Difference between revisions of "Php-fpm"

From SME Server
Jump to navigationJump to search
Line 27: Line 27:
  
 
=== Description ===
 
=== Description ===
This contribs allow you to run php-fpm for php version from 5.5 to 7.3 on CentOS 6 (SME9). This contrib will likely not be needed directly for your own usage, unless you know what you want to do with it, but rather called by another contribs needing a specific version of php running.
+
This contribs allow you to run php-fpm for php version from 5.6 to 7.3 on CentOS 6 (SME9). This contrib will likely not be needed directly for your own usage, unless you know what you want to do with it, but rather called by another contribs needing a specific version of php running.
  
  
Line 33: Line 33:
 
  yum --enablerepo=smecontribs install {{#var:smecontribname}}
 
  yum --enablerepo=smecontribs install {{#var:smecontribname}}
  
 +
you then need to issue the usual<syntaxhighlight lang="bash">
 +
signal-event post-upgrade; signal-event reboot
 +
</syntaxhighlight>
 +
 +
or you can do <syntaxhighlight lang="bash">
 +
signal-event webapps-update
 +
service php-fpm start
 +
service php-56 start
 +
service php-70 start
 +
service php-71 start
 +
service php-72 start
 +
service php-73 start
 +
 +
</syntaxhighlight>
  
 
=== Configuration ===
 
=== Configuration ===
you can list the available configuration with the followinf command :
+
you can list the available configuration with the following command :<syntaxhighlight lang="bash">
config show {{#var:contribname}}
+
config show php-fpm
 +
config show php56-php-fpm
 +
config show php70-php-fpm
 +
config show php71-php-fpm
 +
config show php72-php-fpm
 +
config show php73-php-fpm
 +
 
 +
</syntaxhighlight>
 +
 
 +
Some of the properties are not shown, but are defaulted in a template or a script. You can set those values for the '''php-fpm version''' you want, or you can set it against a particular  '''share folder'''. Empty or missing property in the db means default value is used.
  
Some of the properties are not shown, but are defaulted in a template or a script. Here a more comprehensive list with default and expected values :
+
Here a more comprehensive list with default and expected values :
 
{| class="wikitable"
 
{| class="wikitable"
 
!property
 
!property
 
!default
 
!default
 
!values
 
!values
!
 
 
|-
 
|-
|DbName
+
|status
|nextcloud
+
|enabled
|string
+
|enabled,disabled
|for mysql db
+
|-
 +
|MemoryLimit
 +
|128M
 +
|
 +
|-
 +
|MaxExecutionTime
 +
|30
 +
|
 +
|-
 +
|MaxInputTime
 +
|60
 +
|
 +
|-
 +
|AllowUrlFopen
 +
|off
 +
|
 +
|-
 +
|MaxChildren
 +
|15
 +
|
 +
|-
 +
|PostMaxSize
 +
|10M
 +
|
 +
|-
 +
|UploadMaxFilesize
 +
|10M
 +
|
 +
|-
 +
|OpenBasedir
 +
|
 +
|
 +
|-
 +
|DisableFunctions
 +
|system,show_source, symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd
 +
|
 +
|}
 +
<syntaxhighlight lang="bash">
 +
config setprop php72-phpfpm  PHPMemoryLimit 256M
 +
signal-event webapps-update
 +
</syntaxhighlight>more values specifics for shares:
 +
{| class="wikitable"
 +
!property
 +
!default
 +
!values
 +
!information
 
|-
 
|-
|DbPassword
+
|PHPVersion
|GENERATED
+
|
|string
+
|56,70,71,72,73
|for mysql db
+
|should be set one value
 
|-
 
|-
|DbUser
+
|PHPCustomPool
|nextcloud
+
|
 
|string
 
|string
|for mysql db
+
|use of a custom pool defined elsewhere, see use my own pool section. Keep it empty to use the share specific pool.
 
|-
 
|-
|access
+
|DynamicContent
|private
+
|disabled
|private, public
+
|enabled,disabled
|
+
|need to be enabled
 +
|}
 +
<syntaxhighlight lang="bash">
 +
db accounts setprop SHARENAME PHPVersion 72 PHPMemoryLimit 256M
 +
signal-event webapps-update
 +
</syntaxhighlight>
 +
 
 +
=== For contribs creators ===
 +
you can either call an existing php-pool or create your own one. As an example you can check smeserver-nextcloud. The following template will make a dedicated php 7.1 pool with php setting adapted for Nextcloud.
 +
 
 +
vim /etc/e-smith/templates/etc/php-fpm.d/www.conf/15Nextcloud<syntaxhighlight lang="perl">
 +
{
 +
 
 +
if ($PHP_VERSION eq '71'){
 +
  if (($nextcloud{'status'} || 'disabled') eq 'enabled'){
 +
    my $max_upload_size = ($nextcloud{MaxUploadSize} || '4096');
 +
    $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
 +
    my $memory_limit = ($nextcloud{MemoryLimit} || '512M');
 +
    $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
 +
    my $id = 'nextcloud';
 +
    $OUT .=<<_EOF;
 +
 
 +
[php$PHP_VERSION-$id]
 +
user = www
 +
group = www
 +
listen.owner = root
 +
listen.group = www
 +
listen.mode = 0660
 +
listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
 +
pm = dynamic
 +
pm.max_children = 15
 +
pm.start_servers = 3
 +
pm.min_spare_servers = 3
 +
pm.max_spare_servers = 4
 +
pm.max_requests = 1000
 +
php_admin_value[session.save_path] = /var/lib/php/$id/session
 +
php_admin_value[session.gc_maxlifetime] = 86400
 +
php_admin_value[opcache.file_cache]  = /var/lib/php/$id/opcache
 +
php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
 +
php_admin_value[error_log] = /var/log/php/$id/error.log
 +
slowlog = /var/log/php/nextcloud/slow.log
 +
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
 +
php_admin_flag[display_errors] = off
 +
php_admin_flag[log_errors] = on
 +
php_admin_value[error_log] = syslog
 +
php_admin_value[memory_limit] = $memory_limit
 +
php_admin_value[max_execution_time] = 3600
 +
php_admin_value[post_max_size] = $max_upload_size
 +
php_admin_value[upload_max_filesize] = $max_upload_size
 +
php_admin_value[disable_functions] = system, show_source, symlink, exec, nextcloud, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
 +
php_admin_value[open_basedir] = /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo
 +
php_admin_flag[allow_url_fopen] = on
 +
php_admin_flag[file_upload] = on
 +
php_admin_flag[session.cookie_httponly] = on
 +
php_admin_flag[allow_url_include] = off
 +
php_admin_value[session.save_hannextclouder] = files
 +
php_admin_flag[output_buffering] = off
 +
 
 +
_EOF
 +
 
 +
  }
 +
  else{
 +
    $OUT .= '; Nextcloud is disabled';
 +
  }
 +
}
 +
 
 +
</syntaxhighlight>you will also need two httpd.conf template fragment:
 +
 
 +
vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig15nextcloud<syntaxhighlight lang="perl">
 +
{
 +
if ($fastcgi_mod eq 'mod_fastcgi'){
 +
  $OUT .=<<_EOF;
 +
Action phpnextcloud-fastcgi /php-cgi-bin/phpnextcloud-wrapper
 +
Alias /php-cgi-bin/phpnextcloud-wrapper /var/www/php-cgi-bin/phpnextcloud-wrapper
 +
FastCgiExternalServer /var/www/php-cgi-bin/phpnextcloud-wrapper -socket /var/run/php-fpm/php71-nextcloud.sock -pass-header Authorization -idle-timeout 120
 +
_EOF
 +
}
 +
}
 +
 
 +
</syntaxhighlight>
 +
 
 +
vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/98nextcloud<syntaxhighlight lang="perl">
 +
{
 +
my $access = $nextcloud{'access'} || 'private';
 +
my $allow = ($access eq 'public')?'all':"$localAccess $externalSSLAccess";
 +
my $authtype = $nextcloud{'Authentication'} || 'none';
 +
 
 +
my $alias = (($nextcloud{'AliasOnPrimary'} || 'enabled') eq 'enabled') ?
 +
    'Alias /nextcloud /usr/share/nextcloud' : '';
 +
 
 +
my $maxupload = $nextcloud{'MaxUploadSize'} || '1024';
 +
my $maxpost = $maxupload+1;
 +
$maxupload .= 'M';
 +
$maxpost .= 'M';
 +
 
