5

I'm running nginx and php-fpm, and I want to set up jails for each host. My setup is a little complicated, so following tutorials on the web gets me nowhere.

Each site has a directory /var/www/domain.name/

Inside that directory, there will be a public/ directory which will be the website root, a logs/ directory which will store nginx logs for that site specifically, and the chroot filesystem (etc/, usr/, etc.)

The first problem I've run into is that nomatter how I configure it, PHP-FPM cannot find the files that are passed to it via nginx. They result in a "Primary script unknown" error, and to make matters worse, the error messages from PHP-FPM are no more verbose than that, so I can't figure out what path is being passed by nginx.

A php-fpm pool configuration for a host looks like this:

[host]
user = host
group = www-data
chroot = /var/www/domain.name
chdir = /public
listen = 127.0.0.1:900x

'x' is incremented for each pool.

The nginx config for this host looks like this:

server
{
    listen  80;

    server_name     domain.name *.domain.name;

    root            /var/www/domain.name/public;
    index           index.php index.html index.html;

    location ~ \.php$
    {
            expires epoch;

            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            include fastcgi_params;
            fastcgi_index index.php;

            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

            fastcgi_pass 127.0.0.1:9001;
    }
}

I'm guessing that the problem is the SCRIPT_FILENAME parameter, but I've changed it to just $fastcgi_script_name, and various other combinations, but to no avail.

Can anyone help?

Rsaesha
  • 360
  • 3
  • 11
  • Does the nginx `error.log` not report the path sent to php-fpm? Something on the form `[error] 2284#0: *79 FastCGI sent in stderr: "Unable to open primary script: /www/phpinfo.php (No such file or directory)"`. I've got my `error_log` directive set to `info` but that might not be necessary for an error to be reported. – ivvi May 08 '13 at 14:00
  • Fire up strace (truss if you are using *BSD), attach it to a php-fpm worker (limit the number of workers to 1 for easier troubleshooting). Try to open a page and see what happens. You are interested in `open` and `stat` syscalls. – skarap Mar 16 '14 at 07:34

2 Answers2

2

The problem is here:

            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

Your PHP runs in a chroot in /var/www/domain.name, but your document root is /var/www/domain.name/public. So when you load up /index.php the SCRIPT_FILENAME becomes /var/www/domain.name/public/index.php. But, in the chroot this doesn't exist! It is at /public/index.php instead.

What you can do is to change the directory here so that it matches the view from the chroot:

            fastcgi_param SCRIPT_FILENAME /public$fastcgi_script_name;
Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • Nope. That doesn't work either. I'd tried that before, since I thought it made sense. Apparently not though. – Rsaesha Jan 07 '13 at 15:49
  • @Rsaesha Have you tried to chroot into the dir to see if you can access the path? – Izzy May 21 '14 at 09:33
2

What would work is to set in the nginx conf: 

root            /public;

I've tried this and works, but in case you have mysql db to connect to, that wont work at all. This is my limitation too, made it work, but couldn't connect to mysql db due to the socket.

HBruijn
  • 77,029
  • 24
  • 135
  • 201
robertalks
  • 21
  • 2