FreeBSD ➔ PHP-FPM


Writing Icon

Lizenz: Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0)
Letzte Aktualisierung:
Veröffentlicht:
Verfasser: Markus Kohlmeyer


Zu den Voraussetzungen für dieses HowTo siehe bitte: FreeBSD ➔ WebHosting System ➔ Voraussetzungen

Einleitung

Unser WebHosting System wird folgende Dienste umfassen.

  • PHP 7.2.5 (PHP-FPM, Composer, PEAR)

Installation

Wir installieren lang/php72 und dessen Abhängigkeiten.

cat >> /etc/make.conf << "EOF"
DEFAULT_VERSIONS+=php=7.2
"EOF"
mkdir -p /var/db/ports/lang_php72
cat > /var/db/ports/lang_php72/options << "EOF"
_OPTIONS_READ=php72-7.2.5
_FILE_COMPLETE_OPTIONS_LIST=CLI CGI FPM EMBED PHPDBG LINKTHR ZTS
OPTIONS_FILE_SET+=CLI
OPTIONS_FILE_SET+=CGI
OPTIONS_FILE_SET+=FPM
OPTIONS_FILE_SET+=EMBED
OPTIONS_FILE_UNSET+=PHPDBG
OPTIONS_FILE_SET+=LINKTHR
OPTIONS_FILE_SET+=ZTS
"EOF"

cd /usr/ports/lang/php72
make config-recursive all install clean-depends clean

echo 'php_fpm_enable="YES"' >> /etc/rc.conf

PHP-Extensions installieren

Wir installieren lang/php72-extensions und dessen Abhängigkeiten.

mkdir -p /var/db/ports/converters_libiconv
cat > /var/db/ports/converters_libiconv/options << "EOF"
_OPTIONS_READ=libiconv-1.14
_FILE_COMPLETE_OPTIONS_LIST=ENCODINGS PATCHES
OPTIONS_FILE_SET+=ENCODINGS
OPTIONS_FILE_SET+=PATCHES
"EOF"

mkdir -p /var/db/ports/devel_nasm
cat > /var/db/ports/devel_nasm/options << "EOF"
_OPTIONS_READ=nasm-2.13.03
_FILE_COMPLETE_OPTIONS_LIST=RDOFF
OPTIONS_FILE_SET+=RDOFF
"EOF"

mkdir -p /var/db/ports/devel_oniguruma
cat > /var/db/ports/devel_oniguruma/options << "EOF"
_OPTIONS_READ=oniguruma-6.8.1
_FILE_COMPLETE_OPTIONS_LIST=STATISTICS
OPTIONS_FILE_UNSET+=STATISTICS
"EOF"

mkdir -p /var/db/ports/graphics_giflib
cat > /var/db/ports/graphics_giflib/options << "EOF"
_OPTIONS_READ=giflib-5.1.4
_FILE_COMPLETE_OPTIONS_LIST=DOCBOOK
OPTIONS_FILE_UNSET+=DOCBOOK
"EOF"

mkdir -p /var/db/ports/graphics_png
cat > /var/db/ports/graphics_png/options << "EOF"
_OPTIONS_READ=png-1.6.34
_FILE_COMPLETE_OPTIONS_LIST=APNG
OPTIONS_FILE_SET+=APNG
"EOF"

mkdir -p /var/db/ports/print_freetype2
cat > /var/db/ports/print_freetype2/options << "EOF"
_OPTIONS_READ=freetype2-2.9.1
_FILE_COMPLETE_OPTIONS_LIST=LONG_PCF_NAMES PNG TABLE_VALIDATION LCD_FILTERING LCD_RENDERING FIX_SIZE_METRICS TT_SIZE_METRICS V38 V40
OPTIONS_FILE_SET+=LONG_PCF_NAMES
OPTIONS_FILE_SET+=PNG
OPTIONS_FILE_SET+=TABLE_VALIDATION
OPTIONS_FILE_UNSET+=LCD_FILTERING
OPTIONS_FILE_SET+=LCD_RENDERING
OPTIONS_FILE_SET+=FIX_SIZE_METRICS
OPTIONS_FILE_UNSET+=TT_SIZE_METRICS
OPTIONS_FILE_SET+=V38
OPTIONS_FILE_SET+=V40
"EOF"

