Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- content:apache_phpfpm [2022/03/19 10:55] – [Tell Apache to use php-fpm] Daniel
+++ content:apache_phpfpm [2022/11/23 09:01] – [About PHP- Modules] Daniel
@@ Zeile 1: / Zeile 1: @@
 ====== Apache PHP- FPM- Serverguide ======
-===== Howto setup a LAMP-Server in 2018-2020 =====
+===== Howto setup a LAMP-Server in 2018 - 2020+ =====
 This documentation is about how to set up a LAMP- Server (Linux, Apache, MySql aka MariaDB, PhP) in the current, most stable way for home office usage. The reason for me writing this is, that default Installations of common Distruibutions are often based on an old styled configuration, which is not the way it could be done today, leading to instability and complex configuration and dependencies that make it hard to update components individually.
@@ Zeile 8: / Zeile 8: @@
   * Apache-Prefork. That way, Apache is one Application with many threads - which is slower, consumes more memory and doesn't scale good
-  * PHP-Module integrated in the Apache- Server which is not released as stable and may crash the whole Apache- Server on Errors. This module must be released to match the Apache- version, so the versions are tied together
+  * PHP-Module (mod_php) loaded as Module in the Apache- Server which is not released as stable and may crash the whole Apache- Server on Errors. This module must be compiled to match the Apache- Version, so upgrading Apache means upgrading mod_php
   * PHP- Modules, which must be compiled againt the apache-mod_php- module. Updating mod_php means updating all modules.
       * Using Network Connections with overhead to connect to
@@ Zeile 20: / Zeile 20: @@
       * Using Socket Connections to connect to
   * MariaDB
 ==== Choosing Installation-Media & Install Basic System ====
-First, starting from Windows, you should make sure to have enough harddisk- space free (i recommend at least 60 GB). Then get the installation-medium of the Linux your choice. I will stick to OpenSuSE as to get from [[https://software.opensuse.org/distributions|OpenSuSE]] (use Leap 15.1 currently as stable Distro. Tumbleweed may be instable). Follow the instructions to
+First, starting from Windows, you should make sure to have enough harddisk space free (i recommend at least 60 GB). Then get the installation-medium of the Linux your choice. I will stick to OpenSuSE as to get from [[https://software.opensuse.org/distributions|OpenSuSE]] (use Leap 15.1 currently as stable Distro. Tumbleweed may be instable). Follow the instructions to
   - Download the DVD-Image from the Webpage as described there
-  - Make the Installation- Media
+  - Create the Installation- Media
   - Install the System with standard Desktop- Packages (KDE)
   - Boot into new Linux and Set Up Desktop as you like
@@ Zeile 33: / Zeile 32: @@
 ==== Basic System- Scaling thoughts ====
-The most important thing to consider when making performant LAMP is to **not overextend memory-usage**  of your System. That means, that the amount of memory used by all Applications, should normally never exeed the system-memory space. If the settings are too high for your setup, the system will start to swap o lot of data, not working fast enough any more. As basic thumb-based Values, you need: 1 GByte Memory for Linux- Base- System 1 GByte Memory if you plan to have the graphical Desktop running (you can run that server in Textmode, which will not consume Memory) 1 GByte free (this will be used by System for filecache)
+The most important thing to consider when making performant LAMP is to **not overextend memory-usage**  of your System. That means, that the amount of memory used by all Applications, should normally never exeed the system-memory space. If the settings are too high for your setup, the system will start to swap o lot of data, not working fast enough any more. As basic thumb-based Values, you need: **1 GByte Memory for linux Base- System and additionally 1 GByte Memory if you plan to have the graphical Desktop running**  (you can run that server in Textmode, which will not consume Memory) **+ at least 1 GByte free**  (this will be used by System for filecache)
 The remaining Memory should be Split around this Values:
@@ Zeile 57: / Zeile 56: @@
 Use "systemctl vm.swappiness = 0" and set it in /etc/sysctl.conf by adding line "vm.swappiness=0".
-==== Install MAriaDB (MySql) ====
+==== Install MariaDB (MySql) ====
-In OpenSuSE MariaDB is available and working out of the Box (maybe change the Admin- Password at first Start). MySQL is tuneable in /etc/my.cnf:
+In OpenSuSE MariaDB is available and working out of the Box. Check with:
-You should check the Parameters align with the memory of your machine (see above): Settings for 4 GB Memory (at all), are:
+<code>
+sudo zypper install mariadb
+</code>
+MySQL is tuneable in /etc/my.cnf. You should check the Parameters align with the memory of your machine (see above): Settings for 4 GB Memory (at all), are:
   * innodb_buffer_pool_size = 768M
@@ Zeile 74: / Zeile 78: @@
 For a local setup, you should use Sockets and disable networking. To do this, set
-<code>
+<code>
 socket = /run/mysql/mysql.sock
@@ Zeile 82: / Zeile 86: @@
 You should than deactivate TCP/IP with "skip-networking" and comment out the bind-address.
