HI,
I'm attempting to get nginx and php fpm up running on a linode 512 and having some issues. Most tutorials that I find are geared towards folks with more knowledge than me. What I'm needing I think is a total newbie's guide.
Things I find I need to know most guides don't tell me:
What php modules to install and enable before configuring nginx.
What users to create, if any, for the web server (I keep seeing www-data reference in some places)
A simple workflow for putting in the correct files into nginx for Drupal to work (and multiple drupal installs, and multisite would be nice).
All the guides I run into tend to either skip some of the basic stuff above, or when they do the install instructions for nginx they assume I know much more than I do and I get into trouble. I really want to learn how to install and get nginx running, but I'm finding there is a gap between my knowledge level and the guides.
Does anyone have any suggestions for a complete newbie's guide to setting up nginx php-fpm and drupal 7 to play?
Comments
You need to
install all modules that you install for running Drupal with apache, minus de apache2 library, unless you're using mod_php for the PHP processing. Plus the php-fpm PHP5 module.
Thanks! I'm in the process
Thanks! I'm in the process of attempting your nginx config and going through the files with a fine-tooth comb. If I do manage to get everything going, I'm going to try to type things up in the simplest terms possible for future newbies like myself.
vpsbible
I recommend http://vpsbible.com/
The forum there is not very active, but I have found the site quite helpful for getting my Linode set up (I ended up using the "LEMP Stack Lite" stack script which I think has been updated since I used it... but this has worked well.)
I did find that I got better results across the board with a Linode 768 though.
I second this!
While this is now an old post, I have to raise my hand to say "I second this recommendation." I'm really, really, really wanting to learn/master all of this nginx talk but everyone here is far more educated than I am. Good grief -- today was the first time I have ever been at github and while Perusio's config is probably exactly what I need, for someone with my knowledge, it was daunting to figure out where to even start, let alone what to do with the files. (Yes, I finally found the instructions at the bottom of the readme but I still feel less than confident.) I went back to guv's site at vpsbible.com and felt like I was being introduced to the CLI commands, server management and program-specific language but in a manner that left me understanding and, thankfully, learning. I came here to try to learn if I should follow vpsbible tuts that direct the reader to use the source code for nginx rather than ubuntu repo and now I'm more confused than ever. I wonder how you folks learned so much and from where!! I don't want to irritate folks here with newb questions so I've been lurking. All suggestions are welcome.
On repo vs. source...
If you want quick, easy, and generally stable, use a repo. My personal preference for up-to-date builds is the Dotdeb repo, but I run Debian Squeeze on my servers. Eventually, I'll get around to building my own package just the way I like it. (That's one of the many awesome bonuses of Linux)
If you want streamlining for performance and are confident in what you're doing (or pretty sure that the writer of a tutorial knows what you need), then building from source is good.
I know perusio has a repository with a build, and based on his configs I'd say it probably works pretty good for Drupal. I've not run it though, and I don't know what it has and hasn't got.
On Repo vs Source
Thank you, Brian, for the advice. Confident in what I am doing? No..no.. I am not confident in the slightest in my own skill set for setting up an ubuntu 10.04 server. I read 8 pages of this group's pages yesterday and it felt like I understood just a few sentences (and would feel smug at that tiny bit of knowledge) but most of what I read I could not understand, without googling every other line. I tossed and turned all night, awaking with a head that said "When you are in hell, keep on going..." So, no, I am not confident but I am perhaps foolishly determined. I also try to be very careful and to read over and over. My slowness, though, is painful!
I am sufficiently knowledgeable to be fearful of security leaks and desirous of the latest patches/updates. I am on a Linode 512 right now. My reads say that using the ubuntu 10.04 package manager to install nginx means that I'll be installing a version without the most recent patches. Linode says in their documentation "Nginx is included in the Ubuntu software repositories. While using this method will leave you with a working web server it is not the preferred method for installing nginx."
So far, the tuts from vpsbible.com have been the clearest instructions I have encountered anywhere and have taught me concurrently. He assumes zero knowledge when "speaking" but also requires you to learn as you progress.
