Unix socket support for php-fpm is BACK!

verne · December 30, 2021, 3:37pm

in reading a bug report somewhere, another person mentioned unix sockets for php-fpm …

and in my first upgrade (done yesterday) from 6.16 to 6.17 … ITS BACK … under System Settings – Server Templates ---- PHP Options … at the bottom is a new config item

FPM server connection
x default
x TCP port
x Unix socket file

THIS IS HUGE !!! as I believe socket support was withdrawn awhile ago !!

I am shocked a bit that the re-introduction of unix sockets was not highlighted in the release notes or other announcements.

But … I cannot see how to adjust, using the GUI, an individual existing virtual server/domain to change it from tcp port to socket. I certainly can manually edit httpd.conf and get it to work, as well as adjusting the php-fpm domain specific config file, but was hoping VirtualMin could do it for me.

For me and my on-going issues with SELinux (mostly solved BTW), moving from ports to sockets for php-fpm may solve some networking/port permission issues

THANKS for bringing it back !!

verne · December 30, 2021, 4:59pm

in looking further, noticed this line from the 6.16 changelog post

PHP-FPM using socket files instead of TCP ports is now fully supported, using the modify-web API command

so … I tried it on my new 6.17 system with

virtualmin modify-web --domain verne-no-write.com --php-fpm-socket

and … it worked … well, it TRIED to work but stumbled on a SELinux violation … I just submitted a patch on GITHUB to move from using /var/php-fpm/ to /var/run/php-fpm/ as SELinux already has a rule for the longer path name.

and with my patch applied locally, I now can modify an existing virtual server and switch back and forth –

virtualmin modify-web --domain verne-no-write.com --php-fpm-socket
virtualmin modify-web --domain verne-no-write.com --php-fpm-port
virtualmin modify-web --domain verne-no-write.com --php-fpm-socket

as often as I need to !!

oneearth · February 7, 2022, 8:40pm

I’m trying to use the Unix php-fpm feature but am running into troubles with permissions and systemctl restart resetting ownership of the socket file to root:root.

What is the Github patch that you’re referring to?

verne · February 9, 2022, 2:17pm

My suggested patch, which has yet to be accepted, was to change the LOCATION of the socket file.

oneearth · February 10, 2022, 10:37pm

where the heck are these socket files supposed to exist?

on a debian 10 system, virtualmin seems to put them in /var/php-fpm/1644…sock

but the 502 bad gateway nginx error I’m getting seems to be because /etc/php/8.0/fpm/pool.d/www.conf says:
listen = /run/php/php8.0-fpm.sock

but when I list /run/php/, php8.0-fpm doesn’t exist, only a link php-fpm.sock (which doesn’t seem end up linking to the socket at /var/php-fpm/1644…sock

link /var/run/php-fpm.sock → link /etc/alternatives/php-fpm.sock → /run/php/php8.0-fpm.sock

I guess I could try creating a symbolic link to /var/php-fpm/1644…sock for /run/php/php8.0-fpm.sock???

Nope, can’t get php8.0-fpm service to start, so there’s no current /var/php-fpm/1644…sock

have you run into another such mis-synchronization of links to sockets? or this a misconfiguration in the way I set up Virtualmin server templates?

system · April 18, 2022, 4:54pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.