Learn about Centmin Mod LEMP Stack today
Register Now

PHP-FPM How to create per Nginx vhost, php.ini settings

Discussion in 'Centmin Mod Insights' started by eva2000, Apr 27, 2017.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    53,531
    12,134
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,677
    Local Time:
    11:12 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    To have per nginx vhost php.ini custom settings, you need to setup a separate php-fpm pool for that specific web host's nginx vhost

    1. enable multiple php-fpm support by editing /usr/local/etc/php-fpm.conf and uncommenting the line below removing the semi-colon
    Code (Text):
    ;include=/usr/local/nginx/conf/phpfpmd/*.conf
    

    to become
    Code (Text):
    include=/usr/local/nginx/conf/phpfpmd/*.conf
    


    2. make use of the 5th pre-existing phpfpm_pool5.conf within /usr/local/nginx/conf/phpfpmd/ directory at /usr/local/nginx/conf/phpfpmd/phpfpm_pool5.conf

    it's contents shows this 5th pool is named pool5 and listens on TCP 9005 port with predefined php_admin_value[error_log] = /var/log/php-fpm/www-php.error-pool5.log error log location


    Code (Text):
    [pool5]
    user = nginx
    group = nginx
    
    listen = 127.0.0.1:9005
    listen.allowed_clients = 127.0.0.1
    listen.backlog = 65535
    
    ;listen = /tmp/php5-fpm-pool5.sock
    listen.owner = nginx
    listen.group = nginx
    listen.mode = 0660
    
    pm = ondemand
    pm.max_children = 4
    ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
    pm.start_servers = 4
    pm.min_spare_servers = 2
    pm.max_spare_servers = 6
    pm.max_requests = 1000
    
    ; PHP 5.3.9 setting
    ; The number of seconds after which an idle process will be killed.
    ; Note: Used only when pm is set to 'ondemand'
    ; Default Value: 10s
    pm.process_idle_timeout = 10s;
    
    rlimit_files = 65536
    rlimit_core = 0
    
    ; The timeout for serving a single request after which the worker process will
    ; be killed. This option should be used when the 'max_execution_time' ini option
    ; does not stop script execution for some reason. A value of '0' means 'off'.
    ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
    ; Default Value: 0
    ;request_terminate_timeout = 0
    ; Default Value: 0
    ;request_slowlog_timeout = 0
    slowlog = /var/log/php-fpm/www-slow-pool5.log
    
    pm.status_path = /phpstatus-pool5
    ping.path = /phpping-pool5
    ping.response = pong
    
    ; Limits the extensions of the main script FPM will allow to parse. This can
    ; prevent configuration mistakes on the web server side. You should only limit
    ; FPM to .php extensions to prevent malicious users to use other extensions to
    ; exectute php code.
    ; Note: set an empty value to allow all extensions.
    ; Default Value: .php
    security.limit_extensions = .php .php3 .php4 .php5
    
    ; catch_workers_output = yes
    php_admin_value[error_log] = /var/log/php-fpm/www-php.error-pool5.log
    php_admin_value[disable_functions] = shell_exec
    

    notice that certain settings have their own unique filename with suffix of the pool number i.e. = 5. If you want to replicate this for other sites, you will need to make copies of /usr/local/nginx/conf/phpfpmd/phpfpm_pool5.conf i.e. /usr/local/nginx/conf/phpfpmd/phpfpm_pool6.conf and so on and increment the suffix i.e. to 6 and increase listen port by 1 so 127.0.0.1:9006 for 6th pool etc
    Code (Text):
    [pool5]
    listen = 127.0.0.1:9005
    
    ;listen = /tmp/php5-fpm-pool5.sock
    
    slowlog = /var/log/php-fpm/www-slow-pool5.log
    
    pm.status_path = /phpstatus-pool5
    ping.path = /phpping-pool5
    
    php_admin_value[error_log] = /var/log/php-fpm/www-php.error-pool5.log
    


    3. make a copy of global default php include file which exists in all nginx vhost config files /usr/local/nginx/conf/php.conf and name that copy /usr/local/nginx/conf/phpcustom-yourdomain.com.conf and then in yourdomain.com.conf nginx vhost and/or yourdomain.com.ssl.conf replace the include like for php.conf with one of phpcustom-yourdomain.conf
    Code (Text):
    cp /usr/local/nginx/conf/php.conf /usr/local/nginx/conf/phpcustom-yourdomain.conf
    

    Code (Text):
    #include /usr/local/nginx/conf/php.conf;
    include /usr/local/nginx/conf/phpcustom-yourdomain.conf;
    


    4. then edit /usr/local/nginx/conf/phpcustom-yourdomain.conf and

    change these 2 lines from
    Code (Text):
        fastcgi_pass   127.0.0.1:9000;
        #fastcgi_pass   unix:/tmp/php5-fpm.sock;
    

    to the corresponding ones in /usr/local/nginx/conf/phpfpmd/phpfpm_pool5.conf
    Code (Text):
        fastcgi_pass   127.0.0.1:9005;
        #fastcgi_pass   unix:/tmp/php5-fpm-pool5.sock;
    


    5. now to add your custom php.ini settings specific to just yourdomain.com site you need to use the php_admin_value method within /usr/local/nginx/conf/phpfpmd/phpfpm_pool5.conf. There is already 2 existing examples of customising php.ini settings in the file at
    Code (Text):
    php_admin_value[error_log] = /var/log/php-fpm/www-php.error-pool5.log
    php_admin_value[disable_functions] = shell_exec
    

    So if you want to enable for yourdomain.com only auto_preappend_file php setting PHP: Description of core php.ini directives - Manual
    Code (Text):
    php_admin_value[error_log] = /var/log/php-fpm/www-php.error-pool5.log
    php_admin_value[disable_functions] = shell_exec
    php_admin_value[auto_append_file] = filename
    


    6. Restart Nginx + PHP-FPM
    Code (Text):
    nprestart
    


    Summary

    End result is yourdomain.com nginx vhosts will reference new php include file
    Code (Text):
    include /usr/local/nginx/conf/phpcustom-yourdomain.conf;
    

    which tells you to use fastcgi_pass 127.0.0.1:9005
    Code (Text):
        fastcgi_pass   127.0.0.1:9005;
        #fastcgi_pass   unix:/tmp/php5-fpm-pool5.sock;
    

    and 127.0.0.1:9005 php-fpm pool is controlled by /usr/local/nginx/conf/phpfpmd/phpfpm_pool5.conf which has your custom php.ini settings added via php_admin_value
     
Thread Status:
Not open for further replies.