diff --git a/inventory/group_vars/copr-keygen-stg b/inventory/group_vars/copr-keygen-stg
index 04795fa45e..bd7e74fd5a 100644
--- a/inventory/group_vars/copr-keygen-stg
+++ b/inventory/group_vars/copr-keygen-stg
@@ -3,7 +3,7 @@ copr_hostbase: copr-keygen-dev
 tcp_ports: []
 
 # http + signd dest ports
-custom_rules: [ '-A INPUT -p tcp -m tcp -s 172.25.32.11 --dport 80 -j ACCEPT',
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 172.25.32.211 --dport 80 -j ACCEPT',
                 '-A INPUT -p tcp -m tcp -s 172.25.153.203 --dport 80 -j ACCEPT',
                 '-A INPUT -p tcp -m tcp -s 172.25.32.211 --dport 5167 -j ACCEPT',
                 '-A INPUT -p tcp -m tcp -s 172.25.153.203 --dport 5167 -j ACCEPT']
diff --git a/inventory/group_vars/qa-prod b/inventory/group_vars/qa-prod
index fb269bf61b..4bb4444269 100644
--- a/inventory/group_vars/qa-prod
+++ b/inventory/group_vars/qa-prod
@@ -1,6 +1,6 @@
 ---
 # Define resources for this group of hosts here. 
-lvm_size: 40000
+lvm_size: 500000
 mem_size: 8196
 max_mem_size: 16384
 num_cpus: 2
@@ -51,34 +51,6 @@ buildslave_name: 'qa-prod01-1'
 buildslave_password: '{{ qa_prod_buildslave_password }}'
 
 
-################################################################################
-# MariaDB Settings
-################################################################################
-
-mariadb_host: localhost
-mariadb_config: my.cnf.phabricator
-mariadb_user: '{{ qa_prod_mariadb_user }}'
-mariadb_password: '{{ qa_prod_mariadb_password }}'
-
-################################################################################
-# Phabricator Settings
-################################################################################
-phabricator_db_prefix: 'phabricator'
-enable_phabricator_git: False
-phabricator_vcs_user: git
-phabricator_vcs_user_password: '{{ qa_prod_vcs_user_password }}'
-phabricator_daemon_user: phabricator
-phabroot: /usr/share/
-phabricator_filedir: /var/lib/phabricator/files
-phabricator_repodir: /var/lib/phabricator/repos
-phabricator_config_filename: qaconfig
-phabricator_header_color: 'blue'
-phabricator_mail_enabled: True
-phabricator_mail_domain: fedoraproject.org
-phabricator_mysqldump_filename: 'qa-prod_phabricator.sql'
-ircnick: fedoraqabot
-
-
 ################################################################################
 # Backup Settings
 ################################################################################
@@ -86,7 +58,7 @@ ircnick: fedoraqabot
 backup_dir: /srv/backup
 backup_username: root
 backup_ssh_pubkey: ssh-dss AAAAB3NzaC1kc3MAAACBAJr3xqn/hHIXeth+NuXPu9P91FG9jozF3Q1JaGmg6szo770rrmhiSsxso/Ibm2mObqQLCyfm/qSOQRynv6tL3tQVHA6EEx0PNacnBcOV7UowR5kd4AYv82K1vQhof3YTxOMmNIOrdy6deDqIf4sLz1TDHvEDwjrxtFf8ugyZWNbTAAAAFQCS5puRZF4gpNbaWxe6gLzm3rBeewAAAIBcEd6pRatE2Qc/dW0YwwudTEaOCUnHmtYs2PHKbOPds0+Woe1aWH38NiE+CmklcUpyRsGEf3O0l5vm3VrVlnfuHpgt/a/pbzxm0U6DGm2AebtqEmaCX3CIuYzKhG5wmXqJ/z+Hc5MDj2mn2TchHqsk1O8VZM+1Ml6zX3Hl4vvBsQAAAIALDt5NFv6GLuid8eik/nn8NORd9FJPDBJxgVqHNIm08RMC6aI++fqwkBhVPFKBra5utrMKQmnKs/sOWycLYTqqcSMPdWSkdWYjBCSJ/QNpyN4laCmPWLgb3I+2zORgR0EjeV2e/46geS0MWLmeEsFwztpSj4Tv4e18L8Dsp2uB2Q==  root@backup03-rdiff-backup
-host_backup_targets: ['/var/lib/phabricator/files', '/var/lib/phabricator/repos', '/srv/backup']
+host_backup_targets: ['/srv/backup']
 
 
 ################################################################################
diff --git a/inventory/host_vars/hubs-dev.fedorainfracloud.org b/inventory/host_vars/hubs-dev.fedorainfracloud.org
index 9045d2b43c..d2ba5fef0d 100644
--- a/inventory/host_vars/hubs-dev.fedorainfracloud.org
+++ b/inventory/host_vars/hubs-dev.fedorainfracloud.org
@@ -1,5 +1,5 @@
 ---
-image: "{{ fedora25_x86_64 }}"
+image: "{{ fedora27_x86_64 }}"
 instance_type: m1.medium
 keypair: fedora-admin-20130801
 security_group: ssh-anywhere-persistent,all-icmp-persistent,default,web-80-anywhere-persistent,web-443-anywhere-persistent,all-icmp-persistent
diff --git a/inventory/host_vars/mm-frontend-checkin01.phx2.fedoraproject.org b/inventory/host_vars/mm-frontend-checkin01.phx2.fedoraproject.org
index 71485e081e..95cf63bb76 100644
--- a/inventory/host_vars/mm-frontend-checkin01.phx2.fedoraproject.org
+++ b/inventory/host_vars/mm-frontend-checkin01.phx2.fedoraproject.org
@@ -7,12 +7,19 @@ gw: 10.5.126.254
 dns: 10.5.126.21
 ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-7
 ks_repo: http://10.5.126.23/repo/rhel/RHEL7-x86_64/
-volgroup: /dev/vg_guests00
+volgroup: /dev/vg_guests
 eth0_ip: 10.5.126.187
-vmhost: virthost15.phx2.fedoraproject.org
+vmhost: virthost06.phx2.fedoraproject.org
 datacenter: phx2
 
 tcp_ports: [ 80, 443 ]
 fedmsg_certs: []
 
 mm2_checkin: true
+
+csi_security_category: High
+csi_primary_contact: Fedora Admins - admin@fedoraproject.org
+csi_purpose: MirrorManager Checkin endpoint
+csi_relationship: |
+    Has a very restricted set of in/out communication allowed, due to
+    special circumstances. For details, ask puiterwijk.
diff --git a/inventory/host_vars/pdc-web01.stg.phx2.fedoraproject.org b/inventory/host_vars/pdc-web01.stg.phx2.fedoraproject.org
index 3b3eaf7eb0..9a2a79aeda 100644
--- a/inventory/host_vars/pdc-web01.stg.phx2.fedoraproject.org
+++ b/inventory/host_vars/pdc-web01.stg.phx2.fedoraproject.org
@@ -3,8 +3,8 @@ nm: 255.255.255.0
 gw: 10.5.128.254
 dns: 10.5.126.21
 
-ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-27
-ks_repo: http://10.5.126.23/pub/fedora/linux/releases/27/Server/x86_64/os/
+ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7
+ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 
 eth0_ip: 10.5.128.170
 
diff --git a/inventory/host_vars/pdc-web02.phx2.fedoraproject.org b/inventory/host_vars/pdc-web02.phx2.fedoraproject.org
index 5e52830019..02a683c83a 100644
--- a/inventory/host_vars/pdc-web02.phx2.fedoraproject.org
+++ b/inventory/host_vars/pdc-web02.phx2.fedoraproject.org
@@ -3,8 +3,8 @@ nm: 255.255.255.0
 gw: 10.5.126.254
 dns: 10.5.126.21
 
-ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-25
-ks_repo: http://10.5.126.23/pub/fedora/linux/releases/25/Server/x86_64/os/
+ks_url: http://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel-7
+ks_repo: http://infrastructure.fedoraproject.org/repo/rhel/RHEL7-x86_64/
 
 eth0_ip: 10.5.126.132
 
diff --git a/inventory/host_vars/qa-prod01.qa.fedoraproject.org b/inventory/host_vars/qa-prod01.qa.fedoraproject.org
index 175bc7cbd7..dbd3895527 100644
--- a/inventory/host_vars/qa-prod01.qa.fedoraproject.org
+++ b/inventory/host_vars/qa-prod01.qa.fedoraproject.org
@@ -3,8 +3,8 @@ nm: 255.255.255.0
 gw: 10.5.124.254
 dns: 10.5.126.21
 
-ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-24
-ks_repo: http://10.5.126.23/pub/fedora/linux/releases/24/Server/x86_64/os/
+ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-27
+ks_repo: http://10.5.126.23/pub/fedora/linux/releases/27/Server/x86_64/os/
 volgroup: /dev/VirtGuests
 
 eth0_ip: 10.5.124.231
@@ -14,16 +14,14 @@ datacenter: phx2
 fas_client_groups: sysadmin-qa,sysadmin-main
 sudoers: "{{ private }}/files/sudo/qavirt-sudoers"
 
-mariadb_root_password: "{{ qadevel_mariadb_root_password }}"
-
 public_hostname: qa.fedoraproject.org
-short_hostname: qa-prod01.qa
+short_hostname: qa-prod01
 buildmaster: 127.0.0.1
 
 buildslaves:
     - qa-prod01-1
 
 slaves:
-  - { user: "{{ short_hostname }}-1", home: "/home/{{ short_hostname }}-1", dir: "/home/{{ short_hostname }}-1/slave" }
+  - { user: "{{ short_hostname }}-1", home: "/srv/buildslaves/{{ short_hostname }}-1", dir: "/srv/buildslaves/{{ short_hostname }}-1/slave" }
 
 extra_enablerepos: ''
diff --git a/inventory/host_vars/resultsdb01.qa.fedoraproject.org b/inventory/host_vars/resultsdb01.qa.fedoraproject.org
index 7bc6206260..89623efa5e 100644
--- a/inventory/host_vars/resultsdb01.qa.fedoraproject.org
+++ b/inventory/host_vars/resultsdb01.qa.fedoraproject.org
@@ -13,8 +13,8 @@ eth0_nm: 255.255.255.128
 # install
 ############################################################
 
-ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-25
-ks_repo: http://10.5.126.23/pub/fedora/linux/releases/25/Server/x86_64/os/
+ks_url: http://10.5.126.23/repo/rhel/ks/kvm-fedora-27
+ks_repo: http://10.5.126.23/pub/fedora/linux/releases/27/Server/x86_64/os/
 
 volgroup: /dev/VirtGuests
 datacenter: phx2
diff --git a/playbooks/destroy_virt_inst.yml b/playbooks/destroy_virt_inst.yml
index 432bc6ad6b..5366c105ac 100644
--- a/playbooks/destroy_virt_inst.yml
+++ b/playbooks/destroy_virt_inst.yml
@@ -27,6 +27,11 @@
   - name: pause for 30s before doing it
     pause: seconds=30 prompt="Destroying (and lvremove for) vm now {{ target }}, abort if this is wrong"
 
+  - name: schedule 30m host downtime in nagios
+    nagios: action=downtime minutes=30 service=host host={{ inventory_hostname_short }}{{ env_suffix }}
+    delegate_to: noc01.phx2.fedoraproject.org
+    ignore_errors: true
+
   - name: destroy the vm
     virt: name={{ inventory_hostname }} command=destroy
     delegate_to: "{{ vmhost }}"
diff --git a/playbooks/groups/bodhi-backend.yml b/playbooks/groups/bodhi-backend.yml
index 17f2d356b3..09cbc8f04f 100644
--- a/playbooks/groups/bodhi-backend.yml
+++ b/playbooks/groups/bodhi-backend.yml
@@ -35,7 +35,6 @@
   - role: nfs/client
     mnt_dir: '/mnt/fedora_koji'
     nfs_src_dir: 'fedora_koji'
-    when: env != 'staging'
 
     # In staging, we mount fedora_koji as read only (see nfs_mount_opts)
   - role: nfs/client
diff --git a/playbooks/groups/qa.yml b/playbooks/groups/qa.yml
index 3134f1f850..eb24c5747f 100644
--- a/playbooks/groups/qa.yml
+++ b/playbooks/groups/qa.yml
@@ -38,25 +38,6 @@
   handlers:
    - import_tasks: "{{ handlers_path }}/restart_services.yml"
 
