|
|
|
|
@ -1,10 +1,11 @@
|
|
|
|
|
; Start a new pool named 'www'.
|
|
|
|
|
; the variable $pool can we used in any directive and will be replaced by the
|
|
|
|
|
; the variable $pool can be used in any directive and will be replaced by the
|
|
|
|
|
; pool name ('www' here)
|
|
|
|
|
[www]
|
|
|
|
|
|
|
|
|
|
; Per pool prefix
|
|
|
|
|
; It only applies on the following directives:
|
|
|
|
|
; - 'access.log'
|
|
|
|
|
; - 'slowlog'
|
|
|
|
|
; - 'listen' (unixsocket)
|
|
|
|
|
; - 'chroot'
|
|
|
|
|
@ -24,28 +25,36 @@ user = nobody
|
|
|
|
|
|
|
|
|
|
; The address on which to accept FastCGI requests.
|
|
|
|
|
; Valid syntaxes are:
|
|
|
|
|
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
|
|
|
|
|
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
|
|
|
|
|
; a specific port;
|
|
|
|
|
; 'port' - to listen on a TCP socket to all addresses on a
|
|
|
|
|
; specific port;
|
|
|
|
|
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
|
|
|
|
|
; a specific port;
|
|
|
|
|
; 'port' - to listen on a TCP socket to all addresses
|
|
|
|
|
; (IPv6 and IPv4-mapped) on a specific port;
|
|
|
|
|
; '/path/to/unix/socket' - to listen on a unix socket.
|
|
|
|
|
; Note: This value is mandatory.
|
|
|
|
|
listen = /var/run/php8-fpm.sock
|
|
|
|
|
|
|
|
|
|
; Set listen(2) backlog.
|
|
|
|
|
; Default Value: 128 (-1 on FreeBSD and OpenBSD)
|
|
|
|
|
;listen.backlog = 128
|
|
|
|
|
; Default Value: 511 (-1 on Linux, FreeBSD and OpenBSD)
|
|
|
|
|
;listen.backlog = 511
|
|
|
|
|
|
|
|
|
|
; Set permissions for unix socket, if one is used. In Linux, read/write
|
|
|
|
|
; permissions must be set in order to allow connections from a web server. Many
|
|
|
|
|
; BSD-derived systems allow connections regardless of permissions.
|
|
|
|
|
; BSD-derived systems allow connections regardless of permissions. The owner
|
|
|
|
|
; and group can be specified either by name or by their numeric IDs.
|
|
|
|
|
; Default Values: user and group are set as the running user
|
|
|
|
|
; mode is set to 0666
|
|
|
|
|
; mode is set to 0660
|
|
|
|
|
;listen.owner = www-data
|
|
|
|
|
;listen.group = www-data
|
|
|
|
|
;listen.mode = 0666
|
|
|
|
|
;listen.mode = 0660
|
|
|
|
|
; When POSIX Access Control Lists are supported you can set them using
|
|
|
|
|
; these options, value is a comma separated list of user/group names.
|
|
|
|
|
; When set, listen.owner and listen.group are ignored
|
|
|
|
|
;listen.acl_users =
|
|
|
|
|
;listen.acl_groups =
|
|
|
|
|
|
|
|
|
|
; List of ipv4 addresses of FastCGI clients which are allowed to connect.
|
|
|
|
|
; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
|
|
|
|
|
; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
|
|
|
|
|
; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
|
|
|
|
|
; must be separated by a comma. If this value is left blank, connections will be
|
|
|
|
|
@ -53,13 +62,24 @@ listen = /var/run/php8-fpm.sock
|
|
|
|
|
; Default Value: any
|
|
|
|
|
;listen.allowed_clients = 127.0.0.1
|
|
|
|
|
|
|
|
|
|
; Set the associated the route table (FIB). FreeBSD only
|
|
|
|
|
; Default Value: -1
|
|
|
|
|
;listen.setfib = 1
|
|
|
|
|
|
|
|
|
|
; Specify the nice(2) priority to apply to the pool processes (only if set)
|
|
|
|
|
; The value can vary from -19 (highest priority) to 20 (lower priority)
|
|
|
|
|
; Note: - It will only work if the FPM master process is launched as root
|
|
|
|
|
; - The pool processes will inherit the master process priority
|
|
|
|
|
; unless it specified otherwise
|
|
|
|
|
; Default Value: no set
|
|
|
|
|
; priority = -19
|
|
|
|
|
; process.priority = -19
|
|
|
|
|
|
|
|
|
|
; Set the process dumpable flag (PR_SET_DUMPABLE prctl for Linux or
|
|
|
|
|
; PROC_TRACE_CTL procctl for FreeBSD) even if the process user
|
|
|
|
|
; or group is different than the master process user. It allows to create process
|
|
|
|
|
; core dump and ptrace the process for the pool user.
|
|
|
|
|
; Default Value: no
|
|
|
|
|
; process.dumpable = yes
|
|
|
|
|
|
|
|
|
|
; Choose how the process manager will control the number of child processes.
|
|
|
|
|
; Possible Values:
|
|
|
|
|
@ -78,6 +98,8 @@ listen = /var/run/php8-fpm.sock
|
|
|
|
|
; state (waiting to process). If the number
|
|
|
|
|
; of 'idle' processes is greater than this
|
|
|
|
|
; number then some children will be killed.
|
|
|
|
|
; pm.max_spawn_rate - the maximum number of rate to spawn child
|
|
|
|
|
; processes at once.
|
|
|
|
|
; ondemand - no children are created at startup. Children will be forked when
|
|
|
|
|
; new requests will connect. The following parameter are used:
|
|
|
|
|
; pm.max_children - the maximum number of children that
|
|
|
|
|
@ -100,7 +122,7 @@ pm.max_children = 5
|
|
|
|
|
|
|
|
|
|
; The number of child processes created on startup.
|
|
|
|
|
; Note: Used only when pm is set to 'dynamic'
|
|
|
|
|
; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
|
|
|
|
|
; Default Value: (min_spare_servers + max_spare_servers) / 2
|
|
|
|
|
pm.start_servers = 2
|
|
|
|
|
|
|
|
|
|
; The desired minimum number of idle server processes.
|
|
|
|
|
@ -113,6 +135,12 @@ pm.min_spare_servers = 1
|
|
|
|
|
; Note: Mandatory when pm is set to 'dynamic'
|
|
|
|
|
pm.max_spare_servers = 3
|
|
|
|
|
|
|
|
|
|
; The number of rate to spawn child processes at once.
|
|
|
|
|
; Note: Used only when pm is set to 'dynamic'
|
|
|
|
|
; Note: Mandatory when pm is set to 'dynamic'
|
|
|
|
|
; Default Value: 32
|
|
|
|
|
;pm.max_spawn_rate = 32
|
|
|
|
|
|
|
|
|
|
; The number of seconds after which an idle process will be killed.
|
|
|
|
|
; Note: Used only when pm is set to 'ondemand'
|
|
|
|
|
; Default Value: 10s
|
|
|
|
|
@ -125,7 +153,7 @@ pm.max_spare_servers = 3
|
|
|
|
|
;pm.max_requests = 500
|
|
|
|
|
|
|
|
|
|
; The URI to view the FPM status page. If this value is not set, no URI will be
|
|
|
|
|
; recognized as a status page. It shows the following informations:
|
|
|
|
|
; recognized as a status page. It shows the following information:
|
|
|
|
|
; pool - the name of the pool;
|
|
|
|
|
; process manager - static, dynamic or ondemand;
|
|
|
|
|
; start time - the date and time FPM has started;
|
|
|
|
|
@ -170,7 +198,7 @@ pm.max_spare_servers = 3
|
|
|
|
|
;
|
|
|
|
|
; By default the status page only outputs short status. Passing 'full' in the
|
|
|
|
|
; query string will also return status for each pool process.
|
|
|
|
|
; Example:
|
|
|
|
|
; Example:
|
|
|
|
|
; http://www.foo.bar/status?full
|
|
|
|
|
; http://www.foo.bar/status?json&full
|
|
|
|
|
; http://www.foo.bar/status?html&full
|
|
|
|
|
@ -220,9 +248,25 @@ pm.max_spare_servers = 3
|
|
|
|
|
; Note: The value must start with a leading slash (/). The value can be
|
|
|
|
|
; anything, but it may not be a good idea to use the .php extension or it
|
|
|
|
|
; may conflict with a real PHP file.
|
|
|
|
|
; Default Value: not set
|
|
|
|
|
; Default Value: not set
|
|
|
|
|
;pm.status_path = /status
|
|
|
|
|
|
|
|
|
|
; The address on which to accept FastCGI status request. This creates a new
|
|
|
|
|
; invisible pool that can handle requests independently. This is useful
|
|
|
|
|
; if the main pool is busy with long running requests because it is still possible
|
|
|
|
|
; to get the status before finishing the long running requests.
|
|
|
|
|
;
|
|
|
|
|
; Valid syntaxes are:
|
|
|
|
|
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
|
|
|
|
|
; a specific port;
|
|
|
|
|
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
|
|
|
|
|
; a specific port;
|
|
|
|
|
; 'port' - to listen on a TCP socket to all addresses
|
|
|
|
|
; (IPv6 and IPv4-mapped) on a specific port;
|
|
|
|
|
; '/path/to/unix/socket' - to listen on a unix socket.
|
|
|
|
|
; Default Value: value of the listen option
|
|
|
|
|
;pm.status_listen = 127.0.0.1:9001
|
|
|
|
|
|
|
|
|
|
; The ping URI to call the monitoring page of FPM. If this value is not set, no
|
|
|
|
|
; URI will be recognized as a ping page. This could be used to test from outside
|
|
|
|
|
; that FPM is alive and responding, or to
|
|
|
|
|
@ -255,13 +299,13 @@ pm.max_spare_servers = 3
|
|
|
|
|
; %d: time taken to serve the request
|
|
|
|
|
; it can accept the following format:
|
|
|
|
|
; - %{seconds}d (default)
|
|
|
|
|
; - %{miliseconds}d
|
|
|
|
|
; - %{mili}d
|
|
|
|
|
; - %{milliseconds}d
|
|
|
|
|
; - %{milli}d
|
|
|
|
|
; - %{microseconds}d
|
|
|
|
|
; - %{micro}d
|
|
|
|
|
; %e: an environment variable (same as $_ENV or $_SERVER)
|
|
|
|
|
; it must be associated with embraces to specify the name of the env
|
|
|
|
|
; variable. Some exemples:
|
|
|
|
|
; variable. Some examples:
|
|
|
|
|
; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
|
|
|
|
|
; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
|
|
|
|
|
; %f: script filename
|
|
|
|
|
@ -275,7 +319,7 @@ pm.max_spare_servers = 3
|
|
|
|
|
; - %{megabytes}M
|
|
|
|
|
; - %{mega}M
|
|
|
|
|
; %n: pool name
|
|
|
|
|
; %o: ouput header
|
|
|
|
|
; %o: output header
|
|
|
|
|
; it must be associated with embraces to specify the name of the header:
|
|
|
|
|
; - %{Content-Type}o
|
|
|
|
|
; - %{X-Powered-By}o
|
|
|
|
|
@ -283,7 +327,7 @@ pm.max_spare_servers = 3
|
|
|
|
|
; - ....
|
|
|
|
|
; %p: PID of the child that serviced the request
|
|
|
|
|
; %P: PID of the parent of the child that serviced the request
|
|
|
|
|
; %q: the query string
|
|
|
|
|
; %q: the query string
|
|
|
|
|
; %Q: the '?' character if query string exists
|
|
|
|
|
; %r: the request URI (without the query string, see %q and %Q)
|
|
|
|
|
; %R: remote IP address
|
|
|
|
|
@ -291,13 +335,33 @@ pm.max_spare_servers = 3
|
|
|
|
|
; %t: server time the request was received
|
|
|
|
|
; it can accept a strftime(3) format:
|
|
|
|
|
; %d/%b/%Y:%H:%M:%S %z (default)
|
|
|
|
|
; The strftime(3) format must be encapsulated in a %{<strftime_format>}t tag
|
|
|
|
|
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
|
|
|
|
|
; %T: time the log has been written (the request has finished)
|
|
|
|
|
; it can accept a strftime(3) format:
|
|
|
|
|
; %d/%b/%Y:%H:%M:%S %z (default)
|
|
|
|
|
; The strftime(3) format must be encapsulated in a %{<strftime_format>}t tag
|
|
|
|
|
; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
|
|
|
|
|
; %u: remote user
|
|
|
|
|
;
|
|
|
|
|
; Default: "%R - %u %t \"%m %r\" %s"
|
|
|
|
|
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
|
|
|
|
|
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{milli}d %{kilo}M %C%%"
|
|
|
|
|
|
|
|
|
|
; A list of request_uri values which should be filtered from the access log.
|
|
|
|
|
;
|
|
|
|
|
; As a security precuation, this setting will be ignored if:
|
|
|
|
|
; - the request method is not GET or HEAD; or
|
|
|
|
|
; - there is a request body; or
|
|
|
|
|
; - there are query parameters; or
|
|
|
|
|
; - the response code is outwith the successful range of 200 to 299
|
|
|
|
|
;
|
|
|
|
|
; Note: The paths are matched against the output of the access.format tag "%r".
|
|
|
|
|
; On common configurations, this may look more like SCRIPT_NAME than the
|
|
|
|
|
; expected pre-rewrite URI.
|
|
|
|
|
;
|
|
|
|
|
; Default Value: not set
|
|
|
|
|
;access.suppress_path[] = /ping
|
|
|
|
|
;access.suppress_path[] = /health_check.php
|
|
|
|
|
|
|
|
|
|
; The log file for slow requests
|
|
|
|
|
; Default Value: not set
|
|
|
|
|
@ -310,6 +374,10 @@ pm.max_spare_servers = 3
|
|
|
|
|
; Default Value: 0
|
|
|
|
|
;request_slowlog_timeout = 0
|
|
|
|
|
|
|
|
|
|
; Depth of slow log stack trace.
|
|
|
|
|
; Default Value: 20
|
|
|
|
|
;request_slowlog_trace_depth = 20
|
|
|
|
|
|
|
|
|
|
; The timeout for serving a single request after which the worker process will
|
|
|
|
|
; be killed. This option should be used when the 'max_execution_time' ini option
|
|
|
|
|
; does not stop script execution for some reason. A value of '0' means 'off'.
|
|
|
|
|
@ -317,6 +385,14 @@ pm.max_spare_servers = 3
|
|
|
|
|
; Default Value: 0
|
|
|
|
|
;request_terminate_timeout = 0
|
|
|
|
|
|
|
|
|
|
; The timeout set by 'request_terminate_timeout' ini option is not engaged after
|
|
|
|
|
; application calls 'fastcgi_finish_request' or when application has finished and
|
|
|
|
|
; shutdown functions are being called (registered via register_shutdown_function).
|
|
|
|
|
; This option will enable timeout limit to be applied unconditionally
|
|
|
|
|
; even in such cases.
|
|
|
|
|
; Default Value: no
|
|
|
|
|
;request_terminate_timeout_track_finished = no
|
|
|
|
|
|
|
|
|
|
; Set open file descriptor rlimit.
|
|
|
|
|
; Default Value: system defined value
|
|
|
|
|
;rlimit_files = 1024
|
|
|
|
|
@ -344,18 +420,34 @@ chdir = /
|
|
|
|
|
|
|
|
|
|
; Redirect worker stdout and stderr into main error log. If not set, stdout and
|
|
|
|
|
; stderr will be redirected to /dev/null according to FastCGI specs.
|
|
|
|
|
; Note: on highloaded environement, this can cause some delay in the page
|
|
|
|
|
; Note: on highloaded environment, this can cause some delay in the page
|
|
|
|
|
; process time (several ms).
|
|
|
|
|
; Default Value: no
|
|
|
|
|
;catch_workers_output = yes
|
|
|
|
|
|
|
|
|
|
; Decorate worker output with prefix and suffix containing information about
|
|
|
|
|
; the child that writes to the log and if stdout or stderr is used as well as
|
|
|
|
|
; log level and time. This options is used only if catch_workers_output is yes.
|
|
|
|
|
; Settings to "no" will output data as written to the stdout or stderr.
|
|
|
|
|
; Default value: yes
|
|
|
|
|
;decorate_workers_output = no
|
|
|
|
|
|
|
|
|
|
; Clear environment in FPM workers
|
|
|
|
|
; Prevents arbitrary environment variables from reaching FPM worker processes
|
|
|
|
|
; by clearing the environment in workers before env vars specified in this
|
|
|
|
|
; pool configuration are added.
|
|
|
|
|
; Setting to "no" will make all environment variables available to PHP code
|
|
|
|
|
; via getenv(), $_ENV and $_SERVER.
|
|
|
|
|
; Default Value: yes
|
|
|
|
|
;clear_env = no
|
|
|
|
|
|
|
|
|
|
; Limits the extensions of the main script FPM will allow to parse. This can
|
|
|
|
|
; prevent configuration mistakes on the web server side. You should only limit
|
|
|
|
|
; FPM to .php extensions to prevent malicious users to use other extensions to
|
|
|
|
|
; exectute php code.
|
|
|
|
|
; execute php code.
|
|
|
|
|
; Note: set an empty value to allow all extensions.
|
|
|
|
|
; Default Value: .php
|
|
|
|
|
;security.limit_extensions = .php .php3 .php4 .php5
|
|
|
|
|
;security.limit_extensions = .php .php3 .php4 .php5 .php7
|
|
|
|
|
|
|
|
|
|
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
|
|
|
|
|
; the current environment.
|
|
|
|
|
@ -370,7 +462,7 @@ chdir = /
|
|
|
|
|
; overwrite the values previously defined in the php.ini. The directives are the
|
|
|
|
|
; same as the PHP SAPI:
|
|
|
|
|
; php_value/php_flag - you can set classic ini defines which can
|
|
|
|
|
; be overwritten from PHP call 'ini_set'.
|
|
|
|
|
; be overwritten from PHP call 'ini_set'.
|
|
|
|
|
; php_admin_value/php_admin_flag - these directives won't be overwritten by
|
|
|
|
|
; PHP call 'ini_set'
|
|
|
|
|
; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
|
|
|
|
|
|
Michael Heimpold