mkdir -p /var/db/ports/sysutils_coreutils
cat > /var/db/ports/sysutils_coreutils/options << "EOF"
_OPTIONS_READ=coreutils-8.28
_FILE_COMPLETE_OPTIONS_LIST=GMP
OPTIONS_FILE_SET+=GMP
"EOF"

mkdir -p /var/db/ports/converters_php72-mbstring
cat > /var/db/ports/converters_php72-mbstring/options << "EOF"
_OPTIONS_READ=php72-mbstring-7.2.5
_FILE_COMPLETE_OPTIONS_LIST=REGEX
OPTIONS_FILE_SET+=REGEX
"EOF"

mkdir -p /var/db/ports/databases_php72-dba
cat > /var/db/ports/databases_php72-dba/options << "EOF"
_OPTIONS_READ=php72-dba-7.2.5
_FILE_COMPLETE_OPTIONS_LIST=CDB DB4 GDBM QDBM TOKYO INIFILE FLATFILE LMDB
OPTIONS_FILE_SET+=CDB
OPTIONS_FILE_UNSET+=DB4
OPTIONS_FILE_UNSET+=GDBM
OPTIONS_FILE_UNSET+=QDBM
OPTIONS_FILE_UNSET+=TOKYO
OPTIONS_FILE_SET+=INIFILE
OPTIONS_FILE_SET+=FLATFILE
OPTIONS_FILE_SET+=LMDB
"EOF"

mkdir -p /var/db/ports/databases_php72-mysqli
cat > /var/db/ports/databases_php72-mysqli/options << "EOF"
_OPTIONS_READ=php72-mysqli-7.2.5
_FILE_COMPLETE_OPTIONS_LIST=MYSQLND
OPTIONS_FILE_SET+=MYSQLND
"EOF"

mkdir -p /var/db/ports/databases_php72-pdo_mysql
cat > /var/db/ports/databases_php72-pdo_mysql/options << "EOF"
_OPTIONS_READ=php72-pdo_mysql-7.2.5
_FILE_COMPLETE_OPTIONS_LIST=MYSQLND
OPTIONS_FILE_SET+=MYSQLND
"EOF"

mkdir -p /var/db/ports/graphics_php72-gd
cat > /var/db/ports/graphics_php72-gd/options << "EOF"
_OPTIONS_READ=php72-gd-7.2.5
_FILE_COMPLETE_OPTIONS_LIST=TRUETYPE JIS WEBP
OPTIONS_FILE_SET+=TRUETYPE
OPTIONS_FILE_UNSET+=JIS
OPTIONS_FILE_SET+=WEBP
"EOF"

