Difference between revisions of "SME9 Php-Fpm"
(Created page with "{{Warning box|This page is for SME v9 and is now deprecated and for reference only. v10 uses systemd. See https://wiki.koozali.org/PHP if you search to write your own contrib...") |
(No difference)
|
Revision as of 06:46, 4 May 2024
| * | Warning: |
| This page is for SME v9 and is now deprecated and for reference only.
v10 uses systemd. See https://wiki.koozali.org/PHP if you search to write your own contrib using php-fpm follow Building_Your_Contrib#PHP-FPM |
Template:Languages {{#vardefine:contribname| {{#titleparts: sme9 php-fpm |1}} }} {{#vardefine:smecontribname| smeserver-{{#titleparts: sme9 php-fpm |1}} }} {{#vardefine:lang| {{#titleparts: sme9 php-fpm | | -1}} |en }} Template:Infobox contribs
Contents
Maintainer
Version
| * | Warning: |
| DO NOT USE ON v10.
SME v9 is no longer supported. v10 has php-fpm built in.
Please refer to this page for more information. |
{{#smeversion: smeserver-php-fpm }}
Description
This contribs allow you to run php-fpm for php version from 5.6 to 7.3 on CentOS 6 (SME9). This contrib will likely not be needed directly for your own usage, unless you know what you want to do with it, but rather called by another contribs needing a specific version of php running.
Installation
yum --enablerepo=smecontribs install {{#var:smecontribname}}
you then need to issue the usual<syntaxhighlight lang="bash"> signal-event post-upgrade; signal-event reboot </syntaxhighlight>
or you can do <syntaxhighlight lang="bash"> signal-event webapps-update service php-fpm start service php56-php-fpm start service php70-php-fpm start service php71-php-fpm start service php72-php-fpm start service php73-php-fpm start
</syntaxhighlight>
Configuration
you can list the available configuration with the following command :<syntaxhighlight lang="bash"> config show php-fpm config show php56-php-fpm config show php70-php-fpm config show php71-php-fpm config show php72-php-fpm config show php73-php-fpm
</syntaxhighlight>
Some of the properties are not shown, but are defaulted in a template or a script. You can set those values for the php-fpm version you want, or you can set it against a particular share folder. Empty or missing property in the db means default value is used.
Here a more comprehensive list with default and expected values :
| property | default | values |
|---|---|---|
| status | enabled | enabled,disabled |
| MemoryLimit | 128M | |
| MaxExecutionTime | 30 | |
| MaxInputTime | 60 | |
| AllowUrlFopen | off | |
| MaxChildren | 15 | |
| PostMaxSize | 10M | |
| UploadMaxFilesize | 10M | |
| OpenBasedir | ||
| DisableFunctions | system,show_source, symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd |
<syntaxhighlight lang="bash"> config setprop php72-phpfpm PHPMemoryLimit 256M signal-event webapps-update </syntaxhighlight>more values specifics for shares:
| property | default | values | information |
|---|---|---|---|
| PHPVersion | 56,70,71,72,73 | should be set one value | |
| PHPCustomPool | string | use of a custom pool defined elsewhere, see use my own pool section. Keep it empty to use the share specific pool. | |
| DynamicContent | disabled | enabled,disabled | need to be enabled |
<syntaxhighlight lang="bash"> db accounts setprop SHARENAME PHPVersion 72 PHPMemoryLimit 256M signal-event webapps-update </syntaxhighlight>
For contribs creators
you can either call an existing php-pool or create your own one. As an example you can check smeserver-nextcloud. The following template will make a dedicated php 7.1 pool with php setting adapted for Nextcloud.
vim /etc/e-smith/templates/etc/php-fpm.d/www.conf/15Nextcloud<syntaxhighlight lang="perl"> {
if ($PHP_VERSION eq '71'){
if (($nextcloud{'status'} || 'disabled') eq 'enabled'){
my $max_upload_size = ($nextcloud{MaxUploadSize} || '4096');
$max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
my $memory_limit = ($nextcloud{MemoryLimit} || '512M');
$memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
my $id = 'nextcloud';
$OUT .=<<_EOF;
[php$PHP_VERSION-$id] user = www group = www listen.owner = root listen.group = www listen.mode = 0660 listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock pm = dynamic pm.max_children = 15 pm.start_servers = 3 pm.min_spare_servers = 3 pm.max_spare_servers = 4 pm.max_requests = 1000 php_admin_value[session.save_path] = /var/lib/php/$id/session php_admin_value[session.gc_maxlifetime] = 86400 php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp php_admin_value[error_log] = /var/log/php/$id/error.log slowlog = /var/log/php/nextcloud/slow.log php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName } php_admin_flag[display_errors] = off php_admin_flag[log_errors] = on php_admin_value[error_log] = syslog php_admin_value[memory_limit] = $memory_limit php_admin_value[max_execution_time] = 3600 php_admin_value[post_max_size] = $max_upload_size php_admin_value[upload_max_filesize] = $max_upload_size php_admin_value[disable_functions] = system, show_source, symlink, exec, nextcloud, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd php_admin_value[open_basedir] = /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo php_admin_flag[allow_url_fopen] = on php_admin_flag[file_upload] = on php_admin_flag[session.cookie_httponly] = on php_admin_flag[allow_url_include] = off php_admin_value[session.save_hannextclouder] = files php_admin_flag[output_buffering] = off
_EOF
}
else{
$OUT .= '; Nextcloud is disabled';
}
}
</syntaxhighlight>you will also need two httpd.conf template fragment:
vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig15nextcloud<syntaxhighlight lang="perl"> { if ($fastcgi_mod eq 'mod_fastcgi'){
$OUT .=<<_EOF;
Action phpnextcloud-fastcgi /php-cgi-bin/phpnextcloud-wrapper Alias /php-cgi-bin/phpnextcloud-wrapper /var/www/php-cgi-bin/phpnextcloud-wrapper FastCgiExternalServer /var/www/php-cgi-bin/phpnextcloud-wrapper -socket /var/run/php-fpm/php71-nextcloud.sock -pass-header Authorization -idle-timeout 120 _EOF } }
</syntaxhighlight>
vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/98nextcloud<syntaxhighlight lang="perl"> { my $access = $nextcloud{'access'} || 'private'; my $allow = ($access eq 'public')?'all':"$localAccess $externalSSLAccess"; my $authtype = $nextcloud{'Authentication'} || 'none';
my $alias = (($nextcloud{'AliasOnPrimary'} || 'enabled') eq 'enabled') ?
'Alias /nextcloud /usr/share/nextcloud' : ;
my $maxupload = $nextcloud{'MaxUploadSize'} || '1024'; my $maxpost = $maxupload+1; $maxupload .= 'M'; $maxpost .= 'M';
my $auth = ; if ($authtype eq 'http'){
$auth =<<'EOF';
<FilesMatch "^(admin|rest)\.php">
SSLRequireSSL on
AuthName "nextcloud"
AuthType Basic
AuthBasicProvider external
AuthExternal pwauth
Require valid-user
</FilesMatch>
EOF }
if ($nextcloud{'status'} eq 'enabled'){
my $php =<<_EOF; AddType application/x-httpd-php .php php_admin_flag file_upload On php_admin_flag magic_quotes Off php_admin_flag magic_quotes_gpc Off php_admin_value upload_max_filesize $maxupload php_admin_value post_max_size $maxpost php_admin_value memory_limit 512M php_admin_flag output_buffering Off php_admin_value max_execution_time 0 php_admin_value upload_tmp_dir /var/lib/nextcloud/tmp php_admin_value session.save_path /var/lib/nextcloud/tmp php_admin_value session.gc_maxlifetime 86400 php_admin_value open_basedir /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo
_EOF
if ($fastcgi_mod eq 'mod_fastcgi'){
$php = " AddHandler phpnextcloud-fastcgi .php\n";
}
elsif ($fascgi_mod eq 'mod_proxy_fcgi'){
$php =<<'_EOF';
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/php-fpm/php71-nextcloud.sock|fcgi://localhost"
</FilesMatch>
_EOF
}
my $config =<<_EOF;
<Directory "/usr/share/nextcloud"> Options +FollowSymLinks AllowOverride All
$php
order deny,allow deny from all allow from $allow
$auth
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /usr/share/nextcloud SetEnv HTTP_HOME /usr/share/nextcloud SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=\$1 </Directory>
<Directory "/home/e-smith/files/nextcloud/data/"> # just in case if .htaccess gets disabled deny from all </Directory>
_EOF
$OUT .=<<"END"
- nextcloud Configuration
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000"
</IfModule> $alias
$config
Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav
END
}
else{
$OUT .= "# nextcloud is disabled\n";
} }
</syntaxhighlight>Of course you will need to process both httpd.conf, php-fpm specific version and restart both httpd-e-smith and the php-fpm version you use.
You will also need specific code to create the destination directories for php usage : see /etc/e-smith/events/actions/php-pool-dirs from this contrib
| * | Warning: |
| On initial installation, smeserver-php-fpm does not start php pools and signal-event webapps-update does only a reload which will not start stopped services.
So pay attention you need to start if not already started on initial install. |
Create and use my own pool
using the default template : /etc/e-smith/templates/etc/php-fpm.d/custom.conf , you can set your own pool doing:<syntaxhighlight lang="bash"> db php set MYPOOLNAME pool Version 72 status enabled </syntaxhighlight>here are the accepted supplementary properties, as always missing or empty means using default.
| property | default | values | information |
|---|---|---|---|
| status | enabled | enabled,disabled | |
| MemoryLimit | 128M | ||
| MaxExecutionTime | 30 | ||
| MaxInputTime | 60 | ||
| AllowUrlFopen | off | ||
| MaxChildren | 15 | ||
| PostMaxSize | 10M | ||
| UploadMaxFilesize | 10M | ||
| file_upload | enabled | ||
| OpenBasedir | |||
| DisabledFunctions | system,show_source,symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd | ||
| User | www | ||
| Group | www | ||
| DisplayErrors | disabled | ||
| LogErrors | disabled |
you will then need two httpd.conf custom template fragment to use your pool. You will need to change MYPOOL to what you want<syntaxhighlight lang="bash"> mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/ vim /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/98mypoolusage </syntaxhighlight><syntaxhighlight lang="perl"> <Directory /home/e-smith/files/ibays/test/html>
SSLRequireSSL Options None Options +Indexes Options +FollowSymLinks DirectoryIndex index.php index.shtml index.htm index.html AddHandler phpMYPOOL-fastcgi .php AllowOverride All order deny,allow deny from all allow from all
</Directory>
</syntaxhighlight>then just do signal-event webapps-update
Uninstall
yum remove {{#var:smecontribname}} {{#var:contribname}}
Bugs
Please raise bugs under the SME-Contribs section in bugzilla and select the {{#var:smecontribname}} component or use Template:BugzillaFileBug
Below is an overview of the current issues for this contrib:{{#bugzilla:columns=id,product,version,status,summary|sort=id|order=desc|component={{#var:smecontribname}} |noresultsmessage=No open bugs found.}}
Changelog
Only released version in smecontrib are listed here.
{{#smechangelog: {{#var:smecontribname}} }}
