Logo

dev-resources.site

for different kinds of informations.

PHP-FPM 8.2 on OpenBSD 7.3

Published at
8/2/2023
Categories
php
phpfpm
httpd
chroot
Author
nabbisen
Categories
4 categories in total
php
open
phpfpm
open
httpd
open
chroot
open
Author
8 person written this
nabbisen
open
PHP-FPM 8.2 on OpenBSD 7.3

Summary

The OpenBSD šŸ” project and their community support Web service packages including those of PHP very well, thankfully.

The PHP core package is offered as pre-compiled binary via Ports packages system. In addition, important softwares such as extensions, Composer and PECL libraries are available. So are frameworks such as NextCloud and Zabbix.

Moreover, when it is integrated with OpenBSD httpd, its chroot helps to keep servers secure. Of course, it is also able to additionally integrate them with relayd.

Well, PHP-FPM, PHP FastCGI Process Manager, is a part of PHP package in OpenBSD packages.
Installing PHP (php-?.? due to the version), therefore, comes with php??_fpm automatically šŸ™Œ

This post shows how to install it and configure as a server.

Environment

āœæ āœæ āœæ

Tutorial

Install PHP

First, install the main package:

$ doas pkg_add php
Enter fullscreen mode Exit fullscreen mode

You will be asked:

quirks-6.121 signed on 2023-08-02T17:33:30Z
Ambiguous: choose package for php
a   0: <None>
    1: php-7.4.33p0
    2: php-8.0.29
    3: php-8.1.22
    4: php-8.2.9
Your choice:
Enter fullscreen mode Exit fullscreen mode

Choose "4" for 8.2.
Besides, you can check the lifetime of each version here.

The result was:

php-8.2.9:capstone-4.0.2: ok
php-8.2.9:femail-1.0p1: ok
php-8.2.9:femail-chroot-1.0p3: ok
php-8.2.9:libsodium-1.0.18p1: ok
php-8.2.9:argon2-20190702: ok
php-8.2.9:oniguruma-6.9.8: ok
php-8.2.9: ok
The following new rcscripts were installed: /etc/rc.d/php82_fpm
See rcctl(8) for details.
New and changed readme(s):
    /usr/local/share/doc/pkg-readmes/femail-chroot
    /usr/local/share/doc/pkg-readmes/php-8.2
Enter fullscreen mode Exit fullscreen mode

You must see php82_fpm come along with php-8.2 !!

Configure PHP

These directories/files are generated:

$ ls /etc/php*
/etc/php-8.2.ini    /etc/php-fpm.conf

/etc/php-8.2:

/etc/php-8.2.sample:
opcache.ini

/etc/php-fpm.d:
Enter fullscreen mode Exit fullscreen mode

Edit .ini or .conf file(s) as needed.

Editing examples (Optional)

Edit:

$ doas nvim /etc/php-8.2.ini
Enter fullscreen mode Exit fullscreen mode

like:

- post_max_size = 8M
+ post_max_size = 30M
  (...)
- upload_max_filesize = 2M
+ upload_max_filesize = 24M
  (...)
- allow_url_fopen = Off
+ ; for composer; disabled in php-fpm
+ allow_url_fopen = On
Enter fullscreen mode Exit fullscreen mode

Also, edit:

$ doas nvim /etc/php-fpm.conf
Enter fullscreen mode Exit fullscreen mode

to append to the bottom:

+ ; set On in php.ini for composer, therefore:
+ php_admin_value[allow_url_fopen] = Off
Enter fullscreen mode Exit fullscreen mode

Activate extensions (Optional)

The file(s) in /etc/php-8.2.sample are PHP extensions such as opcache.ini.
According to your necessity, create symbolic link to each of them in /etc/php-8.2/, which will activate the extension(s):

$ doas ln -sf /etc/php-8.2.sample/${ini} /etc/php-8.2/
Enter fullscreen mode Exit fullscreen mode

For small reference, with more files which have to be dealt with, you can use loop-processing with your shell šŸ˜‰ For examples:

$ # case ksh:
$ for x in $(ls /etc/php-8.2.sample/*); do doas ln -sf $x /etc/php-8.2/; done
$ # case fish:
$ for x in /etc/php-8.2.sample/*; doas ln -sf $x /etc/php-8.2/; end
Enter fullscreen mode Exit fullscreen mode

Configure PHP-FPM

OK. We're almost ready for launching PHP service.