mkdir -p /var/db/ports/lang_php72-extensions
cat > /var/db/ports/lang_php72-extensions/options << "EOF"
_OPTIONS_READ=php72-extensions-1.0
_FILE_COMPLETE_OPTIONS_LIST=BCMATH BZ2 CALENDAR CTYPE CURL DBA DOM ENCHANT EXIF FILEINFO FILTER FTP GD GETTEXT GMP HASH ICONV IMAP INTERBASE INTL JSON LDAP MBSTRING MYSQLI ODBC OPCACHE PCNTL PDF PDO PDO_DBLIB PDO_FIREBIRD PDO_MYSQL PDO_ODBC PDO_PGSQL PDO_SQLITE PGSQL PHAR POSIX PSPELL RECODE SESSION SHMOP SIMPLEXML SNMP SOAP SOCKETS SODIUM SQLITE3 SYSVMSG SYSVSEM SYSVSHM TIDY TOKENIZER WDDX XML XMLREADER XMLRPC XMLWRITER XSL ZIP ZLIB
OPTIONS_FILE_SET+=BCMATH
OPTIONS_FILE_SET+=BZ2
OPTIONS_FILE_SET+=CALENDAR
OPTIONS_FILE_SET+=CTYPE
OPTIONS_FILE_SET+=CURL
OPTIONS_FILE_SET+=DBA
OPTIONS_FILE_SET+=DOM
OPTIONS_FILE_UNSET+=ENCHANT
OPTIONS_FILE_SET+=EXIF
OPTIONS_FILE_SET+=FILEINFO
OPTIONS_FILE_SET+=FILTER
OPTIONS_FILE_SET+=FTP
OPTIONS_FILE_SET+=GD
OPTIONS_FILE_SET+=GETTEXT
OPTIONS_FILE_SET+=GMP
OPTIONS_FILE_SET+=HASH
OPTIONS_FILE_SET+=ICONV
OPTIONS_FILE_UNSET+=IMAP
OPTIONS_FILE_UNSET+=INTERBASE
OPTIONS_FILE_SET+=INTL
OPTIONS_FILE_SET+=JSON
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_SET+=MBSTRING
OPTIONS_FILE_SET+=MYSQLI
OPTIONS_FILE_UNSET+=ODBC
OPTIONS_FILE_SET+=OPCACHE
OPTIONS_FILE_SET+=PCNTL
OPTIONS_FILE_UNSET+=PDF
OPTIONS_FILE_SET+=PDO
OPTIONS_FILE_UNSET+=PDO_DBLIB
OPTIONS_FILE_UNSET+=PDO_FIREBIRD
OPTIONS_FILE_SET+=PDO_MYSQL
OPTIONS_FILE_UNSET+=PDO_ODBC
OPTIONS_FILE_UNSET+=PDO_PGSQL
OPTIONS_FILE_SET+=PDO_SQLITE
OPTIONS_FILE_UNSET+=PGSQL
OPTIONS_FILE_SET+=PHAR
OPTIONS_FILE_SET+=POSIX
OPTIONS_FILE_UNSET+=PSPELL
OPTIONS_FILE_UNSET+=RECODE
OPTIONS_FILE_SET+=SESSION
OPTIONS_FILE_SET+=SHMOP
OPTIONS_FILE_SET+=SIMPLEXML
OPTIONS_FILE_UNSET+=SNMP
OPTIONS_FILE_UNSET+=SOAP
OPTIONS_FILE_SET+=SOCKETS
OPTIONS_FILE_SET+=SODIUM
OPTIONS_FILE_SET+=SQLITE3
OPTIONS_FILE_SET+=SYSVMSG
OPTIONS_FILE_SET+=SYSVSEM
OPTIONS_FILE_SET+=SYSVSHM
OPTIONS_FILE_UNSET+=TIDY
OPTIONS_FILE_SET+=TOKENIZER
OPTIONS_FILE_UNSET+=WDDX
OPTIONS_FILE_SET+=XML
OPTIONS_FILE_SET+=XMLREADER
OPTIONS_FILE_SET+=XMLRPC
OPTIONS_FILE_SET+=XMLWRITER
OPTIONS_FILE_SET+=XSL
OPTIONS_FILE_SET+=ZIP
OPTIONS_FILE_SET+=ZLIB
"EOF"

cd /usr/ports/lang/php72-extensions
make config-recursive all install clean-depends clean

Konfiguration

Die Konfiguration entspricht weitestgehend den Empfehlungen der PHP-Entwickler und ist sowohl auf Security als auch auf Performance getrimmt.

php.ini einrichten.