 +
my $auth = '';
 +
if ($authtype eq 'http'){
 +
    $auth =<<'EOF';
 +
    <FilesMatch "^(admin|rest)\.php">
 +
        SSLRequireSSL on
 +
        AuthName "nextcloud"
 +
        AuthType Basic
 +
        AuthBasicProvider external
 +
        AuthExternal pwauth
 +
        Require valid-user
 +
    </FilesMatch>
 +
EOF
 +
}
 +
 
 +
if ($nextcloud{'status'} eq 'enabled'){
 +
 
 +
  my $php =<<_EOF;
 +
    AddType application/x-httpd-php .php
 +
    php_admin_flag file_upload On
 +
    php_admin_flag magic_quotes Off
 +
    php_admin_flag magic_quotes_gpc Off
 +
    php_admin_value upload_max_filesize $maxupload
 +
    php_admin_value post_max_size $maxpost
 +
    php_admin_value memory_limit 512M
 +
    php_admin_flag output_buffering Off
 +
    php_admin_value max_execution_time 0
 +
    php_admin_value upload_tmp_dir /var/lib/nextcloud/tmp
 +
    php_admin_value session.save_path /var/lib/nextcloud/tmp
 +
    php_admin_value session.gc_maxlifetime 86400
 +
    php_admin_value open_basedir /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo
 +
_EOF
 +
  if ($fastcgi_mod eq 'mod_fastcgi'){
 +
    $php = "    AddHandler phpnextcloud-fastcgi .php\n";
 +
  }
 +
  elsif ($fascgi_mod eq 'mod_proxy_fcgi'){
 +
    $php =<<'_EOF';
 +
    <FilesMatch \.php$>
 +
        SetHannextclouder "proxy:unix:/var/run/php-fpm/php71-nextcloud.sock|fcgi://localhost"
 +
    </FilesMatch>
 +
_EOF
 +
  }
 +
 
 +
</syntaxhighlight>Of course you will need to process both httpd.conf, php-fpm specific version and restart both httpd-e-smith and the php-fpm version you use.
 +
 
 +
You will also need specific code to create the destination directories for php usage : see /etc/e-smith/events/actions/php-pool-dirs from this contrib
 +
 
 +
=== Create and use my own pool ===
 +
using the default template : /etc/e-smith/templates/etc/php-fpm.d/custom.conf , you can set your own pool doing:<syntaxhighlight lang="bash">
 +
db php set MYPOOLNAME pool Version 72 status enabled
 +
</syntaxhighlight>here are the accepted supplementary properties, as always missing or empty means using default.
 +
{| class="wikitable"
 +
!property
 +
!default
 +
!values
 +
!information
 
|-
 
|-
 
|status
 
|status
 
|enabled
 
|enabled
 
|enabled,disabled
 
|enabled,disabled
 +
|-
 +
|MemoryLimit
 +
|128M
 +
|
 +
|-
 +
|MaxExecutionTime
 +
|30
 +
|
 +
|-
 +
|MaxInputTime
 +
|60
 +
|
 +
|-
 +
|AllowUrlFopen
 +
|off
 +
|
 +
|-
 +
|MaxChildren
 +
|15
 +
|
 +
|-
 +
|PostMaxSize
 +
|10M
 +
|
 +
|-
 +
|UploadMaxFilesize
 +
|10M
 +
|
 +
|-
 +
|file_upload
 +
|enabled
 +
|
 +
|-
 +
|OpenBasedir
 +
|
 +
|
 +
|-
 +
|DisableFunctions
 +
|system,show_source, symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd
 +
|
 +
|-
 +
|User
 +
|www
 +
|
 +
|-
 +
|Group
 +
|www
 +
|
 +
|-
 +
|DisplayErrors
 +
|disabled
 +
|
 +
|-
 +
|LogErrors
 +
|disabled
 +
|
 
|}
 
|}
 +
you will then need a httpd.conf template fragment to use your pool.
  
