diff --git a/etc/php/8.0/fpm/php-fpm.conf~ b/etc/php/8.1/fpm/php-fpm.conf similarity index 95% rename from etc/php/8.0/fpm/php-fpm.conf~ rename to etc/php/8.1/fpm/php-fpm.conf index c9ea461..ef1bc83 100644 --- a/etc/php/8.0/fpm/php-fpm.conf~ +++ b/etc/php/8.1/fpm/php-fpm.conf @@ -14,16 +14,14 @@ ; Pid file ; Note: the default prefix is /var ; Default Value: none -; Warning: if you change the value here, you need to modify systemd -; service PIDFile= setting to match the value here. -pid = /run/php/php8.0-fpm.pid +pid = /run/php/php8.1-fpm.pid ; Error log file ; If it's set to "syslog", log is sent to syslogd instead of being written ; into a local file. ; Note: the default prefix is /var ; Default Value: log/php-fpm.log -error_log = /var/log/php8.0-fpm.log +error_log = /var/log/php/php8.1-fpm.log ; syslog_facility is used to specify what type of program is logging the ; message. This lets syslogd specify that messages from different facilities @@ -66,6 +64,7 @@ error_log = /var/log/php8.0-fpm.log ; of '0' means 'Off'. ; Default Value: 0 ;emergency_restart_threshold = 0 +emergency_restart_threshold = 10 ; Interval of time used by emergency_restart_interval to determine when ; a graceful restart will be initiated. This can be useful to work around @@ -74,12 +73,14 @@ error_log = /var/log/php8.0-fpm.log ; Default Unit: seconds ; Default Value: 0 ;emergency_restart_interval = 0 +emergency_restart_interval = 60 ; Time limit for child processes to wait for a reaction on signals from master. ; Available units: s(econds), m(inutes), h(ours), or d(ays) ; Default Unit: seconds ; Default Value: 0 ;process_control_timeout = 0 +process_control_timeout = 10 ; The maximum number of processes FPM will fork. This has been designed to control ; the global number of processes when using dynamic PM within a lot of pools. @@ -142,4 +143,4 @@ error_log = /var/log/php8.0-fpm.log ; Relative path can also be used. They will be prefixed by: ; - the global prefix if it's been set (-p argument) ; - /usr otherwise -include=/etc/php/8.0/fpm/pool.d/*.conf +include=/etc/php/8.1/fpm/pool.d/*.conf diff --git a/etc/php/8.0/fpm/php.ini~ b/etc/php/8.1/fpm/php.ini similarity index 95% rename from etc/php/8.0/fpm/php.ini~ rename to etc/php/8.1/fpm/php.ini index 0e85a95..6420ae6 100644 --- a/etc/php/8.0/fpm/php.ini~ +++ b/etc/php/8.1/fpm/php.ini @@ -88,7 +88,6 @@ ;;;;;;;;;;;;;;;;;;; ; Quick Reference ; ;;;;;;;;;;;;;;;;;;; - ; The following are all the settings which are different in either the production ; or development versions of the INIs with respect to PHP's default behavior. ; Please see the actual settings later in the document for more details as to why @@ -100,12 +99,12 @@ ; Production Value: Off ; display_startup_errors -; Default Value: On +; Default Value: Off ; Development Value: On ; Production Value: Off ; error_reporting -; Default Value: E_ALL +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED ; Development Value: E_ALL ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT @@ -149,21 +148,16 @@ ; Development Value: Off ; Production Value: Off +; track_errors +; Default Value: Off +; Development Value: On +; Production Value: Off + ; variables_order ; Default Value: "EGPCS" ; Development Value: "GPCS" ; Production Value: "GPCS" -; zend.exception_ignore_args -; Default Value: Off -; Development Value: Off -; Production Value: On - -; zend.exception_string_param_max_len -; Default Value: 15 -; Development Value: 15 -; Production Value: 0 - ;;;;;;;;;;;;;;;;;;;; ; php.ini Options ; ;;;;;;;;;;;;;;;;;;;; @@ -295,13 +289,6 @@ implicit_flush = Off ; callback-function. unserialize_callback_func = -; The unserialize_max_depth specifies the default depth limit for unserialized -; structures. Setting the depth limit too high may result in stack overflows -; during unserialization. The unserialize_max_depth ini setting can be -; overridden by the max_depth option on individual unserialize() calls. -; A value of 0 disables the depth limit. -;unserialize_max_depth = 4096 - ; When floats & doubles are serialized, store serialize_precision significant ; digits after the floating point. The default value ensures that when floats ; are decoded with unserialize, the data will remain the same. @@ -317,12 +304,12 @@ serialize_precision = -1 ; http://php.net/open-basedir ;open_basedir = -; This directive allows you to disable certain functions. +; This directive allows you to disable certain functions for security reasons. ; It receives a comma-delimited list of function names. ; http://php.net/disable-functions disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, -; This directive allows you to disable certain classes. +; This directive allows you to disable certain classes for security reasons. ; It receives a comma-delimited list of class names. ; http://php.net/disable-classes disable_classes = @@ -363,31 +350,21 @@ zend.enable_gc = On ; If enabled, scripts may be written in encodings that are incompatible with ; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such ; encodings. To use this feature, mbstring extension must be enabled. +; Default: Off ;zend.multibyte = Off ; Allows to set the default encoding for the scripts. This value will be used ; unless "declare(encoding=...)" directive appears at the top of the script. ; Only affects if zend.multibyte is set. +; Default: "" ;zend.script_encoding = -; Allows to include or exclude arguments from stack traces generated for exceptions. -; In production, it is recommended to turn this setting on to prohibit the output +; Allows to include or exclude arguments from stack traces generated for exceptions +; Default: Off +; In production, it is recommended to turn this setting on to prohibit the output ; of sensitive information in stack traces -; Default Value: Off -; Development Value: Off -; Production Value: On zend.exception_ignore_args = On -; Allows setting the maximum string length in an argument of a stringified stack trace -; to a value between 0 and 1000000. -; This has no effect when zend.exception_ignore_args is enabled. -; Default Value: 15 -; Development Value: 15 -; Production Value: 0 -; In production, it is recommended to set this to 0 to reduce the output -; of sensitive information in stack traces. -zend.exception_string_param_max_len = 0 - ;;;;;;;;;;;;;;;;; ; Miscellaneous ; ;;;;;;;;;;;;;;;;; @@ -425,7 +402,7 @@ max_input_time = 60 ; How many GET/POST/COOKIE input variables may be accepted ;max_input_vars = 1000 -; Maximum amount of memory a script may consume +; Maximum amount of memory a script may consume (128MB) ; http://php.net/memory-limit memory_limit = 128M @@ -479,7 +456,7 @@ memory_limit = 128M ; E_ALL & ~E_NOTICE (Show all errors, except for notices) ; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) ; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; Default Value: E_ALL +; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED ; Development Value: E_ALL ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT ; http://php.net/error-reporting @@ -503,9 +480,11 @@ error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors = Off ; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. We strongly recommend you set this to 'off' -; for production servers to avoid leaking configuration details. -; Default Value: On +; separately from display_errors. PHP's default behavior is to suppress those +; errors from clients. Turning the display of startup errors on can be useful in +; debugging configuration problems. We strongly recommend you +; set this to 'off' for production servers. +; Default Value: Off ; Development Value: On ; Production Value: Off ; http://php.net/display-startup-errors @@ -543,9 +522,19 @@ ignore_repeated_source = Off ; http://php.net/report-memleaks report_memleaks = On -; This setting is off by default. +; This setting is on by default. ;report_zend_debug = 0 +; Store the last error/warning message in $php_errormsg (boolean). Setting this value +; to On can assist in debugging and is appropriate for development servers. It should +; however be disabled on production servers. +; This directive is DEPRECATED. +; Default Value: Off +; Development Value: Off +; Production Value: Off +; http://php.net/track-errors +;track_errors = Off + ; Turn off normal error reporting and emit XML-RPC error XML ; http://php.net/xmlrpc-errors ;xmlrpc_errors = 0 @@ -700,7 +689,7 @@ auto_globals_jit = On ; Its value may be 0 to disable the limit. It is ignored if POST data reading ; is disabled through enable_post_data_reading. ; http://php.net/post-max-size -post_max_size = 8M +post_max_size = 10M ; Automatically add files before PHP document. ; http://php.net/auto-prepend-file @@ -852,7 +841,7 @@ file_uploads = On ; Maximum allowed size for uploaded files. ; http://php.net/upload-max-filesize -upload_max_filesize = 2M +upload_max_filesize = 10M ; Maximum number of files that can be uploaded via a single request max_file_uploads = 20 @@ -921,10 +910,8 @@ default_socket_timeout = 60 ; ;extension=bz2 ;extension=curl -;extension=ffi -;extension=ftp ;extension=fileinfo -;extension=gd +;extension=gd2 ;extension=gettext ;extension=gmp ;extension=intl @@ -934,7 +921,6 @@ default_socket_timeout = 60 ;extension=exif ; Must be after mbstring as it depends on it ;extension=mysqli ;extension=oci8_12c ; Use with Oracle Database 12c Instant Client -;extension=oci8_19 ; Use with Oracle Database 19 Instant Client ;extension=odbc ;extension=openssl ;extension=pdo_firebird @@ -955,10 +941,9 @@ default_socket_timeout = 60 ;extension=sodium ;extension=sqlite3 ;extension=tidy +;extension=xmlrpc ;extension=xsl -;zend_extension=opcache - ;;;;;;;;;;;;;;;;;;; ; Module Settings ; ;;;;;;;;;;;;;;;;;;; @@ -979,10 +964,10 @@ cli_server.color = On ;date.default_longitude = 35.2333 ; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.833333 +;date.sunrise_zenith = 90.583333 ; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.833333 +;date.sunset_zenith = 90.583333 [filter] ; http://php.net/filter.default @@ -1059,6 +1044,8 @@ cli_server.color = On ; http://php.net/pdo-odbc.connection-pooling ;pdo_odbc.connection_pooling=strict +;pdo_odbc.db2_instance_name + [Pdo_mysql] ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. @@ -1399,8 +1386,7 @@ session.cookie_domain = session.cookie_httponly = ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) -; Current valid values are "Strict", "Lax" or "None". When using "None", -; make sure to include the quotes, as `none` is interpreted like `false` in ini files. +; Current valid values are "Lax" or "Strict" ; https://tools.ietf.org/html/draft-west-first-party-cookies-07 session.cookie_samesite = @@ -1408,9 +1394,12 @@ session.cookie_samesite = ; http://php.net/session.serialize-handler session.serialize_handler = php -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using gc_probability/gc_divisor, -; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. +; Defines the probability that the 'garbage collection' process is started +; on every session initialization. The probability is calculated by using +; gc_probability/gc_divisor. Where session.gc_probability is the numerator +; and gc_divisor is the denominator in the equation. Setting this value to 1 +; when the session.gc_divisor value is 100 will give you approximately a 1% chance +; the gc will run on any given request. ; Default Value: 1 ; Development Value: 1 ; Production Value: 1 @@ -1418,9 +1407,13 @@ session.serialize_handler = php session.gc_probability = 0 ; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using gc_probability/gc_divisor, -; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. -; For high volume production servers, using a value of 1000 is a more efficient approach. +; session initialization. The probability is calculated by using the following equation: +; gc_probability/gc_divisor. Where session.gc_probability is the numerator and +; session.gc_divisor is the denominator in the equation. Setting this value to 100 +; when the session.gc_probability value is 1 will give you approximately a 1% chance +; the gc will run on any given request. Increasing this value to 1000 will give you +; a 0.1% chance the gc will run on any given request. For high volume production servers, +; this is a more efficient approach. ; Default Value: 100 ; Development Value: 1000 ; Production Value: 1000 @@ -1436,8 +1429,8 @@ session.gc_maxlifetime = 1440 ; (see session.save_path above), then garbage collection does *not* ; happen automatically. You will need to do your own garbage ; collection through a shell script, cron entry, or some other method. -; For example, the following script is the equivalent of setting -; session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; For example, the following script would is the equivalent of +; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): ; find /path/to/sessions -cmin +24 -type f | xargs rm ; Check HTTP Referer to invalidate externally stored URLs containing ids. @@ -1594,6 +1587,11 @@ zend.assertions = -1 ; http://php.net/assert.callback ;assert.callback = 0 +; Eval the expression with current error_reporting(). Set to true if you want +; error_reporting(0) around the eval(). +; http://php.net/assert.quiet-eval +;assert.quiet_eval = 0 + [COM] ; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs ; http://php.net/com.typelib-file @@ -1619,10 +1617,6 @@ zend.assertions = -1 ; Default: system ANSI code page ;com.code_page= -; The version of the .NET framework to use. The value of the setting are the first three parts -; of the framework's version number, separated by dots, and prefixed with "v", e.g. "v4.0.30319". -;com.dotnet_version= - [mbstring] ; language for internal character representation. ; This affects mb_send_mail() and mbstring.detect_order. @@ -1640,7 +1634,7 @@ zend.assertions = -1 ; http input encoding. ; mbstring.encoding_translation = On is needed to use this setting. ; If empty, default_charset or input_encoding or mbstring.input is used. -; The precedence is: default_charset < input_encoding < mbstring.http_input +; The precedence is: default_charset < input_encoding < mbsting.http_input ; http://php.net/mbstring.http-input ;mbstring.http_input = @@ -1672,8 +1666,20 @@ zend.assertions = -1 ; http://php.net/mbstring.substitute-character ;mbstring.substitute_character = none -; Enable strict encoding detection. -;mbstring.strict_detection = Off +; overload(replace) single byte functions by mbstring functions. +; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), +; etc. Possible values are 0,1,2,4 or combination of them. +; For example, 7 for overload everything. +; 0: No overload +; 1: Overload mail() function +; 2: Overload str*() functions +; 4: Overload ereg*() functions +; http://php.net/mbstring.func-overload +;mbstring.func_overload = 0 + +; enable strict encoding detection. +; Default: Off +;mbstring.strict_detection = On ; This directive specifies the regex pattern of content types for which mb_output_handler() ; is activated. @@ -1682,12 +1688,9 @@ zend.assertions = -1 ; This directive specifies maximum stack depth for mbstring regular expressions. It is similar ; to the pcre.recursion_limit for PCRE. +; Default: 100000 ;mbstring.regex_stack_limit=100000 -; This directive specifies maximum retry count for mbstring regular expressions. It is similar -; to the pcre.backtrack_limit for PCRE. -;mbstring.regex_retry_limit=1000000 - [gd] ; Tell the jpeg decode to ignore warnings and try to create ; a gd image. The warning will then be displayed as notices @@ -1800,11 +1803,6 @@ ldap.max_links = -1 ; size of the optimized code. ;opcache.save_comments=1 -; If enabled, compilation warnings (including notices and deprecations) will -; be recorded and replayed each time a file is included. Otherwise, compilation -; warnings will only be emitted when the file is first cached. -;opcache.record_warnings=0 - ; Allow file existence override (file_exists, etc.) performance feature. ;opcache.enable_file_override=0 @@ -1899,11 +1897,6 @@ ldap.max_links = -1 ; http://php.net/opcache.preload ;opcache.preload= -; Preloading code as root is not allowed for security reasons. This directive -; facilitates to let the preloading to be run as another user. -; http://php.net/opcache.preload_user -;opcache.preload_user= - ; Prevents caching files that are less than this number of seconds old. It ; protects from caching of incompletely updated files. In case all file updates ; on your site are atomic, you may increase performance by setting it to "0". @@ -1936,11 +1929,8 @@ ldap.max_links = -1 ;openssl.capath= [ffi] -; FFI API restriction. Possible values: +; FFI API restriction. Possibe values: ; "preload" - enabled in CLI scripts and preloaded files (default) ; "false" - always disabled ; "true" - always enabled ;ffi.enable=preload - -; List of headers files to preload, wildcard patterns allowed. -;ffi.preload= diff --git a/etc/php/8.1/fpm/pool.d/lemper.conf b/etc/php/8.1/fpm/pool.d/lemper.conf new file mode 100644 index 0000000..f4c80aa --- /dev/null +++ b/etc/php/8.1/fpm/pool.d/lemper.conf @@ -0,0 +1,50 @@ +[lemper] +user = lemper +group = lemper + +listen = /run/php/php8.1-fpm.$pool.sock +listen.owner = lemper +listen.group = lemper +listen.mode = 0666 +;listen.allowed_clients = 127.1.0.1 + +; Custom PHP-FPM optimization +; adjust here to meet your needs. +pm = dynamic +pm.max_children = 5 +pm.start_servers = 2 +pm.min_spare_servers = 1 +pm.max_spare_servers = 3 +pm.process_idle_timeout = 30s +pm.max_requests = 500 + +pm.status_path = /status +ping.path = /ping + +slowlog = /var/log/php/php8.1-fpm_slow.$pool.log +request_slowlog_timeout = 10s + +;chroot = /home/lemper +chdir = /home/lemper + +;catch_workers_output = yes +;decorate_workers_output = no + +security.limit_extensions = .php .php8 .php81 + +; Custom PHP ini settings. +php_flag[display_errors] = On +;php_admin_value[error_reporting] = E_ALL & ~E_DEPRECATED & ~E_STRICT +;php_admin_value[disable_functions] = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,passthru,popen,proc_open,shell_exec,system +php_admin_flag[log_errors] = On +php_admin_value[error_log] = /var/log/php/php8.1-fpm.$pool.log +php_admin_value[date.timezone] = UTC +php_admin_value[memory_limit] = 128M +php_admin_value[opcache.file_cache] = /home/lemper/.lemper/php/opcache +php_admin_value[open_basedir] = /home/lemper +php_admin_value[session.save_path] = /home/lemper/.lemper/php/sessions +php_admin_value[sys_temp_dir] = /home/lemper/.lemper/tmp +php_admin_value[upload_tmp_dir] = /home/lemper/.lemper/tmp +php_admin_value[upload_max_filesize] = 20M +php_admin_value[post_max_size] = 20M +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f you@yourmail.com diff --git a/etc/php/8.1/fpm/pool.d/www.conf b/etc/php/8.1/fpm/pool.d/www.conf new file mode 100644 index 0000000..d3803b9 --- /dev/null +++ b/etc/php/8.1/fpm/pool.d/www.conf @@ -0,0 +1,446 @@ +; Start a new pool named 'www'. +; the variable $pool can be used in any directive and will be replaced by the +; pool name ('www' here) +[www] + +; Per pool prefix +; It only applies on the following directives: +; - 'access.log' +; - 'slowlog' +; - 'listen' (unixsocket) +; - 'chroot' +; - 'chdir' +; - 'php_values' +; - 'php_admin_values' +; When not set, the global prefix (or /usr) applies instead. +; Note: This directive can also be relative to the global prefix. +; Default Value: none +;prefix = /path/to/pools/$pool + +; Unix user/group of processes +; Note: The user is mandatory. If the group is not set, the default user's group +; will be used. +user = www-data +group = www-data + +; The address on which to accept FastCGI requests. +; Valid syntaxes are: +; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on +; a specific port; +; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on +; a specific port; +; 'port' - to listen on a TCP socket to all addresses +; (IPv6 and IPv4-mapped) on a specific port; +; '/path/to/unix/socket' - to listen on a unix socket. +; Note: This value is mandatory. +listen = /run/php/php8.1-fpm.sock + +; Set listen(2) backlog. +; Default Value: 511 (-1 on FreeBSD and OpenBSD) +;listen.backlog = 511 + +; Set permissions for unix socket, if one is used. In Linux, read/write +; permissions must be set in order to allow connections from a web server. Many +; BSD-derived systems allow connections regardless of permissions. +; Default Values: user and group are set as the running user +; mode is set to 0660 +listen.owner = www-data +listen.group = www-data +;listen.mode = 0660 +; When POSIX Access Control Lists are supported you can set them using +; these options, value is a comma separated list of user/group names. +; When set, listen.owner and listen.group are ignored +;listen.acl_users = +;listen.acl_groups = + +; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect. +; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original +; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address +; must be separated by a comma. If this value is left blank, connections will be +; accepted from any ip address. +; Default Value: any +;listen.allowed_clients = 127.0.0.1 + +; Specify the nice(2) priority to apply to the pool processes (only if set) +; The value can vary from -19 (highest priority) to 20 (lower priority) +; Note: - It will only work if the FPM master process is launched as root +; - The pool processes will inherit the master process priority +; unless it specified otherwise +; Default Value: no set +; process.priority = -19 + +; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user +; or group is differrent than the master process user. It allows to create process +; core dump and ptrace the process for the pool user. +; Default Value: no +; process.dumpable = yes + +; Choose how the process manager will control the number of child processes. +; Possible Values: +; static - a fixed number (pm.max_children) of child processes; +; dynamic - the number of child processes are set dynamically based on the +; following directives. With this process management, there will be +; always at least 1 children. +; pm.max_children - the maximum number of children that can +; be alive at the same time. +; pm.start_servers - the number of children created on startup. +; pm.min_spare_servers - the minimum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is less than this +; number then some children will be created. +; pm.max_spare_servers - the maximum number of children in 'idle' +; state (waiting to process). If the number +; of 'idle' processes is greater than this +; number then some children will be killed. +; ondemand - no children are created at startup. Children will be forked when +; new requests will connect. The following parameter are used: +; pm.max_children - the maximum number of children that +; can be alive at the same time. +; pm.process_idle_timeout - The number of seconds after which +; an idle process will be killed. +; Note: This value is mandatory. +pm = dynamic + +; The number of child processes to be created when pm is set to 'static' and the +; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. +; This value sets the limit on the number of simultaneous requests that will be +; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. +; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP +; CGI. The below defaults are based on a server without much resources. Don't +; forget to tweak pm.