Day 20 of 100 Days of Devops
Configure Nginx + PHP-FPM Using Unix Sock
The Nautilus application development team is planning to launch a new PHP-based application, which they want to deploy on Nautilus infra in Stratos DC. The development team had a meeting with the production support team and they have shared some requirements regarding the infrastructure. Below are the requirements they shared:
a. Install nginx on app server 3 , configure it to use port 8098 and its document root should be /var/www/html.
b. Install php-fpm version 8.2 on app server 3, it must use the unix socket /var/run/php-fpm/default.sock (create the parent directories if don’t exist).
c. Configure php-fpm and nginx to work together.
d. Once configured correctly, you can test the website using curl http://stapp03:8098/index.php command from jump host.
NOTE: We have copied two files, index.php and info.php, under /var/www/html as part of the PHP-based application setup. Please do not modify these files.
Setting up Nginx
This time round we will be using root access to confiure the nginx and php
Installing Nginx
1
2
3
4
5
sudo -i
sudo su -
yum install nginx -y
yum install net-tools -y # this is optional for checking the ports and process running
Configuring Nginx
You will have to change the port as mentioned in problem statement in nginx
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
server {
listen 8096; # Change the port
listen [::]:8096; # Change the port
server_name _;
root /var/www/html; # change the root path
# Make sure you have to place this block above nginx default config
location ~ \.php$ {
include fastcgi_params; # https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_params
fastcgi_pass unix:/var/run/php-fpm/default.sock; #https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_pass
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; #SCRIPT_FILENAME will be coming from request $document_root is the root path ,$fastcgi_script_name is the variable name of the script
}
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
Then restart nginx systemctl restart nginx
Configuring system repository to use specific php-fpm package
Since the Cent OS operating system is using dnf package manager we will have to use DNF
1
2
3
4
5
6
dnf update -y sudo dnf upgrade -y
dnf install -y https://rpms.remirepo.net/enterprise/remi-release-9.rpm
dnf module reset php -y # reset existing module streams
dnf module enable php:remi-8.2 -y # enable ver 8.2
dnf install -y php-fpm php-cli php-mysqlnd php-pgsql php-gd php-xml php-mbstring php-curl php-zip php-bcmath # Install php fpm and extenions
Configuring php-fpm.d
Configuring php-fpm usually the path is under /etc/php-fpm.d/www.conf
We will edit the file
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
; Note: This value is mandatory.
listen = /var/run/php-fpm/default.sock ; <- Change the sock file name to use accordingly to requirement
; Set listen(2) backlog.
; Default Value: 511
;listen.backlog = 511
; Set permissions for unix socket, if one is used. In Linux, read/write
; permissions must be set in order to allow connections from a web server.
; Default Values: user and group are set as the running user
; mode is set to 0660
;listen.owner = nobody
;listen.group = nobody
;listen.mode = 0660
listen.owner = nginx ; This is important because Nginx user is going to listen the socks file
listen.group = nginx ;
listen.mode = 0660 ; grants read and write access to both the file's owner and the file's group, while denying all access to
; all other users ("others")
user = nginx
group = nginx
##
Then restart the service using systemctl restart php-fpm
Verification using curl from bastion(jumphost)
curl http://stapp02:8096/index.php
Thats all for today Thx Bye