From TykWiki
Jump to navigationJump to search

nginx is my new favourite webserver. This page contains my notes for when I am installing it on a new machine (well, in a new jail ofcourse).

nginx install

I generally install nginx with as few modules as possible enabled:

[tykling@vpnwiki /usr/ports/www/nginx]$ make showconfig | grep "=on"
     IPV6=on "Enable IPv6"
     HTTP_MODULE=on "Enable HTTP module"
     HTTP_REWRITE_MODULE=on "Enable http_rewrite module"

PHP instal

I also install php-fpm by installing /usr/ports/lang/php5 with the following options:

[tykling@vpnwiki /usr/ports/lang/php5]$ make showconfig | grep "=on"
     FPM=on "Build FPM version (experimental)"
     SUHOSIN=on "Enable Suhosin protection system"
     IPV6=on "Enable ipv6 support"


Create logfiles folder

I like to keep my webserver logs in /usr/local/www/logs/ so that folder needs to be created:

sudo mkdir /usr/local/www/logs

php-fpm config

I use php-fpm instead of fastcgi to handle the PHP scripts. The config I use for php-fpm is below:

$ cat /usr/local/etc/php-fpm.conf
pid = run/
log_level = error

listen = /var/php/php-fpm.socket
user = www
group = www
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35

I also create the folder /var/php/ to hold the actual socket opened by php-fpm.

nginx config

After installing nginx I replace the default config with something more sensible, like this example for a mediawiki install:

worker_processes  1;
error_log  /usr/local/www/logs/error.log;

events {
    worker_connections  1024;

http {
    include       mime.types;
    default_type  text/plain;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
    error_log  /usr/local/www/logs/;
    sendfile        off;
    keepalive_timeout  65;

    server {
        listen 80 default_server;
        listen [::]:80 default_server;
        access_log  /usr/local/www/logs/  main;

        root /usr/local/www/mediawiki;

        client_max_body_size 5m;
        client_body_timeout 60;

        #mediawiki specific config
        location / {
                try_files $uri $uri/ @rewrite;
                index  index.php;

        location @rewrite {
                rewrite ^/(.*)$ /index.php?title=$1&$args;

        location ^~ /maintenance/ {
                return 403;

        location ~ \.php$ {
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_pass unix:/var/php/php-fpm.socket;

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                try_files $uri /index.php;
                expires max;
                log_not_found off;

        location = /_.gif {
                expires max;

        location ^~ /cache/ {
                deny all;

        location /dumps {
                root /usr/local/www/mediawiki/local;
                autoindex on;

Enable stuff in rc.conf