Web Hosting Talk

Web Hosting Talk (http://www.webhostingtalk.com/index.php)
-   VPS Tutorials (http://www.webhostingtalk.com/forumdisplay.php?f=108)
-   -   nginx + php-fpm + debian squeeze tutorial - the fastest way to host php! (http://www.webhostingtalk.com/showthread.php?t=1025286)


AltruHost 02-22-2011 12:11 AM

nginx + php-fpm + debian squeeze tutorial - the fastest way to host php!
 
Here is a quick howto for setting up nginx and php-fpm on a Debian 6 VPS. We will be using the dotdeb repository for this so a big thanks goes to the dotdeb guys for building such reliable Debian packages.

This has been tested on a Debian 6 OpenVZ minimal template:

First add the dotdeb repo to your sources.list file:
Code:

nano /etc/apt/sources.list
add this to the bottom of the file:
Code:

deb http://packages.dotdeb.org stable all
Next, add the GnuPG key to your distribution:
Code:

wget http://www.dotdeb.org/dotdeb.gpg
cat dotdeb.gpg | sudo apt-key add -
rm dotdeb.gpg

Update APT:
Code:

apt-get update
Install php and php-fpm plus some common addons:
Code:

apt-get install php5 php5-fpm php-pear php5-common php5-mcrypt php5-mysql php5-cli php5-gd
Install nginx:
Code:

apt-get install nginx
Tweak the php-fpm configuration:
Code:

nano /etc/php5/fpm/php5-fpm.conf
The following tweaks have been customized for a 512MB-1GB VPS. You can use the same numbers here or come up with your own. This is just what I have found to be the most resource friendly for a lightly used VPS:
Code:

pm.max_children = 25
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 10
pm.max_requests = 500

This line is optional but I highly suggest you use it. Basically it's saying that if a php-fpm process hangs it will terminate it if it continues to hang for 30 seconds. This will add stability and reliability to your php application in the event there is a problem:
Code:

request_terminate_timeout = 30s
restart php-fpm:
Code:

/etc/init.d/php5-fpm restart
Tweak your nginx configuration:
Code:

nano /etc/nginx/nginx.conf
The client_max_body_size option changes the max from the 1MB default (which is a must for most php apps):
Code:

client_max_body_size 20M;
client_body_buffer_size 128k;

Remove the default vhost symlink:
Code:

cd /etc/nginx/sites-enabled
rm default

Create a fresh and clean vhost file:
Code:

nano /etc/nginx/sites-available/www.website.com
Code:

server {
                listen 80;
                server_name website.com www.website.com;

                access_log /var/log/nginx/website.access_log;
                error_log /var/log/nginx/website.error_log;

                root /var/www/www.website.com;
                index index.php index.htm index.html;

                location ~ .php$ {
                  fastcgi_pass  127.0.0.1:9000;
                  fastcgi_index  index.php;
                  fastcgi_param  SCRIPT_FILENAME /var/www/www.website.com$fastcgi_script_name;
                  include fastcgi_params;
                }
      }

Create a new symlink for the new vhost under sites-enabled:
Code:

ln -s /etc/nginx/sites-available/www.website.com /etc/nginx/sites-enabled/www.website.com
Restart nginx:
Code:

/etc/init.d/nginx restart
That's it. You should now have a clean installation of nginx and php-fpm with a single vhost running on port 80. If you want to have the same vhost running with ssl on port 443, copy and paste the entire vhost code into the bottom of the vhost file, change 'listen' to 443:
Code:

                listen 443;
Then add these lines that will point to your ssl certs:
Code:

                ssl on;
                ssl_certificate /path/to/certificate/www.website.com.crt;
                ssl_certificate_key /path/to/certificate_key/www.website.com.key;

Please let me know if there is anything I missed or anything that might need to be changed.

yugongtian 02-27-2011 01:55 AM

Thanks for share.:)

computerwis 02-27-2011 03:19 AM

Good information for beginners or ones that need help.

I hope you continue to share more.

deejk 02-28-2011 05:51 PM

thanks for sharing, it certinaly helped me out

AltruHost 02-28-2011 09:55 PM

You are all most welcome! I hope more people can benefit from tutorials like this. I plan on posting more here in the future.

Aaryn015 04-25-2011 04:21 AM

Hey, Thanks for the nice tut.

I'm not a Linux noob, but I'm new to Dotdeb and some of the steps here are new to me. Namely this one

Quote:

Tweak the php-fpm configuration:
Code:

nano /etc/php5/fpm/php5-fpm.conf

I followed your steps from the start, and I don't have this file in the /etc/php5/fpm/ directory. But there is a php-fpm.conf file there. Should I be adding these settings to that file, or creating php5-fpm.conf?

Cheers
Aaron

acjohnson 04-25-2011 09:56 AM

Hey thanks for pointing that out. That might actually be a typo. I'll have to look at my configs later to see but typically the file is called php-fpm.conf. Try editing that file and continue on. You shouldn't have any more problems from there.

acjohnson 04-26-2011 01:25 AM

Update:
 
Okay, so I've checked my configuration and my servers actually have a file called 'php5-fpm.conf' so perhaps the dotdeb binaries have changed to use the 'php-fpm.conf' file name instead... Try editing that file and if you could report back if it works that would be great. If not then just copy the file or symlink it and see if that works as well.

thomas01155 05-22-2011 03:16 PM

What else would I need to install other than MySQL to get wordpress working?

Thanks

Mohammed H 05-22-2011 03:31 PM

@OP thanks for this informative tutorial
@thomas01155 nothing else (nginx + php-fpm + mysql) is what you need to run Wordpress

thomas01155 05-22-2011 04:06 PM

Thanks, I have my wordpress site working now. I keep getting 502 bad gate way errors when I update stuff on the site however. Do you know how to fix this?

Thanks,
Tom

dmmcintyre3 05-22-2011 04:12 PM

Security issue:

http://scott.yang.id.au/2011/04/secu...tcgi-on-nginx/

thomas01155 05-22-2011 04:41 PM

OK so now its but I'm still getting the same error :(

location ~ .php$ {
if (-f $request_filename) {
fastcgi_pass 127.0.0.1:9000;
}
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/*removed*.com$fastcgi_script_name;
include fastcgi_params;
}

2011/05/23 00:43:40 [error] 1987#0: *15 readv() failed (104: Connection reset by peer) while reading upstream, client: 11.111.11.11, server: *remove*.com, request: "GET /wp-admin/index.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/wp-admin/profile.php"
2011/05/23 00:43:42 [error] 1987#0: *15 readv() failed (104: Connection reset by peer) while reading upstream, client: 11.111.11.11, server: *remove*.com, request: "GET /wp-admin/edit.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/wp-admin/index.php"
2011/05/23 00:43:44 [error] 1987#0: *15 readv() failed (104: Connection reset by peer) while reading upstream, client: 11.111.11.11, server: *remove*.com, request: "GET /wp-admin/post.php?post=1&action=edit HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/wp-admin/edit.php"
2011/05/23 00:43:46 [error] 1987#0: *21 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 11.111.11.11, server: *remove*.com, request: "POST /wp-admin/post.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/wp-admin/post.php?post=1&action=edit"
2011/05/23 00:43:48 [error] 1987#0: *21 readv() failed (104: Connection reset by peer) while reading upstream, client: 11.111.11.11, server: *remove*.com, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com"
2011/05/23 00:43:51 [error] 1987#0: *21 readv() failed (104: Connection reset by peer) while reading upstream, client: 11.111.11.11, server: *remove*.com, request: "GET /wp-admin/profile.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/"
2011/05/23 00:43:53 [error] 1987#0: *21 readv() failed (104: Connection reset by peer) while reading upstream, client: 11.111.11.11, server: *remove*.com, request: "GET /wp-admin/edit.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/wp-admin/profile.php"
2011/05/23 00:43:57 [error] 1987#0: *21 readv() failed (104: Connection reset by peer) while reading upstream, client: 11.111.11.11, server: *remove*.com, request: "GET /wp-admin/edit.php?post_type=page HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/wp-admin/edit.php"
2011/05/23 00:43:59 [error] 1987#0: *21 readv() failed (104: Connection reset by peer) while reading upstream, client: 11.111.11.11, server: *remove*.com, request: "GET /wp-admin/post.php?post=5&action=edit HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/wp-admin/edit.php?post_type=page"
2011/05/23 00:44:00 [error] 1987#0: *21 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 11.111.11.11, server: *remove*.com, request: "POST /wp-admin/post.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "*remove*.com", referrer: "http://*remove*.com/wp-admin/post.php?post=5&action=edit"

netstat -nl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
raw6 0 0 :::1 :::* 7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 716910858 /var/run/mysqld/mysqld.sock
unix 2 [ ACC ] STREAM LISTENING 716887395 /var/run/saslauthd/mux
unix 2 [ ACC ] STREAM LISTENING 716887911 /var/run/sendmail/mta/smcontrol

Thanks,
Tom

thomas01155 05-22-2011 05:21 PM

Here are some more logs if anyone can help me solve this problem :)

php5-fpm.log
[23-May-2011 01:16:49] WARNING: [pool www] child 3574 exited on signal 11 (SIGSEGV) after 62.058702 seconds from start
[23-May-2011 01:16:49] NOTICE: [pool www] child 3597 started
[23-May-2011 01:16:57] WARNING: [pool www] child 3575 exited on signal 11 (SIGSEGV) after 67.750219 seconds from start

user.log
May 22 23:47:51 V-1040 suhosin[3173]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'xx.xxx.xx.xx', file '/var/www/xx***********/wp-admin/admin.php', line 109)
May 22 23:47:53 V-1040 suhosin[3177]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'xx.xxx.xx.xx', file '/var/www/xx***********/wp-admin/admin.php', line 109)
May 22 23:53:26 V-1040 suhosin[3175]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'xx.xxx.xx.xx', file '/var/www/xx***********/wp-admin/admin.php', line 109)
May 22 23:53:27 V-1040 suhosin[3178]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'xx.xxx.xx.xx', file '/var/www/xx***********/wp-admin/admin.php', line 109)
May 22 23:53:29 V-1040 suhosin[3184]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'xx.xxx.xx.xx', file '/var/www/xx***********/wp-admin/admin.php', line 109)
May 22 23:53:31 V-1040 suhosin[3186]: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'xx.xxx.xx.xx', file '/var/www/xx***********/wp-admin/admin.php', line 109)

Thanks

AltruHost 05-22-2011 10:26 PM

Did you see this thread:
http://serverfault.com/questions/178...-on-a-test-ser

It suggests that this could be a configuration problem and that this line in nginx.conf will fix it:
Code:

request_terminate_timeout = 30s
The above is in the walkthough but it is suggested as optional so perhaps you opted to ignore that part of the config.

Also, how much memory do you have and how much is free? Simply run:
Code:

free -m
The suhosin error messages look familiar and depending on the configuration I think it can be ignored (but don't quote me on that)

If you are still experiencing problems after triple checking your configs and free memory I'd be glad to help you further.


All times are GMT -4. The time now is 08:44 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
© WebHostingTalk, 1998 - 2014. All Rights Reserved.