Switch to php71 using fastcgi/fpm if available

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig20Dokuwiki

@@ -0,0 +1,9 @@
+{
+if ($fastcgi_mod eq 'mod_fastcgi'){
+  $OUT .=<<_EOF;
+Action phpdokuwiki-fastcgi /php-cgi-bin/phpdokuwiki-wrapper
+Alias /php-cgi-bin/phpdokuwiki-wrapper /var/www/php-cgi-bin/phpdokuwiki-wrapper
+FastCgiExternalServer /var/www/php-cgi-bin/phpdokuwiki-wrapper -socket /var/run/php-fpm/php71-dokuwiki.sock -pass-header Authorization -idle-timeout 120
+_EOF
+}
+}

root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/98Dokuwiki

@@ -11,6 +11,25 @@ if (($dokuwiki{'status'} || 'disabled') eq 'enabled'){
         'SSLRequireSSL on':'# SSL is not encforced';
     my $maxsize = $dokuwiki{'MaxUploadSize'} || '200';
     $maxsize .= 'M' unless ($maxsize =~ m/M$/);
+    my $php =<<_EOF;
+AddType application/x-httpd-php .php
+    php_admin_value open_basedir /usr/share/dokuwiki:/var/lib/dokuwiki:/etc/dokuwiki:/dev/urandom
+    php_admin_value memory_limit 128M
+    php_admin_value upload_max_filesize $maxsize
+    php_admin_value post_max_size $maxsize
+    php_admin_value upload_tmp_dir /var/lib/dokuwiki/data/tmp
+    php_admin_value session.save_path /var/lib/dokuwiki/data/tmp
+_EOF
+    if ($fastcgi_mod eq 'mod_fastcgi'){
+        $php = "AddHandler phpdokuwiki-fastcgi .php\n";
+    }
+    elsif ($fastcgi_mod eq 'mod_proxy_fcgi'){
+        $php =<<_EOF;
+<FilesMatch \.php$>
+         SetHandler "proxy:unix:/var/run/php-fpm/php71-dokuwiki.sock|fcgi://localhost"
+     </FilesMatch>
+_EOF
+    }
 
     $OUT .=<<"EOF";
 
@@ -19,17 +38,11 @@ $alias
 <Directory /usr/share/dokuwiki>
     AllowOverride None
     Options +FollowSymlinks
-    AddType application/x-httpd-php .php
     Order Allow,Deny
     Allow from $allow
     $ssl
     $auth
-    php_admin_value open_basedir /usr/share/dokuwiki:/var/lib/dokuwiki:/etc/dokuwiki:/dev/urandom
-    php_admin_value memory_limit 128M
-    php_admin_value upload_max_filesize $maxsize
-    php_admin_value post_max_size $maxsize
-    php_admin_value upload_tmp_dir /var/lib/dokuwiki/data/tmp
-    php_admin_value session.save_path /var/lib/dokuwiki/data/tmp
+    $php
 </Directory>
 
 <Directory /usr/share/dokuwiki/inc>

root/etc/e-smith/templates/etc/php-fpm.d/www.conf/20Dokuwiki

@@ -0,0 +1,50 @@
+{
+
+if ($PHP_VERSION eq '71'){
+  if (($dokuwiki{'status'} || 'disabled') eq 'enabled'){
+    my $max_upload_size = ($dokuwiki{MaxUploadSize} || '20') . 'M';
+    my $id = 'dokuwiki';
+    $OUT .=<<_EOF;
+
+[php$PHP_VERSION-$id]
+user = www
+group = www
+listen.owner = root
+listen.group = www
+listen.mode = 0660
+listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
+pm = dynamic
+pm.max_children = 15
+pm.start_servers = 3
+pm.min_spare_servers = 3
+pm.max_spare_servers = 4
+pm.max_requests = 1000
+php_admin_value[session.save_path] = /var/lib/php/$id/session
+php_admin_value[opcache.file_cache]  = /var/lib/php/$id/opcache
+php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
+php_admin_value[error_log] = /var/log/php/$id/error.log
+slowlog = /var/log/php/dl/slow.log
+php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
+php_admin_flag[display_errors] = off
+php_admin_flag[log_errors] = on
+php_admin_value[error_log] = syslog
+php_admin_value[memory_limit] = 128M
+php_admin_value[max_execution_time] = 60
+php_admin_value[post_max_size] = $max_upload_size
+php_admin_value[upload_max_filesize] = $max_upload_size
+php_admin_value[disable_functions] = system, show_source, symlink, exec, dl, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
+php_admin_value[open_basedir] = /usr/share/dokuwiki:/var/lib/dokuwiki:/etc/dokuwiki:/dev/urandom
+php_admin_flag[allow_url_fopen] = on
+php_admin_flag[file_upload] = on
+php_admin_flag[session.cookie_httponly] = on
+php_admin_flag[allow_url_include] = off
+php_admin_value[session.save_handler] = files
+
+_EOF
+
+  }
+  else{
+    $OUT .= '; Dl is disabled';
+  }
+}
+}

root/usr/share/dokuwiki/lib/plugins/authhttpldap/auth.php

@@ -47,8 +47,16 @@ class auth_plugin_authhttpldap extends auth_plugin_authldap {
     function trustExternal($user,$pass,$sticky=false){
         global $USERINFO;
         $success = false;
-        if (!isset($_SERVER['REMOTE_USER'])) return false;
-        $username = $_SERVER['REMOTE_USER'];
+        if (isset($_SERVER['REMOTE_USER'])){
+            $username = $_SERVER['REMOTE_USER'];
+        }
+        elseif (isset($_SERVER['REDIRECT_REMOTE_USER'])){
+            $username = $_SERVER['REDIRECT_REMOTE_USER'];
+            $_SERVER['REMOTE_USER'] = $username;
+        }
+        else{
+            return false;
+        }
         $this->_debug('LemonLDAP::NG Login Name: '.htmlspecialchars($username),0,__LINE__,__FILE__);
         if (!empty($username)){
             $USERINFO = $this->getUserData($username,true);

root/usr/share/dokuwiki/lib/plugins/authhttpldap/plugin.info.txt

@@ -1,7 +1,7 @@
 base   authhttpldap
 author Daniel Berteaud
 email  daniel@firewall-services.com
-date   2014-05-06
+date   2017-07-17
 name   HTTP+LDAP auth plugin
 desc   This plugin uses a basic HTTP authentication, but LDAP to get info and authorization
 url    https://www.firewall-services.com

smeserver-dokuwiki.spec

@@ -61,12 +61,19 @@ DokuWiki is a simple to use Wiki aimed at the documentation needs of a small com
 
 %build
 perl ./createlinks
+%{__mkdir_p} root/var/log/php/dokuwiki
+%{__mkdir_p} root/var/lib/php/dokuwiki/{tmp,session,opcache
 
 %install
 rm -rf $RPM_BUILD_ROOT
 (cd root   ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
 rm -f %{name}-%{version}-filelist
 /sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
+        --dir /var/log/php/dokuwiki 'attr(0770,root,www)' \
+        --dir /var/lib/php/dokuwiki 'attr(0770,root,www)' \
+        --dir /var/lib/php/dokuwiki/tmp 'attr(0770,root,www)' \
+        --dir /var/lib/php/dokuwiki/opcache 'attr(0770,root,www)' \
+        --dir /var/lib/php/dokuwiki/session 'attr(0770,root,www)' \
 	> %{name}-%{version}-filelist
 
 %files -f %{name}-%{version}-filelist