備忘録

備忘録

Ubuntu で nginx + php-fpm の環境を用意する方法

Ⅰ. はじめに

タイトルの通り「Ubuntu で nginx + php-fpm の環境を用意する方法」です。

1. nginx をインストールする
apt install -y curl gnupg2 ca-certificates lsb-release
echo "deb http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" | tee /etc/apt/sources.list.d/nginx.list
curl -fsSL https://nginx.org/keys/nginx_signing.key | apt-key add -
apt update
apt install nginx
2. php7.4 をインストールする
apt install -y software-properties-common
add-apt-repository ppa:ondrej/php
apt update
apt install -y php7.4 php7.4-dev php7.4-fpm php7.4-mysql php7.4-pdo php7.4-gd php7.4-mbstring php7.4-zip php7.4-dom php7.4-curl
3. nginx の設定を変更する

/etc/nginx/nginx.conf

http {
  server_tokens off;

  # IPアドレスでのアクセスを制限する
  # https://stackoverflow.com/a/42802777/4771485
  server {
    listen      80 default_server;
    listen      [::]:80 default_server;
    server_name "";
    return      444;
  }
}

/etc/nginx/conf.d/80_web.conf

server {
  listen 80;
  # server_name hoge.com;
  root /var/www/html/MyWebsite/public;
  index index.php index.html;

  client_max_body_size 128M;

  location / {
    try_files $uri $uri/ /index.php?$query_string;
  }

  location ~ \.php$ {
    try_files                $uri = 404;
    include                  /etc/nginx/fastcgi_params;
    #fastcgi_pass             127.0.0.1:9000;
    fastcgi_pass             unix:/run/php/php7.4-fpm.sock;

    fastcgi_index            index.php;
    fastcgi_split_path_info  ^(.+\.php)(/.+)$;

    fastcgi_param            SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param            PATHINFO        $fastcgi_path_info;
    fastcgi_param            PATH_TRANSLATED $document_root$fastcgi_path_info;

    fastcgi_buffers 8 128k;
    fastcgi_buffer_size 256k;
    fastcgi_read_timeout 60;
  }
}
4. PHP の設定を変更する

/etc/php/7.4/fpm/pool.d/www.conf

user = www-data
group = www-data

listen.owner = nginx
listen.group = nginx

pm = dynamic
pm.max_children = 100
pm.start_servers = 10
pm.min_spare_servers = 10
pm.max_spare_servers = 10

/etc/php/7.4/cli/php.ini

[PHP]
expose_php = Off
default_charset = "UTF-8"
post_max_size = 128M
upload_max_filesize = 128M

[Date]
date.timezone = "Asia/Tokyo"

[mbstring]
mbstring.language = Japanese

[curl]
# https://curl.se/docs/caextract.html
curl.cainfo = /etc/php/cacert.pem
5. ポート80を開放する
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
6. サーバを起動する
systemctl enable nginx
systemctl enable php7.4-fpm
systemctl restart nginx
systemctl restart php7.4-fpm