Tummblr

Nginx (pronounced “Engine X”) is a high performance web server (and proxy server, but we will be using it as a web server here). In small VPS environments where memory is precious, Apache is at best overkill and uses memory that could be spent elsewhere (like MySQL query caching), at worst a terrible bottleneck that will consistently bring down your site under very moderate loads. If you are willing to live without .htaccess files and Apache-style mod_rewrite rules, Nginx is a great replacement that will lower memory usage and increase performance.

This is a draft. Comments, suggestions, corrections, improvements are very much welcome!

Lighttpd (pronounced “Lighty”) is another strong contender as a replacement web server for Apache, but reports (like this and this) of persistent memory leaks in Lighttpd led me to choose Nginx. Google for articles about Nginx yourself, or read some of these:

• Nginx - Small, But Very Powerful and Efficient Web Server
• Nginx vs. Lighttpd for a small VPS
• Singing the praises of Nginx

These instructions have been tested on a 256MB VPS slice at Slicehost. YMMV.

How do we make PHP work with Nginx? Nginx supports the FastCGI protocol, and can communicate with PHP running as a FastCGI process. When a user visits a PHP page, Nginx passes the request to PHP for processing, then passes the results from PHP back to the user. Unfortunately, Nginx does not have built-in support for starting PHP as a FastCGI daemon. Therefore, we will “borrow” Lighttpd’s handy spawn-fcgi application to help us make PHP run as a FastCGI daemon.

1. Set the package-specific USE flags for a minimal installation.
   Open /etc/portage/package.use
   My flags are as follows:

   dev-db/mysql            -*
   dev-lang/php            -* cgi curl discard-path force-cgi-redirect threads bzip2 crypt ctype ftp gd hash mysql mysqli pcre posix session simplexml spl tokenizer xml xmlreader xmlwriter zip-external zlib
   net-misc/openssh        -* chroot hpn pam
   www-servers/lighttpd    -* fastcgi minimal
   www-servers/nginx       -* fastcgi pcre zlib

2. Compile PHP, Lighttpd and Nginx. Note that Lighttpd will only take up a very small amount of disk space and consume no other system resources since we will not execute it. Go grab a drink.

   emerge -va php lighttpd nginx

3. First, we must use spawn-fcgi to start PHP as a FastCGI daemon. The simplest way is to use Gentoo’s init script for spawn-fcgi.
   /etc/init.d/spawn-fcgi start
rc-config add spawn-fcgi

   However, Gentoo’s spawn-fcgi init script has some limitations and funky behavior. It only allows you to run one single FastCGI application (i.e. you cannot run PHP and Rails with it). Also, php-cgi launched by spawn-fcgi seems to have the incorrect PID and username. Therefore, I decided to use an improved init script written by James Le Cuirot that is not included in Portage.

   James’s script (I named it spawn-fcgi-new) allows multiple FastCGI applications by using one symlink and one config file per application. Each of the symlinks, like fcgi.php or fcgi.rails, points to spawn-fcgi-new. Each of the symlinks have corresponding config files in /etc/conf.d, like fcgi.php or fcgi.rails. To launch an FastCGI daemon, one calls the appropriate symlink, like fcgi.php to start php-cgi. spawn-fcgi-new is never executed directly.

   Vote for this bug to encourage Gentoo devs to consider James’s script.

   Create /etc/init.d/spawn-fcgi-new with the following contents: (source)

   #!/sbin/runscript
   # Copyright 1999-2006 Gentoo Foundation
   # Distributed under the terms of the GNU General Public License v2
   # $Header: $
    
   FILENAME=$(basename "$1")
   PROGNAME=${FILENAME/fcgi./}
   SPAWNFCGI=/usr/bin/spawn-fcgi
   PIDPATH=/var/run/spawn-fcgi
   PIDFILE=${PIDPATH}/${PROGNAME}
    
   depend() {
   	need net
   }
    
   start() {
   	if [[ "${FILENAME}" == "spawn-fcgi" ]]; then
   		eerror "You are not supposed to run this script directly. Create a symlink"
   		eerror "for the FastCGI application you want to run as well as a copy of the"
   		eerror "configuration file and modify it appropriately like so..."
   		eerror
   		eerror "  ln -s spawn-fcgi /etc/init.d/fcgi.trac"
   		eerror "  cp /etc/conf.d/spawn-fcgi /etc/conf.d/fcgi.trac"
   		eerror "  $(basename "${EDITOR}") /etc/conf.d/fcgi.trac"
   		eerror
   		eerror "The new name must start with \"fcgi.\" or it won't work."
   		return 1
   	fi
    
   	local X E PHP_FCGI_CHILDREN_OPTION USER_OPTION GROUP_OPTION SOCKET_OPTION PORT_OPTION RETVAL
    
   	if [[ -z "${FCGI_WEB_SERVER_ADDRS}" ]]; then
   		FCGI_WEB_SERVER_ADDRS=127.0.0.1
   	fi
    
   	if [[ -n "${PHP_FCGI_CHILDREN}" ]]; then
   		PHP_FCGI_CHILDREN_OPTION="-C ${PHP_FCGI_CHILDREN}"
   	fi
    
   	if [[ -z "${FCGI_CHILDREN}" ]]; then
   		FCGI_CHILDREN=1
   	fi
    
   	if [[ -n "${FCGI_USER}" ]] && [[ "${FCGI_USER}" != "root" ]]; then
   		USER_OPTION="-u ${FCGI_USER}"
   	fi
    
   	if [[ -n "${FCGI_GROUP}" ]] && [[ "${FCGI_GROUP}" != "root" ]]; then
   		GROUP_OPTION="-g ${FCGI_GROUP}"
   	fi
    
   	ALLOWED_ENV="$ALLOWED_ENV USER GROUPS PHP_FCGI_MAX_REQUESTS FCGI_WEB_SERVER_ADDRS RAILS_ENV TRAC_ENV_PARENT_DIR TRAC_ENV"
   	unset E
    
   	for i in ${ALLOWED_ENV}; do
   		[[ -n "${!i}" ]] && E="${E} ${i}=${!i}"
   	done
    
   	# Store all spawn-fcgi PIDs in the same place.
   	install -d "${PIDPATH}" -m 0700 -o root
    
   	ebegin "Starting FastCGI application ${PROGNAME}"
   	for X in `seq 1 ${FCGI_CHILDREN}`; do
   		[[ -n "${FCGI_SOCKET}" ]] && SOCKET_OPTION="-s ${FCGI_SOCKET}-${X}"
   		[[ -n "${FCGI_PORT}" ]] && PORT_OPTION="-p $((${FCGI_PORT} + ${X} - 1))"
    
   		env - ${E} ${SPAWNFCGI} ${SOCKET_OPTION} ${PORT_OPTION} -f ${FCGI_PROGRAM} -P ${PIDFILE}-${X}.pid ${USER_OPTION} ${GROUP_OPTION} ${PHP_FCGI_CHILDREN_OPTION} &> /dev/null
   		RETVAL=$?
    
   		# Stop on error. Dont want to spawn a mess!
   		[[ "${RETVAL}" != "0" ]] && break
   	done
   	eend ${RETVAL}
   }
    
   stop() {
   	local X RETVAL
    
   	ebegin "Stopping FastCGI application ${PROGNAME}"
   	kill `for X in ${PIDFILE}-[0-9]*.pid; do cat $X; echo -n ' '; done` &> /dev/null
   	RETVAL=$?
   	eend ${RETVAL}
    
           rm -f ${PIDFILE}-[0-9]*.pid
           return $RETVAL
   }

4. Make spawn-fcgi-new executable

   chmod +x /etc/init.d/spawn-fcgi-new

5. Create a symlink for launching php-cgi, called fcgi.php

   ln -s /etc/init.d/spawn-fcgi-new /etc/init.d/fcgi.php

   Now /etc/init.d/fcgi.php points to /etc/init.d/spawn-fcgi-new.

6. Create a corresponding config file for fcgi.php
   Create /etc/conf.d/fcgi.php with the following contents: (source)

   # Copyright 1999-2006 Gentoo Foundation
   # Distributed under the terms of the GNU General Public License v2
   # $Header: $
    
   # DO NOT MODIFY THIS FILE DIRECTLY! CREATE A COPY AND MODIFY THAT INSTEAD!
    
   # One of the following options must be enabled. The filename specified by 
   # FCGI_SOCKET will be suffixed with a number for each child process, for
   # example, fcgi.socket-1. The port specified by FCGI_PORT is the port used
   # by the first child process. If this is set to 1234 then subsequent child
   # processes will use 1235, 1236, etc.
   #
   #FCGI_SOCKET=/path/to/fcgi.socket
   FCGI_PORT=1026
    
   # When using FCGI_PORT, connections will only be accepted from the
   # following addresses. The default is 127.0.0.1.
   #
   FCGI_WEB_SERVER_ADDRS=127.0.0.1
    
   # The path to your FastCGI application. These sometimes carry the .fcgi
   # extension but not always. For PHP, you should usually point this to
   # /usr/bin/php-cgi.
   #
   FCGI_PROGRAM=/usr/bin/php-cgi
    
   # The number of child processes to spawn. The default is 1. For PHP
   # applications, set this to 1 and use PHP_FCGI_CHILDREN instead.
   #
   FCGI_CHILDREN=1
    
   # The user and group to run your application as. If you do not specify
   # these, the application will be run as root:root.
   #
   FCGI_USER=nginx
   FCGI_GROUP=nginx
    
   # If your application requires additional environment variables, you need
   # to allow them here. Only the variables specified here, plus a few others
   # mentioned in the init script are passed to the application.
   #
   ALLOWED_ENV="PATH USER"
    
   # PHP ONLY :: These two options are specific to PHP. The first is
   # the number of child processes to spawn. The second is the number
   # of requests to be served by a single PHP processes before it is
   # restarted.
   #
   PHP_FCGI_CHILDREN=5
   PHP_FCGI_MAX_REQUESTS=500

7. Start PHP as a FastCGI process and make it always start on bootup.

   /etc/init.d/fcgi.php start
   rc-config add fcgi.php

8. Now that the php-cgi daemon is all set, we must configure Nginx to pass PHP requests onto php-cgi.
   Edit /etc/nginx/nginx.conf
   Insert the following in the “server { }” section, somewhere after the opening brace and before the closing brace

                   location ~ .*.php$ {
                           include /etc/nginx/fastcgi_params;
                           fastcgi_pass    127.0.0.1:1026;
                           fastcgi_index   index.php;
                           fastcgi_param   SCRIPT_FILENAME  /var/www/localhost/htdocs$fastcgi_script_name;
                   }

   “/var/www/localhost/htdocs/” should be replaced with the path to your web root.
   Make any other configuration changes that are necessary (will probably be covered in another post), like

                   listen          YOUR.IP.ADDRESS.HERE;

9. Start Nginx and make it always start on bootup.

   /etc/init.d/nginx start
   rc-config add nginx

Viola, you should now have a web server with PHP support. Try creating a dummy PHP file to make sure all is well.

< ?php phpinfo() ?>

Credit:

• Nginx, WordPress & fun
• www-servers/lighttpd: new init script for spawn-fcgi
• NginxFcgiExample

To-Do:
Replace spawn-fcgi with a generic script or a Gentoo-endorsed solution. Possible leads that I haven’t been able to figure out:

• Nginx With PHP As FastCGI Howto
• Nginx, PHP and a PHP FastCGI daemon init script
• Nginx HTTP Server + PHP5 (With fast-cgi And xcache) On Ubuntu Feisty Fawn
• bye Redskin, zdravstvujte Redstar (NginX tips)
• NginX, PHP, FastCGI
• HowTo : NginX - The Apache Replacement
• http://topfunky.net/svn/shovel/nginx/

If you liked this post, please subscribe to my feed. Thanks for visiting!

Related posts

• WP Super Cache should be safe to use (0)
• WP Super Cache disabled due to potential XSS vulnerabilities (0)
• User-friendly way of contributing to Ubuntu (0)
• Surfing anonymously with Tor and FoxyProxy is dead simple (0)
• Remove duplicate values from array: array_unique() variations and alternatives (0)