Drupal 7 on nginx
Config fragment to serve Drupal from nginx, using fastcgi. Includes config of cgi-bin for awstats.
/etc/nginx/sites-available/drupal:
server {
server_name site1.domain site2.domain; #One config file can serve multiple discrete drupal sites.
listen [::]:80;
root /usr/local/share/drupal;
client_max_body_size 8M;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log)$ {
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
location / {
# This is cool because no php is touched for static content
try_files $uri @rewrite;
}
location @rewrite {
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn't be needed (GlobalRedirect)
rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
gzip off;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_param SERVER_NAME $host;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php-cgi/php-cgi.socket;
# use stale cache if the backend fails.
fastcgi_cache_use_stale error timeout invalid_header http_500;
# cache key is based on the host and the uri, you could add other
# key variables here as it suites your needs
fastcgi_cache_key $host$request_uri$request_method;
# what to cache, and for how long
fastcgi_cache_valid 200 302 10m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
}
# Fighting with ImageCache? This little gem is amazing.
location ~ ^/sites/.*/files/imagecache/ {
try_files $uri @rewrite;
}
# Catch image styles for D7 too.
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location /cgi-bin {
root /usr/lib;
gzip off;
include fastcgi_params;
fastcgi_param SERVER_NAME $host;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
# use stale cache if the backend fails.
fastcgi_cache_use_stale error timeout invalid_header http_500;
# cache key is based on the host and the uri, you could add other
# key variables here as it suites your needs
fastcgi_cache_key $host$request_uri$request_method;
# what to cache, and for how long
fastcgi_cache_valid 200 302 10m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
access_log off;
}
location ^~ /awstats-icon {
alias /usr/share/awstats/icon/;
access_log off;
}
access_log /var/log/nginx/access-$host.log awstats;
}
The caching directives could probably do with some work, but I'll sort that out later.
You'll also need /etc/init.d/php-fastcgi:
#!/bin/bash
BIND=/var/run/php-cgi/php-cgi.socket
USER=www-data
PHP_FCGI_CHILDREN=8
PHP_FCGI_MAX_REQUESTS=1000
PHP_CGI=/usr/bin/php-cgi
PHP_CGI_NAME=`basename $PHP_CGI`
PHP_CGI_ARGS="- USER=$USER PATH=/usr/bin PHP_FCGI_CHILDREN=$PHP_FCGI_CHILDREN PHP_FCGI_MAX_REQUESTS=$PHP_FCGI_MAX_REQUESTS $PHP_CGI -b $BIND"
RETVAL=0
[ ! -e /var/run/php-cgi ] && mkdir /var/run/php-cgi
chown www-data:www-data /var/run/php-cgi
start() {
echo -n "Starting PHP FastCGI: "
start-stop-daemon --quiet --start --background --chuid "$USER" --exec /usr/bin/env -- $PHP_CGI_ARGS
RETVAL=$?
echo "$PHP_CGI_NAME."
}
stop() {
echo -n "Stopping PHP FastCGI: "
killall -q -w -u $USER $PHP_CGI
RETVAL=$?
echo "$PHP_CGI_NAME."
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
*)
echo "Usage: php-fastcgi {start|stop|restart}"
exit 1
;;
esac
exit $RETVAL
There's a couple of other changes needed, such as changeing "listen" in sites-available/default to:
listen [::]:80 default_server ipv6only=off;
Add new comment