Setting up nginx + php-fpm + apc on CentOS 6.2 x64

in Linux


Here’s how I installed nginx + php-fpm + apc + mysql on CentOS 6.2 x64. This will likely work on version 6.3 as well. A big thanks to Remi from famillecollet.com for his stable binaries (repositories) on CentOS and Mell Zamora for creating a kick-ass CentOS guide where I based my installation.

Please note that in all instances during installation and configuration, I’ve been running as root so there’s no need to su or sudo.

Download Repositories

Let’s get started by adding the the necessary repositories:

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

Install and Configure MySQL

Install MySQL.

yum --enablerepo=remi install mysql mysql-server

Start MySQL and secure it.

service mysqld start
/usr/bin/mysql_secure_installation

When running mysql_secure_installation, just answer yes to all the prompts.

Install and Configure NGINX and PHP

Configure nginx repo.

nano /etc/yum.repos.d/nginx.repo

Add the following lines inside the nginx.repo file:

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

Install nginx, php-fpm and the necessary php modules.

yum --enablerepo=remi install nginx php php-fpm php-common
yum --enablerepo=remi install php-pear php-pdo php-mysql
yum --enablerepo=remi install php-pgsql php-pecl-memcache
yum --enablerepo=remi install php-gd php-mbstring php-mcrypt php-xml

Install and configure apc.

yum --enablerepo=remi install php-pecl-apc

The default APC settings will work out of the box but I suggest you read this article about limiting APC caching to specific virtual sites first if you intend to run a good number of sites on your server.

Configure nginx conf

nano /etc/nginx/nginx.conf

Use the following configuration.

user nginx;
## set to number of cpu cores
worker_processes 1;

error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    # turn off access log
    access_log off;
    server_names_hash_bucket_size   64;

    ## tcp options
    tcp_nodelay on;
    tcp_nopush on;
    keepalive_timeout 10;
    sendfile on;

    ## include virtual host conf
    include /etc/nginx/vhosts/*;
}

Create the directory for virtual hosts and create the virtual host conf file. A note, I turned off logging because I use CloudFlare and I find its access reporting better than using the nginx log file.

mkdir /etc/nginx/vhosts/
nano /etc/nginx/vhosts/domain.conf

Use the following configuration.

server
{
    server_name domain.com www.domain.com;
    error_log /var/log/nginx/domain.com.error.log crit;
    root /home/user/public_html;
    index index.php index.html index.htm;

    # use fastcgi for all php files
    location ~ \.php$
    {
        # secure *.php files
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$; 

        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

I usually setup the user and user directory in this particular manner after I create the corresponding domain.conf file.

adduser user
passwd user
mkdir /home/user/public_html
chown root:nginx /home/user/
chmod 775 /home/user/

Take note that whenever you upload files to public_html, you may need to chmod it to 775 and chown it to user:nginx. Configure php-fpm

nano /etc/php-fpm.d/www.conf

Use the following settings:

[www]
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
user = nginx
group = nginx
pm = dynamic
pm.max_children = 10
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 10
pm.max_requests = 500
request_terminate_timeout = 30
slowlog = /var/log/php-fpm/www-slow.log
catch_workers_output = yes
security.limit_extensions = .php
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
php_admin_value[session.save_path] = /tmp

Change owner of php-fpm folder:

chown -R nginx:nginx /var/log/php-fpm

Also set the logging level to warning on the main php-fpm configuration file found here /etc/php-fpm.conf so that the log file won’t get bloated by php notices.

log_level = warning

Your configuration is done at this point.

Start and Configure Services

service nginx start
service php-fpm start

If both daemons ran without a hitch then configure all to start on boot.

chkconfig nginx on
chkconfig php-fpm on
chkconfig mysqld on

Test NGINX

Before you do any tests disable iptables first, this will be configured later on after we are sure everything is running fine.

service iptables stop

Now try accessing whatever domain you’ve setup on your virtual host, in this case domain.com. If you got everything right you should see a 403 nginx page. That’s all folks.

 

{ 1 comment… read it below or add one }

Chuck Jennings January 18, 2014 at 3:23 am

These variables are used to set up your initial site, its directory structure (geared for adding sites) and its configuration (virtual host) file.

Leave a Comment

Previous post:

Next post: