@landed
By default, PHP-FPM runs as www-data
, so if you’re wanting to set up multiple sites, you’ll need to copy over the default configuration file and modify it to suite your new user and group.
You can find the default PHP-FPM configuration file here:
/etc/php/VERS/fpm/pool.d/www.conf
Where VERS is your PHP version (i.e. 5.6, 7.0, or 7.1).
…
What I normally do is simply rename that file to the first site that I’m configuring, so for this example, I’ll use domain.com
and PHP 7.0 as the version.
mv /etc/php/7.0/fpm/pool.d/www.conf /etc/php/7.0/fpm/pool.d/domain.com.conf
Now I’ll open up the configuration file:
nano /etc/php/7.0/fpm/pool.d/domain.com.conf
On line 4 you’ll see [www]
– I normally change that to the user that will be associated with my site, so if my user and group are user1
, then that becomes [user1]
.
Now on lines 22 and 23, you’ll see:
user = www-data
group = www-data
We’ll change that to our user and group, so for user1
, it’d look like:
user = user1
group = user1
Next, on line 35, you’ll see:
listen = /run/php/php7.0-fpm.sock
I prefer using TCP as it’s often easier to configure, so I change the socket path to a TCP connection, like so:
listen = 127.0.0.1:9000
For each new configuration file, you’d up the port by 1, so it’d become 9001 for the next site, 9002 for the next, and so on.
From there, that’s all the changes you need to make in this file, so we can save and close, then restart PHP-FPM using:
service php7.0-fpm restart
If you’re using 5.6 or 7.1, simply modify the above command to suite.
…
When using TCP connections, you’ll need to modify one more thing in your NGINX server block and that would be fastcgi_pass
. You’ll need to make sure the TCP address is used in place of the socket.
So what we’d end up using is:
fastcgi_pass 127.0.0.1:9000
As with the PHP-FPM pool file, you’ll up that port to match each configuration file.
You would then restart NGINX for the changes to take.
…
Once you’ve done all that, then all you need to do is make sure permissions are correct on the files. So for this example, I’d make sure all files and directories in my home path are owned by user1
.
If my home directory is:
/home/user1/htdocs/public
Then I’d use chown
to recursively set ownership:
chown -R user1:user1 /home/user1/*
In fact looking at the permissions for the directory it shows
drwxr-xr-x 3 style-review style-review..etc
after doing ls -ld
So
User is rwx
Group is r-x
Other is r-x