In my first screen cast ever, I'll guide you through setting up Nginx with php-fpm on Ubuntu 10.04. The text instructions and snippets used in the video are located below.
http://www.youtube.com/watch?v=BmF638hV-bw&
Nginx/PHP package installation
cd /tmp
# Add a necessary repository.
sudo apt-get install python-software-properties
sudo add-apt-repository ppa:brianmercer/php
sudo apt-get update
# Install nginx,php5, and php5-fpm
sudo apt-get install nginx
sudo apt-get install php5-cli php5-common php5-mysql php5-suhosin php5-gd php5-dev
sudo apt-get install php5-fpm php5-cgi php-pear php5-memcache php-apc
Testing Nginx and php-fpm installations
Verify php5-fpm can start
$ sudo service php5-fpm start
Create a symbolic link to the default sites-available file to test nginx.
$ cd /etc/nginx/sites-enabled
$ sudo ln -s ../sites-available/default default
$ sudo service nginx start
You should now be able to visit myvps.com (or your equivalent) and see "Welcome to Nginx!" If the installation
was successful, remove the symbolic link and stop our processes.
$ sudo rm default
$ sudo service nginx stop
$ sudo service php5-fpm stop
Nginx configuration
Credit to Wordpress for these configuration files.
Move to nginx directory
$ cd /etc/nginx
Edit the nginx.conf file. Replace the contents with what's below. Note that you must use sudo when editing all these nginx configuration files.
# Generic startup file.
user www-data;
worker_processes 2;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
# Keeps the logs free of messages about not being able to bind().
#daemon off;
events {
worker_connections 1024;
}
http {
# rewrite_log on;
include mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
sendfile on;
# tcp_nopush on;
keepalive_timeout 3;
# tcp_nodelay on;
# gzip on;
client_max_body_size 13m;
index index.php index.html index.htm;
# Upstream to abstract backend connection(s) for PHP.
upstream php {
# server unix:/tmp/php-fpm.sock;
server 127.0.0.1:9000;
}
include sites-enabled/*;
# The default server.
server {
listen 80 default;
server_name everythingelse;
# Everything is a 404
location / {
return 404;
}
}
}
Move to the sites-available directory.
$ cd sites-available
Create a file named myvps.com and paste in the following:
# Redirect everything to the main site.
server {
server_name myvps.com *.myvps.com;
root /var/www/myvps.com;
if ($http_host != "myvps.com") {
rewrite ^ http://myvps.com$request_uri permanent;
}
include global/restrictions.conf;
include global/php5-fpm.conf;
}
Create a global directory within the nginx directory.
$ cd /etc/nginx
$ sudo mkdir global
$ cd global
Create a file called restrictions.conf within the global directory and paste in the following:
# Global restrictions configuration file.
# Designed to be included in any server {} block.
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
Now create a php5-fpm.conf file within the global directory and paste in the following:
# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
# Zero-day exploit defense.
# http://forum.nginx.org/read.php?2,88845,page=3
# Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked.
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_intercept_errors on;
fastcgi_pass php;
}
Setting up the site
Activate our server configuration via symbolic link in the sites-enabled directory
$ cd /etc/nginx/sites-enabled
$ sudo ln -s ../sites-available/myvps.com myvps.com
Now navigate to our www directory, where we will store our sites.
$ cd /var/www
Create a web group
$ sudo groupadd web
Add your administrative user to the web group
$ sudo usermod -a -G web YOURUSER
If you're logged in as the administrative user (which you most likely are), log out and log back in. Verify
the user is a part of the web group
$ groups
Now make the web group the group of the directory
$ sudo chgrp web /var/www
Make the ```/var/www``` directory group writable.
$ sudo chmod -R 775 /var/www
Make all files subsequently created in the /var/www directory belong to the web group
$ sudo chmod g+s /var/www
Now we can create the myvps.com directory
$ mkdir myvps.com
$ cd myvps.com
Create an index.php file and paste in the following
<!--?php phpinfo(); ?-->
Now start nginx
$ sudo service nginx start
The web page won't display because we haven't started php5-fpm
$ sudo service php5-fpm start
Now we should be able to see our phpinfo in the browser!
February 12, 2012
Joseph is the lead developer of Vert Studios
Follow Joseph on Twitter: