SME9 Php-Fpm
copied from; https://wiki.koozali.org/Php-fpm
* | Warning: |
This page is for SME v9 and is now deprecated and for reference only.
v10 uses systemd. See https://wiki.koozali.org/PHP if you search to write your own contrib using php-fpm follow Building_Your_Contrib#PHP-FPM |
Contents
Maintainer
Version
* | Warning: |
DO NOT USE ON v10.
SME v9 is no longer supported. v10 has php-fpm built in.
Please refer to this page for more information. |
{{#smeversion: smeserver-php-fpm }}
Description
This contribs allow you to run php-fpm for php version from 5.6 to 7.3 on CentOS 6 (SME9). This contrib will likely not be needed directly for your own usage, unless you know what you want to do with it, but rather called by another contribs needing a specific version of php running.
Installation
yum --enablerepo=smecontribs install {{#var:smecontribname}}
you then need to issue the usual<syntaxhighlight lang="bash"> signal-event post-upgrade; signal-event reboot </syntaxhighlight>
or you can do <syntaxhighlight lang="bash"> signal-event webapps-update service php-fpm start service php56-php-fpm start service php70-php-fpm start service php71-php-fpm start service php72-php-fpm start service php73-php-fpm start
</syntaxhighlight>
Configuration
you can list the available configuration with the following command :<syntaxhighlight lang="bash"> config show php-fpm config show php56-php-fpm config show php70-php-fpm config show php71-php-fpm config show php72-php-fpm config show php73-php-fpm
</syntaxhighlight>
Some of the properties are not shown, but are defaulted in a template or a script. You can set those values for the php-fpm version you want, or you can set it against a particular share folder. Empty or missing property in the db means default value is used.
Here a more comprehensive list with default and expected values :
property | default | values |
---|---|---|
status | enabled | enabled,disabled |
MemoryLimit | 128M | |
MaxExecutionTime | 30 | |
MaxInputTime | 60 | |
AllowUrlFopen | off | |
MaxChildren | 15 | |
PostMaxSize | 10M | |
UploadMaxFilesize | 10M | |
OpenBasedir | ||
DisableFunctions | system,show_source, symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd |
<syntaxhighlight lang="bash"> config setprop php72-phpfpm PHPMemoryLimit 256M signal-event webapps-update </syntaxhighlight>more values specifics for shares:
property | default | values | information |
---|---|---|---|
PHPVersion | 56,70,71,72,73 | should be set one value | |
PHPCustomPool | string | use of a custom pool defined elsewhere, see use my own pool section. Keep it empty to use the share specific pool. | |
DynamicContent | disabled | enabled,disabled | need to be enabled |
<syntaxhighlight lang="bash"> db accounts setprop SHARENAME PHPVersion 72 PHPMemoryLimit 256M signal-event webapps-update </syntaxhighlight>
For contribs creators
you can either call an existing php-pool or create your own one. As an example you can check smeserver-nextcloud. The following template will make a dedicated php 7.1 pool with php setting adapted for Nextcloud.
vim /etc/e-smith/templates/etc/php-fpm.d/www.conf/15Nextcloud
{ if ($PHP_VERSION eq '71'){ if (($nextcloud{'status'} || 'disabled') eq 'enabled'){ my $max_upload_size = ($nextcloud{MaxUploadSize} || '4096'); $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/); my $memory_limit = ($nextcloud{MemoryLimit} || '512M'); $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/); my $id = 'nextcloud'; $OUT .=<<_EOF; [php$PHP_VERSION-$id] user = www group = www listen.owner = root listen.group = www listen.mode = 0660 listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock pm = dynamic pm.max_children = 15 pm.start_servers = 3 pm.min_spare_servers = 3 pm.max_spare_servers = 4 pm.max_requests = 1000 php_admin_value[session.save_path] = /var/lib/php/$id/session php_admin_value[session.gc_maxlifetime] = 86400 php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp php_admin_value[error_log] = /var/log/php/$id/error.log slowlog = /var/log/php/nextcloud/slow.log php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName } php_admin_flag[display_errors] = off php_admin_flag[log_errors] = on php_admin_value[error_log] = syslog php_admin_value[memory_limit] = $memory_limit php_admin_value[max_execution_time] = 3600 php_admin_value[post_max_size] = $max_upload_size php_admin_value[upload_max_filesize] = $max_upload_size php_admin_value[disable_functions] = system, show_source, symlink, exec, nextcloud, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd php_admin_value[open_basedir] = /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo php_admin_flag[allow_url_fopen] = on php_admin_flag[file_upload] = on php_admin_flag[session.cookie_httponly] = on php_admin_flag[allow_url_include] = off php_admin_value[session.save_hannextclouder] = files php_admin_flag[output_buffering] = off _EOF } else{ $OUT .= '; Nextcloud is disabled'; } }
you will also need two httpd.conf template fragment:
vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig15nextcloud