-- name: configure phabricator
-  hosts: qa-prod:qa-stg
-  user: root
-
-  gather_facts: True
-
-  vars_files:
-   - /srv/web/infra/ansible/vars/global.yml
-   - "/srv/private/ansible/vars.yml"
-   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
-
-  roles:
-   - { role: mariadb_server, tags: ['mariadb'] }
-   - { role: phabricator, tags: ['phabricator'] }
-
-  handlers:
-   - import_tasks: "{{ handlers_path }}/restart_services.yml"
-
-
 - name: configure qa buildbot CI
   hosts: qa-stg
   user: root
diff --git a/playbooks/hosts/magazine2.fedorainfracloud.org.yml b/playbooks/hosts/magazine2.fedorainfracloud.org.yml
index 95eadc51ab..c950888763 100644
--- a/playbooks/hosts/magazine2.fedorainfracloud.org.yml
+++ b/playbooks/hosts/magazine2.fedorainfracloud.org.yml
@@ -76,3 +76,6 @@
     cron: name="Wordpress nightly update check"
           special_time="daily"
           job="yum -y -q update wordpress"
+
+  handlers:
+  - import_tasks: "{{ handlers_path }}/restart_services.yml"
diff --git a/playbooks/hosts/modernpaste.fedorainfracloud.org.yml b/playbooks/hosts/modernpaste.fedorainfracloud.org.yml
index 635459cf44..9f612af53e 100644
--- a/playbooks/hosts/modernpaste.fedorainfracloud.org.yml
+++ b/playbooks/hosts/modernpaste.fedorainfracloud.org.yml
@@ -37,3 +37,6 @@
   - import_tasks: "{{ tasks_path }}/cloud_setup_basic.yml"
   - name: set hostname (required by some services, at least postfix need it)
     hostname: name="{{inventory_hostname}}"
+
+  handlers:
+  - import_tasks: "{{ handlers_path }}/restart_services.yml"
diff --git a/roles/base/templates/iptables/iptables.mm-frontend-checkin01.phx2.fedoraproject.org b/roles/base/templates/iptables/iptables.mm-frontend-checkin01.phx2.fedoraproject.org
new file mode 100644
index 0000000000..34f0500df0
--- /dev/null
+++ b/roles/base/templates/iptables/iptables.mm-frontend-checkin01.phx2.fedoraproject.org
@@ -0,0 +1,55 @@
+# {{ ansible_managed }}
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+
+# allow ping and traceroute
+-A INPUT -p icmp -j ACCEPT
+
+# localhost is fine
+-A INPUT -i lo -j ACCEPT
+
+# Established connections allowed
+-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
+
+# allow ssh - always
+-A INPUT -m conntrack --ctstate NEW --src 10.5.126.23 -m tcp -p tcp --dport 22 -j ACCEPT
+
+# for nrpe - allow it from nocs
+-A INPUT -p tcp -m tcp --dport 5666 -s 192.168.1.10 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 5666 -s 192.168.1.166 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.41 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 5666 -s 10.5.126.241 -j ACCEPT
+
+{% for port in tcp_ports %}
+-A INPUT -p tcp -m tcp --dport {{ port }} -j ACCEPT
+{% endfor %}
+
+# Allow connection to the database
+-A OUTPUT --dst 10.5.126.71 -p tcp -m tcp --dport 5432 -j ACCEPT
+
+# Allow DNS
+-A OUTPUT --dst 10.5.126.21 -p udp -m udp --dport 53 -j ACCEPT
+-A OUTPUT --dst 10.5.126.21 -p tcp -m tcp --dport 53 -j ACCEPT
+-A OUTPUT --dst 10.5.126.22 -p udp -m udp --dport 53 -j ACCEPT
+-A OUTPUT --dst 10.5.126.22 -p tcp -m tcp --dport 53 -j ACCEPT
+
+# Allow infrastructure.fp.o http and https
+-A OUTPUT --dst 10.5.126.23 -p tcp -m tcp --dport 80 -j ACCEPT
+-A OUTPUT --dst 10.5.126.23 -p tcp -m tcp --dport 443 -j ACCEPT
+
+# Allow https to proxies
+-A OUTPUT --dst 10.5.126.8 -p tcp -m tcp --dport 443 -j ACCEPT
+-A OUTPUT --dst 10.5.126.9 -p tcp -m tcp --dport 443 -j ACCEPT
+-A OUTPUT --dst 10.5.126.51 -p tcp -m tcp --dport 443 -j ACCEPT
+-A OUTPUT --dst 10.5.126.52 -p tcp -m tcp --dport 443 -j ACCEPT
+
+# otherwise kick everything out
+-A INPUT -j REJECT --reject-with icmp-host-prohibited
+-A FORWARD -j REJECT --reject-with icmp-host-prohibited
+
+# This box is special in that it also has OUTPUT filtered
+-A OUTPUT -j REJECT --reject-with icmp-host-prohibited
+COMMIT
diff --git a/roles/bodhi2/backend/templates/owner-sync-pagure.j2 b/roles/bodhi2/backend/templates/owner-sync-pagure.j2
index b3400bf3b5..a0e1a58fb9 100755
--- a/roles/bodhi2/backend/templates/owner-sync-pagure.j2
+++ b/roles/bodhi2/backend/templates/owner-sync-pagure.j2
@@ -174,9 +174,7 @@ def get_branch_and_arches(tag, version):
         if STAGING:
             arches = ["primary"]
         else:
-            if version <= "25":
-                arches = ["primary", "arm", "ppc", "s390"]
-            elif version <= "26":
+            if version <= "26":
                 arches = ["primary", "s390"]
             else:
                 # Yay!  Everything in primary.
@@ -306,6 +304,11 @@ def set_koji_ownership(tag, packages, arches, verbose=False):
         'timeout': 60 * 10,
     }
     for arch in arches:
+
+        # Something weird here.  Where do 'arm' and 'ppc' come from?
+        if arch in ['arm', 'ppc']:
+            arch = 'primary'
+
         if arch == 'primary':
             session = koji.ClientSession(
                 'https://koji{0}.fedoraproject.org/kojihub'.format(ENV_SUFFIX),
diff --git a/roles/copr/backend/files/provision/files/mock/site-defaults.cfg b/roles/copr/backend/files/provision/files/mock/site-defaults.cfg
index 3152626ad8..63cbbb5e60 100644
--- a/roles/copr/backend/files/provision/files/mock/site-defaults.cfg
+++ b/roles/copr/backend/files/provision/files/mock/site-defaults.cfg
@@ -23,3 +23,9 @@ config_opts['plugin_conf']['tmpfs_opts']['keep_mounted'] = False
 
 config_opts['yum_command'] = '/usr/bin/yum-deprecated'
 config_opts['nosync'] = True
+
+config_opts['plugin_conf']['chroot_scan_enable'] = True
+config_opts['plugin_conf']['chroot_scan_opts'] = {
+    'regexes': [ "dnf.*log$" ],
+    'only_failed': False,
+}
diff --git a/roles/epylog/files/merged/weed_local.cf b/roles/epylog/files/merged/weed_local.cf
index e5db496714..33556995b9 100644
--- a/roles/epylog/files/merged/weed_local.cf
+++ b/roles/epylog/files/merged/weed_local.cf
@@ -57,6 +57,7 @@ dnf-automatic:.*
 docker.*
 dracut.*
 etcd.*
+.*EDAC sbridge.*
 fedmsg-hub.*
 moksha-hub.*
 mailman3.*
@@ -145,12 +146,14 @@ kernel: Hardware name.*
 kernel: task.*
 kernel: kauditd_printk_skb.*
 kernel: sd 7.*
+kernel: Using.*as fallback implementation.
 kojid.*
 koschei.*
 kojira.*
 logrotate.*
 lvm.*: Another thread is handling an event. Waiting...*
 libvirtd:.*debug.*
+libvirtd.*:.*is tainted.*
 nagios.*
 named.*: .* general: info:.*
 named.*: .* notify: info:.*
@@ -419,6 +422,8 @@ systemd.*: Startup finished in.*
 systemd.*: Started User Manager for UID.*
 systemd.*: Started Process Core Dump
 systemd.*: Starting Exit the Session...
+systemd.*:.*Network Manager Script Dispatcher Service.*
+systemd.*: Started Virtual Machine.*
 supybot.*
 twistd.*
 unix_chkpwd.*: account .* has password changed in future
diff --git a/roles/mediawiki/templates/LocalSettings.php.fp.j2 b/roles/mediawiki/templates/LocalSettings.php.fp.j2
index 8331bb8eda..78ffe5eab0 100644
--- a/roles/mediawiki/templates/LocalSettings.php.fp.j2
+++ b/roles/mediawiki/templates/LocalSettings.php.fp.j2
@@ -386,8 +386,8 @@ $wgSquidServersNoPurge = array(
     "192.168.1.63",
 
     # proxy07
-    "174.141.234.172",
-    "192.168.1.52",
+#    "174.141.234.172",
+#    "192.168.1.52",
 
     # proxy08
     "67.203.2.67",
@@ -440,7 +440,7 @@ $wgSquidServers = array(
     # proxy06
     "192.168.1.63:6081",
     # proxy07
-    "192.168.1.52:6081",
+#    "192.168.1.52:6081",
     # proxy08
     "192.168.1.78:6081",
     # proxy10
@@ -455,7 +455,7 @@ $wgSquidServers = array(
     "192.168.1.159:6081",
 {% endif %}
 );
-$wgSquidMaxage = 432000;
+$wgSquidMaxage = 21600;
 
 # Don't add rel="nofollow" 
 $wgNoFollowLinks = false; 
diff --git a/roles/nfs/client/tasks/main.yml b/roles/nfs/client/tasks/main.yml
index e4ee98b126..b10277e472 100644
--- a/roles/nfs/client/tasks/main.yml
+++ b/roles/nfs/client/tasks/main.yml
@@ -74,7 +74,7 @@
         passno=0
         dump=0
         state=mounted
-  when: datacenter == 'phx2'
+  when: datacenter == 'phx2' and env != 'staging'
   tags:
   - nfs/client
 
@@ -108,7 +108,7 @@
         passno=0
         dump=0
         state=mounted
-  when: datacenter == 'staging' and 'koji' in mnt_dir
+  when: env == 'staging' and 'koji' in mnt_dir
   tags:
   - nfs/client
 
@@ -121,6 +121,6 @@
         passno=0
         dump=0
         state=mounted
-  when: datacenter == 'staging' and 'koji' in mnt_dir
+  when: env == 'staging' and 'koji' in mnt_dir
   tags:
   - nfs/client
diff --git a/roles/openshift-apps/greenwave/templates/configmap.yml b/roles/openshift-apps/greenwave/templates/configmap.yml
index 4f94e70b78..b80fbe5ba4 100644
--- a/roles/openshift-apps/greenwave/templates/configmap.yml
+++ b/roles/openshift-apps/greenwave/templates/configmap.yml
@@ -133,7 +133,7 @@ data:
     id: "atomic_ci_pipeline_results"
     product_versions:
       - fedora-26
-    decision_context: bodhi_update_push_stable
+    decision_context: bodhi_update_push_testing
     blacklist: []
     relevance_key: original_spec_nvr
     rules:
diff --git a/roles/pdc/frontend/tasks/main.yml b/roles/pdc/frontend/tasks/main.yml
index 39c1382524..dff33f258b 100644
--- a/roles/pdc/frontend/tasks/main.yml
+++ b/roles/pdc/frontend/tasks/main.yml
@@ -7,7 +7,7 @@
   tags: pdc
 
 - name: install needed packages
-  dnf: pkg={{ item }} state=present
+  package: pkg={{ item }} state=present
   with_items:
   - patternfly1
   - python-pdc
diff --git a/roles/phabricator/files/10-opcache.ini b/roles/phabricator/files/10-opcache.ini
deleted file mode 100644
index 5940efd67c..0000000000
--- a/roles/phabricator/files/10-opcache.ini
+++ /dev/null
@@ -1,95 +0,0 @@
-; Enable Zend OPcache extension module
-zend_extension=opcache.so
-
-; Determines if Zend OPCache is enabled
-opcache.enable=1
-
-; Determines if Zend OPCache is enabled for the CLI version of PHP
-;opcache.enable_cli=0
-
-; The OPcache shared memory storage size.
-opcache.memory_consumption=128
-
-; The amount of memory for interned strings in Mbytes.
-opcache.interned_strings_buffer=8
-
-; The maximum number of keys (scripts) in the OPcache hash table.
-; Only numbers between 200 and 100000 are allowed.
-opcache.max_accelerated_files=4000
-
-; The maximum percentage of "wasted" memory until a restart is scheduled.
-;opcache.max_wasted_percentage=5
-
-; When this directive is enabled, the OPcache appends the current working
-; directory to the script key, thus eliminating possible collisions between
-; files with the same name (basename). Disabling the directive improves
-; performance, but may break existing applications.
-;opcache.use_cwd=1
-
-; When disabled, you must reset the OPcache manually or restart the
-; webserver for changes to the filesystem to take effect.
-opcache.validate_timestamps=0
-
-; How often (in seconds) to check file timestamps for changes to the shared
-; memory storage allocation. ("1" means validate once per second, but only
-; once per request. "0" means always validate)
-;opcache.revalidate_freq=2
-
-; Enables or disables file search in include_path optimization
-;opcache.revalidate_path=0
-
-; If disabled, all PHPDoc comments are dropped from the code to reduce the
-; size of the optimized code.
-;opcache.save_comments=1
-
-; If disabled, PHPDoc comments are not loaded from SHM, so "Doc Comments"
-; may be always stored (save_comments=1), but not loaded by applications
-; that don't need them anyway.
-;opcache.load_comments=1
-
-; If enabled, a fast shutdown sequence is used for the accelerated code
-;opcache.fast_shutdown=0
-
-; Allow file existence override (file_exists, etc.) performance feature.
-;opcache.enable_file_override=0
-
-; A bitmask, where each bit enables or disables the appropriate OPcache
-; passes
-;opcache.optimization_level=0xffffffff
-
-;opcache.inherited_hack=1
-;opcache.dups_fix=0
-
-; The location of the OPcache blacklist file (wildcards allowed).
-; Each OPcache blacklist file is a text file that holds the names of files
-; that should not be accelerated.
-opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
-
-; Allows exclusion of large files from being cached. By default all files
-; are cached.
-;opcache.max_file_size=0
-
-; Check the cache checksum each N requests.
-; The default value of "0" means that the checks are disabled.
-;opcache.consistency_checks=0
-
-; How long to wait (in seconds) for a scheduled restart to begin if the cache
-; is not being accessed.
-;opcache.force_restart_timeout=180
-
-; OPcache error_log file name. Empty string assumes "stderr".
-;opcache.error_log=
-
-; All OPcache errors go to the Web server log.
-; By default, only fatal errors (level 0) or errors (level 1) are logged.
-; You can also enable warnings (level 2), info messages (level 3) or
-; debug messages (level 4).
-;opcache.log_verbosity_level=1
-
-; Preferred Shared Memory back-end. Leave empty and let the system decide.
-;opcache.preferred_memory_model=
-
-; Protect the shared memory from unexpected writing during script execution.
-; Useful for internal debugging only.
-;opcache.protect_memory=0
-
diff --git a/roles/phabricator/files/20-curl.ini b/roles/phabricator/files/20-curl.ini
deleted file mode 100644
index 3ab509e2ab..0000000000
--- a/roles/phabricator/files/20-curl.ini
+++ /dev/null
@@ -1,5 +0,0 @@
-; Enable curl extension module
-extension=curl.so
-
-; set alternate cacert location
-curl.cainfo=/etc/pki/tls/certs/ca-bundle.crt
diff --git a/roles/phabricator/files/apc.ini b/roles/phabricator/files/apc.ini
deleted file mode 100644
index ab60fa5035..0000000000
--- a/roles/phabricator/files/apc.ini
+++ /dev/null
@@ -1,70 +0,0 @@
-; Enable apc extension module
-extension = apc.so
-
-; Options for the APC module version >= 3.1.3
-; See http://www.php.net/manual/en/apc.configuration.php
-
-; This can be set to 0 to disable APC. 
-apc.enabled=1
-; The number of shared memory segments to allocate for the compiler cache. 
-apc.shm_segments=1
-; The size of each shared memory segment, with M/G suffix
-apc.shm_size=64M
-; A "hint" about the number of distinct source files that will be included or 
-; requested on your web server. Set to zero or omit if you are not sure;
-apc.num_files_hint=1024
-; Just like num_files_hint, a "hint" about the number of distinct user cache
-; variables to store.  Set to zero or omit if you are not sure;
-apc.user_entries_hint=4096
-; The number of seconds a cache entry is allowed to idle in a slot in case this
-; cache entry slot is needed by another entry.
-apc.ttl=7200
-; use the SAPI request start time for TTL
-apc.use_request_time=1
-; The number of seconds a user cache entry is allowed to idle in a slot in case
-; this cache entry slot is needed by another entry.
-apc.user_ttl=7200
-; The number of seconds that a cache entry may remain on the garbage-collection list. 
-apc.gc_ttl=3600
-; On by default, but can be set to off and used in conjunction with positive
-; apc.filters so that files are only cached if matched by a positive filter.
-apc.cache_by_default=1
-; A comma-separated list of POSIX extended regular expressions.
-apc.filters
-; The mktemp-style file_mask to pass to the mmap module 
-apc.mmap_file_mask=/tmp/apc.XXXXXX
-; This file_update_protection setting puts a delay on caching brand new files.
-apc.file_update_protection=2
-; Setting this enables APC for the CLI version of PHP (Mostly for testing and debugging).
-apc.enable_cli=0
-; Prevents large files from being cached
-apc.max_file_size=1M
-; Whether to stat the main script file and the fullpath includes.
-apc.stat=0
-; Vertification with ctime will avoid problems caused by programs such as svn or rsync by making 
-; sure inodes have not changed since the last stat. APC will normally only check mtime.
-apc.stat_ctime=0
-; Whether to canonicalize paths in stat=0 mode or fall back to stat behaviour
-apc.canonicalize=0
-; With write_lock enabled, only one process at a time will try to compile an 
-; uncached script while the other processes will run uncached
-apc.write_lock=1
-; Logs any scripts that were automatically excluded from being cached due to early/late binding issues.
-apc.report_autofilter=0
-; RFC1867 File Upload Progress hook handler
-apc.rfc1867=0
-apc.rfc1867_prefix =upload_
-apc.rfc1867_name=APC_UPLOAD_PROGRESS
-apc.rfc1867_freq=0
-apc.rfc1867_ttl=3600
-; Optimize include_once and require_once calls and avoid the expensive system calls used.
-apc.include_once_override=0
-apc.lazy_classes=0
-apc.lazy_functions=0
-; Enables APC handling of signals, such as SIGSEGV, that write core files when signaled. 
-; APC will attempt to unmap the shared memory segment in order to exclude it from the core file
-apc.coredump_unmap=0
-; Records a md5 hash of files. 
-apc.file_md5=0
-; not documented
-apc.preload_path
diff --git a/roles/phabricator/files/phabricator-preamble.php b/roles/phabricator/files/phabricator-preamble.php
deleted file mode 100644
index 22a8de77ef..0000000000
--- a/roles/phabricator/files/phabricator-preamble.php
+++ /dev/null
@@ -1,3 +0,0 @@
-<?php
-
-$_SERVER['HTTPS'] = true;
diff --git a/roles/phabricator/files/phabricator-welcome.html b/roles/phabricator/files/phabricator-welcome.html
deleted file mode 100644
index f515526e9e..0000000000
--- a/roles/phabricator/files/phabricator-welcome.html
+++ /dev/null
@@ -1,24 +0,0 @@
-<h1>Fedora QA Devel Phabricator</h1>
-
-<p>The Fedora QA Devel team uses this phabricator instance for tracking issues,
-code reviews and some documentation. We can be reached through
-<a href='https://admin.fedoraproject.org/mailman/listinfo/qa-devel'>our mailing list</a>
-or in the <a href='http://webchat.freenode.net/?channels=#fedora-qa'> #fedora-qa channel on Freenode</a>.
-</p>
-
-<br>
-
-<h2>Useful Links</h2>
-
-<ul>
-    <li><a href='https://phab.qadevel.cloud.fedoraproject.org/w/contributing/'>Contribution guide</a></li>
-    <li><a href='https://docs.qadevel.cloud.fedoraproject.org/libtaskotron/latest/'>Libtaskotron Documentation</a></li>
-    <li><a href='https://pagure.io/group/taskotron'>Canonical Taskotron git repos</a></li>
-
-    <li><a href='https://pagure.io/fedora-qa/os-autoinst-distri-fedora'>Canonical os-autoinst-distri-fedora (previously openqa_fedora) git repo</a></li>
-    <li><a href='https://bitbucket.org/rajcze/openqa_fedora_tools'>Canonical openqa_fedora_tools (previously openqa_fedora) git repo</a></li>
-
-    <li><a href='https://pagure.io/fedora-qa/fedfind'>Canonical fedfind repo</a></li>
-    <li><a href='https://pagure.io/fedora-qa/python-wikitcms'>Canonical python-wikitcms repo</a></li>
-    <li><a href='https://pagure.io/fedora-qa/relval'>Canonical r repo</a></li>
-</ul>
diff --git a/roles/phabricator/files/php.ini b/roles/phabricator/files/php.ini
deleted file mode 100644
index 6aea99956b..0000000000
--- a/roles/phabricator/files/php.ini
+++ /dev/null
@@ -1,1659 +0,0 @@
-[PHP]
-
-;;;;;;;;;;;;;;;;;;;
-; About php.ini   ;
-;;;;;;;;;;;;;;;;;;;
-; PHP's initialization file, generally called php.ini, is responsible for
-; configuring many of the aspects of PHP's behavior.
-
-; PHP attempts to find and load this configuration from a number of locations.
-; The following is a summary of its search order:
-; 1. SAPI module specific location.
-; 2. The PHPRC environment variable. (As of PHP 5.2.0)
-; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0)
-; 4. Current working directory (except CLI)
-; 5. The web server's directory (for SAPI modules), or directory of PHP
-; (otherwise in Windows)
-; 6. The directory from the --with-config-file-path compile time option, or the
-; Windows directory (C:\windows or C:\winnt)
-; See the PHP docs for more specific information.
-; http://www.php.net/manual/en/configuration.file.php
-
-; The syntax of the file is extremely simple.  Whitespace and Lines
-; beginning with a semicolon are silently ignored (as you probably guessed).
-; Section headers (e.g. [Foo]) are also silently ignored, even though
-; they might mean something in the future. 
-
-; Directives following the section heading [PATH=/www/mysite] only
-; apply to PHP files in the /www/mysite directory.  Directives
-; following the section heading [HOST=www.example.com] only apply to
-; PHP files served from www.example.com.  Directives set in these
-; special sections cannot be overridden by user-defined INI files or
-; at runtime. Currently, [PATH=] and [HOST=] sections only work under
-; CGI/FastCGI.
-; http://www.php.net/manual/en/ini.sections.php
-
-; Directives are specified using the following syntax:
-; directive = value
-; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
-; Directives are variables used to configure PHP or PHP extensions.
-; There is no name validation.  If PHP can't find an expected
-; directive because it is not set or is mistyped, a default value will be used.
-
-; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
-; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
-; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a
-; previously set variable or directive (e.g. ${foo})
-
-; Expressions in the INI file are limited to bitwise operators and parentheses:
-; |  bitwise OR
-; ^  bitwise XOR
-; &  bitwise AND
-; ~  bitwise NOT
-; !  boolean NOT
-
-; Boolean flags can be turned on using the values 1, On, True or Yes.
-; They can be turned off using the values 0, Off, False or No.
-
-; An empty string can be denoted by simply not writing anything after the equal
-; sign, or by using the None keyword:
-
-;  foo =         ; sets foo to an empty string
-;  foo = None    ; sets foo to an empty string
-;  foo = "None"  ; sets foo to the string 'None'
-
-; If you use constants in your value, and these constants belong to a
-; dynamically loaded extension (either a PHP extension or a Zend extension),
-; you may only use these constants *after* the line that loads the extension.
-
-;;;;;;;;;;;;;;;;;;;
-; About this file ;
-;;;;;;;;;;;;;;;;;;;
-; PHP comes packaged with two INI files. One that is recommended to be used
-; in production environments and one that is recommended to be used in
-; development environments.
-
-; php.ini-production contains settings which hold security, performance and
-; best practices at its core. But please be aware, these settings may break
-; compatibility with older or less security conscience applications. We
-; recommending using the production ini in production and testing environments.
-
-; php.ini-development is very similar to its production variant, except it's
-; much more verbose when it comes to errors. We recommending using the
-; development version only in development environments as errors shown to
-; application users can inadvertently leak otherwise secure information.
-
-; This 2 files are provided, by RPM, in /usr/share/doc/php-common-*/
-; File used by RPM (the /etc/php.ini) is mainly the php.ini-production
-
-;;;;;;;;;;;;;;;;;;;
-; Quick Reference ;
-;;;;;;;;;;;;;;;;;;;
-; The following are all the settings which are different in either the production
-; or development versions of the INIs with respect to PHP's default behavior.
-; Please see the actual settings later in the document for more details as to why
-; we recommend these changes in PHP's behavior.
-
-; allow_call_time_pass_reference
-;   Default Value: On
-;   Development Value: Off
-;   Production Value: Off
-
-; display_errors
-;   Default Value: On
-;   Development Value: On
-;   Production Value: Off
-
-; display_startup_errors
-;   Default Value: Off
-;   Development Value: On
-;   Production Value: Off
-
-; error_reporting
-;   Default Value: E_ALL & ~E_NOTICE
-;   Development Value: E_ALL | E_STRICT
-;   Production Value: E_ALL & ~E_DEPRECATED
-
-; html_errors
-;   Default Value: On
-;   Development Value: On
-;   Production value: Off
-
-; log_errors
-;   Default Value: Off
-;   Development Value: On
-;   Production Value: On
-
-; magic_quotes_gpc
-;   Default Value: On
-;   Development Value: Off
-;   Production Value: Off
-
-; max_input_time
-;   Default Value: -1 (Unlimited)
-;   Development Value: 60 (60 seconds)
-;   Production Value: 60 (60 seconds)
-
-; output_buffering
-;   Default Value: Off
-;   Development Value: 4096
-;   Production Value: 4096
-
-; register_argc_argv
-;   Default Value: On
-;   Development Value: Off
-;   Production Value: Off
-
-; register_long_arrays
-;   Default Value: On
-;   Development Value: Off
-;   Production Value: Off
-
-; request_order
-;   Default Value: None
-;   Development Value: "GP"
-;   Production Value: "GP"
-
-; session.bug_compat_42
-;   Default Value: On
-;   Development Value: On
-;   Production Value: Off
-
-; session.bug_compat_warn
-;   Default Value: On
-;   Development Value: On
-;   Production Value: Off
-
-; session.gc_divisor
-;   Default Value: 100
-;   Development Value: 1000
-;   Production Value: 1000
-
-; session.hash_bits_per_character
-;   Default Value: 4
-;   Development Value: 5
-;   Production Value: 5
-
-; short_open_tag
-;   Default Value: On
-;   Development Value: Off
-;   Production Value: Off
-
-; track_errors
-;   Default Value: Off
-;   Development Value: On
-;   Production Value: Off
-
-; url_rewriter.tags
-;   Default Value: "a=href,area=href,frame=src,form=,fieldset="
-;   Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-;   Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-
-; variables_order
-;   Default Value: "EGPCS"
-;   Development Value: "GPCS"
-;   Production Value: "GPCS"
-
-;;;;;;;;;;;;;;;;;;;;
-; php.ini Options  ;
-;;;;;;;;;;;;;;;;;;;;
-; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini"
-;user_ini.filename = ".user.ini"
-
-; To disable this feature set this option to empty value
-;user_ini.filename =
-
-; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes)
-;user_ini.cache_ttl = 300
-
-;;;;;;;;;;;;;;;;;;;;
-; Language Options ;
-;;;;;;;;;;;;;;;;;;;;
-
-; Enable the PHP scripting language engine under Apache.
-; http://www.php.net/manual/en/apache.configuration.php#ini.engine
-engine = On
-
-; This directive determines whether or not PHP will recognize code between
-; <? and ?> tags as PHP source which should be processed as such. It's been
-; recommended for several years that you not use the short tag "short cut" and
-; instead to use the full <?php and ?> tag combination. With the wide spread use
-; of XML and use of these tags by other languages, the server can become easily
-; confused and end up parsing the wrong code in the wrong context. But because
-; this short cut has been a feature for such a long time, it's currently still
-; supported for backwards compatibility, but we recommend you don't use them.
-; Default Value: On
-; Development Value: Off
-; Production Value: Off
-; http://www.php.net/manual/en/ini.core.php#ini.short-open-tag
-short_open_tag = Off
-
-; Allow ASP-style <% %> tags.
-; http://www.php.net/manual/en/ini.core.php#ini.asp-tags
-asp_tags = Off
-
-; The number of significant digits displayed in floating point numbers.
-; http://www.php.net/manual/en/ini.core.php#ini.precision
-precision = 14
-
-; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
-; http://www.php.net/manual/en/ini.core.php#ini.y2k-compliance
-y2k_compliance = On
-
-; Output buffering is a mechanism for controlling how much output data
-; (excluding headers and cookies) PHP should keep internally before pushing that
-; data to the client. If your application's output exceeds this setting, PHP
-; will send that data in chunks of roughly the size you specify.
-; Turning on this setting and managing its maximum buffer size can yield some
-; interesting side-effects depending on your application and web server.
-; You may be able to send headers and cookies after you've already sent output
-; through print or echo. You also may see performance benefits if your server is
-; emitting less packets due to buffered output versus PHP streaming the output
-; as it gets it. On production servers, 4096 bytes is a good setting for performance
-; reasons.
-; Note: Output buffering can also be controlled via Output Buffering Control
-;   functions.
-; Possible Values:
-;   On = Enabled and buffer is unlimited. (Use with caution)
-;   Off = Disabled
-;   Integer = Enables the buffer and sets its maximum size in bytes.
-; Default Value: Off
-; Development Value: 4096
-; Production Value: 4096
-; http://www.php.net/manual/en/outcontrol.configuration.php#ini.output-buffering
-output_buffering = 4096
-
-; You can redirect all of the output of your scripts to a function.  For
-; example, if you set output_handler to "mb_output_handler", character
-; encoding will be transparently converted to the specified encoding.
-; Setting any output handler automatically turns on output buffering.
-; Note: People who wrote portable scripts should not depend on this ini
-;   directive. Instead, explicitly set the output handler using ob_start().
-;   Using this ini directive may cause problems unless you know what script
-;   is doing.
-; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
-;   and you cannot use both "ob_gzhandler" and "zlib.output_compression".
-; Note: output_handler must be empty if this is set 'On' !!!!
-;   Instead you must use zlib.output_handler.
-; http://www.php.net/manual/en/outcontrol.configuration.php#ini.output-handler
-;output_handler =
-
-; Transparent output compression using the zlib library
-; Valid values for this option are 'off', 'on', or a specific buffer size
-; to be used for compression (default is 4KB)
-; Note: Resulting chunk size may vary due to nature of compression. PHP
-;   outputs chunks that are few hundreds bytes each as a result of
-;   compression. If you prefer a larger chunk size for better
-;   performance, enable output_buffering in addition.
-; Note: You need to use zlib.output_handler instead of the standard
-;   output_handler, or otherwise the output will be corrupted.
-; http://www.php.net/manual/en/zlib.configuration.php#ini.zlib.output-compression
-zlib.output_compression = Off
-
-; http://www.php.net/manual/en/zlib.configuration.php#ini.zlib.output-compression-level
-;zlib.output_compression_level = -1
-
-; You cannot specify additional output handlers if zlib.output_compression
-; is activated here. This setting does the same as output_handler but in
-; a different order.
-; http://www.php.net/manual/en/zlib.configuration.php#ini.zlib.output-handler
-;zlib.output_handler =
-
-; Implicit flush tells PHP to tell the output layer to flush itself
-; automatically after every output block.  This is equivalent to calling the
-; PHP function flush() after each and every call to print() or echo() and each
-; and every HTML block.  Turning this option on has serious performance
-; implications and is generally recommended for debugging purposes only.
-; http://www.php.net/manual/en/outcontrol.configuration.php#ini.implicit-flush
-implicit_flush = Off
-
-; The unserialize callback function will be called (with the undefined class'
-; name as parameter), if the unserializer finds an undefined class
-; which should be instantiated. A warning appears if the specified function is
-; not defined, or if the function doesn't include/implement the missing class.
-; So only set this entry, if you really want to implement such a
-; callback-function.
-unserialize_callback_func =
-
-; When floats & doubles are serialized store serialize_precision significant
-; digits after the floating point. The default value ensures that when floats
-; are decoded with unserialize, the data will remain the same.
-serialize_precision = 100
-
-; This directive allows you to enable and disable warnings which PHP will issue
-; if you pass a value by reference at function call time. Passing values by
-; reference at function call time is a deprecated feature which will be removed
-; from PHP at some point in the near future. The acceptable method for passing a
-; value by reference to a function is by declaring the reference in the functions
-; definition, not at call time. This directive does not disable this feature, it
-; only determines whether PHP will warn you about it or not. These warnings
-; should enabled in development environments only.
-; Default Value: On (Suppress warnings)
-; Development Value: Off (Issue warnings)
-; Production Value: Off (Issue warnings)
-; http://www.php.net/manual/en/ini.core.php#ini.allow-call-time-pass-reference
-allow_call_time_pass_reference = Off
-
-; Safe Mode
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.safe-mode
-safe_mode = Off
-
-; By default, Safe Mode does a UID compare check when
-; opening files. If you want to relax this to a GID compare,
-; then turn on safe_mode_gid.
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.safe-mode-gid
-safe_mode_gid = Off
-
-; When safe_mode is on, UID/GID checks are bypassed when
-; including files from this directory and its subdirectories.
-; (directory must also be in include_path or full path must
-; be used when including)
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.safe-mode-include-dir
-safe_mode_include_dir =
-
-; When safe_mode is on, only executables located in the safe_mode_exec_dir
-; will be allowed to be executed via the exec family of functions.
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.safe-mode-exec-dir
-safe_mode_exec_dir =
-
-; Setting certain environment variables may be a potential security breach.
-; This directive contains a comma-delimited list of prefixes.  In Safe Mode,
-; the user may only alter environment variables whose names begin with the
-; prefixes supplied here.  By default, users will only be able to set
-; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
-; Note:  If this directive is empty, PHP will let the user modify ANY
-;   environment variable!
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.safe-mode-allowed-env-vars
-safe_mode_allowed_env_vars = PHP_
-
-; This directive contains a comma-delimited list of environment variables that
-; the end user won't be able to change using putenv().  These variables will be
-; protected even if safe_mode_allowed_env_vars is set to allow to change them.
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.safe-mode-protected-env-vars
-safe_mode_protected_env_vars = LD_LIBRARY_PATH
-
-; open_basedir, if set, limits all file operations to the defined directory
-; and below.  This directive makes most sense if used in a per-directory
-; or per-virtualhost web server configuration file. This directive is
-; *NOT* affected by whether Safe Mode is turned On or Off.
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.open-basedir
-;open_basedir =
-
-; This directive allows you to disable certain functions for security reasons.
-; It receives a comma-delimited list of function names. This directive is
-; *NOT* affected by whether Safe Mode is turned On or Off.
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.disable-functions
-disable_functions =
-
-; This directive allows you to disable certain classes for security reasons.
-; It receives a comma-delimited list of class names. This directive is
-; *NOT* affected by whether Safe Mode is turned On or Off.
-; http://www.php.net/manual/en/ini.sect.safe-mode.php#ini.disable-classes
-disable_classes =
-
-; Colors for Syntax Highlighting mode.  Anything that's acceptable in
-; <span style="color: ???????"> would work.
-; http://www.php.net/manual/en/misc.configuration.php#ini.syntax-highlighting
-;highlight.string  = #DD0000
-;highlight.comment = #FF9900
-;highlight.keyword = #007700
-;highlight.bg      = #FFFFFF
-;highlight.default = #0000BB
-;highlight.html    = #000000
-
-; If enabled, the request will be allowed to complete even if the user aborts
-; the request. Consider enabling it if executing long requests, which may end up
-; being interrupted by the user or a browser timing out. PHP's default behavior
-; is to disable this feature.
-; http://www.php.net/manual/en/misc.configuration.php#ini.ignore-user-abort
-;ignore_user_abort = On
-
-; Determines the size of the realpath cache to be used by PHP. This value should
-; be increased on systems where PHP opens many files to reflect the quantity of
-; the file operations performed.
-; http://www.php.net/manual/en/ini.core.php#ini.realpath-cache-size
-;realpath_cache_size = 16k
-
-; Duration of time, in seconds for which to cache realpath information for a given
-; file or directory. For systems with rarely changing files, consider increasing this
-; value.
-; http://www.php.net/manual/en/ini.core.php#ini.realpath-cache-ttl
-;realpath_cache_ttl = 120
-
-;;;;;;;;;;;;;;;;;
-; Miscellaneous ;
-;;;;;;;;;;;;;;;;;
-
-; Decides whether PHP may expose the fact that it is installed on the server
-; (e.g. by adding its signature to the Web server header).  It is no security
-; threat in any way, but it makes it possible to determine whether you use PHP
-; on your server or not.
-; http://www.php.net/manual/en/ini.core.php#ini.expose-php
-expose_php = On
-
-;;;;;;;;;;;;;;;;;;;
-; Resource Limits ;
-;;;;;;;;;;;;;;;;;;;
-
-; Maximum execution time of each script, in seconds
-; http://www.php.net/manual/en/info.configuration.php#ini.max-execution-time
-max_execution_time = 30     
-
-; Maximum amount of time each script may spend parsing request data. It's a good
-; idea to limit this time on productions servers in order to eliminate unexpectedly
-; long running scripts. 
-; Default Value: -1 (Unlimited)
-; Development Value: 60 (60 seconds)
-; Production Value: 60 (60 seconds)
-; http://www.php.net/manual/en/info.configuration.php#ini.max-input-time
-max_input_time = 60
-
-; Maximum input variable nesting level
-; http://www.php.net/manual/en/info.configuration.php#ini.max-input-nesting-level
-;max_input_nesting_level = 64
-
-; Maximum amount of memory a script may consume (128MB)
-; http://www.php.net/manual/en/ini.core.php#ini.memory-limit
-memory_limit = 128M
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-; Error handling and logging ;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-; This directive informs PHP of which errors, warnings and notices you would like
-; it to take action for. The recommended way of setting values for this
-; directive is through the use of the error level constants and bitwise
-; operators. The error level constants are below here for convenience as well as
-; some common settings and their meanings.
-; By default, PHP is set to take action on all errors, notices and warnings EXCEPT
-; those related to E_NOTICE and E_STRICT, which together cover best practices and
-; recommended coding standards in PHP. For performance reasons, this is the
-; recommend error reporting setting. Your production server shouldn't be wasting
-; resources complaining about best practices and coding standards. That's what
-; development servers and development settings are for.
-; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This
-; means it pretty much reports everything which is exactly what you want during
-; development and early testing.
-;
-; Error Level Constants:
-; E_ALL             - All errors and warnings (includes E_STRICT as of PHP 6.0.0)
-; E_ERROR           - fatal run-time errors
-; E_RECOVERABLE_ERROR  - almost fatal run-time errors
-; E_WARNING         - run-time warnings (non-fatal errors)
-; E_PARSE           - compile-time parse errors
-; E_NOTICE          - run-time notices (these are warnings which often result
-;                     from a bug in your code, but it's possible that it was
-;                     intentional (e.g., using an uninitialized variable and
-;                     relying on the fact it's automatically initialized to an
-;                     empty string)
-; E_STRICT          - run-time notices, enable to have PHP suggest changes
-;                     to your code which will ensure the best interoperability
-;                     and forward compatibility of your code
-; E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
-; E_CORE_WARNING    - warnings (non-fatal errors) that occur during PHP's
-;                     initial startup
-; E_COMPILE_ERROR   - fatal compile-time errors
-; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
-; E_USER_ERROR      - user-generated error message
-; E_USER_WARNING    - user-generated warning message
-; E_USER_NOTICE     - user-generated notice message
-; E_DEPRECATED      - warn about code that will not work in future versions
-;                     of PHP
-; E_USER_DEPRECATED - user-generated deprecation warnings
-;
-; Common Values:
-;   E_ALL & ~E_NOTICE  (Show all errors, except for notices and coding standards warnings.)
-;   E_ALL & ~E_NOTICE | E_STRICT  (Show all errors, except for notices)
-;   E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR  (Show only errors)
-;   E_ALL | E_STRICT  (Show all errors, warnings and notices including coding standards.)
-; Default Value: E_ALL & ~E_NOTICE
-; Development Value: E_ALL | E_STRICT
-; Production Value: E_ALL & ~E_DEPRECATED
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.error-reporting
-error_reporting = E_ALL & ~E_DEPRECATED
-
-; This directive controls whether or not and where PHP will output errors,
-; notices and warnings too. Error output is very useful during development, but
-; it could be very dangerous in production environments. Depending on the code
-; which is triggering the error, sensitive information could potentially leak
-; out of your application such as database usernames and passwords or worse.
-; It's recommended that errors be logged on production servers rather than
-; having the errors sent to STDOUT.
-; Possible Values:
-;   Off = Do not display any errors 
-;   stderr = Display errors to STDERR (affects only CGI/CLI binaries!)   
-;   On or stdout = Display errors to STDOUT
-; Default Value: On
-; Development Value: On
-; Production Value: Off
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.display-errors
-display_errors = Off
-
-; The display of errors which occur during PHP's startup sequence are handled
-; separately from display_errors. PHP's default behavior is to suppress those
-; errors from clients. Turning the display of startup errors on can be useful in
-; debugging configuration problems. But, it's strongly recommended that you
-; leave this setting off on production servers.
-; Default Value: Off
-; Development Value: On
-; Production Value: Off
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.display-startup-errors
-display_startup_errors = Off
-
-; Besides displaying errors, PHP can also log errors to locations such as a
-; server-specific log, STDERR, or a location specified by the error_log
-; directive found below. While errors should not be displayed on productions
-; servers they should still be monitored and logging is a great way to do that.
-; Default Value: Off
-; Development Value: On
-; Production Value: On
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.log-errors
-log_errors = On
-
-; Set maximum length of log_errors. In error_log information about the source is
-; added. The default is 1024 and 0 allows to not apply any maximum length at all.
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.log-errors-max-len
-log_errors_max_len = 1024
-
-; Do not log repeated messages. Repeated errors must occur in same file on same
-; line unless ignore_repeated_source is set true.
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.ignore-repeated-errors
-ignore_repeated_errors = Off
-
-; Ignore source of message when ignoring repeated messages. When this setting
-; is On you will not log errors with repeated messages from different files or
-; source lines.
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.ignore-repeated-source
-ignore_repeated_source = Off
-
-; If this parameter is set to Off, then memory leaks will not be shown (on
-; stdout or in the log). This has only effect in a debug compile, and if
-; error reporting includes E_WARNING in the allowed list
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.report-memleaks
-report_memleaks = On
-
-; This setting is on by default.
-;report_zend_debug = 0
-
-; Store the last error/warning message in $php_errormsg (boolean). Setting this value
-; to On can assist in debugging and is appropriate for development servers. It should
-; however be disabled on production servers.
-; Default Value: Off
-; Development Value: On
-; Production Value: Off
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.track-errors
-track_errors = Off
-
-; Turn off normal error reporting and emit XML-RPC error XML
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.xmlrpc-errors
-;xmlrpc_errors = 0
-
-; An XML-RPC faultCode
-;xmlrpc_error_number = 0
-
-; When PHP displays or logs an error, it has the capability of inserting html
-; links to documentation related to that error. This directive controls whether
-; those HTML links appear in error messages or not. For performance and security
-; reasons, it's recommended you disable this on production servers.
-; Default Value: On
-; Development Value: On
-; Production value: Off
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.html-errors
-html_errors = Off
-
-; If html_errors is set On PHP produces clickable error messages that direct
-; to a page describing the error or function causing the error in detail.
-; You can download a copy of the PHP manual from http://www.php.net/docs.php
-; and change docref_root to the base URL of your local copy including the
-; leading '/'. You must also specify the file extension being used including
-; the dot. PHP's default behavior is to leave these settings empty.
-; Note: Never use this feature for production boxes.
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.docref-root
-; Examples
-;docref_root = "/phpmanual/"
-
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.docref-ext
-;docref_ext = .html
-
-; String to output before an error message. PHP's default behavior is to leave
-; this setting blank.
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.error-prepend-string
-; Example:
-;error_prepend_string = "<font color=#ff0000>"
-
-; String to output after an error message. PHP's default behavior is to leave
-; this setting blank.
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.error-append-string
-; Example:
-;error_append_string = "</font>"
-
-; Log errors to specified file. PHP's default behavior is to leave this value
-; empty.
-; http://www.php.net/manual/en/errorfunc.configuration.php#ini.error-log
-; Example:
-;error_log = php_errors.log
-; Log errors to syslog (Event Log on NT, not valid in Windows 95).
-;error_log = syslog
-
-;;;;;;;;;;;;;;;;;
-; Data Handling ;
-;;;;;;;;;;;;;;;;;
-
-; Note - track_vars is ALWAYS enabled as of PHP 4.0.3
-
-; The separator used in PHP generated URLs to separate arguments.
-; PHP's default setting is "&".
-; http://www.php.net/manual/en/ini.core.php#ini.arg-separator.output
-; Example:
-;arg_separator.output = "&amp;"
-
-; List of separator(s) used by PHP to parse input URLs into variables.
-; PHP's default setting is "&".
-; NOTE: Every character in this directive is considered as separator!
-; http://www.php.net/manual/en/ini.core.php#ini.arg-separator.input
-; Example:
-;arg_separator.input = ";&"
-
-; This directive determines which super global arrays are registered when PHP
-; starts up. If the register_globals directive is enabled, it also determines
-; what order variables are populated into the global space. G,P,C,E & S are
-; abbreviations for the following respective super globals: GET, POST, COOKIE,
-; ENV and SERVER. There is a performance penalty paid for the registration of
-; these arrays and because ENV is not as commonly used as the others, ENV is
-; is not recommended on productions servers. You can still get access to
-; the environment variables through getenv() should you need to.
-; Default Value: "EGPCS"
-; Development Value: "GPCS"
-; Production Value: "GPCS";
-; http://www.php.net/manual/en/ini.core.php#ini.variables-order
-variables_order = "GPCS"
-
-; This directive determines which super global data (G,P,C,E & S) should
-; be registered into the super global array REQUEST. If so, it also determines
-; the order in which that data is registered. The values for this directive are
-; specified in the same manner as the variables_order directive, EXCEPT one.
-; Leaving this value empty will cause PHP to use the value set in the 
-; variables_order directive. It does not mean it will leave the super globals
-; array REQUEST empty.
-; Default Value: None
-; Development Value: "GP"
-; Production Value: "GP"
-; http://www.php.net/manual/en/ini.core.php#ini.request-order
-request_order = "GP"
-
-; Whether or not to register the EGPCS variables as global variables.  You may
-; want to turn this off if you don't want to clutter your scripts' global scope
-; with user data.  This makes most sense when coupled with track_vars - in which
-; case you can access all of the GPC variables through the $HTTP_*_VARS[],
-; variables.
-; You should do your best to write your scripts so that they do not require
-; register_globals to be on;  Using form variables as globals can easily lead
-; to possible security problems, if the code is not very well thought of.
-; http://www.php.net/manual/en/ini.core.php#ini.register-globals
-register_globals = Off
-
-; Determines whether the deprecated long $HTTP_*_VARS type predefined variables
-; are registered by PHP or not. As they are deprecated, we obviously don't
-; recommend you use them. They are on by default for compatibility reasons but
-; they are not recommended on production servers.
-; Default Value: On
-; Development Value: Off
-; Production Value: Off
-; http://www.php.net/manual/en/ini.core.php#ini.register-long-arrays
-register_long_arrays = Off
-
-; This directive determines whether PHP registers $argv & $argc each time it
-; runs. $argv contains an array of all the arguments passed to PHP when a script
-; is invoked. $argc contains an integer representing the number of arguments
-; that were passed when the script was invoked. These arrays are extremely
-; useful when running scripts from the command line. When this directive is
-; enabled, registering these variables consumes CPU cycles and memory each time
-; a script is executed. For performance reasons, this feature should be disabled
-; on production servers.
-; Default Value: On
-; Development Value: Off
-; Production Value: Off
-; http://www.php.net/manual/en/ini.core.php#ini.register-argc-argv
-register_argc_argv = Off
-
-; When enabled, the SERVER and ENV variables are created when they're first
-; used (Just In Time) instead of when the script starts. If these variables
-; are not used within a script, having this directive on will result in a
-; performance gain. The PHP directives register_globals, register_long_arrays,
-; and register_argc_argv must be disabled for this directive to have any affect.
-; http://www.php.net/manual/en/ini.core.php#ini.auto-globals-jit
-auto_globals_jit = On
-
-; Maximum size of POST data that PHP will accept.
-; http://www.php.net/manual/en/ini.core.php#ini.post-max-size
-post_max_size = 32M
-
-; Magic quotes are a preprocessing feature of PHP where PHP will attempt to
-; escape any character sequences in GET, POST, COOKIE and ENV data which might
-; otherwise corrupt data being placed in resources such as databases before
-; making that data available to you. Because of character encoding issues and
-; non-standard SQL implementations across many databases, it's not currently
-; possible for this feature to be 100% accurate. PHP's default behavior is to
-; enable the feature. We strongly recommend you use the escaping mechanisms
-; designed specifically for the database your using instead of relying on this
-; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is
-; scheduled for removal in PHP 6.
-; Default Value: On
-; Development Value: Off
-; Production Value: Off
-; http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-gpc
-magic_quotes_gpc = Off
-
-; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
-; http://www.php.net/manual/en/info.configuration.php#ini.magic-quotes-runtime
-magic_quotes_runtime = Off
-
-; Use Sybase-style magic quotes (escape ' with '' instead of \').
-; http://www.php.net/manual/en/sybase.configuration.php#ini.magic-quotes-sybase
-magic_quotes_sybase = Off
-
-; Automatically add files before PHP document.
-; http://www.php.net/manual/en/ini.core.php#ini.auto-prepend-file
-auto_prepend_file =
-
-; Automatically add files after PHP document.
-; http://www.php.net/manual/en/ini.core.php#ini.auto-append-file
-auto_append_file =
-
-; As of 4.0b4, PHP always outputs a character encoding by default in
-; the Content-type: header.  To disable sending of the charset, simply
-; set it to be empty.
-;
-; PHP's built-in default is text/html
-; http://www.php.net/manual/en/ini.core.php#ini.default-mimetype
-default_mimetype = "text/html"
-
-; PHP's default character set is set to empty.
-; http://www.php.net/manual/en/ini.core.php#ini.default-charset
-;default_charset = "iso-8859-1"
-
-; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is
-; to disable this feature.
-; http://www.php.net/manual/en/ini.core.php#ini.always-populate-raw-post-data
-always_populate_raw_post_data = "-1"
-
-;;;;;;;;;;;;;;;;;;;;;;;;;
-; Paths and Directories ;
-;;;;;;;;;;;;;;;;;;;;;;;;;
-
-; UNIX: "/path1:/path2"
-;include_path = ".:/php/includes"
-;
-; Windows: "\path1;\path2"
-;include_path = ".;c:\php\includes"
-;
-; PHP's default setting for include_path is ".;/path/to/php/pear"
-; http://www.php.net/manual/en/ini.core.php#ini.include-path
-
-; The root of the PHP pages, used only if nonempty.
-; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
-; if you are running php as a CGI under any web server (other than IIS)
-; see documentation for security issues.  The alternate is to use the
-; cgi.force_redirect configuration below
-; http://www.php.net/manual/en/ini.core.php#ini.doc-root
-doc_root =
-
-; The directory under which PHP opens the script using /~username used only
-; if nonempty.
-; http://www.php.net/manual/en/ini.core.php#ini.user-dir
-user_dir =
-
-; Directory in which the loadable extensions (modules) reside.
-; http://www.php.net/manual/en/ini.core.php#ini.extension-dir
-; extension_dir = "./"
-
-; Whether or not to enable the dl() function.  The dl() function does NOT work
-; properly in multithreaded servers, such as IIS or Zeus, and is automatically
-; disabled on them.
-; http://www.php.net/manual/en/info.configuration.php#ini.enable-dl
-enable_dl = Off
-
-; cgi.force_redirect is necessary to provide security running PHP as a CGI under
-; most web servers.  Left undefined, PHP turns this on by default.  You can
-; turn it off here AT YOUR OWN RISK
-; **You CAN safely turn this off for IIS, in fact, you MUST.**
-; http://www.php.net/manual/en/ini.core.php#ini.cgi.force-redirect
-;cgi.force_redirect = 1
-
-; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
-; every request. PHP's default behavior is to disable this feature.
-;cgi.nph = 1
-
-; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
-; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
-; will look for to know it is OK to continue execution.  Setting this variable MAY
-; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
-; http://www.php.net/manual/en/ini.core.php#ini.cgi.redirect-status-env
-;cgi.redirect_status_env = ;
-
-; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
-; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
-; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
-; this to 1 will cause PHP CGI to fix its paths to conform to the spec.  A setting
-; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
-; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
-; http://www.php.net/manual/en/ini.core.php#ini.cgi.fix-pathinfo
-;cgi.fix_pathinfo=1
-
-; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
-; security tokens of the calling client.  This allows IIS to define the
-; security context that the request runs under.  mod_fastcgi under Apache
-; does not currently support this feature (03/17/2002)
-; Set to 1 if running under IIS.  Default is zero.
-; http://www.php.net/manual/en/ini.core.php#ini.fastcgi.impersonate
-;fastcgi.impersonate = 1;
-
-; Disable logging through FastCGI connection. PHP's default behavior is to enable
-; this feature.
-;fastcgi.logging = 0
-
-; cgi.rfc2616_headers configuration option tells PHP what type of headers to
-; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
-; is supported by Apache. When this option is set to 1 PHP will send
-; RFC2616 compliant header.
-; Default is zero.
-; http://www.php.net/manual/en/ini.core.php#ini.cgi.rfc2616-headers
-;cgi.rfc2616_headers = 0
-
-;;;;;;;;;;;;;;;;
-; File Uploads ;
-;;;;;;;;;;;;;;;;
-
-; Whether to allow HTTP file uploads.
-; http://www.php.net/manual/en/ini.core.php#ini.file-uploads
-file_uploads = On
-
-; Temporary directory for HTTP uploaded files (will use system default if not
-; specified).
-; http://www.php.net/manual/en/ini.core.php#ini.upload-tmp-dir
-;upload_tmp_dir =
-
-; Maximum allowed size for uploaded files.
-; http://www.php.net/manual/en/ini.core.php#ini.upload-max-filesize
-upload_max_filesize = 15M
-
-;;;;;;;;;;;;;;;;;;
-; Fopen wrappers ;
-;;;;;;;;;;;;;;;;;;
-
-; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
-; http://www.php.net/manual/en/filesystem.configuration.php#ini.allow-url-fopen
-allow_url_fopen = On
-
-; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
-; http://www.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include
-allow_url_include = Off
-
-; Define the anonymous ftp password (your email address). PHP's default setting