* to fit your needs. +; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand' +; Note: This value is mandatory. +pm.max_children = 5 + +; The number of child processes created on startup. +; Note: Used only when pm is set to 'dynamic' +; Default Value: (min_spare_servers + max_spare_servers) / 2 +pm.start_servers = 2 + +; The desired minimum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.min_spare_servers = 1 + +; The desired maximum number of idle server processes. +; Note: Used only when pm is set to 'dynamic' +; Note: Mandatory when pm is set to 'dynamic' +pm.max_spare_servers = 3 + +; The number of seconds after which an idle process will be killed. +; Note: Used only when pm is set to 'ondemand' +; Default Value: 10s +;pm.process_idle_timeout = 10s; + +; The number of requests each child process should execute before respawning. +; This can be useful to work around memory leaks in 3rd party libraries. For +; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS. +; Default Value: 0 +;pm.max_requests = 500 + +; The URI to view the FPM status page. If this value is not set, no URI will be +; recognized as a status page. It shows the following informations: +; pool - the name of the pool; +; process manager - static, dynamic or ondemand; +; start time - the date and time FPM has started; +; start since - number of seconds since FPM has started; +; accepted conn - the number of request accepted by the pool; +; listen queue - the number of request in the queue of pending +; connections (see backlog in listen(2)); +; max listen queue - the maximum number of requests in the queue +; of pending connections since FPM has started; +; listen queue len - the size of the socket queue of pending connections; +; idle processes - the number of idle processes; +; active processes - the number of active processes; +; total processes - the number of idle + active processes; +; max active processes - the maximum number of active processes since FPM +; has started; +; max children reached - number of times, the process limit has been reached, +; when pm tries to start more children (works only for +; pm 'dynamic' and 'ondemand'); +; Value are updated in real time. +; Example output: +; pool: www +; process manager: static +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 62636 +; accepted conn: 190460 +; listen queue: 0 +; max listen queue: 1 +; listen queue len: 42 +; idle processes: 4 +; active processes: 11 +; total processes: 15 +; max active processes: 12 +; max children reached: 0 +; +; By default the status page output is formatted as text/plain. Passing either +; 'html', 'xml' or 'json' in the query string will return the corresponding +; output syntax. Example: +; http://www.foo.bar/status +; http://www.foo.bar/status?json +; http://www.foo.bar/status?html +; http://www.foo.bar/status?xml +; +; By default the status page only outputs short status. Passing 'full' in the +; query string will also return status for each pool process. +; Example: +; http://www.foo.bar/status?full +; http://www.foo.bar/status?json&full +; http://www.foo.bar/status?html&full +; http://www.foo.bar/status?xml&full +; The Full status returns for each process: +; pid - the PID of the process; +; state - the state of the process (Idle, Running, ...); +; start time - the date and time the process has started; +; start since - the number of seconds since the process has started; +; requests - the number of requests the process has served; +; request duration - the duration in µs of the requests; +; request method - the request method (GET, POST, ...); +; request URI - the request URI with the query string; +; content length - the content length of the request (only with POST); +; user - the user (PHP_AUTH_USER) (or '-' if not set); +; script - the main script called (or '-' if not set); +; last request cpu - the %cpu the last request consumed +; it's always 0 if the process is not in Idle state +; because CPU calculation is done when the request +; processing has terminated; +; last request memory - the max amount of memory the last request consumed +; it's always 0 if the process is not in Idle state +; because memory calculation is done when the request +; processing has terminated; +; If the process is in Idle state, then informations are related to the +; last request the process has served. Otherwise informations are related to +; the current request being served. +; Example output: +; ************************ +; pid: 31330 +; state: Running +; start time: 01/Jul/2011:17:53:49 +0200 +; start since: 63087 +; requests: 12808 +; request duration: 1250261 +; request method: GET +; request URI: /test_mem.php?N=10000 +; content length: 0 +; user: - +; script: /home/fat/web/docs/php/test_mem.php +; last request cpu: 0.00 +; last request memory: 0 +; +; Note: There is a real-time FPM status monitoring sample web page available +; It's available in: /usr/share/php/8.1/fpm/status.html +; +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;pm.status_path = /status +pm.status_path = /status + +; The ping URI to call the monitoring page of FPM. If this value is not set, no +; URI will be recognized as a ping page. This could be used to test from outside +; that FPM is alive and responding, or to +; - create a graph of FPM availability (rrd or such); +; - remove a server from a group if it is not responding (load balancing); +; - trigger alerts for the operating team (24/7). +; Note: The value must start with a leading slash (/). The value can be +; anything, but it may not be a good idea to use the .php extension or it +; may conflict with a real PHP file. +; Default Value: not set +;ping.path = /ping +ping.path = /ping + +; This directive may be used to customize the response of a ping request. The +; response is formatted as text/plain with a 200 response code. +; Default Value: pong +;ping.response = pong + +; The access log file +; Default: not set +;access.log = log/$pool.access.log + +; The access log format. +; The following syntax is allowed +; %%: the '%' character +; %C: %CPU used by the request +; it can accept the following format: +; - %{user}C for user CPU only +; - %{system}C for system CPU only +; - %{total}C for user + system CPU (default) +; %d: time taken to serve the request +; it can accept the following format: +; - %{seconds}d (default) +; - %{miliseconds}d +; - %{mili}d +; - %{microseconds}d +; - %{micro}d +; %e: an environment variable (same as $_ENV or $_SERVER) +; it must be associated with embraces to specify the name of the env +; variable. Some exemples: +; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e +; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e +; %f: script filename +; %l: content-length of the request (for POST request only) +; %m: request method +; %M: peak of memory allocated by PHP +; it can accept the following format: +; - %{bytes}M (default) +; - %{kilobytes}M +; - %{kilo}M +; - %{megabytes}M +; - %{mega}M +; %n: pool name +; %o: output header +; it must be associated with embraces to specify the name of the header: +; - %{Content-Type}o +; - %{X-Powered-By}o +; - %{Transfert-Encoding}o +; - .... +; %p: PID of the child that serviced the request +; %P: PID of the parent of the child that serviced the request +; %q: the query string +; %Q: the '?' character if query string exists +; %r: the request URI (without the query string, see %q and %Q) +; %R: remote IP address +; %s: status (response code) +; %t: server time the request was received +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %T: time the log has been written (the request has finished) +; it can accept a strftime(3) format: +; %d/%b/%Y:%H:%M:%S %z (default) +; The strftime(3) format must be encapsuled in a %{}t tag +; e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t +; %u: remote user +; +; Default: "%R - %u %t \"%m %r\" %s" +;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%" + +; The log file for slow requests +; Default Value: not set +; Note: slowlog is mandatory if request_slowlog_timeout is set +;slowlog = log/$pool.log.slow +slowlog = /var/log/php/php8.1-fpm_slow.$pool.log + +; The timeout for serving a single request after which a PHP backtrace will be +; dumped to the 'slowlog' file. A value of '0s' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_slowlog_timeout = 0 +request_slowlog_timeout = 10s + +; Depth of slow log stack trace. +; Default Value: 20 +;request_slowlog_trace_depth = 20 + +; The timeout for serving a single request after which the worker process will +; be killed. This option should be used when the 'max_execution_time' ini option +; does not stop script execution for some reason. A value of '0' means 'off'. +; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) +; Default Value: 0 +;request_terminate_timeout = 0 + +; Set open file descriptor rlimit. +; Default Value: system defined value +;rlimit_files = 1024 + +; Set max core size rlimit. +; Possible Values: 'unlimited' or an integer greater or equal to 0 +; Default Value: system defined value +;rlimit_core = 0 + +; Chroot to this directory at the start. This value must be defined as an +; absolute path. When this value is not set, chroot is not used. +; Note: you can prefix with '$prefix' to chroot to the pool prefix or one +; of its subdirectories. If the pool prefix is not set, the global prefix +; will be used instead. +; Note: chrooting is a great security feature and should be used whenever +; possible. However, all PHP paths will be relative to the chroot +; (error_log, sessions.save_path, ...). +; Default Value: not set +;chroot = + +; Chdir to this directory at the start. +; Note: relative path can be used. +; Default Value: current directory or / when chroot +;chdir = /var/www +chdir = /usr/share/nginx/html + +; Redirect worker stdout and stderr into main error log. If not set, stdout and +; stderr will be redirected to /dev/null according to FastCGI specs. +; Note: on highloaded environement, this can cause some delay in the page +; process time (several ms). +; Default Value: no +;catch_workers_output = yes + +; Decorate worker output with prefix and suffix containing information about +; the child that writes to the log and if stdout or stderr is used as well as +; log level and time. This options is used only if catch_workers_output is yes. +; Settings to "no" will output data as written to the stdout or stderr. +; Default value: yes +;decorate_workers_output = no + +; Clear environment in FPM workers +; Prevents arbitrary environment variables from reaching FPM worker processes +; by clearing the environment in workers before env vars specified in this +; pool configuration are added. +; Setting to "no" will make all environment variables available to PHP code +; via getenv(), $_ENV and $_SERVER. +; Default Value: yes +;clear_env = no + +; Limits the extensions of the main script FPM will allow to parse. This can +; prevent configuration mistakes on the web server side. You should only limit +; FPM to .php extensions to prevent malicious users to use other extensions to +; execute php code. +; Note: set an empty value to allow all extensions. +; Default Value: .php +;security.limit_extensions = .php .php3 .php4 .php5 .php7 +security.limit_extensions = .php .php8 .php81 + +; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from +; the current environment. +; Default Value: clean env +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /tmp +;env[TMPDIR] = /tmp +;env[TEMP] = /tmp + +; Additional php.ini defines, specific to this pool of workers. These settings +; overwrite the values previously defined in the php.ini. The directives are the +; same as the PHP SAPI: +; php_value/php_flag - you can set classic ini defines which can +; be overwritten from PHP call 'ini_set'. +; php_admin_value/php_admin_flag - these directives won't be overwritten by +; PHP call 'ini_set' +; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no. + +; Defining 'extension' will load the corresponding shared extension from +; extension_dir. Defining 'disable_functions' or 'disable_classes' will not +; overwrite previously defined php.ini values, but will append the new value +; instead. + +; Note: path INI options can be relative and will be expanded with the prefix +; (pool, global or /usr) + +; Default Value: nothing is defined by default except the values in php.ini and +; specified at startup with the -d argument +;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com +php_flag[display_errors] = On +;php_admin_value[error_reporting] = E_ALL & ~E_DEPRECATED & ~E_STRICT +;php_admin_value[disable_functions] = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,passthru,popen,proc_open,shell_exec,system +php_admin_flag[log_errors] = On +php_admin_value[error_log] = /var/log/php/php8.1-fpm.$pool.log +php_admin_value[date.timezone] = UTC +php_admin_value[memory_limit] = 128M +php_admin_value[opcache.file_cache] = /usr/share/nginx/html/.lemper/php/opcache +php_admin_value[open_basedir] = /usr/share/nginx/html +php_admin_value[session.save_path] = /usr/share/nginx/html/.lemper/php/sessions +php_admin_value[sys_temp_dir] = /usr/share/nginx/html/.lemper/tmp +php_admin_value[upload_tmp_dir] = /usr/share/nginx/html/.lemper/tmp +php_admin_value[upload_max_filesize] = 20M +php_admin_value[post_max_size] = 20M