_consumption = 1024
+opcache.max_accelerated_files = 100000
+opcache.file_update_protection = 2
+
+
+; Automatically add files before PHP document.
+; http://php.net/auto-prepend-file
+auto_prepend_file = /usr/local/bin/phpsendmailprepend.php
+
+; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
+; http://php.net/sendmail-path
+sendmail_path = /usr/local/bin/phpsendmail.php
+
+; The path to a log file that will log all mail() calls. Log entries include
+; the full path of the script, line number, To address and headers.
+mail.log = /var/log/phpmail.log