From d0196985fd59d9b3f6fb8799447979d702fdb2c6 Mon Sep 17 00:00:00 2001
From: Monika Sadlok <monika.sadlok@creativestyle.pl>
Date: Tue, 15 Apr 2025 11:01:04 +0200
Subject: [PATCH 1/2] correct logrotate permissions

---
 roles/cs.php-fpm/tasks/004-logrotate.yml        | 17 +++++++++++++++++
 roles/cs.php-fpm/tasks/main.yml                 |  2 ++
 .../templates/php-fpm.logrotate.conf.j2         | 13 +++++++++++++
 3 files changed, 32 insertions(+)
 create mode 100644 roles/cs.php-fpm/tasks/004-logrotate.yml
 create mode 100644 roles/cs.php-fpm/templates/php-fpm.logrotate.conf.j2

diff --git a/roles/cs.php-fpm/tasks/004-logrotate.yml b/roles/cs.php-fpm/tasks/004-logrotate.yml
new file mode 100644
index 000000000..cde8e11de
--- /dev/null
+++ b/roles/cs.php-fpm/tasks/004-logrotate.yml
@@ -0,0 +1,17 @@
+- name: Ensure PHP-FPM log directory has correct permissions
+  file:
+    path: /var/log/php-fpm
+    state: directory
+    owner: root
+    group: root
+    mode: '0755'
+  when: ansible_os_family == "RedHat"
+
+- name: Create PHP-FPM logrotate configuration
+  template:
+    src: php-fpm.logrotate.conf.j2
+    dest: /etc/logrotate.d/php-fpm
+    owner: root
+    group: root
+    mode: '0644'
+  
\ No newline at end of file
diff --git a/roles/cs.php-fpm/tasks/main.yml b/roles/cs.php-fpm/tasks/main.yml
index a64ec98af..74314b404 100644
--- a/roles/cs.php-fpm/tasks/main.yml
+++ b/roles/cs.php-fpm/tasks/main.yml
@@ -20,6 +20,8 @@
   set_fact:
     php_fpm_pm_max_children_default: "{{ [ [ php_fpm_pm_max_children_by_memory | int, php_fpm_pm_max_children_by_cpu | int ] | min, 4 ] | max }}"
 
+- import_tasks: 004-logrotate.yml
+
 - name: Calculate workers
   set_fact:
     php_fpm_pm_max_children: "{{ php_fpm_pm_max_children | default(php_fpm_pm_max_children_default, true) }}"
diff --git a/roles/cs.php-fpm/templates/php-fpm.logrotate.conf.j2 b/roles/cs.php-fpm/templates/php-fpm.logrotate.conf.j2
new file mode 100644
index 000000000..1c6bbaa00
--- /dev/null
+++ b/roles/cs.php-fpm/templates/php-fpm.logrotate.conf.j2
@@ -0,0 +1,13 @@
+/var/log/php-fpm/*.log {
+    missingok
+    notifempty
+    daily
+    rotate 14
+    compress
+    delaycompress
+    create 0640 root root
+    sharedscripts
+    postrotate
+        /bin/kill -SIGUSR1 $(cat /var/run/php-fpm/php-fpm.pid 2>/dev/null) 2>/dev/null || true
+    endscript
+}

From 0c10ce125a70e34ae6542bb2a2c03e7dec504a35 Mon Sep 17 00:00:00 2001
From: Monika Sadlok <monika.sadlok@creativestyle.pl>
Date: Tue, 15 Apr 2025 11:52:41 +0200
Subject: [PATCH 2/2] remove when condtion

---
 roles/cs.php-fpm/tasks/004-logrotate.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/cs.php-fpm/tasks/004-logrotate.yml b/roles/cs.php-fpm/tasks/004-logrotate.yml
index cde8e11de..751951c25 100644
--- a/roles/cs.php-fpm/tasks/004-logrotate.yml
+++ b/roles/cs.php-fpm/tasks/004-logrotate.yml
@@ -5,7 +5,6 @@
     owner: root
     group: root
     mode: '0755'
-  when: ansible_os_family == "RedHat"
 
 - name: Create PHP-FPM logrotate configuration
   template: