Skip to navigation
Nginx with php fpm
23.03.20
nginx with php fpm Michael Kaufmann edited this page on Mar 29, 2017 ยท 1 revision 1. Introducion With PHP 5.3.3 a new PHP SAPI handler was added to PHP. Its called PHP-FPM (FastCGI Process Manager). PHP-FPM is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites. More Infos can be found here: http://php-fpm.org/ http://www.php.net/manual/install.fpm.php Pros: Fast + Secure. No permission problems between the FTP- and Webserver-users Cons: More difficult to setup. I assume that you have Froxlor already running and the database set up. 2. Setting up the environment First of all you should install all needed packages. apt-get install libnss-mysql-bg nscd php5-fpm 3. Setting up username <-> user ID mappings You should ensure that the Froxlor cronjob isn't executed while you set up fastcgi. This could produce unwanted results! /etc/init.d/cron stop In order to have php-fpm work as intended you need real usernames since php-fpm cannot work with the virtual user IDs Froxlor uses by default. We must get 'libnss-mysql' to read usernames from MySQL. The FTP table in the Froxlor database provides us with every information we need. To avoid any bottlenecks that might happen with big directories we install the name service caching daemon 'nscd'. Now copy and paste the actual configuration files from the Froxlor panel (Configuration -> Debian Wheezy -> Others -> libnss) and apply them to your file system. You'll need the to create or update the following files: /etc/libnss-mysql.cfg /etc/libnss-mysql-root.cfg /etc/nsswitch.conf Make sure that only root can read those configuration files since they include your Froxlor database password! chmod 600 /etc/libnss-mysql-root.cfg /etc/libnss-mysql.cfg Restard nscd now /etc/init.d/nscd restart Now it should already work. To find out if it really works just go to a directory that was created by Froxlor and check if the user ID got replaced by the username. ls -al /var/customers/webs/ This should produce a result like: drwxr-xr-x 3 web1 web1 4096 2008-06-13 17:18 web1 drwxr-xr-x 8 web2 web2 4096 2009-01-02 17:40 web2 drwxr-xr-x 10 web3 web3 4096 2009-01-25 13:33 web3 If you don't see a result like this or just the virtual user IDs, re-check your configuration and whether these users really exist using the getent passwd command. If nscd isn't working properly you cannot continue with the next steps. 4. Enable PHP-FPM in Froxlor You must now instruct Froxlor to create the FPM configuration and to add related directives to Nginx's VirtualHost configurations. In order to use FPM you need to create a user froxlorlocal and a group of the same name: addgroup --gid 9999 froxlorlocal adduser --no-create-home --uid 9999 --ingroup froxlorlocal --shell /bin/false --disabled-password --gecos '' froxlorlocal Make sure that the user nginx runs as (e.g. www-data) is in the group froxlorlocal. adduser www-data froxlorlocal Now activate the PHP-FPM option in the Settings section on the Froxlor admin web panel and hit save. When you load the settings overview page (compact overview) again, you'll see a new link to configure PHP-FPM. Make sure the checkbox for Enable php-fpm and Enable PHP-FPM for the Froxlor vHost are checked Local user to use for PHP-FPM (Froxlor vHost) and Local group to use for PHP-FPM (Froxlor vHost) should be froxlorlocal Click it, then set the configuration directory of php-fpm - this is where Froxlor stores the PHP-FPM configuration. The default value of /etc/php5-fpm will not work on Debian (unless you make further customizations), so use this instead: /etc/php5/fpm/pool.d Adjust the command to start on of php5-fpm: (by default there is only "/etc/init.d/php-fpm restart" - without 5) /etc/init.d/php5-fpm restart Check whether the temporary directory is correct and check "Use PHP-FPM in Froxlor Vhost". In /etc/init.d/php5-fpm, edit the line starting # Required-Start to look like this: # Required-Start: $remote_fs $network mysql nscd Finally, in /etc/init.d/nscd, edit the line starting # Required-Start to look like this: # Required-Start: $remote_fs $network mysql this ensures it is started later than mysql and nscd. This is essential to receive the correct UID/GUI to start php5-fpm! If there are any problems with this during boot (check /var/log/boot). 5. Final Steps Log in to Froxlor and click on ''Rebuild Configuration Files''. Run Froxlor's global cron job once to immediately produce fastcgi configurations for all VirtualHosts: /usr/bin/php5 /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug Start the system cron demon again. /etc/init.d/cron start If you have set up all correctly it should be now possible to open the customer domains in your browser. If there are a php-fpm master process and some php-fpm pools it should be working fine. You can also check that by running phpinfo(); from a file within a customer domain.
https://github.com/Froxlor/Froxlor/wiki/nginx-with-php-fpm
Reply
Anonymous
Information Epoch 1585541214
You can always add complexity.
Home
Notebook
Search Engine
Contact us