{ if ($fastcgi_mod eq 'mod_fastcgi'){ $OUT .=<<_EOF; Action phpnextcloud-fastcgi /php-cgi-bin/phpnextcloud-wrapper Alias /php-cgi-bin/phpnextcloud-wrapper /var/www/php-cgi-bin/phpnextcloud-wrapper FastCgiExternalServer /var/www/php-cgi-bin/phpnextcloud-wrapper -socket /var/run/php-fpm/php71-nextcloud.sock -pass-header Authorization -idle-timeout 120 _EOF } }
vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/98nextcloud
{ my $access = $nextcloud{'access'} || 'private'; my $allow = ($access eq 'public')?'all':"$localAccess $externalSSLAccess"; my $authtype = $nextcloud{'Authentication'} || 'none'; my $alias = (($nextcloud{'AliasOnPrimary'} || 'enabled') eq 'enabled') ? 'Alias /nextcloud /usr/share/nextcloud' : ; my $maxupload = $nextcloud{'MaxUploadSize'} || '1024'; my $maxpost = $maxupload+1; $maxupload .= 'M'; $maxpost .= 'M'; my $auth = ; if ($authtype eq 'http'){ $auth =<<'EOF'; <FilesMatch "^(admin|rest)\.php"> SSLRequireSSL on AuthName "nextcloud" AuthType Basic AuthBasicProvider external AuthExternal pwauth Require valid-user </FilesMatch> EOF } if ($nextcloud{'status'} eq 'enabled'){ my $php =<<_EOF; AddType application/x-httpd-php .php php_admin_flag file_upload On php_admin_flag magic_quotes Off php_admin_flag magic_quotes_gpc Off php_admin_value upload_max_filesize $maxupload php_admin_value post_max_size $maxpost php_admin_value memory_limit 512M php_admin_flag output_buffering Off php_admin_value max_execution_time 0 php_admin_value upload_tmp_dir /var/lib/nextcloud/tmp php_admin_value session.save_path /var/lib/nextcloud/tmp php_admin_value session.gc_maxlifetime 86400 php_admin_value open_basedir /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo _EOF if ($fastcgi_mod eq 'mod_fastcgi'){ $php = " AddHandler phpnextcloud-fastcgi .php\n"; } elsif ($fascgi_mod eq 'mod_proxy_fcgi'){ $php =<<'_EOF'; <FilesMatch \.php$> SetHandler "proxy:unix:/var/run/php-fpm/php71-nextcloud.sock|fcgi://localhost" </FilesMatch> _EOF } my $config =<<_EOF; <Directory "/usr/share/nextcloud"> Options +FollowSymLinks AllowOverride All $php order deny,allow deny from all allow from $allow $auth <IfModule mod_dav.c> Dav off </IfModule> SetEnv HOME /usr/share/nextcloud SetEnv HTTP_HOME /usr/share/nextcloud SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=\$1 </Directory> <Directory "/home/e-smith/files/nextcloud/data/"> # just in case if .htaccess gets disabled deny from all </Directory> _EOF $OUT .=<<"END" # nextcloud Configuration <IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15552000" </IfModule> $alias $config Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav END } else{ $OUT .= "# nextcloud is disabled\n"; } }
Of course you will need to process both httpd.conf, php-fpm specific version and restart both httpd-e-smith and the php-fpm version you use.
You will also need specific code to create the destination directories for php usage : see /etc/e-smith/events/actions/php-pool-dirs from this contrib
* | Warning: |
On initial installation, smeserver-php-fpm does not start php pools and signal-event webapps-update does only a reload which will not start stopped services.
So pay attention you need to start if not already started on initial install. |
Create and use my own pool
using the default template : /etc/e-smith/templates/etc/php-fpm.d/custom.conf , you can set your own pool doing: db php set MYPOOLNAME pool Version 72 status enabled here are the accepted supplementary properties, as always missing or empty means using default.
property | default | values | information |
---|---|---|---|
status | enabled | enabled,disabled | |
MemoryLimit | 128M | ||
MaxExecutionTime | 30 | ||
MaxInputTime | 60 | ||
AllowUrlFopen | off | ||
MaxChildren | 15 | ||
PostMaxSize | 10M | ||
UploadMaxFilesize | 10M | ||
file_upload | enabled | ||
OpenBasedir | |||
DisabledFunctions | system,show_source,symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd | ||
User | www | ||
Group | www | ||
DisplayErrors | disabled | ||
LogErrors | disabled |
you will then need two httpd.conf custom template fragment to use your pool. You will need to change MYPOOL to what you want
mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/ vim /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/98mypoolusage </syntaxhighlight><syntaxhighlight lang="perl"> <Directory /home/e-smith/files/ibays/test/html> SSLRequireSSL Options None Options +Indexes Options +FollowSymLinks DirectoryIndex index.php index.shtml index.htm index.html AddHandler phpMYPOOL-fastcgi .php AllowOverride All order deny,allow deny from all allow from all </Directory>
then just do signal-event webapps-update
Uninstall
yum remove {{#var:smecontribname}} {{#var:contribname}}
Bugs
Please raise bugs under the SME-Contribs section in bugzilla and select the {{#var:smecontribname}} component or use Template:BugzillaFileBug
Below is an overview of the current issues for this contrib:{{#bugzilla:columns=id,product,version,status,summary|sort=id|order=desc|component={{#var:smecontribname}} |noresultsmessage=No open bugs found.}}
Changelog
Only released version in smecontrib are listed here.
{{#smechangelog: {{#var:smecontribname}} }}