nginx-logo

This is guide howto install Nginx with PHP 7.2.12 and PHP-FPM on Fedora 29/28/27, CentOS 7.5/6.10 and Red Hat (RHEL) 7.5/6.10. PHP-FPM is easier to use and configure than FastCGI and some tests says that PHP-FPM is even much more efficient than FastCGI.

Nginx (engine x) is a robust, small and high performance http server, reverse proxy server and also mail proxy server.

PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites.

1. Install Nginx, PHP 7.2.12 and PHP-FPM on Fedora 29/28/27, CentOS 7.5/6.10, Red Hat (RHEL) 7.5/6.10

1.1 Change to root user.

sudo -i
## OR ##
su -

1.2 Install needed repositories

Note: Fedora 29/28 no extra repos needed.

Fedora 27 Remi repository

## Remi Dependency on Fedora 27 ##
rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm 
rpm -Uvh http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm

## Fedora 27 ##
rpm -Uvh http://rpms.famillecollet.com/fedora/remi-release-27.rpm

CentOS 7.5/6.10 and Red Hat (RHEL) 7.5/6.10 Remi repository

## Remi Dependency on CentOS 7 and Red Hat (RHEL) 7 ##
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

## CentOS 7 and Red Hat (RHEL) 7 ##
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm


## Remi Dependency on CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
 
## CentOS 6 and Red Hat (RHEL) 6 ##
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

CentOS 7.5/6.10 and Red Hat (RHEL) 7.5/6.10 Nginx repository

Create file /etc/yum.repos.d/nginx.repo and add following content to repo file:
CentOS

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

Red Hat (RHEL)

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/
gpgcheck=0
enabled=1

1.3 Install Nginx, PHP 7.2.12 and PHP-FPM

Fedora 29/28

dnf install nginx php-fpm php-common

Fedora 27

dnf --enablerepo=remi --enablerepo=remi-php72 install nginx php-fpm php-common

CentOS 7.5/6.10 and Red Hat (RHEL) 7.5/6.10

yum --enablerepo=remi,remi-php72 install nginx php-fpm php-common

1.4 Install PHP 7.2.12 modules

  • OPcache (php-opcache) – The Zend OPcache provides faster PHP execution through opcode caching and optimization.
  • APCu (php-pecl-apcu) – APCu userland caching
  • CLI (php-cli) – Command-line interface for PHP
  • PEAR (php-pear) – PHP Extension and Application Repository framework
  • PDO (php-pdo) – A database access abstraction module for PHP applications
  • MySQL (php-mysqlnd) – A module for PHP applications that use MySQL databases
  • PostgreSQL (php-pgsql) – A PostgreSQL database module for PHP
  • MongoDB (php-pecl-mongodb) – PHP MongoDB database driver
  • Redis (php-pecl-redis) – Extension for communicating with the Redis key-value store
  • Memcache (php-pecl-memcache) – Extension to work with the Memcached caching daemon
  • Memcached (php-pecl-memcached) – Extension to work with the Memcached caching daemon
  • GD (php-gd) – A module for PHP applications for using the gd graphics library
  • XML (php-xml) – A module for PHP applications which use XML
  • MBString (php-mbstring) – A module for PHP applications which need multi-byte string handling
  • MCrypt (php-mcrypt) – Standard PHP module provides mcrypt library support

Select what you need: OPcache, APCu, CLI, PEAR, PDO, MySQL, PostgreSQL, MongoDB, Memcache, Memcached, GD, MBString, MCrypt, XML

More info about PHP APC from PHP APC Configuration and Usage Tips and Tricks

Fedora 29/28

dnf install php-opcache php-pecl-apcu php-cli php-pear php-pdo php-mysqlnd php-pgsql php-pecl-mongodb php-pecl-redis php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

Fedora 27

dnf --enablerepo=remi --enablerepo=remi-php72 install php-opcache php-pecl-apcu php-cli php-pear php-pdo php-mysqlnd php-pgsql php-pecl-mongodb php-pecl-redis php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

CentOS 7.5/6.10 and Red Hat (RHEL) 7.5/6.10

yum --enablerepo=remi,remi-php72 install php-opcache php-pecl-apcu php-cli php-pear php-pdo php-mysqlnd php-pgsql php-pecl-mongodb php-pecl-redis php-pecl-memcache php-pecl-memcached php-gd php-mbstring php-mcrypt php-xml

1.5 Stop httpd (Apache) server, Start Nginx HTTP server and PHP-FPM (FastCGI Process Manager)

Stop httpd (Apache)

## Fedora 29/28/27 and CentOS/RHEL 7.5 ##
systemctl stop httpd.service

## CentOS/RHEL 6.10 ##
/etc/init.d/httpd stop
## OR ##
service httpd stop

Start Nginx

## Fedora 29/28/27 and CentOS/RHEL 7.5 ##
systemctl start nginx.service

## CentOS/RHEL 6.10 ##
/etc/init.d/nginx start ## use restart after update
## OR ##
service nginx start ## use restart after update

Start PHP-FPM

## Fedora 29/28/27 and CentOS/RHEL 7.5 ##
systemctl start php-fpm.service

## CentOS/RHEL 6.10 ##
/etc/init.d/php-fpm start ## use restart after update
## OR ##
service php-fpm start ## use restart after update

