apparmor-profiles provides a default php-fpm profile.
The socket is expected with name: @{run}/php{,-fpm}/php*-fpm.sock
# Remove Proxy request header to mitigate https://httpoxy.org/
RequestHeader unset Proxy early
- ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php/default.sock|fcgi://127.0.0.1
- ProxyPassMatch ^/(.*\.phpx(/.*)?)$ unix:/run/php/default.sock|fcgi://127.0.0.1
- ProxyPassMatch ^/(.*\.phpj(/.*)?)$ unix:/run/php/default.sock|fcgi://127.0.0.1
+ ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php/php-default-fpm.sock|fcgi://127.0.0.1
+ ProxyPassMatch ^/(.*\.phpx(/.*)?)$ unix:/run/php/php-default-fpm.sock|fcgi://127.0.0.1
+ ProxyPassMatch ^/(.*\.phpj(/.*)?)$ unix:/run/php/php-default-fpm.sock|fcgi://127.0.0.1
</VirtualHost>
<VirtualHost *:80>
RewriteRule ^/cgi-bin/(.*)$ /~<%= @user %>/cgi-bin/$1 [PT,L]
<FilesMatch ".+\.ph(p|ps|p3|tml)$">
- SetHandler "proxy:unix:/run/php/<%= @user %>.sock|fcgi://127.0.0.1"
+ SetHandler "proxy:unix:/run/php/php-<%= @user %>-fpm.sock|fcgi://127.0.0.1"
</FilesMatch>
</VirtualHost>
Require all granted
<FilesMatch ".+\.ph(ar|p|tml)$">
- SetHandler "proxy:unix:/run/php/<%= @name %>.sock|fcgi://127.0.0.1"
+ SetHandler "proxy:unix:/run/php/php-<%= @name %>-fpm.sock|fcgi://127.0.0.1"
</FilesMatch>
</Directory>
Require all granted
<FilesMatch ".+\.ph(ar|p|tml)$">
- SetHandler "proxy:unix:/run/php/donate.openstreetmap.org.sock|fcgi://127.0.0.1"
+ SetHandler "proxy:unix:/run/php/php-donate.openstreetmap.org-fpm.sock|fcgi://127.0.0.1"
</FilesMatch>
</Directory>
DocumentRoot /srv/forum.openstreetmap.org/html
<FilesMatch ".+\.ph(ar|p|tml)$">
- SetHandler "proxy:unix:/run/php/forum.openstreetmap.org.sock|fcgi://127.0.0.1"
+ SetHandler "proxy:unix:/run/php/php-forum.openstreetmap.org-fpm.sock|fcgi://127.0.0.1"
</FilesMatch>
</VirtualHost>
</FilesMatch>
<FilesMatch ".+\.ph(ar|p|tml)$">
- SetHandler "proxy:unix:/run/php/matomo.openstreetmap.org.sock|fcgi://127.0.0.1"
+ SetHandler "proxy:unix:/run/php/php-matomo.openstreetmap.org-fpm.sock|fcgi://127.0.0.1"
</FilesMatch>
</Directory>
Require all granted
<FilesMatch ".+\.ph(ar|p|tml)$">
- SetHandler "proxy:unix:/run/php/<%= @name %>.sock|fcgi://127.0.0.1"
+ SetHandler "proxy:unix:/run/php/php-<%= @name %>-fpm.sock|fcgi://127.0.0.1"
</FilesMatch>
</Directory>
upstream nominatim_service {
- server unix:/run/php/nominatim.openstreetmap.org.sock;
+ server unix:/run/php/php-nominatim.openstreetmap.org-fpm.sock;
}
map $uri $nominatim_script_name {
if new_resource.port
"tcp://127.0.0.1:#{new_resource.port}/status"
else
- "unix:///run/php/#{new_resource.pool}.sock;/status"
+ "unix:///run/php/php-#{new_resource.pool}-fpm.sock;/status"
end
end
end
listen = 127.0.0.1:<%= @port %>
listen.backlog = 256
<% else -%>
-listen = /run/php/<%= @pool %>.sock
+listen = /run/php/php-<%= @pool %>-fpm.sock
listen.owner = www-data
listen.group = www-data
<% end -%>
Require all granted
<FilesMatch ".+\.ph(ar|p|tml)$">
- SetHandler "proxy:unix:/run/php/<%= @name %>.sock|fcgi://127.0.0.1"
+ SetHandler "proxy:unix:/run/php/php-<%= @name %>-fpm.sock|fcgi://127.0.0.1"
</FilesMatch>
</Directory>