-Start Mysql with "rcmysqld start" at the command line as root, it should work now.
+Start Mysql with
+<code>
+systemctl start mariadb
+</code>
+at the command line as root, it should work now.
+To setup passwords, run /usr/bin/mysql_secure_installation as root on the system.
-After that had worked you should secure your Database by giving a password as it was explained by the step above when starting it. If not shure just run " <font inherit/monospace;;inherit;;#000000background-color:#ffffff;>/usr/bin/mysql_secure_installation</font> ".
 ==== Install Apache ====
@@ Zeile 95: / Zeile 107: @@
   * Open the Software Store
-  * Install apache-event
+  * Install apache2-event
-  * Remove apache-prefork
+  * Remove apache2-prefork (if installed)
   * Commit the Changes
   * in /etc/apache2/server-tuning.conf the module will be configured. Event and Worker is nearby the same. I use the following parameters for the event/worker module:
@@ Zeile 124: / Zeile 136: @@
 I would suggest to remove any mpm-specific configurations and use only those settings. You can leave the other settings as defined by initial setup.
+After that, open yast and go to sysconfig- editor. Search for APACHE_MPM and select event.
+Test running apache with
+<code>
+systemctl start apache2.service
+systemctl status apache2.service
+● apache2.service - The Apache Webserver
+    Loaded: loaded (/usr/lib/systemd/system/apache2.service; disabled; vendor preset: disabled)
+    Active: active (running) since Tue 2022-11-22 19:43:17 CET; 1s ag
+</code>
+If thats fine, please stop apache once again to configure php-fpm first.
 ==== Install PhP-FPM ====
@@ Zeile 134: / Zeile 161: @@
 <code>
-sudo zypper remove apache2-mod_php7
+sudo zypper remove apache2-mod_php8
-sudo a2dismod php7
+sudo a2dismod php8
 </code>
@@ Zeile 143: / Zeile 170: @@
 <code>
-sudo zypper install php7-fpm
+sudo zypper install php8-fpm
 </code>
@@ Zeile 150: / Zeile 177: @@
 <code>
-sudo cp /etc/php7/fpm/php-fpm.conf.default /etc/php7/fpm/php-fpm.conf
+sudo cp /etc/php8/fpm/php-fpm.conf.default /etc/php8/fpm/php-fpm.conf
-sudo cp /etc/php7/fpm/php-fpm.d/www.conf.default /etc/php7/fpm/php-fpm.d/www.conf
+sudo cp /etc/php8/fpm/php-fpm.d/www.conf.default /etc/php8/fpm/php-fpm.d/www.conf
 </code>
-  * Than go to /etc/php7/fpm and briefly check if php-fpm.conf is ok for you
+  * Than go to /etc/php8/fpm and briefly check if php-fpm.conf is ok for you
   * Explanation: In php-fpm.d directory you need to set up at least one pool. This is one Instance for Apache to speak to.
@@ Zeile 170: / Zeile 197: @@
 Whenever you can - you should use unix sockets instead of TCP/IP, because of less overhead. If you are on the same machine (apache and php-fpm), than you can.
-So this here is new for the setup: in "/etc/php7/fpm/php-fpm.d/www.conf" set
+So this here is new for the setup: in "/etc/php8/fpm/php-fpm.d/www.conf" set
 <code>
@@ Zeile 189: / Zeile 216: @@
 ==== PHP Configuration ====
-I do not recommend using php.ini in /etc/php7/fpm, but to put it in /etc/php7/conf.d With that Setup, the whole php-configuration will be the same for cli- and web(f)cgi- php execution. Check to move all php.ini files to conf.d. After that, go through the ini-files in conf.d an see if they fit your needs. Especially each Parameter should only be defined once.
+I do not recommend using php.ini in /etc/php8/fpm, but to put it in /etc/php8/conf.d With that Setup, the whole php-configuration will be the same for cli- and web(f)cgi- php execution. Check to move all php.ini files to conf.d. After that, go through the ini-files in conf.d an see if they fit your needs. Especially each Parameter should only be defined once.
 After that, start php-fpm:
@@ Zeile 203: / Zeile 230: @@
 ==== About PHP- Modules ====
-many modules for PHP are offered in the Distrubution. I **would not recommend using those**  - as all php-modules need to be compiled against your php. If you update PHP and your modules are the same, they may brake your PHP!