1.6 Autostart Nginx and PHP-FPM on boot, also prevent httpd (Apache) autostarting on boot

Prevent httpd (Apache) autostarting on boot

## Fedora 29/28/27 and CentOS/RHEL 7.5 ##
systemctl disable httpd.service

## CentOS/RHEL 6.10 ##
chkconfig httpd off

Autostart Nginx on boot

## Fedora 29/28/27 and CentOS/RHEL 7.5 ##
systemctl enable nginx.service

## CentOS/RHEL 6.10 ##
chkconfig --add nginx
chkconfig --levels 235 nginx on

Autostart PHP-FPM on boot

## Fedora 29/28/27 and CentOS/RHEL 7.5 ##
systemctl enable php-fpm.service

## CentOS/RHEL 6.10 ##
chkconfig --add php-fpm
chkconfig --levels 235 php-fpm on

1.7 Configure Nginx and PHP-FPM

Latest Fedora Nginx + PHP-FPM builds use custom config, first restore default config

## Restore nginx default config ##
cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
cp /etc/nginx/nginx.conf.default /etc/nginx/nginx.conf

## Modify PHP-FPM to listen ip instead of socket ##
vi /etc/php-fpm.d/www.conf

## Change following ##
;listen = /run/php-fpm/www.sock
listen = 127.0.0.1:9000

Note: You can of course use socket also, but then change this guide virtual host accordingly.

Create directory layout for your site

I use here testsite.local site, but this could of course be your real site, like www.if-not-true-then-false.com.

## public_html directory and logs directory ##
mkdir -p /srv/www/testsite.local/public_html
mkdir /srv/www/testsite.local/logs
chown -R apache:apache /srv/www/testsite.local

Alternative setup to add logs under /var/log directory.

## public_html directory and logs directory ##
mkdir -p /srv/www/testsite.local/public_html
mkdir -p /var/log/nginx/testsite.local
chown -R apache:apache /srv/www/testsite.local
chown -R nginx:nginx /var/log/nginx

Note: I use apache user and group here, because PHP-FPM runs as apache default (apache choosed to be able to access some dir as httpd). If you use some other user on your php-fpm conf then change this accordingly.

Create and configure virtual host directories under /etc/nginx

mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled

Add following lines to /etc/nginx/nginx.conf file, after “include /etc/nginx/conf.d/*.conf” line (inside http block).

## Load virtual host conf files. ##
include /etc/nginx/sites-enabled/*;

Create testsite.local virtual host file

Add following content to /etc/nginx/sites-available/testsite.local file. This is very basic virtual host config.

server {
    server_name testsite.local;
    access_log /srv/www/testsite.local/logs/access.log;
    error_log /srv/www/testsite.local/logs/error.log;
    root /srv/www/testsite.local/public_html;

    location / {
        index index.html index.htm index.php;
    }

    location ~ \.php$ {
        include /etc/nginx/fastcgi_params;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}
cd /etc/nginx/sites-enabled/
ln -s /etc/nginx/sites-available/testsite.local

## Fedora 29/28/27 and CentOS/RHEL 7.5 ##
systemctl restart nginx.service ## or reload

## CentOS/RHEL 6.10 ##
/etc/init.d/nginx restart ## or reload
## OR ##
service nginx restart ## or reload

Add your testsite.local “domain” to /etc/hosts file

/etc/hosts file Nginx on same machine
127.0.0.1 … row should look like example following:

127.0.0.1               localhost.localdomain localhost testsite.local

And if you use another machine where you are running your Nginx server, then add it’s public IP as following:

10.0.2.19               wordpress

Note: This is just very simple basic configuration, but if you want configure and optimize Nginx and PHP-FPM more then check following guide, Nginx and PHP-FPM Configuration and Optimizing Tips and Tricks

1.8 Test your Nginx and PHP-FPM setup

Create /srv/www/testsite.local/public_html/index.php file with following content:

<?php 
    phpinfo();

Access following address, with your browser. http://testsite.local/
Nginx and PHP-FPM 7.1.7 running on Fedora 26

Note:
If you get 403 forbidden error, then you probably have problem with SELinux, then run simply following command:

chcon -R -t httpd_sys_content_t /srv/www/testsite.local/public_html
 
## Or some apps might need httpd_sys_rw_content_t ##
chcon -R -t httpd_sys_rw_content_t /srv/www/testsite.local/public_html

2. Enable Remote Connection to Nginx Web Server (Open Port 80 on Iptables Firewall)

2.1. CentOS/Red Hat (RHEL) 6.10

2.1.1 Edit /etc/sysconfig/iptables file:

nano -w /etc/sysconfig/iptables

2.1.2 Add following INPUT rule:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

2.1.3 Restart Iptables Firewall:

service iptables restart
## OR ##
/etc/init.d/iptables restart

2.2. Fedora 29/28/27 and CentOS/Red Hat (RHEL) 7.5

2.2.1 List Your Active Firewalld Zones

firewall-cmd --get-active-zones

Example output:

public
  interfaces: wlp1s0

2.2.2 Add New Rule to Firewalld

You might have active zone like public, FedoraWorkstation, FedoraServer.

firewall-cmd --permanent --zone=public --add-service=http

## OR ##

firewall-cmd --permanent --zone=public --add-port=80/tcp

2.2.3 Restart firewalld.service

systemctl restart firewalld.service

3. Test remote connection

Access following address, with your browser.

More reading:

Nginx and PHP-FPM Configuration and Optimizing Tips and Tricks >>