nginx + php-fpm 实现不同的虚拟主机使用不同的phpadminvalue配置

Apache下,每个虚拟主机可以单独不同的phpadminvalue,可以设置非常详细的网站目录权限设置,安全性比较高。

nginx做为一个高性能的web服务器已经得到广泛的应用,随着php5.3的发布,php-fpm也已经内置在php里面了,如何安装配置nginx+php-fpm,下面的内容,将集中于给nginx的虚拟主机和php-fpm的pools配合,实现不同虚拟主机运行不同配置的php。

我们下面会配置两个虚拟主机,使用不同的php和php-fpm配置

编辑php-fpm.conf
[shell][global]
pid = /usr/local/php/var/run/php-fpm.pid
error_log = /usr/local/php/var/log/php-fpm.log
log_level = warning
emergency_restart_threshold = 0
emergency_restart_interval = 0
process_control_timeout = 0
daemonize = yes

include=/srv/vhost/*/php-fpm.conf[/shell]
这里第10行包含各vhost的配置

编辑/srv/vhost/a/php-fpm.conf
[shell][a]
listen = /srv/vhost/a/php-fpm.sock

; Unix user/group of processes
user = nginx
group = nginx

; Choose how the process manager will control the number of child processes.
pm = dynamic
pm.max_children = 50
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 10
pm.max_requests = 100

; Pass environment variables
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

; host-specific php ini settings here
php_admin_value[disable_functions]=phpinfo
php_admin_value[open_basedir]=/srv/vhost/a/webroot:/tmp[/shell]
当php-fpm和nginx在同一台服务器时,我比较喜欢用unix sockt。这里指定了sockt文件的地址 /srv/vhost/a/php-fpm.sock

编辑 /srv/vhost/b/php-fpm.conf
[shell][b]
listen = /srv/vhost/b/php-fpm.sock

; Unix user/group of processes
user = nginx
group = nginx

; Choose how the process manager will control the number of child processes.
pm = dynamic
pm.max_children = 50
pm.start_servers = 10
pm.min_spare_servers = 5
pm.max_spare_servers = 10
pm.max_requests = 100

; Pass environment variables
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

; host-specific php ini settings here
;php_admin_value[disable_functions]=phpinfo
php_admin_value[open_basedir]=/srv/vhost/a/webroot:/tmp[/shell]
监听在 /srv/vhost/b/php-fpm.sock,另外可以看到,我注释了phpadminvalue[disable_functions]=phpinfo,也就是不禁用phpinfo函数

php-fpm配置完毕,启动它。

接下来配置nginx,配置两个server
[shell]server {
listen 80;
server_name a.somethings.me;
index index.php;
root /srv/vhost/a/webroot/;

location /{

}

location ~ .*\.php${
fastcgi_pass unix:/srv/vhost/a/php-fpm.sock;
fastcgi_index index.php;
include fcgi.conf;
}
access_log /var/log/nginx/a.somethines.me-access.log;
}

server {
listen 80;
server_name b.somethings.me;
index index.php;
root /srv/vhost/a/webroot/;

location /{

}

location ~ .*\.php${
fastcgi_pass unix:/srv/vhost/b/php-fpm.sock;
fastcgi_index index.php;
include fcgi.conf;
}
access_log /var/log/nginx/b.somethines.me-access.log;
}[/shell]
两个server分别fastcgi_pass到不同的sockte文件上,分别在/srv/vhost/a/webroot/ 和 /srv/vhost/a/webroot/ 下创建如下文件
[php]<?php phpinfo();[/php]
启动nginx,分别访问 a.somethings.me 和 b.somethings.me 发现a.somethings.me 报错如下
[shell]Warning: phpinfo() has been disabled for security reasons in /srv/vhost/a/webroot/phpinfo.php on line 2[/shell]
而b.somethings.me 正确显示了phpinfo信息,说明我们的配置生效了,在看一下我们的进程

OK, 成功了!