+many modules for PHP are offered in the Distrubution. I **would not recommend using those** - as all php-modules need to be compiled against your php. If you update PHP and your modules are not copiled to that version, they may brake your PHP!
 Better use pearl / pecl and install modules with it! Here, i have found no other way, than to search for php-pear and php-pecl in the distribution and use them.
-For me, i needed: php-pear, php-pecl, php7-devel (for command phpize)
+For me, i needed: php8-pear, php8-pecl, php8-devel (for command phpize)
 Which can be found in the Repo: [[https://build.opensuse.org/project/show/devel:languages:php|https://build.opensuse.org/project/show/devel:languages:php]]
-After that, modules can be installed by e.g. "pecl install imagick". They also need to be loaded in php.conf. I would make an new config named /etc/php7/conf.d/pear_pecl.ini and include they modules there. E.g. "extension=imagick.so"
+After that, modules can be installed by e.g. "pecl install imagick". They also need to be loaded in php.conf. I would make an new config named e.g. /etc/php8/conf.d/pear_pecl.ini and include the modules there. E.g. "extension=imagick.so"
+To make pecl/paer alter the ini automagically, use e.g.
+<code>
+pear config-set php_ini /etc/php8/conf.d/pear_pecl.ini
+pecl config-set php_ini /etc/php8/conf.d/pear_pecl.ini
+</code>
 Restart php-fpm for the changes and check the log of php-fpm (usually in /var/log/php-fpm.log) for errors when loading modules.
 ==== Tell Apache to use php-fpm ====
@@ Zeile 222: / Zeile 258: @@
   * To enable this and all its dependencies, use
 <code>
 sudo a2enmod setenvif
 sudo a2enmod rewrite
@@ Zeile 239: / Zeile 275: @@
 # This is to forward all PHP to php-fpm
 <FilesMatch \.php$>
-  SetHandler "proxy:unix:/var/run/php-fpm/php-fpm.sock|fcgi://localhost/"
+  SetHandler "proxy:unix:/run/php-fpm/php-fpm.sock|fcgi://localhost:9000"
 </FilesMatch>
 DirectoryIndex index.php
@@ Zeile 259: / Zeile 295: @@
 </code>
 ==== Start and check Apache ====
@@ Zeile 297: / Zeile 332: @@
 This should give you the complete Info of your php-configuration. If something fails, check if the above services are started an/or the logfiles.
+If you get Permission denied even if your file is world- readable and the user wwwrun can access the content, in Leap 15.4 there are strict permissions in AppArmor. So check Yast / AppArmor and Check the Protocols. You will most likely find entries that needs to be changed. After that, Access should work.
 In Production, you should not run a plain http-server, but switch to SSL. Therefore, you can get ssl-certificates from let's encrypt and follow the instructions there to switch to ssl. You need some internet Name like [[http://www.myname.com|www.myname.com]] registered for your server to get this (e.g. via Dyndns). The process to make your server visible is something to be explained a bit more, but thats basically what you need to do (official internet-name/DNS- entry and ssl-encryption). as long as you don't want to make the server world-reachable and use it nly fr testing, your are also fine without DNS and SSL, but you should make sure, that your firewall blocks http(80) and https(443)-ports.
 Well: You are done. Now its up to you to fill Apache with content. Have fun!
 ==== Manage Database with phpMyAdmin ====
-To manage your local Database, it would be nice to have phpMyAdmin installed first (via Package-manager). After that, copy the config.sample.inc.php to config.inc.php under /srv/www/htdocs/phpMyAdmin to use the socket
+To manage your local Database, it would be nice to have phpMyAdmin installed first (via Package-manager). After that, copy the config.sample.inc.php to config.inc.php under /srv/www/htdocs/phpMyAdmin to use the socket /run/mysql/mysql.sock you specified before for mysql.
- <font inherit/monospace;;inherit;;#000000background-color:#ffffff;>/run/mysql/mysql.sock</font>  you specified before for mysql.
 You can finish the setup of your phpMyAdmin by visiting [[http://localhost/phpMyAdmin/index.php|http://localhost/phpMyAdmin/index.php]]
+Hint: phpMyAdmin in Opensuse seems to be reduced in functionality. For example generating config.inc.php with [[http://localhost/phpMyAdmin/setup/|http://localhost/phpMyAdmin/setup/]] will not work. I would recommend to delete contents of /usr/share/phpMyAdmin/ and download a full version here: [[https://www.phpmyadmin.net/downloads/|https://www.phpmyadmin.net/downloads/]]
 ==== About security of your WEB- Page (Scripts) ====
@@ Zeile 320: / Zeile 360: @@
 If you need more detailled file permissions, you may have a look at file acls, which are very powerful and can solve permission- restrictions tha ugo may cause.
 ===== Installing Eclipse =====