-; for this is empty.
-; http://www.php.net/manual/en/filesystem.configuration.php#ini.from
-;from="john@doe.com"
-
-; Define the User-Agent string. PHP's default setting for this is empty.
-; http://www.php.net/manual/en/filesystem.configuration.php#ini.user-agent
-;user_agent="PHP"
-
-; Default timeout for socket based streams (seconds)
-; http://www.php.net/manual/en/filesystem.configuration.php#ini.default-socket-timeout
-default_socket_timeout = 60
-
-; If your scripts have to deal with files from Macintosh systems,
-; or you are running on a Mac and need to deal with files from
-; unix or win32 systems, setting this flag will cause PHP to
-; automatically detect the EOL character in those files so that
-; fgets() and file() will work regardless of the source of the file.
-; http://www.php.net/manual/en/filesystem.configuration.php#ini.auto-detect-line-endings
-;auto_detect_line_endings = Off
-
-;;;;;;;;;;;;;;;;;;;;;;
-; Dynamic Extensions ;
-;;;;;;;;;;;;;;;;;;;;;;
-
-; If you wish to have an extension loaded automatically, use the following
-; syntax:
-;
-;   extension=modulename.extension
-;
-; For example
-;
-;   extension=msql.so
-;
-; ... or with a path:
-;
-;   extension=/path/to/extension/msql.so
-;
-; If you only provide the name of the extension, PHP will look for it in its
-; default extension directory.
-
-;;;;
-; Note: packaged extension modules are now loaded via the .ini files
-; found in the directory /etc/php.d; these are loaded by default.
-;;;;
-
-
-;;;;;;;;;;;;;;;;;;;
-; Module Settings ;
-;;;;;;;;;;;;;;;;;;;
-
-[Date]
-; Defines the default timezone used by the date functions
-; http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone
-date.timezone = UTC
-
-; http://www.php.net/manual/en/datetime.configuration.php#ini.date.default-latitude
-;date.default_latitude = 31.7667
-
-; http://www.php.net/manual/en/datetime.configuration.php#ini.date.default-longitude
-;date.default_longitude = 35.2333
-
-; http://www.php.net/manual/en/datetime.configuration.php#ini.date.sunrise-zenith
-;date.sunrise_zenith = 90.583333
-
-; http://www.php.net/manual/en/datetime.configuration.php#ini.date.sunset-zenith
-;date.sunset_zenith = 90.583333
-
-[filter]
-; http://www.php.net/manual/en/filter.configuration.php#ini.filter.default
-;filter.default = unsafe_raw
-
-; http://www.php.net/manual/en/filter.configuration.php#ini.filter.default-flags
-;filter.default_flags =
-
-[iconv]
-;iconv.input_encoding = ISO-8859-1
-;iconv.internal_encoding = ISO-8859-1
-;iconv.output_encoding = ISO-8859-1
-
-[intl]
-;intl.default_locale = 
-
-[sqlite]
-; http://www.php.net/manual/en/sqlite.configuration.php#ini.sqlite.assoc-case
-;sqlite.assoc_case = 0
-
-[sqlite3]
-;sqlite3.extension_dir =
-
-[Pcre]
-;PCRE library backtracking limit.
-; http://www.php.net/manual/en/pcre.configuration.php#ini.pcre.backtrack-limit
-;pcre.backtrack_limit=100000
-
-;PCRE library recursion limit. 
-;Please note that if you set this value to a high number you may consume all 
-;the available process stack and eventually crash PHP (due to reaching the 
-;stack size limit imposed by the Operating System).
-; http://www.php.net/manual/en/pcre.configuration.php#ini.pcre.recursion-limit
-;pcre.recursion_limit=100000
-
-[Pdo]
-; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off"
-; http://www.php.net/manual/en/ref.pdo-odbc.php#ini.pdo-odbc.connection-pooling
-;pdo_odbc.connection_pooling=strict
-
-[Phar]
-; http://www.php.net/manual/en/phar.configuration.php#ini.phar.readonly
-;phar.readonly = On
-
-; http://www.php.net/manual/en/phar.configuration.php#ini.phar.require-hash
-;phar.require_hash = On
-
-;phar.cache_list =
-
-[Syslog]
-; Whether or not to define the various syslog variables (e.g. $LOG_PID,
-; $LOG_CRON, etc.).  Turning it off is a good idea performance-wise.  In
-; runtime, you can define these variables by calling define_syslog_variables().
-; http://www.php.net/manual/en/network.configuration.php#ini.define-syslog-variables
-define_syslog_variables  = Off
-
-[mail function]
-; For Win32 only.
-; http://www.php.net/manual/en/mail.configuration.php#ini.smtp
-SMTP = localhost
-; http://www.php.net/manual/en/mail.configuration.php#ini.smtp-port
-smtp_port = 25
-
-; For Win32 only.
-; http://www.php.net/manual/en/mail.configuration.php#ini.sendmail-from
-;sendmail_from = me@example.com
-
-; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
-; http://www.php.net/manual/en/mail.configuration.php#ini.sendmail-path
-sendmail_path = /usr/sbin/sendmail -t -i
-
-; Force the addition of the specified parameters to be passed as extra parameters
-; to the sendmail binary. These parameters will always replace the value of
-; the 5th parameter to mail(), even in safe mode.
-;mail.force_extra_parameters =
-
-; Add X-PHP-Originaiting-Script: that will include uid of the script followed by the filename
-mail.add_x_header = On
-
-; Log all mail() calls including the full path of the script, line #, to address and headers
-;mail.log =
-
-[SQL]
-; http://www.php.net/manual/en/ini.core.php#ini.sql.safe-mode
-sql.safe_mode = Off
-
-[ODBC]
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.default-db
-;odbc.default_db    =  Not yet implemented
-
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.default-user
-;odbc.default_user  =  Not yet implemented
-
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.default-pw
-;odbc.default_pw    =  Not yet implemented
-
-; Allow or prevent persistent links.
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.allow-persistent
-odbc.allow_persistent = On
-
-; Check that a connection is still valid before reuse.
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.check-persistent
-odbc.check_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.max-persistent
-odbc.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.max-links
-odbc.max_links = -1
-
-; Handling of LONG fields.  Returns number of bytes to variables.  0 means
-; passthru.
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.defaultlrl
-odbc.defaultlrl = 4096
-
-; Handling of binary data.  0 means passthru, 1 return as is, 2 convert to char.
-; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
-; of uodbc.defaultlrl and uodbc.defaultbinmode
-; http://www.php.net/manual/en/odbc.configuration.php#ini.uodbc.defaultbinmode
-odbc.defaultbinmode = 1
-
-;birdstep.max_links = -1
-
-[MySQL]
-; Allow or prevent persistent links.
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.allow-persistent
-mysql.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.max-persistent
-mysql.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.max-links
-mysql.max_links = -1
-
-; Default port number for mysql_connect().  If unset, mysql_connect() will use
-; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
-; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
-; at MYSQL_PORT.
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.default-port
-mysql.default_port =
-
-; Default socket name for local MySQL connects.  If empty, uses the built-in
-; MySQL defaults.
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.default-socket
-mysql.default_socket =
-
-; Default host for mysql_connect() (doesn't apply in safe mode).
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.default-host
-mysql.default_host =
-
-; Default user for mysql_connect() (doesn't apply in safe mode).
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.default-user
-mysql.default_user =
-
-; Default password for mysql_connect() (doesn't apply in safe mode).
-; Note that this is generally a *bad* idea to store passwords in this file.
-; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
-; and reveal this password!  And of course, any users with read access to this
-; file will be able to reveal the password as well.
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.default-password
-mysql.default_password =
-
-; Maximum time (in seconds) for connect timeout. -1 means no limit
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.connect-timeout
-mysql.connect_timeout = 60
-
-; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
-; SQL-Errors will be displayed.
-; http://www.php.net/manual/en/mysql.configuration.php#ini.mysql.trace-mode
-mysql.trace_mode = Off
-
-[MySQLi]
-
-; Maximum number of links.  -1 means no limit.
-; http://www.php.net/manual/en/mysqli.configuration.php#ini.mysqli.max-links
-mysqli.max_links = -1
-
-; Default port number for mysqli_connect().  If unset, mysqli_connect() will use
-; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
-; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
-; at MYSQL_PORT.
-; http://www.php.net/manual/en/mysqli.configuration.php#ini.mysqli.default-port
-mysqli.default_port = 3306
-
-; Default socket name for local MySQL connects.  If empty, uses the built-in
-; MySQL defaults.
-; http://www.php.net/manual/en/mysqli.configuration.php#ini.mysqli.default-socket
-mysqli.default_socket =
-
-; Default host for mysql_connect() (doesn't apply in safe mode).
-; http://www.php.net/manual/en/mysqli.configuration.php#ini.mysqli.default-host
-mysqli.default_host =
-
-; Default user for mysql_connect() (doesn't apply in safe mode).
-; http://www.php.net/manual/en/mysqli.configuration.php#ini.mysqli.default-user
-mysqli.default_user =
-
-; Default password for mysqli_connect() (doesn't apply in safe mode).
-; Note that this is generally a *bad* idea to store passwords in this file.
-; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
-; and reveal this password!  And of course, any users with read access to this
-; file will be able to reveal the password as well.
-; http://www.php.net/manual/en/mysqli.configuration.php#ini.mysqli.default-pw
-mysqli.default_pw =
-
-; Allow or prevent reconnect
-mysqli.reconnect = Off
-
-[PostgresSQL]
-; Allow or prevent persistent links.
-; http://www.php.net/manual/en/pgsql.configuration.php#ini.pgsql.allow-persistent
-pgsql.allow_persistent = On
-
-; Detect broken persistent links always with pg_pconnect().
-; Auto reset feature requires a little overheads.
-; http://www.php.net/manual/en/pgsql.configuration.php#ini.pgsql.auto-reset-persistent
-pgsql.auto_reset_persistent = Off
-
-; Maximum number of persistent links.  -1 means no limit.
-; http://www.php.net/manual/en/pgsql.configuration.php#ini.pgsql.max-persistent
-pgsql.max_persistent = -1
-
-; Maximum number of links (persistent+non persistent).  -1 means no limit.
-; http://www.php.net/manual/en/pgsql.configuration.php#ini.pgsql.max-links
-pgsql.max_links = -1
-
-; Ignore PostgreSQL backends Notice message or not.
-; Notice message logging require a little overheads.
-; http://www.php.net/manual/en/pgsql.configuration.php#ini.pgsql.ignore-notice
-pgsql.ignore_notice = 0
-
-; Log PostgreSQL backends Noitce message or not.
-; Unless pgsql.ignore_notice=0, module cannot log notice message.
-; http://www.php.net/manual/en/pgsql.configuration.php#ini.pgsql.log-notice
-pgsql.log_notice = 0
-
-[Sybase-CT]
-; Allow or prevent persistent links.
-; http://www.php.net/manual/en/sybase.configuration.php#ini.sybct.allow-persistent
-sybct.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-; http://www.php.net/manual/en/sybase.configuration.php#ini.sybct.max-persistent
-sybct.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-; http://www.php.net/manual/en/sybase.configuration.php#ini.sybct.max-links
-sybct.max_links = -1
-
-; Minimum server message severity to display.
-; http://www.php.net/manual/en/sybase.configuration.php#ini.sybct.min-server-severity
-sybct.min_server_severity = 10
-
-; Minimum client message severity to display.
-; http://www.php.net/manual/en/sybase.configuration.php#ini.sybct.min-client-severity
-sybct.min_client_severity = 10
-
-; Set per-context timeout
-; http://www.php.net/manual/en/sybase.configuration.php#ini.sybct.timeout
-;sybct.timeout=
-
-;sybct.packet_size
-
-[bcmath]
-; Number of decimal digits for all bcmath functions.
-; http://www.php.net/manual/en/bc.configuration.php#ini.bcmath.scale
-bcmath.scale = 0
-
-[browscap]
-; http://www.php.net/manual/en/misc.configuration.php#ini.browscap
-;browscap = extra/browscap.ini
-
-[Session]
-; Handler used to store/retrieve data.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.save-handler
-session.save_handler = files
-
-; Argument passed to save_handler.  In the case of files, this is the path
-; where data files are stored. Note: Windows users have to change this
-; variable in order to use PHP's session functions.
-;
-; As of PHP 4.0.1, you can define the path as:
-;
-;     session.save_path = "N;/path"
-;
-; where N is an integer.  Instead of storing all the session files in
-; /path, what this will do is use subdirectories N-levels deep, and
-; store the session data in those directories.  This is useful if you
-; or your OS have problems with lots of files in one directory, and is
-; a more efficient layout for servers that handle lots of sessions.
-;
-; NOTE 1: PHP will not create this directory structure automatically.
-;         You can use the script in the ext/session dir for that purpose.
-; NOTE 2: See the section on garbage collection below if you choose to
-;         use subdirectories for session storage
-;
-; The file storage module creates files using mode 600 by default.
-; You can change that by using
-;
-;     session.save_path = "N;MODE;/path"
-;
-; where MODE is the octal representation of the mode. Note that this
-; does not overwrite the process's umask.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.save-path
-session.save_path = "/var/lib/php/session"
-
-; Whether to use cookies.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.use-cookies
-session.use_cookies = 1
-
-; http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-secure
-;session.cookie_secure =
-
-; This option forces PHP to fetch and use a cookie for storing and maintaining
-; the session id. We encourage this operation as it's very helpful in combatting
-; session hijacking when not specifying and managing your own session id. It is
-; not the end all be all of session hijacking defense, but it's a good start.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.use-only-cookies
-session.use_only_cookies = 1
-
-; Name of the session (used as cookie name).
-; http://www.php.net/manual/en/session.configuration.php#ini.session.name
-session.name = PHPSESSID
-
-; Initialize session on request startup.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.auto-start
-session.auto_start = 0
-
-; Lifetime in seconds of cookie or, if 0, until browser is restarted.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-lifetime
-session.cookie_lifetime = 0
-
-; The path for which the cookie is valid.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-path
-session.cookie_path = /
-
-; The domain for which the cookie is valid.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-domain
-session.cookie_domain =
-
-; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.cookie-httponly
-session.cookie_httponly = 
-
-; Handler used to serialize data.  php is the standard serializer of PHP.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.serialize-handler
-session.serialize_handler = php
-
-; Defines the probability that the 'garbage collection' process is started
-; on every session initialization. The probability is calculated by using
-; gc_probability/gc_divisor. Where session.gc_probability is the numerator
-; and gc_divisor is the denominator in the equation. Setting this value to 1
-; when the session.gc_divisor value is 100 will give you approximately a 1% chance
-; the gc will run on any give request.
-; Default Value: 1
-; Development Value: 1
-; Production Value: 1
-; http://www.php.net/manual/en/session.configuration.php#ini.session.gc-probability
-session.gc_probability = 1
-
-; Defines the probability that the 'garbage collection' process is started on every
-; session initialization. The probability is calculated by using the following equation: 
-; gc_probability/gc_divisor. Where session.gc_probability is the numerator and
