Trying to get php working

raimondi1337 · October 14, 2016, 10:53pm

I have a directive in /etc/caddy/Caddyfile:

mysite.com {
        fastcgi / unix:/run/php-fpm/php-fpm.sock php
}

I have php-fpm installed and running on Arch. I’m running caddy as a systemd service. My DNS is configured and a mediawiki installation is in the root directory. Navigating to my URL Caddy produces:

502 Bad Gateway

hendry · October 15, 2016, 3:26am

Check the /var/run/php5-fpm.sock path?

I think the default is listen = /run/php-fpm/php-fpm.sock on Archlinux btw. I prefer just the port way.

So please try fastcgi / unix:/run/php-fpm/php-fpm.sock php

Otherwise I highly recommend the abiosoft/caddy:php docker image. Good luck!

raimondi1337 · October 15, 2016, 4:07am

You were correct, double checked that both were /run/php-fpm/php-fpm.sock and restarted both - no dice.

raimondi1337 · October 15, 2016, 9:23pm

After hours of fucking around with this, I’ve gotten PHP working if I run caddy -conf="/my/conf/Caddyfile", but when I start it with systemctl start caddy it won’t come up.

This is extremely frustrating, I don’t understand why it just doesn’t work.

Nixtren · October 15, 2016, 9:50pm

Try pasting here your systemd service file so we can take a look at it

raimondi1337 · October 15, 2016, 10:20pm

I suspect it’s a permissions error causing the start job to fail.

Here is my Caddyfile:

/etc/caddy/Caddyfile 
www.701sm.club {
	root /var/www/701sm.club
	log access.log (this sometimes give a permission error in journalctl)
	errors errors.log
	fastcgi / unix:/var/run/php-fpm/php-fpm.sock php
}

journalctl says it starts and then immediately dies, so it most be a config issue.
Here is my service:

[Unit]
Description=Caddy HTTP/2 web server
Documentation=https://caddyserver.com/docs
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service

[Service]
Restart=on-failure

; User and group the process will run as.
User=www-data
Group=www-data

; Letsencrypt-issued certificates will be written to this directory.
Environment=HOME=/etc/ssl/caddy

; Always set "-root" to something safe in case it gets forgotten in the Caddyfile.
ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
ExecReload=/bin/kill -USR1 $MAINPID

; Limit the number of file descriptors; see `man systemd.exec` for more limit settings.
LimitNOFILE=1048576
; Unmodified caddy is not expected to use more than that.
LimitNPROC=64

; Use private /tmp and /var/tmp, which are discarded after caddy stops.
PrivateTmp=true
; Use a minimal /dev
PrivateDevices=true
; Hide /home, /root, and /run/user. Nobody will steal your SSH-keys.
ProtectHome=true
; Make /usr, /boot, /etc and possibly some more folders read-only.
ProtectSystem=full
; … except /etc/ssl/caddy, because we want Letsencrypt-certificates there.
;   This merely retains r/w access rights, it does not add any new. Must still be writable on the host!
ReadWriteDirectories=/etc/ssl/caddy

; The following additional security directives only work with systemd v229 or later.
; They further retrict privileges that can be gained by caddy. Uncomment if you like.
; Note that you may have to add capabilities required by any plugins in use.
;CapabilityBoundingSet=CAP_NET_BIND_SERVICE
;AmbientCapabilities=CAP_NET_BIND_SERVICE
;NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

system · January 13, 2017, 10:20pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.