User Tools

Site Tools


How to install NGINX + PHP-FPM on Raspberry Pi


The original article was published at Raspberry Hosting. It was written for an earlier Raspberry Pi OS. I've since installed nginx and php on the latest OS, Bullseye. The kernel was last compiled on October 26, 2022.

Package Installation

Please refer to the original article for the discussion. I'd repost it but I suspect I'd get in trouble for copyright violations.

It should be obvious but you need to be root to run these commands. If you are a purist you'll want to preface each command with sudo, but I'm sure some of these steps will fail if you do, so I suggest you become root by executing this command:

sudo -i

Pretty much every time you are about to install from the repo, you need to do this:

apt-get update && apt-get -y upgrade

The name of the package has changed from php-apc to php-apcu so:

apt-get install nginx php-fpm php-apcu

The repo doesn't have mysql any longer. So install mariadb instead. Note it will ask you which server to configure phpmyadmin. The choices are apache2 and lighttpd. Just press OK and go on. If you plan on using phpmyadmin with nginx, you'll have to configure it yourself.

apt-get install mariadb-client mariadb-server php-mysql phpmyadmin

Before we go any farther, let me add something:

export PHP_VER=7.4

That way you can copy and paste the commands without substituting your domain name and php version. Just remember to set the variables to match your system values. Use this command to determine the php version:

dpkg -l | grep fpm

It will return something like:

ii  php-fpm                               2:7.3+69                                all          server-side, HTML-embedded scripting language (FPM-CGI binary) (default)
ii  php7.3-fpm                            7.3.31-1~deb10u1                        armhf        server-side, HTML-embedded scripting language (FPM-CGI binary)

So in this instance, set PHP_VER to 7.3.

This section is identical to the original

addgroup --gid 10000 group001
adduser --home /home/x10.local -shell /dev/null --uid 10000 --gid 10000 \
 --disabled-password --disabled-login --gecos '' user001

The backslash at the end of the adduser is a continuation character. The adduser command ends with the “user001”. This wiki doesn't wrap, so without the backslash you wouldn't see the entire command without scrolling.

Configuration Files

Here's where we start to use the DOMAIN and PHP_VER variables we set earlier.

cp /etc/php/${PHP_VER}/fpm/pool.d/www.conf /etc/php/${PHP_VER}/fpm/pool.d/${DOMAIN}.conf

So you could edit the ${DOMAIN}.conf file and make some changes, or you could use this script to generate it.

WARNING if you are tempted to simply copy/paste the configuration data rather than copy the entire code block, don't unless you understand here documents and escaping special characters.

Otherwise you'll have problems you don't want to have to fix. Same goes for the nginx config file.

If you don't/can't write to the pool.d file, change the file name to something else like /tmp/sample and let the cat command write the file. To do that change the first line of this script to 'cat >/tmp/sample.conf «EOF' then figure out how to get that data into the /etc/php/${PHP_VER}/fpm/pool.d/${DOMAIN}.conf file. This is the way you would do it if you are attempting to run these instructions as a normal user.

Highlight and copy this block and paste it directly into your shell.

cat >/etc/php/${PHP_VER}/fpm/pool.d/${DOMAIN}.conf <<EOF
; pool name ('www' here)
; Unix user/group of processes
user = user001
group = group001
; The address on which to accept FastCGI requests.
;listen = /var/run/php${PHP_VER}-fpm-${DOMAIN}.sock
listen = /var/run/php/php${PHP_VER}-fpm-local.sock
; Set permissions for unix socket, if one is used. In Linux, read/write
listen.owner = user001 = group001
listen.mode = 0666
; Default Value: nothing is defined by default except the values in php.ini ...
; add php.ini admin values
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f noreply@${DOMAIN}
php_flag[display_errors] = off
php_admin_value[error_log] = /home/${DOMAIN}/logs/php/fpm-php.www.log
php_admin_flag[log_errors] = on
php_admin_value[upload_tmp_dir] = /home/${DOMAIN}/tmp
php_admin_value[session.save_path] = /home/${DOMAIN}/sessions
php_admin_value[open_basedir] = /home/${DOMAIN}/www:/home/${DOMAIN}/tmp:/home/${DOMAIN}/sessions
php_admin_value[mail.log] = /home/${DOMAIN}/logs/mail.log
php_admin_value[memory_limit] = 64M
php_admin_value[post_max_size] = 18M
php_admin_value[max_execution_time] = 60
php_admin_value[allow_url_fopen] = Off
php_admin_value[upload_max_filesize] = 18M
php_admin_value[date.timezone] = America/New_York
pm = ondemand
pm.max_children = 4

You may want to change a few of those settings. Namely the pm = ondemand could be pm = dynamic and depending on your load you could adjust the pm.max_children setting. Also unless you are on the east coast of the USA you'll want to change the timezone.

Here's my nginx config. Adjust as you need: Highlight and copy this block and paste it directly into your shell.

cat >/etc/nginx/sites-available/${DOMAIN}.conf  <<EOF
# redirect www
server {
        listen 80;
        server_name www.${DOMAIN};
        return 301 \$scheme://${DOMAIN}\$request_uri;
server {
        listen   80; ## listen for ipv4
        # root dir of your pages
        root /home/${DOMAIN}/www/;
        index index.php index.html index.htm;
        server_name ${DOMAIN};
        location / {
                try_files \$uri \$uri/ /index.html;
        # pass the PHP scripts to FastCGI
        location ~ \.php$ {
                try_files \$uri = 404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                # php${PHP_VER}-fpm :
                fastcgi_pass unix:/var/run/php/php${PHP_VER}-fpm-local.sock;
                fastcgi_index index.php;
#                include fastcgi_params;
                include fastcgi.conf;
        # deny access to .htaccess files, if Apache's document root concurs with nginx's one
        location ~ /\.ht {
                deny all;
        # error and access logs
        error_log /home/${DOMAIN}/logs/nginx-error.log debug;
        access_log /home/${DOMAIN}/logs/nginx-access.log;
        # other converting rewrite rules search on:
ln -s /etc/nginx/sites-available/${DOMAIN}.conf /etc/nginx/sites-enabled/
rm -f /etc/nginx/sites-enabled/default

Note: I had to replace the “include fastcgi_params” with include “fastcgi.conf”. The original file was missing a required parameter.

Now create the subdirectories.

mkdir /home/${DOMAIN}
cd /home/${DOMAIN}
mkdir logs sessions tmp www
chown -R user001.group001 *
chown user001.group001 /home/${DOMAIN}


service nginx restart && service php${PHP_VER}-fpm restart

Test with these commands:

cd /home/${DOMAIN}/www
cat >phpinfo.php <<EOF
phpinfo( );

Now bring up a browser and go to http://YOUR_DOMAIN/phpinfo.php.

Where YOUR_DOMAIN is the value you set into ${DOMAIN} earlier.

This is somewhat tested.

This was used to install nginx/php on a 32 bit Bullseye Pi4 on 28 January 2023, when I found a couple of bugs and fixed them.

nginx_php.txt · Last modified: 2023/01/28 21:10 by admin