-; session.gc_divisor is the denominator in the equation. Setting this value to 1
-; when the session.gc_divisor value is 100 will give you approximately a 1% chance
-; the gc will run on any give request. Increasing this value to 1000 will give you
-; a 0.1% chance the gc will run on any give request. For high volume production servers,
-; this is a more efficient approach.
-; Default Value: 100
-; Development Value: 1000
-; Production Value: 1000
-; http://www.php.net/manual/en/session.configuration.php#ini.session.gc-divisor
-session.gc_divisor = 1000
-
-; After this number of seconds, stored data will be seen as 'garbage' and
-; cleaned up by the garbage collection process.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime
-session.gc_maxlifetime = 1440
-
-; NOTE: If you are using the subdirectory option for storing session files
-;       (see session.save_path above), then garbage collection does *not*
-;       happen automatically.  You will need to do your own garbage
-;       collection through a shell script, cron entry, or some other method.
-;       For example, the following script would is the equivalent of
-;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
-;          cd /path/to/sessions; find -cmin +24 | xargs rm
-
-; PHP 4.2 and less have an undocumented feature/bug that allows you to
-; to initialize a session variable in the global scope, even when register_globals
-; is disabled.  PHP 4.3 and later will warn you, if this feature is used.
-; You can disable the feature and the warning separately. At this time,
-; the warning is only displayed, if bug_compat_42 is enabled. This feature
-; introduces some serious security problems if not handled correctly. It's
-; recommended that you do not use this feature on production servers. But you
-; should enable this on development servers and enable the warning as well. If you
-; do not enable the feature on development servers, you won't be warned when it's
-; used and debugging errors caused by this can be difficult to track down.
-; Default Value: On
-; Development Value: On
-; Production Value: Off
-; http://www.php.net/manual/en/session.configuration.php#ini.session.bug-compat-42
-session.bug_compat_42 = Off
-
-; This setting controls whether or not you are warned by PHP when initializing a
-; session value into the global space. session.bug_compat_42 must be enabled before
-; these warnings can be issued by PHP. See the directive above for more information.
-; Default Value: On
-; Development Value: On
-; Production Value: Off
-; http://www.php.net/manual/en/session.configuration.php#ini.session.bug-compat-warn
-session.bug_compat_warn = Off
-
-; Check HTTP Referer to invalidate externally stored URLs containing ids.
-; HTTP_REFERER has to contain this substring for the session to be
-; considered as valid.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.referer-check
-session.referer_check =
-
-; How many bytes to read from the file.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.entropy-length
-session.entropy_length = 0
-
-; Specified here to create the session id.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.entropy-file
-;session.entropy_file = /dev/urandom
-session.entropy_file =
-
-; http://www.php.net/manual/en/session.configuration.php#ini.session.entropy-length
-;session.entropy_length = 16
-
-; Set to {nocache,private,public,} to determine HTTP caching aspects
-; or leave this empty to avoid sending anti-caching headers.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.cache-limiter
-session.cache_limiter = nocache
-
-; Document expires after n minutes.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.cache-expire
-session.cache_expire = 180
-
-; trans sid support is disabled by default.
-; Use of trans sid may risk your users security.
-; Use this option with caution.
-; - User may send URL contains active session ID
-;   to other person via. email/irc/etc.
-; - URL that contains active session ID may be stored
-;   in publically accessible computer.
-; - User may access your site with the same session ID
-;   always using URL stored in browser's history or bookmarks.
-; http://www.php.net/manual/en/session.configuration.php#ini.session.use-trans-sid
-session.use_trans_sid = 0
-
-; Select a hash function for use in generating session ids.
-; Possible Values 
-;   0  (MD5 128 bits)
-;   1  (SHA-1 160 bits)
-; http://www.php.net/manual/en/session.configuration.php#ini.session.hash-function
-session.hash_function = 0
-
-; Define how many bits are stored in each character when converting
-; the binary hash data to something readable.
-; Possible values:
-;   4  (4 bits: 0-9, a-f)
-;   5  (5 bits: 0-9, a-v)
-;   6  (6 bits: 0-9, a-z, A-Z, "-", ",")
-; Default Value: 4
-; Development Value: 5
-; Production Value: 5
-; http://www.php.net/manual/en/session.configuration.php#ini.session.hash-bits-per-character
-session.hash_bits_per_character = 5
-
-; The URL rewriter will look for URLs in a defined set of HTML tags.
-; form/fieldset are special; if you include them here, the rewriter will
-; add a hidden <input> field with the info which is otherwise appended
-; to URLs.  If you want XHTML conformity, remove the form entry.
-; Note that all valid entries require a "=", even if no value follows.
-; Default Value: "a=href,area=href,frame=src,form=,fieldset="
-; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-; http://www.php.net/manual/en/session.configuration.php#ini.url-rewriter.tags
-url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
-
-[MSSQL]
-; Allow or prevent persistent links.
-mssql.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-mssql.max_persistent = -1
-
-; Maximum number of links (persistent+non persistent).  -1 means no limit.
-mssql.max_links = -1
-
-; Minimum error severity to display.
-mssql.min_error_severity = 10
-
-; Minimum message severity to display.
-mssql.min_message_severity = 10
-
-; Compatibility mode with old versions of PHP 3.0.
-mssql.compatability_mode = Off
-
-; Connect timeout
-;mssql.connect_timeout = 5
-
-; Query timeout
-;mssql.timeout = 60
-
-; Valid range 0 - 2147483647.  Default = 4096.
-;mssql.textlimit = 4096
-
-; Valid range 0 - 2147483647.  Default = 4096.
-;mssql.textsize = 4096
-
-; Limits the number of records in each batch.  0 = all records in one batch.
-;mssql.batchsize = 0
-
-; Specify how datetime and datetim4 columns are returned
-; On => Returns data converted to SQL server settings
-; Off => Returns values as YYYY-MM-DD hh:mm:ss
-;mssql.datetimeconvert = On
-
-; Use NT authentication when connecting to the server
-mssql.secure_connection = Off
-
-; Specify max number of processes. -1 = library default
-; msdlib defaults to 25
-; FreeTDS defaults to 4096
-;mssql.max_procs = -1
-
-; Specify client character set. 
-; If empty or not set the client charset from freetds.comf is used
-; This is only used when compiled with FreeTDS
-;mssql.charset = "ISO-8859-1"
-
-[Assertion]
-; Assert(expr); active by default.
-; http://www.php.net/manual/en/info.configuration.php#ini.assert.active
-;assert.active = On
-
-; Issue a PHP warning for each failed assertion.
-; http://www.php.net/manual/en/info.configuration.php#ini.assert.warning
-;assert.warning = On
-
-; Don't bail out by default.
-; http://www.php.net/manual/en/info.configuration.php#ini.assert.bail
-;assert.bail = Off
-
-; User-function to be called if an assertion fails.
-; http://www.php.net/manual/en/info.configuration.php#ini.assert.callback
-;assert.callback = 0
-
-; Eval the expression with current error_reporting().  Set to true if you want
-; error_reporting(0) around the eval().
-; http://www.php.net/manual/en/info.configuration.php#ini.assert.quiet-eval
-;assert.quiet_eval = 0
-
-[COM]
-; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
-; http://www.php.net/manual/en/com.configuration.php#ini.com.typelib-file
-;com.typelib_file =
-
-; allow Distributed-COM calls
-; http://www.php.net/manual/en/com.configuration.php#ini.com.allow-dcom
-;com.allow_dcom = true
-
-; autoregister constants of a components typlib on com_load()
-; http://www.php.net/manual/en/com.configuration.php#ini.com.autoregister-typelib
-;com.autoregister_typelib = true
-
-; register constants casesensitive
-; http://www.php.net/manual/en/com.configuration.php#ini.com.autoregister-casesensitive
-;com.autoregister_casesensitive = false
-
-; show warnings on duplicate constant registrations
-; http://www.php.net/manual/en/com.configuration.php#ini.com.autoregister-verbose
-;com.autoregister_verbose = true
-
-[mbstring]
-; language for internal character representation.
-; http://www.php.net/manual/en/mbstring.configuration.php#ini.mbstring.language
-;mbstring.language = Japanese
-
-; internal/script encoding.
-; Some encoding cannot work as internal encoding.
-; (e.g. SJIS, BIG5, ISO-2022-*)
-; http://www.php.net/manual/en/mbstring.configuration.php#ini.mbstring.internal-encoding
-;mbstring.internal_encoding = EUC-JP
-
-; http input encoding.
-; http://www.php.net/manual/en/mbstring.configuration.php#ini.mbstring.http-input
-;mbstring.http_input = auto
-
-; http output encoding. mb_output_handler must be
-; registered as output buffer to function
-; http://www.php.net/manual/en/mbstring.configuration.php#ini.mbstring.http-output
-;mbstring.http_output = SJIS
-
-; enable automatic encoding translation according to
-; mbstring.internal_encoding setting. Input chars are
-; converted to internal encoding by setting this to On.
-; Note: Do _not_ use automatic encoding translation for
-;       portable libs/applications.
-; http://www.php.net/manual/en/mbstring.configuration.php#ini.mbstring.encoding-translation
-;mbstring.encoding_translation = Off
-
-; automatic encoding detection order.
-; auto means
-; http://www.php.net/manual/en/mbstring.configuration.php#ini.mbstring.detect-order
-;mbstring.detect_order = auto
-
-; substitute_character used when character cannot be converted
-; one from another
-; http://www.php.net/manual/en/mbstring.configuration.php#ini.mbstring.substitute-character
-;mbstring.substitute_character = none;
-
-; overload(replace) single byte functions by mbstring functions.
-; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
-; etc. Possible values are 0,1,2,4 or combination of them.
-; For example, 7 for overload everything.
-; 0: No overload
-; 1: Overload mail() function
-; 2: Overload str*() functions
-; 4: Overload ereg*() functions
-; http://www.php.net/manual/en/mbstring.configuration.php#ini.mbstring.func-overload
-;mbstring.func_overload = 0
-
-; enable strict encoding detection.
-;mbstring.strict_detection = Off
-
-; This directive specifies the regex pattern of content types for which mb_output_handler()
-; is activated.
-; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml)
-;mbstring.http_output_conv_mimetype=
-
-[gd]
-; Tell the jpeg decode to ignore warnings and try to create
-; a gd image. The warning will then be displayed as notices
-; disabled by default
-; http://www.php.net/manual/en/image.configuration.php#ini.image.jpeg-ignore-warning
-;gd.jpeg_ignore_warning = 0
-
-[exif]
-; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
-; With mbstring support this will automatically be converted into the encoding
-; given by corresponding encode setting. When empty mbstring.internal_encoding
-; is used. For the decode settings you can distinguish between motorola and
-; intel byte order. A decode setting cannot be empty.
-; http://www.php.net/manual/en/exif.configuration.php#ini.exif.encode-unicode
-;exif.encode_unicode = ISO-8859-15
-
-; http://www.php.net/manual/en/exif.configuration.php#ini.exif.decode-unicode-motorola
-;exif.decode_unicode_motorola = UCS-2BE
-
-; http://www.php.net/manual/en/exif.configuration.php#ini.exif.decode-unicode-intel
-;exif.decode_unicode_intel    = UCS-2LE
-
-; http://www.php.net/manual/en/exif.configuration.php#ini.exif.encode-jis
-;exif.encode_jis =
-
-; http://www.php.net/manual/en/exif.configuration.php#ini.exif.decode-jis-motorola
-;exif.decode_jis_motorola = JIS
-
-; http://www.php.net/manual/en/exif.configuration.php#ini.exif.decode-jis-intel
-;exif.decode_jis_intel    = JIS
-
-[Tidy]
-; The path to a default tidy configuration file to use when using tidy
-; http://www.php.net/manual/en/tidy.configuration.php#ini.tidy.default-config
-;tidy.default_config = /usr/local/lib/php/default.tcfg
-
-; Should tidy clean and repair output automatically?
-; WARNING: Do not use this option if you are generating non-html content
-; such as dynamic images
-; http://www.php.net/manual/en/tidy.configuration.php#ini.tidy.clean-output
-tidy.clean_output = Off
-
-[soap]
-; Enables or disables WSDL caching feature.
-; http://www.php.net/manual/en/soap.configuration.php#ini.soap.wsdl-cache-enabled
-soap.wsdl_cache_enabled=1
-
-; Sets the directory name where SOAP extension will put cache files.
-; http://www.php.net/manual/en/soap.configuration.php#ini.soap.wsdl-cache-dir
-soap.wsdl_cache_dir="/tmp"
-
-; (time to live) Sets the number of second while cached file will be used 
-; instead of original one.
-; http://www.php.net/manual/en/soap.configuration.php#ini.soap.wsdl-cache-ttl
-soap.wsdl_cache_ttl=86400
-
-[sysvshm]
-; A default size of the shared memory segment
-;sysvshm.init_mem = 10000
-
-
-; Local Variables:
-; tab-width: 4
-; End:
diff --git a/roles/phabricator/handlers/main.yml b/roles/phabricator/handlers/main.yml
deleted file mode 100644
index bedb6ac8e1..0000000000
--- a/roles/phabricator/handlers/main.yml
+++ /dev/null
@@ -1,7 +0,0 @@
-##########################################################
-# Handlers for restarting services specific to phabricator
-#
-
-- name: restart phd
-  service: name=phd state=restarted
-
diff --git a/roles/phabricator/tasks/main.yml b/roles/phabricator/tasks/main.yml
deleted file mode 100644
index 5268db4674..0000000000
--- a/roles/phabricator/tasks/main.yml
+++ /dev/null
@@ -1,180 +0,0 @@
----
-- name: start httpd (provided in the apache role)
-  service: name=httpd state=started
-
-- name: ensure packages required for phabricator are installed (yum)
-  package: name={{ item }} state=present enablerepo={{ extra_enablerepos }}
-  with_items:
-    - MySQL-python
-    - git
-    - httpd
-    - mod_ssl
-    - php
-    - php-cli
-    - php-mysql
-    - php-process
-    - php-devel
-    - php-gd
-    - php-mbstring
-    - php-opcache
-    - python-pygments
-    - libphutil
-    - arcanist
-    - phabricator
-  when: ansible_distribution_major_version|int < 22
-
-- name: ensure packages required for phabricator are installed (dnf)
-  dnf: name={{ item }} state=present enablerepo={{ extra_enablerepos }}
-  with_items:
-    - MySQL-python
-    - git
-    - httpd
-    - mod_ssl
-    - php
-    - php-cli
-    - php-process
-    - php-devel
-    - php-gd
-    - php-mbstring
-    - php-opcache
-    - python-pygments
-    - libphutil
-    - arcanist
-    - phabricator
-  when: ansible_distribution_major_version|int > 21 and ansible_cmdline.ostree is not defined
-
-- name: create mariadb user for phabricator
-  mysql_user:
-    name: "{{ mariadb_user }}"
-    host: 'localhost'
-    password: "{{ mariadb_password }}"
-    priv: "*.*:ALL"
-    state: present
-    login_user: root
-    login_password: "{{ mariadb_root_password }}"
-    login_host: "127.0.0.1"
-  delegate_to: "{{ inventory_hostname }}"
-
-- name: ensure backup directory exists
-  file: path={{ backup_dir }} state=directory owner=root group=root mode=1755
-
-- name: generate phabricator mysql backup cronjob
-  template: src=phabricator-mariadb-dump.cron.j2 dest=/etc/cron.d/phabricator-mariadb-dump.cron owner=root group=root mode=0644
-
-- name: create phabricator daemon user
-  user: name={{ phabricator_daemon_user }}
-
-- name: add apache user to daemon user group
-  user: name=apache groups={{ phabricator_daemon_user }}
-
-- name: create vcs user
-  user: name={{ phabricator_vcs_user }} password={{ phabricator_vcs_user_password }} groups={{ phabricator_daemon_user }}
-  when: enable_phabricator_git
-
-- name: add vcs user to sudoers to write as daemon user with restrictions for git