cat > /usr/local/etc/php.ini << "EOF"
always_populate_raw_post_data = "-1"
arg_separator.input = ";&"
arg_separator.output = "&amp;"
assert.active = "0"
cli_server.color = "1"
curl.cainfo = "/usr/local/share/certs/ca-root-nss.crt"
date.default_latitude = "53.5500"
date.default_longitude = "10.0000"
date.timezone = "Europe/Berlin"
display_errors = "0"
enable_dl = "0"
error_log = "/var/log/php_error.log"
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT"
exif.encode_jis = "UTF-8"
exif.encode_unicode = "UTF-8"
expose_php = "0"
from = "anonymous@example.com"
html_errors = "0"
iconv.input_encoding = "UTF-8"
iconv.output_encoding = "UTF-8"
iconv.internal_encoding = "UTF-8"
input_encoding = "UTF-8"
internal_encoding = "UTF-8"
log_errors = "1"
mail.add_x_header = "1"
mail.log = "/var/log/php_sendmail.log"
max_execution_time = "60"
max_input_time = "60"
mbstring.detect_order = "auto"
mbstring.http_input = "pass"
mbstring.http_output = "pass"
mbstring.internal_encoding = "UTF-8"
mbstring.strict_detection = "1"
memory_limit = "512M"
opcache.enable = "1"
opcache.enable_cli = "1"
opcache.enable_file_override = "1"
opcache.error_log = "/var/log/php_opcache.log"
opcache.fast_shutdown = "1"
opcache.interned_strings_buffer = "16"
opcache.log_verbosity_level = "2"
opcache.max_accelerated_files = "32768"
opcache.memory_consumption = "128"
opcache.revalidate_freq = "60"
opcache.revalidate_path = "1"
opcache.save_comments = "1"
openssl.cafile = "/usr/local/share/certs/ca-root-nss.crt"
output_buffering = "4096"
output_encoding = "UTF-8"
pcre.backtrack_limit = "8000000"
pdo_mysql.cache_size = "2000"
post_max_size = "511M"
realpath_cache_size = "512k"
register_argc_argv = "0"
request_order = "GP"
session.cookie_httponly = "1"
session.cookie_secure = "1"
session.gc_divisor = "1000"
session.save_path = "/data/www/tmp"
session.sid_bits_per_character = "6"
session.sid_length = "48"
session.use_strict_mode = "1"
short_open_tag = "0"
soap.wsdl_cache_dir = "/data/www/tmp"
sys_temp_dir = "/data/www/tmp"
sysvshm.init_mem = "10000"
track_errors = "1"
upload_max_filesize = "511M"
upload_tmp_dir = "/data/www/tmp"
url_rewriter.tags = "a=href,area=href,frame=src,form=fakeentry,input=src"
user_ini.filename = None
variables_order = "GPCS"
zend.assertions = "-1"
zend.multibyte = "1"
zend.script_encoding = "UTF-8"
zlib.output_compression = "0"
"EOF"

php-fpm.conf einrichten.

sed -e 's|^;[[:space:]]*\(process.max =\).*$|\1 128|' \
    -e 's|^;[[:space:]]*\(process.priority =\).*$|\1 -9|' \
    -e 's|^;[[:space:]]*\(events.mechanism =\).*$|\1 kqueue|' \
    /usr/local/etc/php-fpm.conf.default > /usr/local/etc/php-fpm.conf

php-fpm.d/www.conf einrichten.

sed -e 's|^\(listen =\).*$|\1 /var/run/fpm_www.sock|' \
    -e 's|^;\(listen.owner =\).*$|\1 www|' \
    -e 's|^;\(listen.group =\).*$|\1 www|' \
    -e 's|^;\(listen.mode =\).*$|\1 0660|' \
    -e 's|^\(pm.max_children =\).*$|\1 256|' \
    -e 's|^\(pm.start_servers =\).*$|\1 32|' \
    -e 's|^\(pm.min_spare_servers =\).*$|\1 8|' \
    -e 's|^\(pm.max_spare_servers =\).*$|\1 32|' \
    -e 's|^;\(pm.max_requests =\).*$|\1 500|' \
    -e 's|^;\(security.limit_extensions =\).*$|\1 .php .php5 .php7 .phps .phtml|' \
    /usr/local/etc/php-fpm.d/www.conf.default > /usr/local/etc/php-fpm.d/www.conf

Abschliessende Arbeiten.

touch /var/log/php_{error,opcache,sendmail}.log
chmod 0664 /var/log/php_{error,opcache,sendmail}.log
chown root:www /var/log/php_{error,opcache,sendmail}.log

PHP Composer installieren

Wir installieren devel/php-composer und dessen Abhängigkeiten.

cd /usr/ports/devel/php-composer
make config-recursive all install clean-depends clean

PHP-PEAR installieren

Wir installieren devel/pear und dessen Abhängigkeiten.

cd /usr/ports/devel/pear
make config-recursive all install clean-depends clean

Abschluss

PHP-FPM kann nun gestartet werden.

service php-fpm start

Über den Autor