API tools faq
paste
Advertisement
r00m

php fpm

r00m
Jan 29th, 2015
236
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 4.13 KB | None | 0 0
raw download clone embed print report diff
  1. Setting up Apache with PHP-FPM, per-vhost pools, UIDs and chroots
  2. --------
  3.  
  4. # Install apache
  5. cd /usr/ports/www/apache22
  6. make install clean
  7. # Enable SUExec
  8. # Add apache22_enable="YES" to /etc/rc.conf and start it up
  9. service apache22 start
  10.  
  11. # Install PHP-fpm
  12. cd /usr/ports/lang/php5
  13. make install clean
  14. # Do NOT build the apache module.
  15. # DO build the FPM verison
  16. # Building the CGI and CLI versions is fine as well
  17. # I add the mailhead patch too
  18.  
  19. # Install the PHP extensions
  20. cd /usr/ports/lang/php5-extensions
  21. make install clean
  22.  
  23. # Add php_fpm_enable="YES" to /etc/rc.conf and start it up
  24. service php-fpm start
  25.  
  26. # install fastcgi
  27. cd /usr/ports/www/mod_fastcgi/
  28. make install clean
  29.  
  30. # edit httpd.conf, inserting:
  31. LoadModule fastcgi_module     libexec/apache22/mod_fastcgi.so
  32. LoadModule suexec_module        libexec/apache22/mod_suexec.so
  33. # and setting:
  34. ServerAdmin webaster@internal.org
  35. ServerName server_ip_address_or_working_hostname
  36. # And uncomment the Include directives that make sense for me
  37. # And appending:
  38. NameVirtualHost *:80
  39. Include etc/apache22/Includes/*.conf
  40.  
  41. #and comment out this block:
  42. #<Directory />
  43. #    AllowOverride None
  44. #    Order deny,allow
  45. #    Deny from all
  46. #</Directory>
  47.  
  48. # I like to keep each vhosts configuration in its own file,
  49. # in a "vhosts/" directory, so I append:
  50. Include etc/apache22/vhosts/*.conf
  51. # and
  52. mkdir vhosts disabled-vhosts
  53.  
  54. # Now restart and see if that works
  55. service apache22 restart
  56.  
  57. # You may get a warning like "NameVirtualHost *:80 has no
  58. # VirtualHosts" because we haven't added any yet.  Nothing to
  59. # worry about
  60.  
  61. # Next create a Includes/php-fpm.conf for global fpm configs.  
  62. # Mine looks like:
  63.  
  64. FastCgiIpcDir /usr/local/etc/php-fpm/
  65. FastCgiConfig -autoUpdate -singleThreshold 100 -killInterval 300 -idle-timeout 240 -maxClassProcesses 1 -pass-header HTTP_AUTHORIZATION
  66. FastCgiWrapper /usr/local/sbin/suexec
  67.  
  68. <FilesMatch \.php$>
  69.     SetHandler php5-fcgi
  70. </FilesMatch>
  71.  
  72. Action php5-fcgi /fcgi-bin
  73.  
  74. <Directory /usr/local/sbin>
  75. Options ExecCGI FollowSymLinks
  76. SetHandler fastcgi-script
  77. Order allow,deny
  78. Allow from all
  79. </Directory>
  80.  
  81. # See if apache like that:
  82. service apache22 restart
  83.  
  84. # now FPM needs some configuration.  
  85. # Create a dir to store per-vhost fpm configs:
  86. mkdir /usr/local/etc/fpm.d
  87.  
  88. # Then edit the global php-fpm.conf, uncommenting:
  89.  
  90. include=etc/fpm.d/*.conf
  91. # switching the listen statement from a tcp port to:
  92. listen = /tmp/php-fpm.sock
  93. # changing the pm to:
  94. pm = ondemand
  95.  
  96.  
  97. # Now lets create a vhost.  Given a site named "example.com"
  98. # owned by user "luser", here's my template:
  99. EOF<<
  100. <VirtualHost *:80>
  101.     ServerName      www.example.com
  102.     DocumentRoot    /home/luser/example.com/htdocs
  103.     SuexecUserGroup luser luser
  104.     ServerAlias     example.com
  105.     ErrorLog        /home/luser/example.com/logs/example.com.error_log
  106.     CustomLog       /home/luser/example.com/logs/example.com.access_log combined
  107.    
  108.     <Directory /home/luser/example.com/htdocs">
  109.         Order allow,deny
  110.         Allow from all
  111.         Options +Indexes +FollowSymLinks +ExecCGI +Includes +MultiViews
  112.         AllowOverride All
  113.     </Directory>
  114.    
  115.     FastCgiExternalServer /tmp/fpm-example.com -socket /tmp/php-fpm-example.com.sock -user luser -group luser
  116.     Alias /fcgi-bin /tmp/fpm-example.com
  117.     <Location /fcgi-bin>
  118.         Options +ExecCGI
  119.         Order allow,deny
  120.         Allow from all
  121.     </Location>
  122.    
  123.     Alias   /stats  /home/luser/example.com/stats
  124.     <Directory /home/luser/example.com/stats>
  125.         Order allow,deny        
  126.         Allow from all        
  127.     </Directory>
  128. </VirtualHost>
  129. EOF;
  130.  
  131. # create the FPM pool config:
  132. EOF<<
  133. [example.com]
  134. user = luser
  135. group = luser
  136. listen = /tmp/php-fpm-example.com.sock
  137. chroot = /home/luser
  138. pm = ondemand
  139. pm.max_children = 50
  140. pm.status_path = /fpm-status
  141. php_admin_value[doc_root] = /example.com/htdocs
  142. php_admin_value[cgi.fix_pathinfo] = 0
  143. php_admin_value[sendmail_path] = /bin/mini_sendmail -t
  144. EOF
  145.  
  146. # Living with in chroot
  147. # Install mini_sendmail
  148. cd /usr/ports/mail/mini_sendmail
  149. make install clean
  150.  
  151. # create a chroot environment for the vhost
  152. mkdir ~luser/tmp ~luser/bin
  153. ln /tmp/mysql.sock ~luser/tmp/
  154. cp /rescue/sh ~luser/bin/sh
  155. ln /usr/local/bin/mini_sendmail ~luser/bin/mini_sendmail
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!