-  lineinfile: "dest=/etc/sudoers state=present line='{{ phabricator_vcs_user }} ALL=({{ phabricator_daemon_user }}) SETENV: NOPASSWD: /usr/libexec/git-core/git-upload-pack, /usr/libexec/git-core/git-receive-pack'"
-
-- name: remove tty requirement for sudo by git user
-  lineinfile: "dest=/etc/sudoers state=present line='Defaults:{{phabricator_vcs_user }} !requiretty'"
-
-- name: add apache user to sudoers to write as daemon user with restrictions for git
-  lineinfile: "dest=/etc/sudoers state=present line='apache ALL=({{ phabricator_daemon_user }}) SETENV: NOPASSWD: /usr/libexec/git-core/git-http-backend'"
-
-- name: remove tty requirement for sudo by git user
-  lineinfile: "dest=/etc/sudoers state=present line='Defaults:apache !requiretty'"
-
-- name: update php.ini
-  copy: src=php.ini dest=/etc/php.d/php.ini owner=root group=root mode=0644
-  notify:
-  - reload httpd
-
-- name: update php-opcache config
-  copy:
-    src: "10-opcache.ini"
-    dest: /etc/php.d/10-opcache.ini
-    owner: root
-    group: root
-    mode: 0644
-
-- name: update php-curl config
-  copy:
-    src: "20-curl.ini"
-    dest: /etc/php.d/20-curl.ini
-    owner: root
-    group: root
-    mode: 0644
-
-- name: clone phabricator-extension-ipsilonoauth
-  git:
-      repo: 'https://pagure.io/phabricator-extension-ipsilonoauth.git'
-      dest: /var/www/phabricator-extension-ipsilonoauth
-      version: c70333b0d2d4d348b429e82e39d634071accf939
-
-- name: create git repo root for phabricator
-  file: path={{ phabricator_repodir }} state=directory owner={{ phabricator_daemon_user }} group={{ phabricator_daemon_user }} mode=1755
-  when: enable_phabricator_git
-
-- name: create file directory for phabricator
-  file: path={{ phabricator_filedir }} state=directory owner=apache group=apache mode=1755
-
-- name: create log directory for phabricator
-  file: path=/var/log/phabricator state=directory owner={{ phabricator_daemon_user }} group={{ phabricator_daemon_user }} mode=1775
-
-# disabling phabricator env
-#- name: generate phabricator environment
-#  template: src=ENVIRONMENT.j2 dest={{ phabroot }}/phabricator/conf/local/ENVIRONMENT owner=apache group=apache mode=0644
-
-- name: copy phabricator configuration settings
-  template: src=local.json.j2 dest={{ phabroot }}/phabricator/conf/local/local.json owner=apache group=apache mode=0644
-  notify:
-   - restart phd
-
-- name: copy phabricator preamble
-  copy: src=phabricator-preamble.php dest={{ phabroot }}/phabricator/support/preamble.php owner=apache group=apache mode=0644
-
-- name: copy phabricator custom login plugin
-  template: src=CustomLoginHandler.php.j2 dest={{ phabroot }}/phabricator/src/extensions/CustomLoginHandler.php owner=apache group=apache mode=0644
-  notify:
-   - restart phd
-
-# this isn't well supported upstream right now, disabling
-#- name: generate chatbot config
-#  template: src=chatbot-config.json.j2 dest={{ phabroot }}/phabricator/resources/chatbot/config.json owner=apache group=apache mode=0644
-
-# long story short, I need to let this fail for now until something is fixed, will re-enable. tflink - 2016-12-15
-#- name: upgrade phabricator storage
-#  command: chdir={{ phabroot }}/phabricator bin/storage upgrade --force
-
-- name: generate phabricator git hook
-  template: src=phabricator-ssh-hook.sh.j2 dest=/etc/phabricator-ssh-hook.sh owner=root group=root mode=0755
-  when: enable_phabricator_git
-
-- name: generate phabricator ssh config for vcs
-  template: src=phabricator-sshd.conf.j2 dest=/etc/ssh/phabricator-sshd.conf owner=root group=root mode=0600
-  when: enable_phabricator_git
-
-- name: generate phabricator ssh service file
-  template: src=phabricator-sshd.service.j2 dest=/lib/systemd/system/phabricator-sshd.service owner=root group=root mode=0644
-  when: enable_phabricator_git
-
-- name: start and enable phabricator sshd service
-  service: name=phabricator-sshd enabled=yes state=started
-  when: enable_phabricator_git
-
-- name: generate phabricator phd service file
-  template: src=phd.service.j2 dest=/lib/systemd/system/phd.service owner=root group=root mode=0644
-
-- name: create directory for phd pids
-  file: path=/var/run/phabricator state=directory owner={{ phabricator_daemon_user }} group={{ phabricator_daemon_user }} mode=1755
-
-- name: start and enable phabricator phd service
-  service: name=phd enabled=yes state=started
-
-- name: copy phabricator httpd config
-  template: src=phabricator.conf.j2 dest=/etc/httpd/conf.d/phabricator.conf owner=root group=root mode=0644
-  tags:
-  - httpd
-  notify:
-  - reload httpd
-
-
diff --git a/roles/phabricator/templates/CustomLoginHandler.php.j2 b/roles/phabricator/templates/CustomLoginHandler.php.j2
deleted file mode 100644
index 44b0585c0f..0000000000
--- a/roles/phabricator/templates/CustomLoginHandler.php.j2
+++ /dev/null
@@ -1,19 +0,0 @@
-<?php
-
-final class CustomLoginHandler
-    extends PhabricatorAuthLoginHandler {
-
-    public function getAuthLoginHeaderContent() {
-        return phutil_safe_html("
-<center><h1>Logging in to Fedora QA Devel Phabricator</h1></center>
-<p style='max-width: 508px;margin: 16px auto;'>
-  This phabricator instance is only setup for authentication with <a href='https://admin.fedoraproject.org/accounts'>the Fedora Accounts System</a>. If you have previously logged in to this instance, click o    n the 'Login or Register' button to log in again. If you are new to this system, please follow the follow
-  ing guidelines:
-  <ul style='list-style-type: disc; margin: auto; max-width:508px;'>
-    <li style='list-style-type: disc;'>When you login with Persona, make sure to use your <b>fasusername@fedoraproject.org</b> email alias (replacing 'fasusername' with your FAS user)</li>
-    <li>When creating a phabricator user account, please match the account name with your FAS username for less confusion on everyone elses' part</li>
-    <li>If you have any questions, come find us in #fedora-qa on Freenode or on the <a href='https://admin.fedoraproject.org/mailman/listinfo/qa-devel'>Fedora QA Devel mailing list</a>.</li>
-  </ul>
-</p>");
-    }
-}
diff --git a/roles/phabricator/templates/ENVIRONMENT.j2 b/roles/phabricator/templates/ENVIRONMENT.j2
deleted file mode 100644
index bf6c4cea15..0000000000
--- a/roles/phabricator/templates/ENVIRONMENT.j2
+++ /dev/null
@@ -1 +0,0 @@
-{{ phabricator_config_filename }}
diff --git a/roles/phabricator/templates/chatbot-config.json.j2 b/roles/phabricator/templates/chatbot-config.json.j2
deleted file mode 100644
index 18fbf3cd9f..0000000000
--- a/roles/phabricator/templates/chatbot-config.json.j2
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-  "server" : "irc.freenode.net",
-  "port" : 6667,
-  "nick" : "{{ ircnick }}",
-  "nickpass" : "{{ ircnickpass }}",
-  "join" : [
-    "#fedora-qa-devel"
-  ],
-  "handlers" : [
-    "PhabricatorBotObjectNameHandler",
-    "PhabricatorBotSymbolHandler",
-    "PhabricatorBotLogHandler",
-    "PhabricatorBotWhatsNewHandler",
-    "PhabricatorBotDifferentialNotificationHandler",
-    "PhabricatorBotMacroHandler"
-  ],
-
-  "conduit.uri" : "https://phab.{{ external_hostname }}/",
-  "conduit.user" : "{{ ircnick }}",
-  "conduit.cert" : "{{ irc_conduit_cert }}",
-
-  "macro.size" : 48,
-  "macro.aspect" : 0.66,
-
-  "notification.channels" : ["#fedora-qa-devel"]
-}
-
diff --git a/roles/phabricator/templates/local.json.j2 b/roles/phabricator/templates/local.json.j2
deleted file mode 100644
index 4462e6a9a4..0000000000
--- a/roles/phabricator/templates/local.json.j2
+++ /dev/null
@@ -1,44 +0,0 @@
-{
-  "phabricator.base-uri" : "https:\/\/phab.{{ external_hostname }}\/",
-  "phabricator.allowed-uris": ["http:\/\/phab.{{ inventory_hostname }}\/"],
-  "log.ssh.path"  : "\/var\/log\/phabricator\/ssh.log",
-  "log.access.path" : "\/var\/log\/phabricator\/access.log",
-  "mysql.host" : "{{ mariadb_host }}",
-  "mysql.user" : "{{ mariadb_user }}",
-  "mysql.pass" : "{{ mariadb_password }}",
-  "log.access.path" : "/var/log/phabricator/access.log",
-  "log.ssh.path" : "/var/log/phabricator/ssh.log",
-  "phd.pid-directory" : "/var/run/phabricator/",
-  "phd.log-directory" : "/var/log/phabricator/",
-  "phd.user" : "{{ phabricator_daemon_user }}",
-  "pygments.enabled" : true,
-  "storage.local-disk.path" : "{{ phabricator_filedir }}",
-  "repository.default-local-path" : "{{ phabricator_repodir }}",
-  "environment.append-paths" : ["/usr/libexec/git-core/"],
-  "diffusion.ssh-user" : "{{ phabricator_vcs_user }}",
-  "diffusion.ssh-host" : "git.{{ external_hostname }}",
-  "ui.header-color" : "{{ phabricator_header_color }}",
-  "metamta.default-address" : "phabricator@{{ phabricator_mail_domain }}",
-  "metamta.domain" : "{{ phabricator_mail_domain }}",
-  "metamta.reply-handler-domain" : "{{ phabricator_mail_domain }}",
-  "metamta.mail-adapter" : "{{ "PhabricatorMailImplementationPHPMailerAdapter" if phabricator_mail_enabled else "PhabricatorMailImplementationTestAdapter"}}",
-  "phpmailer.smtp-host" : "bastion.fedoraproject.org",
-  "phpmailer.smtp-protocol" : "",
-  "phabricator.uninstalled-applications" : {
-        "PhabricatorApplicationPhame" : true,
-        "PhabricatorApplicationDiviner" : true,
-        "PhabricatorApplicationLegalpad" : true,
-        "PhabricatorApplicationDrydock" : true,
-        "PhabricatorApplicationHarbormaster" : true,
-        "PhabricatorApplicationOAuthServer" : true,
-        "PhabricatorApplicationPhortune" : true
-        },
-{% if deployment_type == "qadevel-prod"%}
-  "load-libraries":{}
-{% else %}
-  "load-libraries": {
-    "ipsilonoauth": "/var/www/phabricator-extension-ipsilonoauth/src"
-  }
-{% endif %}
-}
-
diff --git a/roles/phabricator/templates/phabricator-mariadb-dump.cron.j2 b/roles/phabricator/templates/phabricator-mariadb-dump.cron.j2
deleted file mode 100644
index 8c0837f9f4..0000000000
--- a/roles/phabricator/templates/phabricator-mariadb-dump.cron.j2
+++ /dev/null
@@ -1,2 +0,0 @@
-# backup phabricator related mysql databases
-0 2 * * * root mysql -u root -e "show databases" | grep -v Database | grep -v mysql| grep -v information_schema| grep -v test | grep -v OLD | grep {{ phabricator_db_prefix }} | tr '\n' ' ' | sed i\ 'mysqldump -u root --databases ' | tr '\n' ' ' | sed a\ ' >  {{ backup_dir }}/{{ phabricator_mysqldump_filename }}' | tr '\n' ' ' | sh
diff --git a/roles/phabricator/templates/phabricator-ssh-hook.sh.j2 b/roles/phabricator/templates/phabricator-ssh-hook.sh.j2
deleted file mode 100644
index 8fd4f7eb97..0000000000
--- a/roles/phabricator/templates/phabricator-ssh-hook.sh.j2
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/sh
-
-# NOTE: Replace this with the username that you expect users to connect with.
-VCSUSER="{{ phabricator_vcs_user }}"
-
-# NOTE: Replace this with the path to your Phabricator directory.
-ROOT="{{ phabroot }}/phabricator"
-
-if [ "$1" != "$VCSUSER" ];
-then
-exit 1
-fi
-
-exec "$ROOT/bin/ssh-auth" $@
diff --git a/roles/phabricator/templates/phabricator-sshd.conf.j2 b/roles/phabricator/templates/phabricator-sshd.conf.j2
deleted file mode 100644
index cdbf827ba5..0000000000
--- a/roles/phabricator/templates/phabricator-sshd.conf.j2
+++ /dev/null
@@ -1,21 +0,0 @@
-# NOTE: You must have OpenSSHD 6.2 or newer; support for AuthorizedKeysCommand
-# was added in this version.
-
-# NOTE: Edit these to the correct values for your setup.
-
-AuthorizedKeysCommand /etc/phabricator-ssh-hook.sh
-AuthorizedKeysCommandUser {{ phabricator_vcs_user }}
-
-# You may need to tweak these options, but mostly they just turn off everything
-# dangerous.
-
-Protocol 2
-PermitRootLogin no
-AllowAgentForwarding no
-AllowTcpForwarding no
-PrintMotd no
-PrintLastLog no
-PasswordAuthentication no
-AuthorizedKeysFile none
-
-PidFile /var/run/sshd-phabricator.pid
diff --git a/roles/phabricator/templates/phabricator-sshd.service.j2 b/roles/phabricator/templates/phabricator-sshd.service.j2
deleted file mode 100644
index 66bc84d9d1..0000000000
--- a/roles/phabricator/templates/phabricator-sshd.service.j2
+++ /dev/null
@@ -1,12 +0,0 @@
-[Unit]
-Description=OpenSSH server daemon for Phabricator
-After=syslog.target network.target auditd.service
-
-[Service]
-ExecStartPre=/usr/sbin/sshd-keygen
-ExecStart=/usr/sbin/sshd -f /etc/ssh/phabricator-sshd.conf -D $OPTIONS
-ExecReload=/bin/kill -HUP $MAINPID
-KillMode=process
-
-[Install]
-WantedBy=multi-user.target
diff --git a/roles/phabricator/templates/phabricator-sshd.socket.j2 b/roles/phabricator/templates/phabricator-sshd.socket.j2
deleted file mode 100644
index 94b9533180..0000000000
--- a/roles/phabricator/templates/phabricator-sshd.socket.j2
+++ /dev/null
@@ -1,10 +0,0 @@
-[Unit]
-Description=OpenSSH Server Socket
-Conflicts=sshd.service
-
-[Socket]
-ListenStream=22
-Accept=yes
-
-[Install]
-WantedBy=sockets.target
diff --git a/roles/phabricator/templates/phabricator.conf.j2 b/roles/phabricator/templates/phabricator.conf.j2
deleted file mode 100644
index 5a0ca45c92..0000000000
--- a/roles/phabricator/templates/phabricator.conf.j2
+++ /dev/null
@@ -1,26 +0,0 @@
-<VirtualHost *:80>
-  # Change this to the domain which points to your host.
-  ServerName phab.{{external_hostname}}
-  ServerAlias phab.{{inventory_hostname}}
-
-  # Make sure you include "/webroot" at the end!
-  DocumentRoot {{phabroot}}/phabricator/webroot
-
-  RewriteEngine on
-  RewriteRule ^/rsrc/(.*)     -                       [L,QSA]
-  RewriteRule ^/favicon.ico   -                       [L,QSA]
-  RewriteRule ^(.*)$          /index.php?__path__=$1  [B,L,QSA]
-</VirtualHost>
-
-<Directory "{{ phabroot }}/phabricator/webroot">
-  AllowOverride None
-  #Require all granted
-  <IfModule mod_authz_core.c>
-      # Apache 2.4
-      Require all granted
-  </IfModule>
-  <IfModule !mod_auth_core.c>
-      Order allow,deny
-      Allow from all
-  </IfModule>
-</Directory>
diff --git a/roles/phabricator/templates/phd.service.j2 b/roles/phabricator/templates/phd.service.j2
deleted file mode 100644
index e797720653..0000000000
--- a/roles/phabricator/templates/phd.service.j2
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=Phabricator Daemons
-After=httpd.service
-
-[Service]
-Type=forking
-ExecStart={{ phabroot }}/phabricator/bin/phd start
-ExecStop={{ phabroot }}/phabricator/bin/phd stop
-ExecRestart={{ phabroot}}/phabricator/bin/phd restart
-User={{ phabricator_daemon_user }}
-Group={{ phabricator_daemon_user }}
diff --git a/roles/taskotron/taskotron-trigger/templates/trigger_rules.yml.j2.dev b/roles/taskotron/taskotron-trigger/templates/trigger_rules.yml.j2.dev
index c7fdd48442..27567fc9b5 100644
--- a/roles/taskotron/taskotron-trigger/templates/trigger_rules.yml.j2.dev
+++ b/roles/taskotron/taskotron-trigger/templates/trigger_rules.yml.j2.dev
@@ -2,3 +2,10 @@
 - when: {message_type: KojiBuildPackageCompleted}
   do:
     - {tasks: [rpmlint, rpmgrill]}
+
+- when:
+    message_type: KojiBuildPackageCompleted
+    name:
+      $nin: [{{ trigger_abicheck_blacklist | join(',') }}]
+  do:
+    - {tasks: [abicheck]}
diff --git a/scripts/vhost-info b/scripts/vhost-info
index 9c953e1dca..740aad5233 100755
--- a/scripts/vhost-info
+++ b/scripts/vhost-info
@@ -71,6 +71,8 @@ loader = DataLoader()
 inv = InventoryManager(loader=loader, sources=opts.host_file)
 variable_manager = VariableManager(loader=loader, inventory=inv)
 
+unpatched_spectre = loader.load_from_file('/srv/private/ansible/vars.yml')['non_spectre_patched']
+
 # create play with tasks
 play_source =  dict(
         name = "vhost-info",
@@ -99,5 +101,8 @@ finally:
 for vhostname in sorted(cb.mem_per_host):
     freemem = cb.mem_per_host[vhostname] - cb.mem_used_in_vm[vhostname]
     freecpu = cb.cpu_per_host[vhostname] - cb.cpu_used_in_vm[vhostname]
-    print '%s:\t%s/%s mem(unused/total)\t%s/%s cpus(unused/total)' % (
-        vhostname, freemem, cb.mem_per_host[vhostname], freecpu, cb.cpu_per_host[vhostname])
+    insecure = ''
+    if vhostname in unpatched_spectre:
+        insecure = ' (NOT PATCHED FOR SPECTRE)'
+    print '%s:\t%s/%s mem(unused/total)\t%s/%s cpus(unused/total) %s' % (
+        vhostname, freemem, cb.mem_per_host[vhostname], freecpu, cb.cpu_per_host[vhostname], insecure)