The PHP pkg-readme, which was obtanined as /usr/local/share/doc/pkg-readmes/php-8.2 in installation, says:

The main OpenBSD php packages include php-fpm, FastCGI Process Manager.
This manages pools of FastCGI processes: starts/restarts them and
maintains a minimum and maximum number of spare processes as
configured. You can use rcctl(8) to enable php-fpm at boot,
and start it at runtime:

rcctl enable php82_fpm

rcctl start php82_fpm

Let's activate the daemon:

$ doas rcctl enable php82_fpm
Enter fullscreen mode Exit fullscreen mode

For another small reference, it appends or modifies the line in /etc/rc.conf.local:

+ pkg_scripts=(...) php82_fpm (...)
Enter fullscreen mode Exit fullscreen mode

Now it's time to start the daemon:

$ doas rcctl start php82_fpm
Enter fullscreen mode Exit fullscreen mode

The result was:

php82_fpm(ok)
Enter fullscreen mode Exit fullscreen mode

Yay šŸ˜„

Set up /var/www/etc (Optional)

It is sometimes required on not only PHP but also web apps.

Set up /var/www/etc, which is etc under chroot, as below, for example, so that name resolution or TLS connection is enabled:

$ ls -lR /var/www/etc
/var/www/etc:
total 16
-rw-r--r--  1 root  daemon   35 Aug 03 00:00 hosts
-r--r--r--  1 root  daemon  292 Aug 03 00:00 localtime
-rw-r--r--  1 root  daemon   99 Aug 03 00:00 resolv.conf
drwxr-xr-x  2 root  daemon  512 Aug 03 00:00 ssl/

/var/www/etc/ssl:
total 708
-r--r--r--  1 root  daemon  341121 Aug 03 00:00 cert.pem
-r--r--r--  1 root  daemon     745 Aug 03 00:00 openssl.cnf
Enter fullscreen mode Exit fullscreen mode

Integration with web server

Next, we have to set up a web server for them.

Only if you haven't configured httpd, copy the .conf file from the examples OpenBSD offers as below:

$ doas cp -p /etc/examples/httpd.conf /etc/
Enter fullscreen mode Exit fullscreen mode

Well, edit /etc/httpd.conf to add fastcgi socket definitions in some SERVERS section like this:

server "default" {
    listen on * port 80
    #listen on * port 443

    root "/htdocs"
    directory index index.php

    location "/*.php" {
        fastcgi socket "/run/php-fpm.sock"
    }
    location "/*.php[/?]*" {
        fastcgi socket "/run/php-fpm.sock"
    }
}
Enter fullscreen mode Exit fullscreen mode

Note that chroot works in this context šŸ’”
Therefore, fastcgi socket "/run/php-fpm.sock" in /etc/httpd.conf actually means fastcgi socket "/var/www/run/php-fpm.sock".
This is the same to that root "/htdocs" means "/var/www/htdocs".

Actually, there is:

$ ls -l /var/www/run
total 0
srw-rw----  1 www  www  0 Aug 03 00:01 php-fpm.sock=
Enter fullscreen mode Exit fullscreen mode

Concolusion

Let's make /var/www/htdocs/index.php for testing:

$ echo "<?php phpinfo(1); ?>" | \
      doas tee "/var/www/htdocs/index.php" >> /dev/null
$ # delete it afterwards:
$ #doas rm /var/www/htdocs/index.php
Enter fullscreen mode Exit fullscreen mode

Connecting to your host with browser will show the general information !!

php-82-on-openbsd-73

Here comes PHP 8.2 on OpenBSD 7.3 šŸŒ»

āœæ āœæ āœæ

Happy serving šŸ•ŠšŸ•Š

Featured ones: