Nginx installation and configuration

The configuration is nginx HTTP server, PHP FastCGI Process Manager (PHP-FPM), and the Alternative PHP Cache (APC).

Installation

The first step is to download the nginx software from the Nginx website. If using the Ubuntu distribution, following are the steps,

(i) Download the nginx signing keys from the Nginx website,

$ wget http://nginx.org/keys/nginx_signing.key

(ii) Add this key to the apt keyring,

$ sudo apt-key add nginx_signing.key

(iii) Add the following lines at the end of the file, /etc/apt/sources.list

deb http://nginx.org/packages/ubuntu/ version-code nginx deb-src http://nginx.org/packages/ubuntu/ version-code nginx

In the above two lines, replace version-code, with the value for the relevant Ubuntu version.

version-code - for Ubuntu Linux versions
Ubuntu version version-code
10.04 lucid
12.04 precise
14.04 trusty

(iv) Install the software by giving the commands,

$ sudo apt-get update $ sudo apt-get install nginx

(v) verify the nginx version installed,

$ nginx -v

The next step is to install PHP-FPM.

$ sudo apt-get install php5-fpm $ sudo apt-get install php-pear $ sudo apt-get install libpcre3-dev

Next, open the file /etc/php5/fpm/php.ini in a text editor. In this file, find the entry, cgi.fix_pathinfo and set it to zero. That is, set

cgi.fix_pathinfo=0

Finally, go to the directory, /etc/php5/fpm/pool.d. Open the file, www.conf, in your favorite text editor. In this file, locate the line

listen = 127.0.0.1:9000

Change this line to,

listen = /tmp/php-fpm.sock

Also add/uncomment the following lines,

listen.owner = www-data listen.group = www-data

We need to enable the OPcache. OPcache is compiled by default in PHP 5.5+ but is not enabled. Open the file, /etc/php5/fpm/php.ini, search for string opcache and uncomment or add the following lines,

opcache.enable=1 opcache.memory_consumption=128 opcache.interned_strings_buffer=8 opcache.max_accelerated_files=4000 opcache.max_wasted_percentage=5 opcache.use_cwd=1 opcache.validate_timestamps=1 opcache.revalidate_freq=60 opcache.revalidate_path=0 opcache.save_comments=0 opcache.load_comments=0 opcache.fast_shutdown=1 opcache.enable_file_override=1 opcache.optimization_level=0xffffffff opcache.inherited_hack=1 opcache.dups_fix=0 opcache.force_restart_timeout=180 opcache.error_log=/var/log/opcache/opcache.log opcache.log_verbosity_level=1

Reboot the system so that the changes take effect.

Configuration

nginx is configured as per the directives in the configuration file /etc/nginx/nginx.conf. The configuration file follows a block structured syntax, where blocks can be nested and the directives of an outer block apply to the inner block. Also, there can be some global directives. The following is a sample nginx.conf file.

user www-data www-data; worker_processes 2; pid /var/run/nginx.pid; events { worker_connections 2048; } http { index index.php index.html index.htm; include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; client_header_buffer_size 1k; gzip on; gzip_min_length 1100; gzip_buffers 4 8k; gzip_types text/plain; output_buffers 1 32k; postpone_output 1460; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 75 20; # first "virtual" host server { server_name www.domain1.com; root /var/www/domain1/; access_log /var/log/domain1/access.log main; error_log /var/log/domain1/error.log warn; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location = /backup { deny all; } location ~* \.(txt|log)$ { allow 127.0.0.1; deny all; } location ~ \..*/.*\.php$ { return 403; } location / { try_files $uri $uri/ @rewrite; expires max; } location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } location ~ \.php$ { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; fastcgi_pass unix:/tmp/php-fpm.sock; } } # to ensure that http://domain1.com is re-written as http://www.domain1.com server { server_name domain1.com; return 301 $scheme://www.domain1.com$request_uri; } # second "virtual" host server { server_name domain2.com; root /var/www/domain2/; access_log /var/log/domain2/access.log main; error_log /var/log/domain2/error.log warn; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location = /backup { deny all; } location ~* \.(txt|log)$ { allow 127.0.0.1; deny all; } location ~ \..*/.*\.php$ { return 403; } location / { try_files $uri $uri/ @rewrite; expires max; } location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } location ~ \.php$ { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; fastcgi_pass unix:/tmp/php-fpm.sock; } } # to ensure that http://www.domain2.com is re-written as http://domain2.com server { server_name www.domain2.com; return 301 $scheme://domain2.com$request_uri; } # default "catch-all" server block server { listen 80 default_server; server_name _; # invalid server name; will never trigger a real host name access_log /var/www/log/default/access.log main; server_name_in_redirect off; root /var/www/default; } }

The file, fastcgi_params, is,

fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param HTTPS $https if_not_empty; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200;

Finally, edit the file, /etc/php5/fpm/pool.d/www.conf. Open this file in a text editor and find the line,

listen = 127.0.0.1:9000

Change this line to,

listen = /tmp/php-fpm.sock

Save the file and reset the computer so that above changes take effect. If any further change is made in the nginx configuration file, the nginx server can be restarted with the command,

$ sudo invoke-rc.d nginx restart

Software: