Difference between revisions of "Php-fpm"
From SME Server
Jump to navigationJump to searchUnnilennium (talk | contribs) |
Unnilennium (talk | contribs) |
||
| (10 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| + | {{Warning box|This page is for SME v9 and is now deprecated and for reference only. | ||
| + | v10 uses systemd. See https://wiki.koozali.org/PHP | ||
| + | if you search to write your own contrib using php-fpm follow [[Building_Your_Contrib#PHP-FPM]]}} | ||
| + | |||
{{Languages}} | {{Languages}} | ||
<!-- here we define the contrib name variable --> | <!-- here we define the contrib name variable --> | ||
| Line 13: | Line 17: | ||
|licence= | |licence= | ||
|url= https://wiki.contribs.org | |url= https://wiki.contribs.org | ||
| − | |category= | + | |category= |
|tags=php,fpm | |tags=php,fpm | ||
}} | }} | ||
| Line 22: | Line 26: | ||
=== Version === | === Version === | ||
| + | |||
| + | {{Warning box|DO NOT USE ON v10. | ||
| + | SME v9 is no longer supported. v10 has php-fpm built in. | ||
| + | Please refer to this page for more information.<br> | ||
| + | https://wiki.koozali.org/PHP}} | ||
| + | |||
| + | |||
<!-- keep this first element as is, you can add some if needed --> | <!-- keep this first element as is, you can add some if needed --> | ||
| − | {{#smeversion: | + | {{#smeversion: smeserver-php-fpm }} |
| − | + | ||
=== Description === | === Description === | ||
| − | This contribs allow you to run php-fpm for php version from 5. | + | This contribs allow you to run php-fpm for php version from 5.6 to 7.3 on CentOS 6 (SME9). This contrib will likely not be needed directly for your own usage, unless you know what you want to do with it, but rather called by another contribs needing a specific version of php running. |
| Line 33: | Line 44: | ||
yum --enablerepo=smecontribs install {{#var:smecontribname}} | yum --enablerepo=smecontribs install {{#var:smecontribname}} | ||
| + | you then need to issue the usual<syntaxhighlight lang="bash"> | ||
| + | signal-event post-upgrade; signal-event reboot | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | or you can do <syntaxhighlight lang="bash"> | ||
| + | signal-event webapps-update | ||
| + | service php-fpm start | ||
| + | service php56-php-fpm start | ||
| + | service php70-php-fpm start | ||
| + | service php71-php-fpm start | ||
| + | service php72-php-fpm start | ||
| + | service php73-php-fpm start | ||
| + | |||
| + | </syntaxhighlight> | ||
=== Configuration === | === Configuration === | ||
| − | you can list the available configuration with the | + | you can list the available configuration with the following command :<syntaxhighlight lang="bash"> |
| − | + | config show php-fpm | |
| + | config show php56-php-fpm | ||
| + | config show php70-php-fpm | ||
| + | config show php71-php-fpm | ||
| + | config show php72-php-fpm | ||
| + | config show php73-php-fpm | ||
| + | |||
| + | </syntaxhighlight> | ||
| + | |||
| + | Some of the properties are not shown, but are defaulted in a template or a script. You can set those values for the '''php-fpm version''' you want, or you can set it against a particular '''share folder'''. Empty or missing property in the db means default value is used. | ||
| − | + | Here a more comprehensive list with default and expected values : | |
{| class="wikitable" | {| class="wikitable" | ||
!property | !property | ||
!default | !default | ||
!values | !values | ||
| − | |||
|- | |- | ||
| − | | | + | |status |
| − | | | + | |enabled |
| − | | | + | |enabled,disabled |
| − | |for | + | |- |
| + | |MemoryLimit | ||
| + | |128M | ||
| + | | | ||
| + | |- | ||
| + | |MaxExecutionTime | ||
| + | |30 | ||
| + | | | ||
| + | |- | ||
| + | |MaxInputTime | ||
| + | |60 | ||
| + | | | ||
| + | |- | ||
| + | |AllowUrlFopen | ||
| + | |off | ||
| + | | | ||
| + | |- | ||
| + | |MaxChildren | ||
| + | |15 | ||
| + | | | ||
| + | |- | ||
| + | |PostMaxSize | ||
| + | |10M | ||
| + | | | ||
| + | |- | ||
| + | |UploadMaxFilesize | ||
| + | |10M | ||
| + | | | ||
| + | |- | ||
| + | |OpenBasedir | ||
| + | | | ||
| + | | | ||
| + | |- | ||
| + | |DisableFunctions | ||
| + | |system,show_source, symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd | ||
| + | | | ||
| + | |} | ||
| + | <syntaxhighlight lang="bash"> | ||
| + | config setprop php72-phpfpm PHPMemoryLimit 256M | ||
| + | signal-event webapps-update | ||
| + | </syntaxhighlight>more values specifics for shares: | ||
| + | {| class="wikitable" | ||
| + | !property | ||
| + | !default | ||
| + | !values | ||
| + | !information | ||
|- | |- | ||
| − | | | + | |PHPVersion |
| − | | | + | | |
| − | | | + | |56,70,71,72,73 |
| − | | | + | |should be set one value |
|- | |- | ||
| − | | | + | |PHPCustomPool |
| − | | | + | | |
|string | |string | ||
| − | | | + | |use of a custom pool defined elsewhere, see use my own pool section. Keep it empty to use the share specific pool. |
|- | |- | ||
| − | |access | + | |DynamicContent |
| − | | | + | |disabled |
| − | | | + | |enabled,disabled |
| − | | | + | |need to be enabled |
| + | |} | ||
| + | <syntaxhighlight lang="bash"> | ||
| + | db accounts setprop SHARENAME PHPVersion 72 PHPMemoryLimit 256M | ||
| + | signal-event webapps-update | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | === For contribs creators === | ||
| + | you can either call an existing php-pool or create your own one. As an example you can check smeserver-nextcloud. The following template will make a dedicated php 7.1 pool with php setting adapted for Nextcloud. | ||
| + | |||
| + | vim /etc/e-smith/templates/etc/php-fpm.d/www.conf/15Nextcloud<syntaxhighlight lang="perl"> | ||
| + | { | ||
| + | |||
| + | if ($PHP_VERSION eq '71'){ | ||
| + | if (($nextcloud{'status'} || 'disabled') eq 'enabled'){ | ||
| + | my $max_upload_size = ($nextcloud{MaxUploadSize} || '4096'); | ||
| + | $max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/); | ||
| + | my $memory_limit = ($nextcloud{MemoryLimit} || '512M'); | ||
| + | $memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/); | ||
| + | my $id = 'nextcloud'; | ||
| + | $OUT .=<<_EOF; | ||
| + | |||
| + | [php$PHP_VERSION-$id] | ||
| + | user = www | ||
| + | group = www | ||
| + | listen.owner = root | ||
| + | listen.group = www | ||
| + | listen.mode = 0660 | ||
| + | listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock | ||
| + | pm = dynamic | ||
| + | pm.max_children = 15 | ||
| + | pm.start_servers = 3 | ||
| + | pm.min_spare_servers = 3 | ||
| + | pm.max_spare_servers = 4 | ||
| + | pm.max_requests = 1000 | ||
| + | php_admin_value[session.save_path] = /var/lib/php/$id/session | ||
| + | php_admin_value[session.gc_maxlifetime] = 86400 | ||
| + | php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache | ||
| + | php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp | ||
| + | php_admin_value[error_log] = /var/log/php/$id/error.log | ||
| + | slowlog = /var/log/php/nextcloud/slow.log | ||
| + | php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName } | ||
| + | php_admin_flag[display_errors] = off | ||
| + | php_admin_flag[log_errors] = on | ||
| + | php_admin_value[error_log] = syslog | ||
| + | php_admin_value[memory_limit] = $memory_limit | ||
| + | php_admin_value[max_execution_time] = 3600 | ||
| + | php_admin_value[post_max_size] = $max_upload_size | ||
| + | php_admin_value[upload_max_filesize] = $max_upload_size | ||
| + | php_admin_value[disable_functions] = system, show_source, symlink, exec, nextcloud, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd | ||
| + | php_admin_value[open_basedir] = /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo | ||
| + | php_admin_flag[allow_url_fopen] = on | ||
| + | php_admin_flag[file_upload] = on | ||
| + | php_admin_flag[session.cookie_httponly] = on | ||
| + | php_admin_flag[allow_url_include] = off | ||
| + | php_admin_value[session.save_hannextclouder] = files | ||
| + | php_admin_flag[output_buffering] = off | ||
| + | |||
| + | _EOF | ||
| + | |||
| + | } | ||
| + | else{ | ||
| + | $OUT .= '; Nextcloud is disabled'; | ||
| + | } | ||
| + | } | ||
| + | |||
| + | </syntaxhighlight>you will also need two httpd.conf template fragment: | ||
| + | |||
| + | vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig15nextcloud<syntaxhighlight lang="perl"> | ||
| + | { | ||
| + | if ($fastcgi_mod eq 'mod_fastcgi'){ | ||
| + | $OUT .=<<_EOF; | ||
| + | Action phpnextcloud-fastcgi /php-cgi-bin/phpnextcloud-wrapper | ||
| + | Alias /php-cgi-bin/phpnextcloud-wrapper /var/www/php-cgi-bin/phpnextcloud-wrapper | ||
| + | FastCgiExternalServer /var/www/php-cgi-bin/phpnextcloud-wrapper -socket /var/run/php-fpm/php71-nextcloud.sock -pass-header Authorization -idle-timeout 120 | ||
| + | _EOF | ||
| + | } | ||
| + | } | ||
| + | |||
| + | </syntaxhighlight> | ||
| + | |||
| + | vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/98nextcloud<syntaxhighlight lang="perl"> | ||
| + | { | ||
| + | my $access = $nextcloud{'access'} || 'private'; | ||
| + | my $allow = ($access eq 'public')?'all':"$localAccess $externalSSLAccess"; | ||
| + | my $authtype = $nextcloud{'Authentication'} || 'none'; | ||
| + | |||
| + | my $alias = (($nextcloud{'AliasOnPrimary'} || 'enabled') eq 'enabled') ? | ||
| + | 'Alias /nextcloud /usr/share/nextcloud' : ''; | ||
| + | |||
| + | my $maxupload = $nextcloud{'MaxUploadSize'} || '1024'; | ||
| + | my $maxpost = $maxupload+1; | ||
| + | $maxupload .= 'M'; | ||
| + | $maxpost .= 'M'; | ||
| + | |||
| + | my $auth = ''; | ||
| + | if ($authtype eq 'http'){ | ||
| + | $auth =<<'EOF'; | ||
| + | <FilesMatch "^(admin|rest)\.php"> | ||
| + | SSLRequireSSL on | ||
| + | AuthName "nextcloud" | ||
| + | AuthType Basic | ||
| + | AuthBasicProvider external | ||
| + | AuthExternal pwauth | ||
| + | Require valid-user | ||
| + | </FilesMatch> | ||
| + | EOF | ||
| + | } | ||
| + | |||
| + | if ($nextcloud{'status'} eq 'enabled'){ | ||
| + | |||
| + | my $php =<<_EOF; | ||
| + | AddType application/x-httpd-php .php | ||
| + | php_admin_flag file_upload On | ||
| + | php_admin_flag magic_quotes Off | ||
| + | php_admin_flag magic_quotes_gpc Off | ||
| + | php_admin_value upload_max_filesize $maxupload | ||
| + | php_admin_value post_max_size $maxpost | ||
| + | php_admin_value memory_limit 512M | ||
| + | php_admin_flag output_buffering Off | ||
| + | php_admin_value max_execution_time 0 | ||
| + | php_admin_value upload_tmp_dir /var/lib/nextcloud/tmp | ||
| + | php_admin_value session.save_path /var/lib/nextcloud/tmp | ||
| + | php_admin_value session.gc_maxlifetime 86400 | ||
| + | php_admin_value open_basedir /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo | ||
| + | _EOF | ||
| + | if ($fastcgi_mod eq 'mod_fastcgi'){ | ||
| + | $php = " AddHandler phpnextcloud-fastcgi .php\n"; | ||
| + | } | ||
| + | elsif ($fascgi_mod eq 'mod_proxy_fcgi'){ | ||
| + | $php =<<'_EOF'; | ||
| + | <FilesMatch \.php$> | ||
| + | SetHandler "proxy:unix:/var/run/php-fpm/php71-nextcloud.sock|fcgi://localhost" | ||
| + | </FilesMatch> | ||
| + | _EOF | ||
| + | } | ||
| + | |||
| + | my $config =<<_EOF; | ||
| + | <Directory "/usr/share/nextcloud"> | ||
| + | Options +FollowSymLinks | ||
| + | AllowOverride All | ||
| + | $php | ||
| + | order deny,allow | ||
| + | deny from all | ||
| + | allow from $allow | ||
| + | $auth | ||
| + | |||
| + | <IfModule mod_dav.c> | ||
| + | Dav off | ||
| + | </IfModule> | ||
| + | |||
| + | SetEnv HOME /usr/share/nextcloud | ||
| + | SetEnv HTTP_HOME /usr/share/nextcloud | ||
| + | SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=\$1 | ||
| + | </Directory> | ||
| + | |||
| + | <Directory "/home/e-smith/files/nextcloud/data/"> | ||
| + | # just in case if .htaccess gets disabled | ||
| + | deny from all | ||
| + | </Directory> | ||
| + | _EOF | ||
| + | |||
| + | |||
| + | $OUT .=<<"END" | ||
| + | # nextcloud Configuration | ||
| + | <IfModule mod_headers.c> | ||
| + | Header always set Strict-Transport-Security "max-age=15552000" | ||
| + | </IfModule> | ||
| + | $alias | ||
| + | |||
| + | $config | ||
| + | |||
| + | Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav | ||
| + | Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav | ||
| + | |||
| + | |||
| + | END | ||
| + | } | ||
| + | else{ | ||
| + | $OUT .= "# nextcloud is disabled\n"; | ||
| + | } | ||
| + | } | ||
| + | |||
| + | </syntaxhighlight>Of course you will need to process both httpd.conf, php-fpm specific version and restart both httpd-e-smith and the php-fpm version you use. | ||
| + | |||
| + | You will also need specific code to create the destination directories for php usage : see /etc/e-smith/events/actions/php-pool-dirs from this contrib | ||
| + | |||
| + | {{Warning box|On initial installation, smeserver-php-fpm does not start php pools and signal-event webapps-update does only a reload which will not start stopped services. | ||
| + | So pay attention you need to start if not already started on initial install.}} | ||
| + | |||
| + | === Create and use my own pool === | ||
| + | using the default template : /etc/e-smith/templates/etc/php-fpm.d/custom.conf , you can set your own pool doing:<syntaxhighlight lang="bash"> | ||
| + | db php set MYPOOLNAME pool Version 72 status enabled | ||
| + | </syntaxhighlight>here are the accepted supplementary properties, as always missing or empty means using default. | ||
| + | {| class="wikitable" | ||
| + | !property | ||
| + | !default | ||
| + | !values | ||
| + | !information | ||
|- | |- | ||
|status | |status | ||
|enabled | |enabled | ||
|enabled,disabled | |enabled,disabled | ||
| + | |- | ||
| + | |MemoryLimit | ||
| + | |128M | ||
| + | | | ||
| + | |- | ||
| + | |MaxExecutionTime | ||
| + | |30 | ||
| + | | | ||
| + | |- | ||
| + | |MaxInputTime | ||
| + | |60 | ||
| + | | | ||
| + | |- | ||
| + | |AllowUrlFopen | ||
| + | |off | ||
| + | | | ||
| + | |- | ||
| + | |MaxChildren | ||
| + | |15 | ||
| + | | | ||
| + | |- | ||
| + | |PostMaxSize | ||
| + | |10M | ||
| + | | | ||
| + | |- | ||
| + | |UploadMaxFilesize | ||
| + | |10M | ||
| + | | | ||
| + | |- | ||
| + | |file_upload | ||
| + | |enabled | ||
| + | | | ||
| + | |- | ||
| + | |OpenBasedir | ||
| + | | | ||
| + | | | ||
| + | |- | ||
| + | |DisabledFunctions | ||
| + | |system,show_source,symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd | ||
| + | | | ||
| + | |- | ||
| + | |User | ||
| + | |www | ||
| + | | | ||
| + | |- | ||
| + | |Group | ||
| + | |www | ||
| + | | | ||
| + | |- | ||
| + | |DisplayErrors | ||
| + | |disabled | ||
| + | | | ||
| + | |- | ||
| + | |LogErrors | ||
| + | |disabled | ||
| + | | | ||
|} | |} | ||
| + | you will then need two httpd.conf custom template fragment to use your pool. You will need to change '''MYPOOL''' to what you want<syntaxhighlight lang="bash"> | ||
| + | mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/ | ||
| + | vim /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/98mypoolusage | ||
| + | </syntaxhighlight><syntaxhighlight lang="perl"> | ||
| + | <Directory /home/e-smith/files/ibays/test/html> | ||
| + | SSLRequireSSL | ||
| + | Options None | ||
| + | Options +Indexes | ||
| + | Options +FollowSymLinks | ||
| + | DirectoryIndex index.php index.shtml index.htm index.html | ||
| + | AddHandler phpMYPOOL-fastcgi .php | ||
| + | AllowOverride All | ||
| + | order deny,allow | ||
| + | deny from all | ||
| + | allow from all | ||
| + | </Directory> | ||
| + | |||
| + | </syntaxhighlight>then just do signal-event webapps-update | ||
=== Uninstall === | === Uninstall === | ||
| Line 86: | Line 436: | ||
<!-- list of category you want to see this page in --> | <!-- list of category you want to see this page in --> | ||
| − | [[Category: | + | [[Category: Deprecated_Contrib]] |
| − | |||
<!-- Please keep there the template revision number as is --> | <!-- Please keep there the template revision number as is --> | ||
Latest revision as of 22:30, 4 February 2023
Maintainer
Version
Description
This contribs allow you to run php-fpm for php version from 5.6 to 7.3 on CentOS 6 (SME9). This contrib will likely not be needed directly for your own usage, unless you know what you want to do with it, but rather called by another contribs needing a specific version of php running.
Installation
yum --enablerepo=smecontribs install smeserver-php-fpm
you then need to issue the usual
signal-event post-upgrade; signal-event reboot
or you can do
signal-event webapps-update
service php-fpm start
service php56-php-fpm start
service php70-php-fpm start
service php71-php-fpm start
service php72-php-fpm start
service php73-php-fpm start
Configuration
you can list the available configuration with the following command :
config show php-fpm
config show php56-php-fpm
config show php70-php-fpm
config show php71-php-fpm
config show php72-php-fpm
config show php73-php-fpm
Some of the properties are not shown, but are defaulted in a template or a script. You can set those values for the php-fpm version you want, or you can set it against a particular share folder. Empty or missing property in the db means default value is used.
Here a more comprehensive list with default and expected values :
| property | default | values |
|---|---|---|
| status | enabled | enabled,disabled |
| MemoryLimit | 128M | |
| MaxExecutionTime | 30 | |
| MaxInputTime | 60 | |
| AllowUrlFopen | off | |
| MaxChildren | 15 | |
| PostMaxSize | 10M | |
| UploadMaxFilesize | 10M | |
| OpenBasedir | ||
| DisableFunctions | system,show_source, symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd |
config setprop php72-phpfpm PHPMemoryLimit 256M
signal-event webapps-update
more values specifics for shares:
| property | default | values | information |
|---|---|---|---|
| PHPVersion | 56,70,71,72,73 | should be set one value | |
| PHPCustomPool | string | use of a custom pool defined elsewhere, see use my own pool section. Keep it empty to use the share specific pool. | |
| DynamicContent | disabled | enabled,disabled | need to be enabled |
db accounts setprop SHARENAME PHPVersion 72 PHPMemoryLimit 256M
signal-event webapps-update
For contribs creators
you can either call an existing php-pool or create your own one. As an example you can check smeserver-nextcloud. The following template will make a dedicated php 7.1 pool with php setting adapted for Nextcloud.
vim /etc/e-smith/templates/etc/php-fpm.d/www.conf/15Nextcloud
{
if ($PHP_VERSION eq '71'){
if (($nextcloud{'status'} || 'disabled') eq 'enabled'){
my $max_upload_size = ($nextcloud{MaxUploadSize} || '4096');
$max_upload_size .= 'M' if ($max_upload_size =~ m/^\d+$/);
my $memory_limit = ($nextcloud{MemoryLimit} || '512M');
$memory_limit .= 'M' if ($memory_limit =~ m/^\d+$/);
my $id = 'nextcloud';
$OUT .=<<_EOF;
[php$PHP_VERSION-$id]
user = www
group = www
listen.owner = root
listen.group = www
listen.mode = 0660
listen = /var/run/php-fpm/php$PHP_VERSION-$id.sock
pm = dynamic
pm.max_children = 15
pm.start_servers = 3
pm.min_spare_servers = 3
pm.max_spare_servers = 4
pm.max_requests = 1000
php_admin_value[session.save_path] = /var/lib/php/$id/session
php_admin_value[session.gc_maxlifetime] = 86400
php_admin_value[opcache.file_cache] = /var/lib/php/$id/opcache
php_admin_value[upload_tmp_dir] = /var/lib/php/$id/tmp
php_admin_value[error_log] = /var/log/php/$id/error.log
slowlog = /var/log/php/nextcloud/slow.log
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f php@{ $DomainName }
php_admin_flag[display_errors] = off
php_admin_flag[log_errors] = on
php_admin_value[error_log] = syslog
php_admin_value[memory_limit] = $memory_limit
php_admin_value[max_execution_time] = 3600
php_admin_value[post_max_size] = $max_upload_size
php_admin_value[upload_max_filesize] = $max_upload_size
php_admin_value[disable_functions] = system, show_source, symlink, exec, nextcloud, shell_exec, passthru, phpinfo, escapeshellarg, escapeshellcmd
php_admin_value[open_basedir] = /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo
php_admin_flag[allow_url_fopen] = on
php_admin_flag[file_upload] = on
php_admin_flag[session.cookie_httponly] = on
php_admin_flag[allow_url_include] = off
php_admin_value[session.save_hannextclouder] = files
php_admin_flag[output_buffering] = off
_EOF
}
else{
$OUT .= '; Nextcloud is disabled';
}
}
you will also need two httpd.conf template fragment: vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/68FastCGIConfig15nextcloud
{
if ($fastcgi_mod eq 'mod_fastcgi'){
$OUT .=<<_EOF;
Action phpnextcloud-fastcgi /php-cgi-bin/phpnextcloud-wrapper
Alias /php-cgi-bin/phpnextcloud-wrapper /var/www/php-cgi-bin/phpnextcloud-wrapper
FastCgiExternalServer /var/www/php-cgi-bin/phpnextcloud-wrapper -socket /var/run/php-fpm/php71-nextcloud.sock -pass-header Authorization -idle-timeout 120
_EOF
}
}
vim /etc/e-smith/templates/etc/httpd/conf/httpd.conf/98nextcloud
{
my $access = $nextcloud{'access'} || 'private';
my $allow = ($access eq 'public')?'all':"$localAccess $externalSSLAccess";
my $authtype = $nextcloud{'Authentication'} || 'none';
my $alias = (($nextcloud{'AliasOnPrimary'} || 'enabled') eq 'enabled') ?
'Alias /nextcloud /usr/share/nextcloud' : '';
my $maxupload = $nextcloud{'MaxUploadSize'} || '1024';
my $maxpost = $maxupload+1;
$maxupload .= 'M';
$maxpost .= 'M';
my $auth = '';
if ($authtype eq 'http'){
$auth =<<'EOF';
<FilesMatch "^(admin|rest)\.php">
SSLRequireSSL on
AuthName "nextcloud"
AuthType Basic
AuthBasicProvider external
AuthExternal pwauth
Require valid-user
</FilesMatch>
EOF
}
if ($nextcloud{'status'} eq 'enabled'){
my $php =<<_EOF;
AddType application/x-httpd-php .php
php_admin_flag file_upload On
php_admin_flag magic_quotes Off
php_admin_flag magic_quotes_gpc Off
php_admin_value upload_max_filesize $maxupload
php_admin_value post_max_size $maxpost
php_admin_value memory_limit 512M
php_admin_flag output_buffering Off
php_admin_value max_execution_time 0
php_admin_value upload_tmp_dir /var/lib/nextcloud/tmp
php_admin_value session.save_path /var/lib/nextcloud/tmp
php_admin_value session.gc_maxlifetime 86400
php_admin_value open_basedir /usr/share/nextcloud:/var/lib/nextcloud:/var/log/nextcloud.log:/var/lib/php/nextcloud:/home/e-smith/files/nextcloud:/dev/urandom:/proc/meminfo
_EOF
if ($fastcgi_mod eq 'mod_fastcgi'){
$php = " AddHandler phpnextcloud-fastcgi .php\n";
}
elsif ($fascgi_mod eq 'mod_proxy_fcgi'){
$php =<<'_EOF';
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/php-fpm/php71-nextcloud.sock|fcgi://localhost"
</FilesMatch>
_EOF
}
my $config =<<_EOF;
<Directory "/usr/share/nextcloud">
Options +FollowSymLinks
AllowOverride All
$php
order deny,allow
deny from all
allow from $allow
$auth
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /usr/share/nextcloud
SetEnv HTTP_HOME /usr/share/nextcloud
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=\$1
</Directory>
<Directory "/home/e-smith/files/nextcloud/data/">
# just in case if .htaccess gets disabled
deny from all
</Directory>
_EOF
$OUT .=<<"END"
# nextcloud Configuration
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000"
</IfModule>
$alias
$config
Redirect 301 /.well-known/carddav /nextcloud/remote.php/dav
Redirect 301 /.well-known/caldav /nextcloud/remote.php/dav
END
}
else{
$OUT .= "# nextcloud is disabled\n";
}
}
Of course you will need to process both httpd.conf, php-fpm specific version and restart both httpd-e-smith and the php-fpm version you use.
You will also need specific code to create the destination directories for php usage : see /etc/e-smith/events/actions/php-pool-dirs from this contrib
Create and use my own pool
using the default template : /etc/e-smith/templates/etc/php-fpm.d/custom.conf , you can set your own pool doing:
db php set MYPOOLNAME pool Version 72 status enabled
here are the accepted supplementary properties, as always missing or empty means using default.
| property | default | values | information |
|---|---|---|---|
| status | enabled | enabled,disabled | |
| MemoryLimit | 128M | ||
| MaxExecutionTime | 30 | ||
| MaxInputTime | 60 | ||
| AllowUrlFopen | off | ||
| MaxChildren | 15 | ||
| PostMaxSize | 10M | ||
| UploadMaxFilesize | 10M | ||
| file_upload | enabled | ||
| OpenBasedir | |||
| DisabledFunctions | system,show_source,symlink,exec,dl,shell_exec,passthru,phpinfo,escapeshellarg,escapeshellcmd | ||
| User | www | ||
| Group | www | ||
| DisplayErrors | disabled | ||
| LogErrors | disabled |
you will then need two httpd.conf custom template fragment to use your pool. You will need to change MYPOOL to what you want
mkdir -p /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/
vim /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/98mypoolusage
<Directory /home/e-smith/files/ibays/test/html>
SSLRequireSSL
Options None
Options +Indexes
Options +FollowSymLinks
DirectoryIndex index.php index.shtml index.htm index.html
AddHandler phpMYPOOL-fastcgi .php
AllowOverride All
order deny,allow
deny from all
allow from all
</Directory>
then just do signal-event webapps-update
Uninstall
yum remove smeserver-php-fpm php-fpm
Bugs
Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-php-fpm component or use this link
Below is an overview of the current issues for this contrib:
No open bugs found.
Changelog
Only released version in smecontrib are listed here.
