Forums / Install & configuration / Quick HOWTO: eZ Publish community 4.2011 on Debian 6 (Squeeze) with Nginx 1.0.0, php-FPM 5.3.6 and apc

Quick HOWTO: eZ Publish community 4.2011 on Debian 6 (Squeeze) with Nginx 1.0.0, php-FPM 5.3.6 and apc

Author Message

Daniel A. Øien

Thursday 21 April 2011 1:30:43 pm

Since there's a lot of scattered information on how to get eZ to work wih nginx, I am outlining the steps I have taken to get a working eZ Publish 4.2011 Community Project (~ 4.5) installation running with Nginx and pretty URL rewriting.

The following howto assumes a clean netinstall of Debian 6 (Squeeze) with only base admin tools installed, but should be adaptable to other versions and distributions. If you want to modify an existing LAMP setup, you should uninstall all apache and php packages before continuing.

Naturally, don't test this on a production server and always back up before attempting any modifications.

All operations are assumed to be executed as root unless otherwise noted.

Step 1: Update your apt sources file

Nginx 1.0.0 and PHP-FPM (FastCGI Process Manager) 5.3.6 is available on dotdeb, and your apt sources file should be updated accordingly.

Add the following to your /etc/apt/sources.list file:

deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all

Update the dotdeb key:
wget http://www.dotdeb.org/dotdeb.gpg
cat dotdeb.gpg | apt-key add -

Run:

apt-get update

Step 2: Install required packages

apt-get install nginx
apt-get install mysql-server
apt-get install php5-cli php5-common php5-suhosin
apt-get install php5-fpm php5-cgi php5-curl php5-gd php5-imagick php5-mysql php5-apc imagemagick

Step 3: configure PHP and nginx

Update the files listed below:

In /etc/php5/fpm/pool.d/www.conf:
listen = /tmp/php-fpm.sock

In /etc/php5/fpm/php.ini:
date.timezone = "YOUR TIME ZONE, such as Europe/Oslo"
short_open_tag = On
memory_limit = 256M
max_execution_time = 120
variables_order = "EGPCS"
cgi.fix_pathinfo=0

In /etc/php5/cli/php.ini:
date.timezone = "YOUR TIME ZONE, such as Europe/Oslo"
max_execution_time = 120

In /etc/nginx/sites-available/default:
(or other site config file. sites-available/sites-enabled work the same way as in apache)

(replace YOUR.INTERNET.HOSTNAME and YOUR_EZPUBLISH_ROOT as necessary)

server {

server_name YOUR.INTERNET.HOSTNAME;
root YOUR_EZPUBLISH_ROOT;

index index.php;

location / {

rewrite "^/var/storage/(.*)$" "/var/storage/$1" break;
rewrite "^/var/([^/]+)/storage/(.*)$" "/var/$1/storage/$2" break;
rewrite "^/var/(([^/]+/)?)cache/(texttoimage|public)/(.*)$" "/var/$1cache/$3/$4" break;
rewrite "^/design/([^/]+)/(stylesheets|images|javascript)/(.*)$" "/design/$1/$2/$3" break;
rewrite "^/share/icons/(.*)$" "/share/icons/$1" break;
rewrite "^/extension/([^/]+)/design/([^/]+)/(stylesheets|images|javascripts|javascript|flash|lib?)/(.*)$" "/extension/$1/design/$2/$3/$4" break;
rewrite "^/packages/styles/(.+)/(stylesheets|images|javascript)/([^/]+)/(.*)$" "/packages/styles/$1/$2/$3/$4" break;
rewrite "^/packages/styles/(.+)/thumbnail/(.*)$" "/packages/styles/$1/thumbnail/$2" break;
rewrite "^/favicon\.ico$" "/favicon.ico" break;
rewrite "^/robots\.txt$" "/robots.txt" break;
rewrite "^/var/cache/debug.html(.*)$" "/var/cache/debug.html$1" break;
rewrite "^/var/(([^/]+/)?)cache/public/(.*)$" "/var/$1cache/public/$3" break;
rewrite "^/var/([^/]+)/cache/debug\.html(.*)$" "/var/$1/cache/debug.html$2" break;
rewrite "content/treemenu/?$" "/index_treemenu.php" break;
rewrite "ezjscore/call/?$" "/index_ajax.php" break;
rewrite "^(.*)$" "/index.php?$1" last;

}

location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|swf|flv)$ {

access_log off;

expires 30d;

}

location ~ "^/[^/]*\.php$" {

set $script "index.php";
if ( $uri ~ "^/(.*\.php)" ) {
set $script $1;
}

fastcgi_pass unix:/tmp/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$script;
include fastcgi_params;

}
}

Step 4: reload php and nginx

/etc/init.d/php5-fpm restart
/etc/init.d/nginx restart

Step 5: Install or move eZ Publish

Download and unpack the eZ Publish distribution to the chosen web root directory and install as normal. You can also move an existing installation, but it should be upgraded to eZ Publish 4.5 or 4.2011 community because of issues with fastcgi in earlier versions.

Step 6: Update eZ Publish site.ini

eZ Publish doesn't automatically recognise virtual host mode on Nginx as opposed to Apache.

In settings/override/site.ini.append.php, add the following under the [SiteAccessSettings] block:

ForceVirtualHost=true

Step 7: Flush caches

su - www-data
cd /var/www/YOUR_EZ_PUBLISH_ROOT
php bin/php/ezcache.php --clear-all --purge

You should now have an eZ Publish installation that works just like it does under Apache - but with the load-handling and memory consumption benefits of Nginx.

