How to configure Nginx with php-fpm?

Question

Conclusion : Ok so, now my configuration works, and I think the problem comes from the location of my project, in another user's directory. For some reasons, the either nginx or php-fpm is unhappy with it, and doesn't seem to work.

What's still bugging me is that it was a 404 error, not a 403.

Well, I don't think I will find the final answer.

I have read zillions of ways to do that, and unfortunately I don't understand what could go wrong.

server {
    server_name  onepage.cendrounet.com;
    listen       80;
    root /home/pag/workspace/test_css_platform;

    location / {
        fastcgi_pass unix:/var/run/php-fpm/www.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }

    error_page 404 /404.html;
        location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {
    }
}

Nginx is running.

# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
   Drop-In: /usr/lib/systemd/system/nginx.service.d
            └─php-fpm.conf
   Active: active (running) since Fri 2017-12-22 09:48:06 CET; 10h ago

Php-fpm is running :

# systemctl status php-fpm
● php-fpm.service - The PHP FastCGI Process Manager
   Loaded: loaded (/usr/lib/systemd/system/php-fpm.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2017-12-22 09:40:29 CET; 10h ago

Php-fpm is indeed an unix socket

# ls -l /var/run/php-fpm/www.sock
srw-rw----+ 1 root root 0 déc.  22 09:40 /var/run/php-fpm/www.sock

I am running fedora, but ausearch -m avc doesn't yield anything. (In case I don't understand how selinux works, setenforce 0 hasn't yielded any better resutls. But still, I returned it on.)

Furthermore, curl -i 'http://onepage.cendrounet.com' returns

HTTP/1.1 404 Not Found
Server: nginx/1.12.1
Date: Fri, 22 Dec 2017 19:11:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.12

Furthermore, my user nginx belongs to my group pag .

I have set my permissions like so :

# namei -om /home/pag/workspace/css_test_platform/index.php
f: /home/pag/workspace/css_test_platform/index.php
 dr-xr-xr-x root root /
 drwxr-xr-x root root home
 drwxr-x--x pag  pag  pag
 drwxr-xr-x pag  pag  workspace
 drwxrwxr-x pag  pag  css_test_platform
 -rw-rw-r-- pag  pag  index.php

The configuration of php-fpm is the default one, some details picked :

user = apache
group = apache
listen = /run/php-fpm/www.sock
listen.acl_users = apache,nginx
listen.allowed_clients = 127.0.0.1

Theorically, user and group should be for RPM stuff, but I still have given the pag group to apache .

What could cause a 404 error on my index ?

Answer 1

This was on Arch, but it is systemd related.

This solution is for use on a development machine, and for good reasons, you shouldn't run a public site from your /home folder.

I configured php-fpm and nginx to run as my user. Edit the following file, and remove the ProtectHome=true line

sudo vi /etc/systemd/system/multi-user.target.wants/php-fpm.service

Reload, and restart everything;

systemctl daemon-reload
systemctl restart nginx.service
systemctl restart php-fpm.service

Answer 2

You need to add try_files $uri /index.php; or similar in your location block:

location / {
    try_files $uri /index.php;
    fastcgi_pass unix:/var/run/php-fpm/www.sock;
    include fastcgi.conf;
}