Setup EC2 Instance with NGINX and PHP-FPM
Login into AWS Console and launch default Amazon Instance.
Security Group:
Create your security group and download your key.
Restrict the permissions on your key.
1 |
sudo chmod 400 Kaizen.pem |
SSH into your Machine:
1 |
ssh -i Kaizen.pem ec2-user@ec2-54-245-1-226.us-west-2.compute.amazonaws.com |
Update your box with following command:
1 |
sudo yum update |
Install nginx:
1 |
sudo yum install nginx |
Install php-fpm:
1 |
sudo yum install php-fpm |
Add it to the startup:
1 2 |
sudo chkconfig nginx sudo chkconfig php-fpm |
Install php and dependencies:
1 |
sudo yum install -y php php-devel php-mysql php-pdo php-pear php-mbstring php-cli php-odbc php-imap php-gd php-xml php-soap |
Start php-fpm and nginx service:
1 2 3 4 |
[ec2-user@ip-10-250-69-249 ~]$ sudo service nginx start Starting nginx: [ OK ] [ec2-user@ip-10-250-69-249 ~]$ sudo service php-fpm start Starting php-fpm: [ OK ] |
Do sanity check to make sure the static content renders:
1 |
[ec2-user@ip-10-250-69-249 ~]$ curl localhost |
You will see the default page
PHP-FPM Configuration:
Config files location:
1 2 |
[ec2-user@ip-xx-xxx-x-xx~]$ cd /etc/php-fpm.d [ec2-user@ip-xx-xxx-x-xx~] php-fpm.d]$ sudo vi www.conf |
Change user and group from apache to nginx.
1 2 3 4 5 6 7 |
Unix user/group of processes ; Note: The user is mandatory. If the group is not set, the default user?s group ; will be used. ; RPM: apache Choosed to be able to access some dir as httpd user = nginx ; RPM: Keep a group allowed to write in log dir. group = nginx |
NGINX Configuration:
sudo vi /etc/nginx/nginx.conf
Include index.php in this block so .php file gets executed as startup page:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
location / { root /usr/share/nginx/html; index index.html index.htm index.php; } Uncomment location for php files : location ~ \.php$ { root html; root /usr/share/nginx/html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html$fastcgi_script_name include fastcgi_params; } |
Change fastcgi_param location from default /scripts location.
Change the root folder too.
Change fastcgi_param location from default /scripts location.
Change the root folder too.
Restart the service:
[ec2-user@ip-10-250-69-249 nginx]$ sudo service php-fpm restart
Stopping php-fpm: [ OK ]
Starting php-fpm: [ OK ]
[ec2-user@ip-10-250-69-249 nginx]$ sudo service nginx restart
Stopping nginx: [ OK ]
Starting nginx: [ OK ]
Create phpinfo file:
[ec2-user@ip-10-250-69-249 html]$ sudo vi test.php
Put these contents into the test.php file.
[ec2-user@ip-10-250-69-249 nginx]$ curl localhost/test.php
You will get all the php info details
WordPress setup:
[ec2-user@ip-xx-xxx-x-xx nginx]$ cd /usr/share/nginx/
[ec2-user@ip-xx-xxx-x-xx nginx]$ sudo mkdir www
[ec2-user@ip-xx-xxx-x-xx nginx]$ cd www/
[ec2-user@ip-xx-xxx-x-xx www]$ ls
[ec2-user@ip-xx-xxx-x-xx www]$ sudo mkdir wordpress
[ec2-user@ip-xx-xxx-x-xx www]$ cd wordpress/
[ec2-user@ip-xx-xxx-x-xx wordpress]$ ls
[ec2-user@ip-xx-xxx-x-xx wordpress]$ pwd
/usr/share/nginx/www/wordpress
Troubleshooting:
BELC02J30BHDKQ4:~ gvenkatar$ scp -r -i Kaizen.pem /Users/gvenkatar/devlopment/wordpress/* xx-xxx-x-xx.us-west-2.compute.amazonaws.com:/usr/share/nginx/www/wordpres/
Permission denied (publickey).
lost connection
BELC02J30BHDKQ4:~ gvenkatar$ scp -r -i Kaizen.pem /Users/gvenkatar/devlopment/wordpress/* ec2-user@xx-xxx-x-xx.us-west-2.compute.amazonaws.com:/usr/share/nginx/www/wordpress/
BELC02J30BHDKQ4:~ gvenkatar$ scp -r -i Kaizen.pem /Users/gvenkatar/devlopment/wordpress/* ec2-user@xx-xxx-x-xx.us-west-2.compute.amazonaws.com:/usr/share/nginx/www/wordpress/
scp: /usr/share/nginx/www/wordpress//index.php: Permission denied
scp: /usr/share/nginx/www/wordpress//wp-signup.php: Permission denied
scp: /usr/share/nginx/www/wordpress//wp-trackback.php: Permission denied
scp: /usr/share/nginx/www/wordpress//xmlrpc.php: Permission denied
[ec2-user@ip-10-250-69-249 wordpress]$ sudo chmod -R 777 ../wordpress/
Error:
PHP message: PHP Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/lib/php/session) in Unknown on line 0″ while reading upstream
Fix:
sudo chmod 777 session  // This opens up permission for read/write/execute for everyone. Not secure .
you can provide the access the nginx or apache user.
$ sudo chown nginx /var/lib/php/session
If you see this error , that indicates your php scripts are not properly processed by php-fpm.
2013/09/04 20:12:28 [crit] 21253#0: *1016 open() ?/usr/share/nginx/html/50x.html? failed (24: Too many open files), client: 127.0.0.1, server: localhost, request: ?GET /index.php HTTP/1.0″, upstream: ?http://127.0.0.1:80/index.php?, host: ?127.0.0.1″
Make sure your nginx.conf config file is correct.
Contents of my working nginx.conf config file:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 |
# For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes 4; error_log /var/log/nginx/error.log; #error_log /var/log/nginx/error.log notice; #error_log /var/log/nginx/error.log info; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; client_max_body_size 100m; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; server_tokens off; #gzip on; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; server { listen 80; server_name localhost; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; location / { #root /usr/share/nginx/html; root /usr/share/nginx/www/site1; index index.html index.htm index.php; } # redirect server error pages to the static page /40x.html # error_page 404 /404.html; location = /40x.html { #root /usr/share/nginx/html; root /usr/share/nginx/www/website1; } # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { #root /usr/share/nginx/html; root /usr/share/nginx/www/website1; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { #root /usr/share/nginx/html; root /usr/share/nginx/www/website1; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/share/nginx/www/website1$fastcgi_script_name; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443; # server_name localhost; # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_timeout 5m; # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} } |
Leave a Reply