I have never installed anything from source code let alone compiled. But I guess I trust his instructions on "how to install from source and compile, configuring Nginx web server, tweaking the default file structure, then setting up a vhost file with symlink." Trust is a difficult word for me to use at this moment as all I know is that his tuts have worked wonderfully so far when other tuts did not. I have shared a link to my evernote page with his instructions for installing nginx:
<a href="https://www.evernote.com/shard/s15/sh/3d00fc5f-2432-4700-949b-f39afa29e602/6ae9d8998ea73195f7fdff7a391b6748" title="https://www.evernote.com/shard/s15/sh/3d00fc5f-2432-4700-949b-f39afa29e602/6ae9d8998ea73195f7fdff7a391b6748">https://www.evernote.com/shard/s15/sh/3d00fc5f-2432-4700-949b-f39afa29e6...</a>
Does it look good/trustworthy to you experts??
What I do wonder, though, is if I follow his tut and it works fine, will I regret it down the road when updates occur? Do I simply schedule myself to check for updates quarterly? Will it be difficult to update if I use source? What don't I know now that I may regret later, if anything?
Knowing how to compile from
Knowing how to compile from source is always a good thing, but it shouldn't be necessary for nginx unless you want a particular unusual module.
Using 10.04 will start you with an outdated nginx and no php-fpm to use with it. You can check package versions on the web: http://packages.ubuntu.com/search?keywords=nginx
You SHOULD start with Ubuntu 12.04 if you're going with Ubuntu. It will provide you with a usable stack of nginx and php-fpm right away. The only downside is that the vps bible tuts might not be perfectly suited to 12.04.
Folks on Debian are lucky to have the guy who does Dotdeb.com to provide a great stack of updated web server applications. For Ubuntu, Canonical itself makes it easy to publish updated application packages, but it's SO easy that there's too many of them and no clear favorite.
You can search them at https://launchpad.net/ubuntu/+ppas . If you search for nginx, my own repo usually appears near the top: Brian's nginx: https://launchpad.net/~brianmercer/+archive/nginx but there are ... 157 search results for nginx.
Anyways, unless you have a very good reason to do 10.04, you really should start with 12.04.
Rats. I installed 10.04 some
Rats. I installed 10.04 some time ago and given my dependency on VPSBIble and others for how-to's at this point, I'm not comfortable changing right now. But, given what you have said, I have put this on my important-to-do list. Wish I had talked with you sooner!
Fortunately, I was able to and have already installed the php5-fpm module, like any other, from regular repositories. My understanding is that the php-fpm module was introduced with 10,04 for Ubuntu?
I forged ahead with compiling from source but am right now stuck at the config file.
I downloaded the Nginx HTTP server ebook by Clément Nedelcu -- hope this helps me. I see from your profile that you are attorney, rather than an IT guy or developer. That gives me hope that I can master the terminology and understand the processes. Did you learn from doing and reading as I am doing? Or did you have classes? There's so much to know!!
Off to look at the launchpad link you shared -- thank you!! I'm not clear yet on why there are so many "updated application packages." You mean decimal point versions of nginx, right? Or? Confusing to a beginner who is used to windows and has more experience with apache than nginx but far from expert...just more fiddle-faddling.
I am actually thinking that it might be best for me and for this group if I could give someone $100 to serve as my consultant for a set number of hours. I want to do this stuff myself so I understand it/learn but I am feeling the need to talk with someone about stuff as I do it. Eventually, I think I'll turn the server management stuff over to someone else but if I learn, they'll be able to interact/communicate with me more easily than if I just have glazed eyes.
Know anyone that might be interested/available/patient/willing?
10.04 didn't have php5-fpm,
10.04 didn't have php5-fpm, so you're installing it from a non-official repository. vpsbible used to recommend my php5-fpm repo, but I stopped maintaining it after better repos appeared.
When Ubuntu does a release, they pick a particular version of the software available at that time. Then they only patch that release for security vulnerabilities and major bugs. This is intended to provide the greatest amount of stability and predictability.
If you want your software to have the latest features and optimizations, you either have to upgrade to new Ubuntu releases which happen every six months, or if you only want to upgrade a small number of applications, then you have to look for repositories that are not maintained by Ubuntu. Or maintain the software yourself.
Soooo, these are the commands
Soooo, these are the commands I used (from guy/vpsbible):
aptitude install -y python-software-propertiesadd-apt-repository ppa:l-mierzwa/lucid-php5 && aptitude update
aptitude install -y php5-fpm
and that second line with the add-apt....that's what I thought was grabbing from the ubuntu repo but that ppa ....that means "personal package archive" right (just learned from you guys past few days... and while there's no http..what follows is the location of the package...an d oh no..good grief, I just googled and lo/behold, there it is..https://launchpad.net/~l-mierzwa/+archive/lucid-php5. Well, learned something more that's new...thank you!!