Thanks to Boris Huisgen for providing the basic rewrite rules for nginx.

Daniel A. Øien
Open Concept SA, Norway
Web: http://openconcept.no/
In English: http://openconcept.no/eng

Heath

Friday 22 April 2011 1:22:31 am

Thanks for sharing! This would make a great article.

Cheers,

Heath

Brookins Consulting | http://brookinsconsulting.com/
Certified | http://auth.ez.no/certification/verify/380350
Solutions | http://projects.ez.no/users/community/brookins_consulting
eZpedia community documentation project | http://ezpedia.org

Bertrand Dunogier

Friday 22 April 2011 2:28:54 am

Thank you for your work on this, much appreciated !

Bertrand Dunogier
eZ Systems Engineering, Lyon
http://twitter.com/bdunogier
http://gplus.to/BertrandDunogier

Paolo Riva

Friday 22 April 2011 3:08:31 am

Great Guide.

I'm going to up a VM with Debian and try to make it works.

Tnx a lot Daniel.

Bye

Paolo.

...And Now For Something Completely Different!

My WebSites:
PhotoItaly - http://www.photoitaly.net

Nicolas Pastorino

Friday 22 April 2011 3:13:58 am

Hi Daniel,

Thanks so much for this comprehensive wrap-up, very useful !

It would definitely deserve to be published as a tutorial under http://share.ez.no/learn, or at least a blog post on your eZ Community blog (which you can create from your profile page http://share.ez.no/community/profile ), what do you think ?

Cheers,

--
Nicolas Pastorino
Director Community - eZ
Member of the Community Project Board

eZ Publish Community on twitter: http://twitter.com/ezcommunity

t : http://twitter.com/jeanvoye
G+ : http://plus.tl/jeanvoye

Daniel A. Øien

Friday 22 April 2011 4:25:43 am

I'll be happy to make a tutorial out of it after Easter - I just want to do some more testing first :)

If anyone finds some problems or errors, let me know. I also want to do some load testing on this configuration, and try it with a 2-server cluster setup. I suspect memcached may be overkill for a single-server setup, but I'm not certain yet.

Daniel A. Øien
Open Concept SA, Norway
Web: http://openconcept.no/
In English: http://openconcept.no/eng

Nicolas Pastorino

Friday 22 April 2011 5:02:06 am

"

I'll be happy to make a tutorial out of it after Easter - I just want to do some more testing first :)

If anyone finds some problems or errors, let me know. I also want to do some load testing on this configuration, and try it with a 2-server cluster setup. I suspect memcached may be overkill for a single-server setup, but I'm not certain yet.

"

Sounds all good, really looking forward to this !

Cheers,

--
Nicolas Pastorino
Director Community - eZ
Member of the Community Project Board

eZ Publish Community on twitter: http://twitter.com/ezcommunity

t : http://twitter.com/jeanvoye
G+ : http://plus.tl/jeanvoye

Daniel A. Øien

Friday 22 April 2011 2:19:15 pm

Working on a tutorial now. I'll add some more meat to it - like how to set up caching headers in nginx, and so on. I can already see how this could turn into a multipart "need for speed" series... :)

Daniel A. Øien
Open Concept SA, Norway
Web: http://openconcept.no/
In English: http://openconcept.no/eng

Gaetano Giunta

Tuesday 26 April 2011 4:24:19 am

A couple of notes:

1. it should not be necessary to allow php short open tags. Did you spot any places where this was causing problems? If so, please file them as bugs

2. your rewrite rules seem to allow direct access via web to all .php files in the root directory of eZ. Is this wanted? I'd not recommend it - a single rule for cluster setups would be better...

Principal Consultant International Business
Member of the Community Project Board

Daniel A. Øien

Tuesday 26 April 2011 5:21:35 am

I've updated a number of the settings in the tutorial, which is currently under review. It also contains a number of other nginx configuration settings in addition to the ones in the first post.

But you are quite correct - the rewrite rules should be applied first in order to hide system php files. I have updated the first post in this thread to reflect this. It should also be possible to optimise the rewrites for static content by using try_files for purely public content such as images, but that will have to be the subject of another post or tutorial :)

short_open_tag=On can safely be removed (it snuck in from a more generic howto on the subject). So can variables_order = "EGPCS", although eZ Publish will complain during installation finetuning - but as long as no third-party extensions rely on it, no problem.

Another thing that is coming in the tutorial is the update of /etc/nginx/fastcgi_params:

fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;

Without this configuration PHP-FPM might choke under heavy load. It can of course be tweaked to your particular environment.

Daniel A. Øien
Open Concept SA, Norway
Web: http://openconcept.no/
In English: http://openconcept.no/eng

Daniel A. Øien

Wednesday 27 April 2011 10:12:30 am

And in the interest of completeness, here's also my global configuration in /etc/nginx/nginx.conf:

user www-data;
worker_processes 4;
pid /var/run/nginx.pid;

 

events {

 

worker_connections 2048;
# multi_accept on;

 

}

 

http {

 

##
# Basic Settings

 

##

 

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;

 

include /etc/nginx/mime.types;
default_type application/octet-stream;

 

##
# Logging Settings
##

 

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

 

##
# Gzip Settings
##

 

gzip on;
gzip_vary on;
gzip_disable "msie6";
gzip_proxied any;
gzip_comp_level 5;
gzip_buffers 32 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

 

##
# Virtual Host Configs
##

 

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;

 

}

Daniel A. Øien
Open Concept SA, Norway
Web: http://openconcept.no/
In English: http://openconcept.no/eng