On 2018-05-17, Vadim Zhukov <persg...@gmail.com> wrote:
> 17 мая 2018 г. 5:50:16 GMT+03:00, justina colmena <just...@colmena.biz> пишет:
>
> Regarding su-php, I'd go with per-user php-fpm process, actually,
> that's much safer, and rarely used ones can easily wait in swap (I
> feel that you're trying to pack as much users as possible). You
> can ever use symlinks to create, e.g., /etc/rc.d/phpXY_fpm_USER1,
> /etc/rc.d/phpXY_fpm_USER2 and so on, and then set up different flags
> like "-u USER1" for those in rc.conf.

No need to run multiple copies of php-fpm yourself, it handles multi
uid itself. Various ways to handle chroot as well, you can chroot them
separately, or use a shared chroot and rely on permissions. This should
give you some ideas:

[global]
error_log = syslog
syslog.facility = daemon
log_level = notice

[www]
user = www
group = www
listen = /var/www/run/php-fpm.sock
listen.owner = www
listen.group = www
listen.mode = 0600
pm = dynamic
pm.max_children = 20
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
chroot = /var/www

[web1]
user = _web1
group = _web1
listen = /var/www/run/php-fpm-web1.sock
listen.owner = www
listen.group = www
listen.mode = 0600
pm = dynamic
pm.max_children = 20
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 2
chroot = /var/www
env[TMP] = /var/www/web1/tmp
env[TMPDIR] = /var/www/web1/tmp


Reply via email to