Gotcha re the Ubuntu release process. Thanks for the help.
Hi Cynthia, I could help
Hi Cynthia,
I could help guide you through some of the initial setup [teaching].
I would need a good outline of what you have and are aspiring to.
Use my profile to contact me.
http://drupal.org/user/564804
Peter
--
Linux: Web Developer
Peter Bowey Computer Solutions
Australia: GMT+9:30
(¯`·..·[ Peter ]·..·´¯)
Got nginx going for now.
Got nginx going for now. Used this config (http://www.howtoforge.com/running-drupal-7.7-on-nginx-lemp-on-debian-squ...). For some reason Perusio's config gave me 502 bad gateway errors, but this one works fine. Just wondering if its awful/secure. Found it on howtoforge,
server {listen 80;
server_name www.example.com example.com;
root /var/www/www.example.com/web;
if ($http_host != "www.example.com") {
rewrite ^ http://www.example.com$request_uri permanent;
}
index index.php index.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!
location ~* .(engine|inc|info|install|make|module|profile|test|po|sh|.sql|theme|tpl(.php)?|xtmpl)$|^(..|Entries.|Repository|Root|Tag|Template)$|.php_ {
deny all;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /. {
deny all;
access_log off;
log_not_found off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ .(jpg|jpeg|png|gif|css|js|ico)$ {
expires max;
log_not_found off;
}
location ~ .php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Also, any tips for getting outgoing mail from drupal to work would be great. (my firewall might be issue, only allows http ports and ssh)
Probably
you didn't configure the FCGI part as it should.
This config has several issues, starting with the usage of the
iffor hostname canonicalization and finishing with unconstrained PHP script execution.Thanks for the information.
Thanks for the information. What I may try is a two-fold approach. Later today I'm going to try your config again, now that I know I have php5-fpm working, and I"m also going to read up on the nginx wiki page (only good source I know of) and see about fixing those errors you mentioned. From what I just read, try_files would be preferred to if, but I'll keep reading on it. Hopefully I can get your config going without a bad gateway error this time, now that I'm understanding things a bit more.
edit: update
No
To canonicalize a hostname the good practice is to use a separate server block that just does a 301 (or 302) to the preferred hostname:
server {server_name www.foobar.com;
return 301 http://foobar.com;
}
All requests to www.foobar will be redirected to foobar.com.
Thanks for the information.
Thanks for the information. I've finally got your configuration running on my server, so I'll see how things go. I'm running an older version of nginx (ubuntu oneiric repo), so it took a bit of commenting out of lines, but its working great thus far. Test will be tomorrow when I get 20 sites with 1 user apiece editing their modules config.
Hrm, it seems I've run into a
Hrm, it seems I've run into a problem. My sites are using subdomains for multisite. So the url would be site.example.com/site1, site.example.com/site2
Currently, anything besides the main site.example.com is giving a page not found error.
That's not subdmomains.
Subdomains is site1.example.com, site2.example.com, etc.
The usual multisite setup is that each site is a different domain or subdomain.
They all share a common code trunk. In that case the simplest is to add all the subdomains to your server_name directive.
Explain what you want exactly.
I apologize: I think I was
I apologize: I think I was typing too late last night. What I meant to say was this:
I'm running multi sites off a single domain. I've got the domain site.example.com that is the main URL, and each multisite is given a subfolder such as site.example.com/site1, /site2, /site3, etc.
When I attempt to reach the multi sites in the subfolder, I get a page not found error. And, I was wondering if there was something I could modify on the config to get it to accept this. Each subfolder has a symlink in the main drupal directory (ln -s . site1), and apache2 recognizes the subfolder multi sites just fine.
Thanks again for your help. Using your config on my main sites worked great and my load was much better, just hoping to get it going on my multi sites for the full effect :)
See if this thread addresses
See if this thread addresses your setup:
http://groups.drupal.org/node/39944
instead of the regular
location = /index.phpyou must set.location ~ ^/(?<site>[^/]*)/index.php$ {
# all the stuff here
}
Try it out. Not sure if I understood correctly what you need.
If you need further help post a debug log somewhere.
ahh you need to change the try_files also.
Post a debug log. I could be sending you down a wrong path.
Debug Log
Here is the debug log. Turned on nginx, went to a few subdirectory multi sites, got rejected, hit the main site, and shut it down. Didn't get the fix you posted as I was unsure of where that was to be changed (long week for me) Went to /site20 for example.
Link: https://docs.google.com/document/d/1SlQAjpDtADFN4Ivc8QK4Tjsg4ZGkW4Q3zZcc...
Too big to post
Ok I see
What happens is that the
$urivariable has the value/site20when it should just be/.What we have to do is:
Move the root to the subdir, so that nginx finds the proper
index.php.Remove the
/site20from the URI to be passed upstream.Try adding the following location:
location ~* ^/(?<subsite_dir>site10|site20|site30)(?<subsite_uri>.*)$ {
root /path/to/your/main/site_root/$subsite_dir;
index index.php;
location ~* ^/(?:site10|site20|site30)/index.php$ {
## the stuff copied from the /index.php location...
}
try_files $subsite_uri /index.php?q=$subsite_uri&$args;
}
Note that you need to add all your subsites to the location. This is the safest and easier. Here I just named them site10, site20 and site30. Add as many as you have and following the correct pattern for the subdir names.
Try it out and report back.
I've done some testing with
I've done some testing with it. Just to make sure I'm doing it right, I'm putting in the HTTP server block. The code I put in is:
location ~* ^/(?<subsite_dir>site10|site20)(?<subsite_uri>.)$ {
root /srv/www/example.com/public_html/sites/$subsite_dir; (also tested with end being public_html)
index index.php;
location ~ ^/(?:site10|site20|site30)/index.php$ {
## the stuff copied from the /index.php location...
}
try_files $subsite_uri /index.php?q=$subsite_uri&$args;
}
The end result of the above is instead of a redirect to the main URL, I'm getting a 404 error from nginx. Apologies for the delay in response: I'm presenting a drupal-based LMS at a conference and time to play with my server has been limited.
Ok.
Let's if I understand your directory structure:
Main site is on the "root" directory, e.g.,
/srv/www/example.com/public_htmlwhere we have the real drupal installationthat is shared by all subsites.
Each subsite has it's own DB and
settings.phpwith specific sites and modules.There are symlinks to all common modules and drupal core, including
index.php.BTW you forgot the
*on the second named capture group of the outer location. I supposes it's a mere typo.To answer your
To answer your questions:
Yes. /srv/www/example.com/public_html/ is the local of the drupal install. So the sites directory would be in full /srv/www/example.com/public_html/sites/
Partially yes. Each site has its own database and settings.php and file storage. My sites directory looks like this:
/all//default/
/example.com.site1/
/example.com.site2/
/example.com.site3/
The sites however do not have site-specific modules and themes. They all depend on the themes/modules located in /sites/all/themes or sites/all/modules.
The specific site folders contain:
/files/ (with /private/ within and other folders used by modules like chaos tools)settings.php
default.settings.php
The symlinks are located in the root drupal directory, as recommended in the multi-site install guides. So my drupal root directory (srv/www/example.com/public_html/)in the above setup would have the following symlinks:
ln -s . site1ln -s . site2
ln -s . site3
Besides the above, there are no other symlinks. The above symlink basically allows the server to see the document root of both example.com and example.com/site1 as the same, from my understanding. This is the basic installation of multisite I've been using for around two years or so, starting with 6.xx and moving to 7.xx, and as I said was based off the above linked documentation.
And, yes, the missing * was a typo on my part. Apologies.
hmm.
Try:
location ~* ^/(?<subsite_dir>site10|site20|site30)(?<subsite_uri>.)$ {
location ~ ^/(?:site10|site20|site30)/index.php$ {
## the stuff copied from the /index.php location...
}
try_files $subsite_dir/$subsite_uri $subsite_dir/index.php?q=$subsite_uri&$args;
}
Back to getting access denied
Back to getting access denied from Drupal. If it helps, this is my full config file for the sites:
https://docs.google.com/document/d/1vTVFkVKu-nl_SUXAArv93DhLBmAdxQixatJK...
Let's see zwei
Ok I forgot that you're on D7. There's no index.php location there's only a @drupal location. We need to create a second one.
I'll publish a new config with your case tested later.
Basically we need to create another set of FCGI parameters that suit the subdir part.
It's a little bit more complicated because we're not using any rewrites. We'll have to generalize the way the FCGI parameters are calculated so that we take into account the subdir structure of the site.
You have to add the following map directives to the
nginx.conffile at thehttplevel.map $uri $subdir {
default '';
~^/(?<subsite_dir>site10|site20|site30).*$ $subsite_dir;
}
map $uri $suburi {
default $uri;
~^/(?:site10|site20|site30)(?<subsite_uri>.*)$ $subsite_uri;
}
And modify the
fastcgi_drupal.conffile as follows:fastcgi_param QUERY_STRING q=$suburi&$args;fastcgi_param SCRIPT_NAME $subdir/index.php;
Remove all the stuff I wrote above. I was under the wrong impression that this was a D6 site.
It should work for all sites.
Thank you for working through
Thank you for working through this with me. It is very much appreciated.
I was unsure on the fastcgi whether I was to add a new string and script or edit the existing one. Tried both to the same end result actually:
I can now reach the sub sites that are set up specifically in the files (site 10 site 20 etc). However, they are loading with no theme styling. And, when I attempt to go to any of their links, instead of the correct link, I get a chain of links from clicking.
When I try to log into the non-styled site I get this message:
Page not found
The requested page "/site20/site20/site20/site20/site20/site20/site20?destination=site20" could not be found.
When I click on the forgot password link, I'm getting this as my destination:
http://site.adamrpope.com/site20/site20/site20/site20/site20/site20/site...
And, as I said that is with either replacing or adding script/string to fastcgi.
Error in regex
Use instead:
map $uri $subdir {
default '';
~^/(?<subsite_dir>site10|site20|site30).*$ $subsite_dir;
}
map $uri $suburi {
default $uri;
~^/(?:site10|site20|site30)+(?<subsite_uri>.*)$ $subsite_uri;
}
Still getting the non-styled
Still getting the non-styled site and URL chaining. If I go to request new password, then click the site name there, I get http://site.adamrpope.com/site20/user/site20/ for my url.
Would it be useful to just include my whole config folder somewhere? I attempted to switch over to the newest config after updating my nginx version, but getting a white screen due to not remembering what I changed in settings to get it happy with my tcp sockets and fpm set-up. So currently using old config with new version of nginx.
I'll try that setup
but only after Sunday I'll have some hours to spare. I'll take advantage of the occasion and add it to my config.
Alright, thanks
Alright, thanks
Perusio, can you please add
Perusio, can you please add also something about building Nginx? What modules we need to use your config?
Right now I use:
--with-http_ssl_module
--with-http_realip_module
--with-http_gzip_static_module
--with-http_secure_link_module
--with-http_stub_status_module
--with-mail
--with-http_addition_module
--with-http_image_filter_module
--with-http_geoip_module
--with-cc-opt='-O2 -g'
--without-mail_pop3_module
--without-mail_imap_module
--without-mail_smtp_module
--without-http_scgi_module
--without-http_uwsgi_module
--add-module=/opt/nginx_uploadprogress_module
--add-module=/opt/lua-nginx-module
--add-module=/opt/simpl-ngx_devel_kit
Did I miss something important?
ps. With drupal_boost6_escaped.conf I always have the frontpage, no matter what is the URL :(
I agree with Superfredya,
I agree with Superfredya, more information on the building of nginx for your solution would go a long way in alleviating people's issues with settings it up.
I've seen this with Macintosh dev deployments as well
I've recently started doing most of my development work on a Macbook Pro, and one thing I tried (and failed at) was getting Homebrew to create a working dev set up using nginx and a slightly hacked version of Perusio's nginx + Drupal config system.
The main problem was that the configuration assumes that certain nginx modules are present. Debugging which modules need to be there can be pretty hard. So I'm using a megalodon-based Apache stack for now. A more complete description of what perusio's config requires would be very helpful.
I'll likely try getting nginx up again, especially if I can find folks at DrupalCon that use that kind of set up on Macintosh.
I'm also using nginx on my
I'm also using nginx on my Mac (though I prefer MacPorts over Homebrew; if it ain't broke…). Yeah, one of the annoying aspects of perusio's config is that it does tend to assume a lot, and that goes for nginx modules as well as file paths - another aspect of the config which needs a lot of tweaking to get it working on a Mac (or I guess any non-Linux system). If I had all the time in the world, I'd make a Mac-friendly (and BSD-friendly) fork of perusio's repo…
The Boise Drupal Guy!