Table of Contents
How to install NGINX + PHP-FPM on Raspberry Pi
Credits
The original article was published at Raspberry Hosting. It was written for an earlier Raspberry Pi OS. I've since installed nginx and php on the latest OS, Bullseye. The kernel was last compiled on October 26, 2022.
Package Installation
Please refer to the original article for the discussion. I'd repost it but I suspect I'd get in trouble for copyright violations.
It should be obvious but you need to be root to run these commands. If you are a purist you'll want to preface each command with sudo, but I'm sure some of these steps will fail if you do, so I suggest you become root by executing this command:
sudo -i
Pretty much every time you are about to install from the repo, you need to do this:
apt-get update && apt-get -y upgrade
The name of the package has changed from php-apc to php-apcu so:
apt-get install nginx php-fpm php-apcu
The repo doesn't have mysql any longer. So install mariadb instead. Note it will ask you which server to configure phpmyadmin. The choices are apache2 and lighttpd. Just press OK and go on. If you plan on using phpmyadmin with nginx, you'll have to configure it yourself.
apt-get install mariadb-client mariadb-server php-mysql phpmyadmin
Before we go any farther, let me add something:
export DOMAIN=mydomain.com export PHP_VER=7.4
That way you can copy and paste the commands without substituting your domain name and php version. Just remember to set the variables to match your system values. Use this command to determine the php version:
dpkg -l | grep fpm
It will return something like:
ii php-fpm 2:7.3+69 all server-side, HTML-embedded scripting language (FPM-CGI binary) (default) ii php7.3-fpm 7.3.31-1~deb10u1 armhf server-side, HTML-embedded scripting language (FPM-CGI binary)
So in this instance, set PHP_VER to 7.3.
This section is identical to the original
addgroup --gid 10000 group001 adduser --home /home/x10.local -shell /dev/null --uid 10000 --gid 10000 \ --disabled-password --disabled-login --gecos '' user001
The backslash at the end of the adduser is a continuation character. The adduser command ends with the “user001”. This wiki doesn't wrap, so without the backslash you wouldn't see the entire command without scrolling.
Configuration Files
Here's where we start to use the DOMAIN and PHP_VER variables we set earlier.
cp /etc/php/${PHP_VER}/fpm/pool.d/www.conf /etc/php/${PHP_VER}/fpm/pool.d/${DOMAIN}.conf
So you could edit the ${DOMAIN}.conf file and make some changes, or you could use this script to generate it.
WARNING if you are tempted to simply copy/paste the configuration data rather than copy the entire code block, don't unless you understand here documents and escaping special characters.
Otherwise you'll have problems you don't want to have to fix. Same goes for the nginx config file.
If you don't/can't write to the pool.d file, change the file name to something else like /tmp/sample and let the cat command write the file. To do that change the first line of this script to 'cat >/tmp/sample.conf «EOF' then figure out how to get that data into the /etc/php/${PHP_VER}/fpm/pool.d/${DOMAIN}.conf file. This is the way you would do it if you are attempting to run these instructions as a normal user.
Highlight and copy this block and paste it directly into your shell.
cat >/etc/php/${PHP_VER}/fpm/pool.d/${DOMAIN}.conf <<EOF ; pool name ('www' here) [${DOMAIN}] ; Unix user/group of processes user = user001 group = group001 ; The address on which to accept FastCGI requests. ;listen = /var/run/php${PHP_VER}-fpm-${DOMAIN}.sock listen = /var/run/php/php${PHP_VER}-fpm-local.sock ; Set permissions for unix socket, if one is used. In Linux, read/write listen.owner = user001 listen.group = group001 listen.mode = 0666 ; Default Value: nothing is defined by default except the values in php.ini ... ; add php.ini admin values php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f noreply@${DOMAIN} php_flag[display_errors] = off php_admin_value[error_log] = /home/${DOMAIN}/logs/php/fpm-php.www.log php_admin_flag[log_errors] = on php_admin_value[upload_tmp_dir] = /home/${DOMAIN}/tmp php_admin_value[session.save_path] = /home/${DOMAIN}/sessions php_admin_value[open_basedir] = /home/${DOMAIN}/www:/home/${DOMAIN}/tmp:/home/${DOMAIN}/sessions php_admin_value[mail.log] = /home/${DOMAIN}/logs/mail.log php_admin_value[memory_limit] = 64M php_admin_value[post_max_size] = 18M php_admin_value[max_execution_time] = 60 php_admin_value[allow_url_fopen] = Off php_admin_value[upload_max_filesize] = 18M php_admin_value[date.timezone] = America/New_York pm = ondemand pm.max_children = 4 EOF
You may want to change a few of those settings. Namely the pm = ondemand could be pm = dynamic and depending on your load you could adjust the pm.max_children setting. Also unless you are on the east coast of the USA you'll want to change the timezone.
Here's my nginx config. Adjust as you need: Highlight and copy this block and paste it directly into your shell.
cat >/etc/nginx/sites-available/${DOMAIN}.conf <<EOF # redirect www server { listen 80; server_name www.${DOMAIN}; return 301 \$scheme://${DOMAIN}\$request_uri; } server { listen 80; ## listen for ipv4 # root dir of your pages root /home/${DOMAIN}/www/; index index.php index.html index.htm; server_name ${DOMAIN}; location / { try_files \$uri \$uri/ /index.html; } # pass the PHP scripts to FastCGI location ~ \.php$ { try_files \$uri = 404; fastcgi_split_path_info ^(.+\.php)(/.+)$; # php${PHP_VER}-fpm : fastcgi_pass unix:/var/run/php/php${PHP_VER}-fpm-local.sock; fastcgi_index index.php; # include fastcgi_params; include fastcgi.conf; } # deny access to .htaccess files, if Apache's document root concurs with nginx's one location ~ /\.ht { deny all; } # error and access logs error_log /home/${DOMAIN}/logs/nginx-error.log debug; access_log /home/${DOMAIN}/logs/nginx-access.log; # other converting rewrite rules search on: # http://nginx.org/en/docs/http/converting_rewrite_rules.html # } EOF ln -s /etc/nginx/sites-available/${DOMAIN}.conf /etc/nginx/sites-enabled/ rm -f /etc/nginx/sites-enabled/default
Note: I had to replace the “include fastcgi_params” with include “fastcgi.conf”. The original file was missing a required parameter.
Now create the subdirectories.
mkdir /home/${DOMAIN} cd /home/${DOMAIN} mkdir logs sessions tmp www chown -R user001.group001 * chown user001.group001 /home/${DOMAIN}
Finish
service nginx restart && service php${PHP_VER}-fpm restart
Test with these commands:
cd /home/${DOMAIN}/www cat >phpinfo.php <<EOF <?php phpinfo( ); ?> EOF
Now bring up a browser and go to http://YOUR_DOMAIN/phpinfo.php.
Where YOUR_DOMAIN is the value you set into ${DOMAIN} earlier.
This is somewhat tested.
This was used to install nginx/php on a 32 bit Bullseye Pi4 on 28 January 2023, when I found a couple of bugs and fixed them.