1

Now we have multiple virtualhots (nginx) under one php-fpm pool. We would like to use it same way with chroot.

Chroot directive is absolute path /var/www, but chdir should be /[domain]/httpdocs

Is it possible to pass some variable (for example $domain) from nginx to use it in chdir=/$domain/httpdocs like $pool?

Gryu
  • 499
  • 1
  • 6
  • 14
andrew
  • 285
  • 1
  • 2
  • 10

1 Answers1

0

Finally i figure it out.

nginx virtualhost config

root /chroot/var/www/domain.com/httpdocs;
...

location ~ ^/[^/]+\.php$
{
  try_files $uri =404;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;

  fastcgi_pass 127.0.0.1:9000;
  fastcgi_index index.php;

  include fastcgi.conf;

  fastcgi_param  SCRIPT_FILENAME /var/www/domain.com/httpdocs$fastcgi_script_name;
  fastcgi_param  DOCUMENT_ROOT   /var/www/domain.com/httpdocs;
}

pool config

chroot = /chroot
chdir =

PHP-FPM chroot troubleshooting

  1. paths have to be redefined in each nginx virtualhost and passed to php-fpm using fastcgi_param

  2. fastcgi.conf allready have definitions for SCRIPT_FILENAME, DOCUMENT_ROOT so directives must be behind include. DOCUMENT_ROOT default value is nginx virtualhost root !!

  3. fastcgi_pass has to be ip:port instead of socket (not available in chroot) (add listen=9000 to pool config)

  4. use nginx more headers module for debug to view variables in response headers (debian package libnginx-mod-http-headers-more-filter)

     more_set_headers    "x-debug-header: $document_root";

Complications related to PHP-FPM chroot

  • resolving domain names
  • timezone
  • mail()
  • ssl streams
  • imagick module

https://knzl.at/setting-up-a-chroot-for-php/ https://gist.github.com/nikitasius/7ff0de91e314d955f4e66c76a5c47bf2

andrew
  • 285
  • 1
  • 2
  • 10