django-orchestra/scripts/services/apache_full_stack.md

113 lines
2.7 KiB
Markdown
Raw Normal View History

2014-05-08 16:59:35 +00:00
Apache 2 MPM Event with PHP-FPM, FCGID and SUEXEC on Debian Jessie
==================================================================
The goal of this setup is having a high-performance state-of-the-art deployment of Apache and PHP while being compatible with legacy applications.
* Apache Event MPM engine handles requests asynchronously, instead of using a dedicated thread or process per request.
* PHP-FPM is a FastCGI process manager included in modern versions of PHP.
Compared to FCGID it provides better process management features and enables the OPCache to be shared between workers.
* FCGID and SuEXEC are used for legacy apps that need older versions of PHP (i.e. PHP 5.2 or PHP 4)
*Sources:*
* Source http://wiki.apache.org/httpd/PHP-FPM
*Related:*
* [PHP4 on debian](php4_on_debian.md)
* [VsFTPd](vsftpd.md)
* [Webalizer](webalizer.md)
1. Install the machinery
```bash
apt-get update
apt-get install apache2-mpm-event php5-fpm libapache2-mod-fcgid apache2-suexec-custom php5-cgi
```
2014-10-10 14:39:46 +00:00
# TODO libapache2-mod-auth-pam is no longer part of the debian distribution,
# replace with libapache2-mod-authnz-external pwauth
2014-05-08 16:59:35 +00:00
2. Enable some convinient Apache modules
```bash
a2enmod suexec
a2enmod ssl
2014-10-10 14:39:46 +00:00
#a2enmod auth_pam
2014-05-08 16:59:35 +00:00
a2enmod proxy_fcgi
a2emmod userdir
```
* TODO compat module
https://httpd.apache.org/docs/trunk/mod/mod_access_compat.html
3. Configure `suexec-custom`
```bash
sed -i "s#/var/www#/home#" /etc/apache2/suexec/www-data
sed -i "s#public_html#webapps#" /etc/apache2/suexec/www-data
```
4. Create logs directory for virtualhosts
```bash
mkdir -p /var/log/apache2/virtual/
chown -R www-data:www-data /var/log/apache2
```
2014-10-10 14:39:46 +00:00
2014-05-08 16:59:35 +00:00
5. Restart Apache
```bash
service apache2 restart
```
2014-10-10 14:39:46 +00:00
2014-05-08 16:59:35 +00:00
* ExecCGI
```bash
<Directory /home/*/webapps/>
Options +ExecCGI
</Directory>
```
2014-10-10 14:39:46 +00:00
* Permissions
<Directory /home/*/webapps>
Require all granted
</Directory>
2014-05-08 16:59:35 +00:00
# TODO pool per website or pool per user? memory consumption
events.mechanism = epoll
# TODO multiple master processes, opcache is held in master, and reload/restart affects all pools
# http://mattiasgeniar.be/2014/04/09/a-better-way-to-run-php-fpm/
2014-05-08 16:59:35 +00:00
TODO CHRoot
https://andrewbevitt.com/tutorials/apache-varnish-chrooted-php-fpm-wordpress-virtual-host/
```bash
echo '
[vhost]
istemplate = 1
listen.mode = 0660
pm = ondemand
2014-05-08 16:59:35 +00:00
pm.max_children = 5
pm.process_idle_timeout = 10s
pm.max_requests = 200
2014-05-08 16:59:35 +00:00
' > /etc/php5/fpm/conf.d/vhost-template.conf
```
```bash
mkdir -p /var/run/fpm/socks/
chmod 771 /var/run/fpm/socks
chown orchestra.orchestra /var/run/fpm/socks
```