HOW TO SET UP NGINX WITH PHP-FPM
This thread is to show you how you can set up nginx with php-fpm in a basic set up. Note that these are only the minimum steps to be done to get a working setup.
You might consider making additional changes to further harden and secure your configuration.
STEP 1: INSTALL NGINX, PHP AND PHP-FPM
Install nginx, php and php-fpm using apt as packaging system:
sudo apt-get install nginx php php-fpm
STEP 2: CONNECT NGINX WITH PHP-FPM
Open the file /etc/nginx/sites-available/default and scroll to the following section:
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
Now edit it to look like this :
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
NOTE: The entry /run/php/php7.4-fpm.sock can be different. If you have installed a different php version like for example 8.2 the entry would also be /run/php/php8.2-fpm.sock
STEP 3: CHECK USER AND GROUP OF PHP-FPM
To work correctly, the php-fpm user needs to be able to access ucs_client.sh and the related directory with read/write access. But in a standard setup php-fpm runs under the same user and group as the webserver nginx which is www-data. User www-data has very limited read/write access and might not be able to access any location outside it’s home directory /var/www/. So you either make this directory accessible for user www-data or change the user and group under which php-fpm is started.
To change the user and group under which php-fpm is started you have to modify /etc/php/<VERSION_NUMBER>/fpm/pool.d/www.conf (change <VERSION_NUMBER> to your version):
; Unix user/group of the child processes. This can be used only if the master
; process running user is root. It is set after the child process is created.
; The user and group can be specified either by their name or by their numeric
; IDs.
; Note: If the user is root, the executable needs to be started with
; --allow-to-run-as-root option to work.
; Default Values: The user is set to master process running user by default.
; If the group is not set, the user's group is used.
user = www-data
group = www-data
You have to change user and group from www-data to your user and group.
Finally you need to modify the file php.ini to ensure that users can upload files bigger than 10mb. The parameters to change are post_max_size and upload_max_filesize. Please consider that the value for post_max_size must be greater than upload_max_filesize. The reason is when a file is being uploaded there is also form-data to be transferred.
We suggest you simply add 2mb to the value of upload_max_filesize for post_max_size :
; Maximum allowed size for uploaded files.
upload_max_filesize = 40M
; Must be greater than or equal to upload_max_filesize
post_max_size = 42M
STEP 4: START NGINX AND PHP-FPM
The following commands to start/stop php-fpm are based on the systemctl service name of php version 7.4 (php7.4-fpm) which means that If you have installed a different version than 7.4 the service name is different (for example php8.2-fpm for version 8.2).
Start commands:
To start the services on systemd based systems type:
sudo systemctl start nginx && sudo systemctl start php7.4-fpm
To start the services on sysvinit based systems type:
sudo service nginx start && sudo service php7.4-fpm start
Stop commands:
To stop the services on systemd based systems type:
sudo systemctl stop nginx && sudo systemctl stop php7.4-fpm
To stop the services on sysvinit based systems type:
sudo service nginx stop && sudo service php7.4-fpm stop