 
=== Uninstall ===
 
=== Uninstall ===
Line 87: Line 360:
 
<!-- list of category you want to see this page in -->
 
<!-- list of category you want to see this page in -->
 
[[Category: Contrib]]
 
[[Category: Contrib]]
 
 
<!-- Please keep there the template revision  number as is -->
 
<!-- Please keep there the template revision  number as is -->

Revision as of 18:02, 27 January 2020




php-fpm
NeedImage.svg
php-fpm logo
Maintainervip-ire
Urlhttps://wiki.contribs.org
Category

Category you want

Tags phpfpm


Maintainer

Daniel

Version

Contrib 9:
smeserver-php-fpm
The latest version of smeserver-php-fpm is available in the SME repository, click on the version number(s) for more information.


php-fpm
The latest version of php-fpm is available in the SME repository, click on the version number(s) for more information.


Description

This contribs allow you to run php-fpm for php version from 5.6 to 7.3 on CentOS 6 (SME9). This contrib will likely not be needed directly for your own usage, unless you know what you want to do with it, but rather called by another contribs needing a specific version of php running.


Installation

yum --enablerepo=smecontribs install smeserver-php-fpm

you then need to issue the usual

signal-event post-upgrade; signal-event reboot

or you can do

signal-event webapps-update
service php-fpm start
service php-56 start
service php-70 start
service php-71 start
service php-72 start
service php-73 start

Configuration

you can list the available configuration with the following command :

config show php-fpm
config show php56-php-fpm
config show php70-php-fpm
config show php71-php-fpm
config show php72-php-fpm
config show php73-php-fpm

Some of the properties are not shown, but are defaulted in a template or a script. You can set those values for the php-fpm version you want, or you can set it against a particular share folder. Empty or missing property in the db means default value is used.

Here a more comprehensive list with default and expected values :

property default values
status enabled enabled,disabled
MemoryLimit 128M
MaxExecutionTime 30
MaxInputTime 60
AllowUrlFopen off
MaxChildren 15
PostMaxSize 10M
UploadMaxFilesize 10M
OpenBasedir
DisableFunctions system,show_source, symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd
config setprop php72-phpfpm  PHPMemoryLimit 256M
signal-event webapps-update

more values specifics for shares:

property default values information
PHPVersion 56,70,71,72,73 should be set one value
PHPCustomPool string use of a custom pool defined elsewhere, see use my own pool section. Keep it empty to use the share specific pool.
DynamicContent disabled enabled,disabled need to be enabled
db accounts setprop SHARENAME PHPVersion 72 PHPMemoryLimit 256M
signal-event webapps-update

For contribs creators

you can either call an existing php-pool or create your own one. As an example you can check smeserver-nextcloud. The following template will make a dedicated php 7.1 pool with php setting adapted for Nextcloud.

vim /etc/e-smith/templates/etc/php-fpm.d/www.conf/15Nextcloud

{

if ($PHP_VERSION eq '71'){
  if (($nextcloud{'status'} || 'disabled') eq 'enabled'){
    my $max_upload_size = ($nextcloud{MaxUploadSize} || '4096');
    $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
    my $memory_limit = ($nextcloud{MemoryLimit} || '512M');
    $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
    my $id = 'nextcloud';
    $OUT .=<<_EOF;

[php$PHP_VERSION-$id]
user = www
group = www
listen.owner = root
listen.group = www
listen.mode = 0660
listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
pm = dynamic
pm.max_children = 15
pm.start_servers = 3
pm.min_spare_servers = 3
pm.max_spare_servers = 4
pm.max_requests = 1000
php_admin_value[session.save_path] = /var/lib/php/$id/session
php_admin_value[session.gc_maxlifetime] = 86400
php_admin_value[opcache.file_cache]  = /var/lib/php/$id/opcache
php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
php_admin_value[error_log] = /var/log/php/$id/error.log
slowlog = /var/log/php/nextcloud/slow.log
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
php_admin_flag[display_errors] = off
php_admin_flag[log_errors] = on
php_admin_value[error_log] = syslog
php_admin_value[memory_limit] = $memory_limit
php_admin_value[max_execution_time] = 3600
php_admin_value[post_max_size] = $max_upload_size
php_admin_value[upload_max_filesize] = $max_upload_size
php_admin_value[disable_functions] = system, show_source, symlink, exec, nextcloud, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
php_admin_value[open_basedir] = /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo
php_admin_flag[allow_url_fopen] = on
php_admin_flag[file_upload] = on
php_admin_flag[session.cookie_httponly] = on
php_admin_flag[allow_url_include] = off
php_admin_value[session.save_hannextclouder] = files
php_admin_flag[output_buffering] = off

_EOF

  }
  else{
    $OUT .= '; Nextcloud is disabled';
  }
}

you will also need two httpd.conf template fragment: vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig15nextcloud

{
if ($fastcgi_mod eq 'mod_fastcgi'){
  $OUT .=<<_EOF;
Action phpnextcloud-fastcgi /php-cgi-bin/phpnextcloud-wrapper
Alias /php-cgi-bin/phpnextcloud-wrapper /var/www/php-cgi-bin/phpnextcloud-wrapper
FastCgiExternalServer /var/www/php-cgi-bin/phpnextcloud-wrapper -socket /var/run/php-fpm/php71-nextcloud.sock -pass-header Authorization -idle-timeout 120
_EOF
}
}

vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/98nextcloud

{
my $access = $nextcloud{'access'} || 'private';
my $allow = ($access eq 'public')?'all':"$localAccess $externalSSLAccess";
my $authtype = $nextcloud{'Authentication'} || 'none';

my $alias = (($nextcloud{'AliasOnPrimary'} || 'enabled') eq 'enabled') ?
    'Alias /nextcloud /usr/share/nextcloud' : '';

my $maxupload = $nextcloud{'MaxUploadSize'} || '1024';
my $maxpost = $maxupload+1;
$maxupload .= 'M';
$maxpost .= 'M';

my $auth = '';
if ($authtype eq 'http'){
    $auth =<<'EOF';
    <FilesMatch "^(admin|rest)\.php">
        SSLRequireSSL on
        AuthName "nextcloud"
        AuthType Basic
        AuthBasicProvider external
        AuthExternal pwauth
        Require valid-user
    </FilesMatch>
EOF
}

if ($nextcloud{'status'} eq 'enabled'){

  my $php =<<_EOF;
    AddType application/x-httpd-php .php
    php_admin_flag file_upload On
    php_admin_flag magic_quotes Off
    php_admin_flag magic_quotes_gpc Off
    php_admin_value upload_max_filesize $maxupload
    php_admin_value post_max_size $maxpost
    php_admin_value memory_limit 512M
    php_admin_flag output_buffering Off
    php_admin_value max_execution_time 0
    php_admin_value upload_tmp_dir /var/lib/nextcloud/tmp
    php_admin_value session.save_path /var/lib/nextcloud/tmp
    php_admin_value session.gc_maxlifetime 86400
    php_admin_value open_basedir /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo
_EOF
  if ($fastcgi_mod eq 'mod_fastcgi'){
    $php = "    AddHandler phpnextcloud-fastcgi .php\n";
  }
  elsif ($fascgi_mod eq 'mod_proxy_fcgi'){
    $php =<<'_EOF';
     <FilesMatch \.php$>
         SetHannextclouder "proxy:unix:/var/run/php-fpm/php71-nextcloud.sock|fcgi://localhost"
     </FilesMatch>
_EOF
  }

Of course you will need to process both httpd.conf, php-fpm specific version and restart both httpd-e-smith and the php-fpm version you use.

You will also need specific code to create the destination directories for php usage : see /etc/e-smith/events/actions/php-pool-dirs from this contrib

Create and use my own pool

using the default template : /etc/e-smith/templates/etc/php-fpm.d/custom.conf , you can set your own pool doing:

db php set MYPOOLNAME pool Version 72 status enabled

here are the accepted supplementary properties, as always missing or empty means using default.

property default values information
status enabled enabled,disabled
MemoryLimit 128M
MaxExecutionTime 30
MaxInputTime 60
AllowUrlFopen off
MaxChildren 15
PostMaxSize 10M
UploadMaxFilesize 10M
file_upload enabled
OpenBasedir
DisableFunctions system,show_source, symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd
User www
Group www
DisplayErrors disabled
LogErrors disabled

you will then need a httpd.conf template fragment to use your pool.

Uninstall

yum remove smeserver-php-fpm  php-fpm

Bugs

Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-php-fpm component or use this link


Below is an overview of the current issues for this contrib:

No open bugs found.

Changelog

Only released version in smecontrib are listed here.