[v2,2/3] php: fpm sapi: install php-fpm.conf

Message ID	1430503955-24928-3-git-send-email-bos@je-eigen-domein.nl
State	Accepted
Headers	show Return-Path: <buildroot-bounces@busybox.net> From: Floris Bos <bos@je-eigen-domein.nl> To: buildroot@buildroot.org Date: Fri, 1 May 2015 20:12:34 +0200 Message-Id: <1430503955-24928-3-git-send-email-bos@je-eigen-domein.nl> In-Reply-To: <1430503955-24928-1-git-send-email-bos@je-eigen-domein.nl> References: <1430503955-24928-1-git-send-email-bos@je-eigen-domein.nl> Subject: [Buildroot] [PATCH v2 2/3] php: fpm sapi: install php-fpm.conf Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" <buildroot-bounces@busybox.net>

Message ID

1430503955-24928-3-git-send-email-bos@je-eigen-domein.nl

State

Accepted

Headers

From: Floris Bos <bos@je-eigen-domein.nl>
To: buildroot@buildroot.org
Date: Fri,  1 May 2015 20:12:34 +0200
Message-Id: <1430503955-24928-3-git-send-email-bos@je-eigen-domein.nl>
In-Reply-To: <1430503955-24928-1-git-send-email-bos@je-eigen-domein.nl>
References: <1430503955-24928-1-git-send-email-bos@je-eigen-domein.nl>
Subject: [Buildroot] [PATCH v2 2/3] php: fpm sapi: install php-fpm.conf
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Commit Message

Floris Bos May 1, 2015, 6:12 p.m. UTC

Install a custom php-fpm.conf instead of the stock one.

- Listening on /var/run/php-fpm.sock instead of TCP port so we can
  restrict access to webserver user www-data.
- Using ondemand pm, so PHP children are only started after a PHP
  request, instead of kept resident all the time.

Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>

---
v2: limit children to 5 by default
---
 package/php/php-fpm.conf | 14 ++++++++++++++
 package/php/php.mk       |  8 ++++++++
 2 files changed, 22 insertions(+)
 create mode 100644 package/php/php-fpm.conf

Comments

Arnout Vandecappelle May 1, 2015, 10:36 p.m. UTC | #1

On 01/05/15 20:12, Floris Bos wrote:
> Install a custom php-fpm.conf instead of the stock one.
> 
> - Listening on /var/run/php-fpm.sock instead of TCP port so we can
>   restrict access to webserver user www-data.
> - Using ondemand pm, so PHP children are only started after a PHP
>   request, instead of kept resident all the time.
> 
> Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>

Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

> 
> ---
> v2: limit children to 5 by default

 And split it into two patches :-)

 Regards,
 Arnout

> ---
>  package/php/php-fpm.conf | 14 ++++++++++++++
>  package/php/php.mk       |  8 ++++++++
>  2 files changed, 22 insertions(+)
>  create mode 100644 package/php/php-fpm.conf
> 
> diff --git a/package/php/php-fpm.conf b/package/php/php-fpm.conf
> new file mode 100644
> index 0000000..b75a58f
> --- /dev/null
> +++ b/package/php/php-fpm.conf
> @@ -0,0 +1,14 @@
> +[www]
> +# Only start children when there are requests to be processed
> +pm = ondemand
> +# Terminate them again after there haven't been any for 2 minutes
> +pm.process_idle_timeout = 120s
> +# Maximum number of children processing PHP requests concurrently
> +pm.max_children = 5
> +
> +listen = /var/run/php-fpm.sock
> +listen.owner = www-data
> +listen.group = www-data
> +user = www-data
> +group = www-data
> +
> diff --git a/package/php/php.mk b/package/php/php.mk
> index 4c65c35..3b9a117 100644
> --- a/package/php/php.mk
> +++ b/package/php/php.mk
> @@ -264,6 +264,14 @@ define PHP_INSTALL_INIT_SYSTEMD
>  	ln -fs ../../../../usr/lib/systemd/system/php-fpm.service \
>  		$(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/php-fpm.service
>  endef
> +
> +define PHP_INSTALL_FPM_CONF
> +	$(INSTALL) -D -m 0644 package/php/php-fpm.conf \
> +		$(TARGET_DIR)/etc/php-fpm.conf
> +	rm -f $(TARGET_DIR)/etc/php-fpm.conf.default
> +endef
> +
> +PHP_POST_INSTALL_TARGET_HOOKS += PHP_INSTALL_FPM_CONF
>  endif
>  
>  define PHP_EXTENSIONS_FIXUP
>

Thomas Petazzoni May 2, 2015, 7:45 a.m. UTC | #2

Dear Floris Bos,

On Fri,  1 May 2015 20:12:34 +0200, Floris Bos wrote:
> Install a custom php-fpm.conf instead of the stock one.
> 
> - Listening on /var/run/php-fpm.sock instead of TCP port so we can
>   restrict access to webserver user www-data.
> - Using ondemand pm, so PHP children are only started after a PHP
>   request, instead of kept resident all the time.
> 
> Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
> 
> ---
> v2: limit children to 5 by default
> ---
>  package/php/php-fpm.conf | 14 ++++++++++++++
>  package/php/php.mk       |  8 ++++++++
>  2 files changed, 22 insertions(+)
>  create mode 100644 package/php/php-fpm.conf

Applied, thanks.

Thomas

diff --git a/package/php/php-fpm.conf b/package/php/php-fpm.conf
new file mode 100644
index 0000000..b75a58f
--- /dev/null
+++ b/package/php/php-fpm.conf
@@ -0,0 +1,14 @@ 
+[www]
+# Only start children when there are requests to be processed
+pm = ondemand
+# Terminate them again after there haven't been any for 2 minutes
+pm.process_idle_timeout = 120s
+# Maximum number of children processing PHP requests concurrently
+pm.max_children = 5
+
+listen = /var/run/php-fpm.sock
+listen.owner = www-data
+listen.group = www-data
+user = www-data
+group = www-data
+
diff --git a/package/php/php.mk b/package/php/php.mk
index 4c65c35..3b9a117 100644
--- a/package/php/php.mk
+++ b/package/php/php.mk
@@ -264,6 +264,14 @@  define PHP_INSTALL_INIT_SYSTEMD
 	ln -fs ../../../../usr/lib/systemd/system/php-fpm.service \
 		$(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/php-fpm.service
 endef
+
+define PHP_INSTALL_FPM_CONF
+	$(INSTALL) -D -m 0644 package/php/php-fpm.conf \
+		$(TARGET_DIR)/etc/php-fpm.conf
+	rm -f $(TARGET_DIR)/etc/php-fpm.conf.default
+endef
+
+PHP_POST_INSTALL_TARGET_HOOKS += PHP_INSTALL_FPM_CONF
 endif
 
 define PHP_EXTENSIONS_FIXUP

[v2,2/3] php: fpm sapi: install php-fpm.conf

Commit Message

Comments

Patch