Index.
07-Jan-2012: initial release. 14-Jan-2012: added gzip compression. 27-Feb-2012: added some php-fpm tuning information. 22-Aug-2012: updated to new configuration files. 04-Jan-2013: adjusted for Slackware. 19-Apr-2015: adjusted for LXC.
Introduction.
This article describes how to install virtual web servers using Nginx, PHP and MySQL. PHP and Nginx will be installed on this DMZ server, but MySQL should already be running on the Home Server host. When MySQL runs on the host, you can safely use phpmyadmin on the host because it won’t be available from the Internet, only from within your network. Using only one MySQL installation saves system resources. By mounting /var/run/mysql from the host we can use the MySQL server using the standard socket as if MySQL is running on the web server. And, this is a whole lot faster then connecting to the MySQL server using the network.
Virtual web hosting for IPv4 is name based only, in general you will have to share just one public IPv4 address. For IPv6 we have so many available IPv6 addresses that we will give each virtual server it’s own IPv6 address.
Installation.
Install php from the standard Slackware distribution. Build and install the nginx package using Slackbuild scripts. The php-fpm manager is included in Slackware distributions since version 14.0. If you have an older release you need to rebuild the php package to enable php-fpm support. There already is an article about the nginx web server setup, so look there for the details.
In many examples you find on the Internet php-fpm listens to port 9000 on localhost, but it is better to use a socket connection. In /etc/php-fpm.conf set:
listen = /var/lib/php/php-fpm-www.sock
In /etc/nginx/nginx.conf set the upstream backend section to:
# Upstream to abstract backend connection(s) for PHP. upstream php { # server 127.0.0.1:9000; server unix:/var/lib/php/php-fpm-www.sock; }
Here are the changes in the configuration of /etc/php-fpm/php-fpm.conf:
root@nginx:/etc/php-fpm# diff -u php-fpm.conf php-fpm.conf.default --- php-fpm.conf 2014-12-19 19:10:36.000000000 +0100 +++ php-fpm.conf.default 2014-12-22 21:39:06.000000000 +0100 @@ -156,8 +156,7 @@ ; specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. -;listen = 127.0.0.1:9000 -listen = /var/lib/php/php-fpm-www.sock +listen = 127.0.0.1:9000 ; Set listen(2) backlog. ; Default Value: 128 (-1 on FreeBSD and OpenBSD) @@ -168,8 +167,8 @@ ; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user ; mode is set to 0660 -listen.owner = apache -listen.group = apache +;listen.owner = apache +;listen.group = apache ;listen.mode = 0660 ; List of ipv4 addresses of FastCGI clients which are allowed to connect. root@nginx:/etc/php-fpm#
CGI scripts.
If you have a site with static content and some CGI scripts, you need to build and install the fcgiwrap, fcgi and spawn-fcgi packages. In /etc/fcgiwrap.conf you can choose between a socket or a TCP connection to communicate between nginx and the fcgiwrap program.
To start fcgiwrap automatic at boot, use pkgtool to enable fcgiwrap.
Configure nginx.
All the configuration files are in the directory /etc/nginx/conf, you only need to edit nginx.conf:
# /etc/nginx/conf/nginx.conf at nginx.wpl.uk # worker_processes 1; events { worker_connections 64; accept_mutex_delay 50ms; } http { include mime.types; default_type application/octet-stream; charset utf-8; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; sendfile on; keepalive_timeout 300 300; gzip on; gzip_comp_level 1; gzip_min_length 100; gzip_vary on; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain text/css application/x-javascript text/xml ap plication/xml application/xml+rss text/javascript; gzip_disable "MSIE [1-6]\."; # Upstream to abstract backend connection(s) for PHP. upstream php { server unix:/var/lib/php/php-fpm-www.sock; } upstream cgi { server 127.0.0.1:9001; } # Virtual host server www is a simple static server. server { listen 10.126.162.4:80 default_server; listen [2001:1af8:fecf:7ea2::200]:80; server_name www.wpl.uk; root /srv/http/www; access_log logs/www_access.log; error_log logs/www_error.log; location / { index index.html; } } # Virtual host server 2 is a SSI site with CGI includes. server { listen 10.126.162.4:80; listen [2001:1af8:fecf:7ea2::201]:80; server_name server2.wpl.uk; root /srv/http/server2; access_log logs/server2_access.log; error_log logs/server2_error.log; location / { index index.html index.shtml; ssi on; } # CGI scripts location ~ ^/cgi-bin/.*\.cgi$ { gzip off; fastcgi_pass cgi; include fastcgi_params; } } # Virtual host server3 is a PHP application. server { listen 10.126.162.4:80; listen [2001:1af8:fecf:7ea2::202]:80; server_name server3.wpl.uk; root /srv/http/server3; access_log logs/server3_access.log main; error_log logs/server3_error.log; location / { index index.php; } location ~ \.php$ { fastcgi_pass php; include fastcgi.conf; } } }
This example shows three virtual servers, a static server, a SSI with CGI server and a PHP application server. Start nginx and test if everything works:
root@nginx:~# chmod 755 /etc/rc.d/rc.php-fpm root@nginx:~# /etc/rc.d/rc.php-fpm start Starting php-fpm done root@nginx:~# /etc/rc.d/init.d/fcgiwrap start Starting fcgiwrap for user: apache root@nginx:~# chmod 755 /etc/rc.d/rc.httpd root@nginx:~# mkdir -p /srv/http/htdocs/ root@nginx:~# /etc/rc.d/rc.httpd start Starting Nginx server daemon... root@nginx:~#
Download.
See the download page for the script and configuration files.