Debian: Nginx, php5-fpm et varnish6

  • Installer nginx:

apt-get install nginx

  • installer php5-fpm

apt-get install php5-fpm

  • installer apache2-mpm-worker

apt-get install apache2-mpm-worker

  • Télécharger Varnish

wget http://varnish-cache.org/_downloads/varnish-6.0.0.tgz

tar xvzf varnish-6.0.0.tgz

  • Accéder au répertoire  varnish-6.0.0 et lancer les commandes:

cd varnish-6.0.0

sh autogen.sh

sh configure

make

make install

  • Créer le répertoire varnish

mkdir /etc/varnish

mv varnish-6.0.0/etc/example.vcl /etc/varnish/default.vcl

  • Configuration nginx:

Modifier le fichier /etc/nginx/sites-available/default

Modifier la ligne

server {
listen 8080; ## listen for ipv4; this line is default and implied

par

server {
listen 80; ## listen for ipv4; this line is default and implied

Modifier les vhost configurés avec le port 80

Ajouter:

server {
listen 8080;

et

location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;

}

 

exemple d’un vhost domaine.tld

server {
listen 8080;

root /var/www/domaine.tld;
index index.php index.html index.htm;

server_name domaine.tld;

location / {
try_files $uri $uri/ /index.html;
}

error_page 404 /404.html;

error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/www;
}

# pass the PHP scripts to FastCGI server listening on /var/run/php5-fpm.sock
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;

}

}

  • Configuration php5-fpm:

Modifier le fichier /etc/php5/fpm/php.ini

Ajouter:

cgi.fix_pathinfo=0

Modifier le fichier /etc/php5/fpm/pool.d/www.conf

Modifier la ligne listen = 127.0.0.1:9000 par listen = /var/run/php5-fpm.sock

  • Lancer Varnish et nginx:

/usr/local/sbin/varnishd -a :80 -b localhost:8080

service nginx start

  • Relancer php5-fpm

service php5-fpm restart

  • Tester Varnish et nginx:

curl -I localhost
HTTP/1.1 200 OK
Server: nginx/1.2.1
Date: Fri, 29 Jun 2018 16:56:30 GMT
Content-Type: text/html
Last-Modified: Mon, 04 Oct 2004 15:04:06 GMT
Vary: Accept-Encoding
X-Varnish: 65559
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive

PHPINFO: (<?php phpinfo(); ?>)

  • Configuration nginx pour les sites avec des certificats SSL

(Varnish ne prend pas en charge les connexions TLS/SSL)

Modifier les vhost configurés avec SSL

Ajouter:

location / {
proxy_pass http://127.0.0.1:80;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header HTTPS “on”;
}

ssl on;
ssl_certificate cert.pem;
ssl_certificate_key privkey.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;

Relancer nginx:

service nginx restart

 

Articles liés