GNU bug report logs - #63877
[PATCH] gnu: services: web: Set SSL_CERT_DIR in php-fpm environment.

Previous Next

Full log

Message #28 received at 63877 <at> debbugs.gnu.org (full text, mbox):

From: guix <at> twilken.net
To: 63877 <at> debbugs.gnu.org
Cc: Ludovic Courtès <ludo <at> gnu.org>,
 Bruno Victal <mirai <at> makinata.eu>
Subject: Reworked patch for setting php-fpm environment variables
Date: Sun, 18 Feb 2024 00:21:44 +0100

Hi Bruno, sorry for taking a while to get back to this.

Writing a test for curl's behaviour with the SSL_CERT_DIR variable proved too
fiddly for me, so I gave up and wrote a simpler test that just checks for a
sentinel variable in the phpinfo output instead.

I also found out that php-fpm clears environment variables when it starts,
except for those listed in its configuration. However, libcurl isn't affected
by this as far as I can tell -- it needs the SSL_CERT_DIR variable to be set
in the process environment, not only in the php-fpm config file!

I decided to set environment variables in the process environment and list
them in the generated configuration file, so they're passed through to any PHP
programs run through PHP-FPM. This should minimise surprise, I hope.

(That's also be useful for setting e.g. PATH -- Nextcloud has started
complaining that that variable is unset, and it needs the variable to be
listed in the php-fpm configuration.)

The reworked patch also removes some of the gexp-related hairyness -- the
`environment-variables' property just takes a list of (variable-name . value)
pairs now, no gexp'ing required, though file-like objects like what
`file-append' returns are accepted.

Please let me know what you think, and thank you for your considerable
patience with this patch series! :)

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.