Forked from parhamr/0: Magento 1.12 Enterprise multi-store cluster configuration.md
Created
April 8, 2014 16:10
-
-
Save sylvainraye/10149297 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Magento 1.12 cluster | |
| ## Web hosts | |
| There are 10 hosts behind redundant, highly available hardware firewalls and hardware load balancers. | |
| ### Performance | |
| * site-wide average response time: 282 ms | |
| * load average: 0.6 to 1.0 (in tests, performance degrades by 35% when load averages hit ~5.0) | |
| * CPU utilization averages 14% | |
| * disk IO averages 3% | |
| * network throughput averages 5 mbps transmitted and 17 mbps received | |
| ### Configuration | |
| Ubuntu 12.04 LTS 64-bit | |
| 3.5.0-36-generic GNU/Linux kernel | |
| Dual Intel(R) Xeon(R) CPU E3-1230 V2 @ 3.30GHz (4 cores each) | |
| 32 GB DDR3 1333 MHz RAM | |
| Mechanical disks, RAID 1, hardware controller | |
| PHP-FPM, 5.3.10-1ubuntu3.7 | |
| ## Cache hosts | |
| There are two hosts running Redis in a master-slave configuration with automated failover. | |
| Three Redis instances are used to increase throughput and provide fine-tuning of persistence behaviors. | |
| ### Performance | |
| * 0.7 ms average response time | |
| * load average of 1.0 to 1.5 | |
| * CPU utilization averages 7% | |
| * disk IO averages 11% | |
| * network throughput averages 150 mbps transmitted and 30 mbps received | |
| Ubuntu 12.04 LTS 64-bit | |
| 3.2.0-48-generic GNU/Linux kernel | |
| Quad Intel(R) Xeon(R) CPU E5-2620 0 @ 2.00GHz (6 cores each) | |
| 128 GB buffered DDR3 1333 MHz RAM | |
| Mechanical disks, RAID 1, hardware controller | |
| Redis 2.6.11 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Redis configuration file for Magento sessions | |
| daemonize yes | |
| pidfile /var/run/redis/6382/redis_6382.pid | |
| port 6382 | |
| bind 10.1.0.18 | |
| tcp-keepalive 15 | |
| timeout 0 | |
| loglevel notice | |
| logfile /var/log/redis/6382.log | |
| syslog-enabled no | |
| syslog-ident redis-6382 | |
| syslog-facility local0 | |
| databases 16 | |
| save 900 1 | |
| save 300 10 | |
| save 60 40000 | |
| rdbcompression yes | |
| dbfilename dump-6382.rdb | |
| dir /var/lib/redis | |
| maxclients 10000 | |
| maxmemory 32GB | |
| maxmemory-policy volatile-lru | |
| maxmemory-samples 3 | |
| appendonly no | |
| appendfilename appendonly-6382.aof | |
| appendfsync everysec | |
| no-appendfsync-on-rewrite no | |
| auto-aof-rewrite-percentage 100 | |
| auto-aof-rewrite-min-size 64mb | |
| slowlog-log-slower-than 10000 | |
| slowlog-max-len 1024 | |
| hash-max-ziplist-entries 512 | |
| hash-max-ziplist-value 64 | |
| list-max-ziplist-entries 512 | |
| list-max-ziplist-value 64 | |
| set-max-intset-entries 512 | |
| zset-max-ziplist-entries 128 | |
| zset-max-ziplist-value 64 | |
| activerehashing yes | |
| hz 100 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Redis configuration file for Magento backend | |
| daemonize yes | |
| pidfile /var/run/redis/6383/redis_6383.pid | |
| port 6383 | |
| bind 10.1.0.18 | |
| tcp-keepalive 15 | |
| timeout 0 | |
| loglevel notice | |
| logfile /var/log/redis/6383.log | |
| syslog-enabled no | |
| syslog-ident redis-6383 | |
| syslog-facility local0 | |
| databases 16 | |
| # 17 minute save periods reduce overlap with sessions BGSAVE | |
| save 1020 1 | |
| # 7 minute save periods reduce overlap with sessions BGSAVE | |
| save 420 400000 | |
| rdbcompression yes | |
| dbfilename dump-6383.rdb | |
| dir /var/lib/redis | |
| maxclients 10000 | |
| maxmemory 48GB | |
| maxmemory-policy volatile-lru | |
| maxmemory-samples 3 | |
| appendonly no | |
| appendfilename appendonly-6383.aof | |
| appendfsync everysec | |
| no-appendfsync-on-rewrite no | |
| auto-aof-rewrite-percentage 100 | |
| auto-aof-rewrite-min-size 64mb | |
| slowlog-log-slower-than 10000 | |
| slowlog-max-len 1024 | |
| hash-max-ziplist-entries 512 | |
| hash-max-ziplist-value 64 | |
| list-max-ziplist-entries 512 | |
| list-max-ziplist-value 64 | |
| set-max-intset-entries 512 | |
| zset-max-ziplist-entries 128 | |
| zset-max-ziplist-value 64 | |
| activerehashing yes | |
| hz 100 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Redis configuration file for Magento FPC | |
| daemonize yes | |
| pidfile /var/run/redis/6384/redis_6384.pid | |
| port 6384 | |
| bind 10.1.0.18 | |
| tcp-keepalive 15 | |
| timeout 0 | |
| loglevel notice | |
| logfile /var/log/redis/6384.log | |
| syslog-enabled no | |
| syslog-ident redis-6384 | |
| syslog-facility local0 | |
| databases 16 | |
| # 17 minute save periods reduce overlap with sessions BGSAVE | |
| save 1020 1 | |
| # 7 minute save periods reduce overlap with sessions BGSAVE | |
| save 420 400000 | |
| rdbcompression yes | |
| dbfilename dump-6384.rdb | |
| dir /var/lib/redis | |
| maxclients 10000 | |
| maxmemory 12GB | |
| maxmemory-policy volatile-lru | |
| maxmemory-samples 3 | |
| appendonly no | |
| appendfilename appendonly-6384.aof | |
| appendfsync everysec | |
| no-appendfsync-on-rewrite no | |
| auto-aof-rewrite-percentage 100 | |
| auto-aof-rewrite-min-size 64mb | |
| slowlog-log-slower-than 10000 | |
| slowlog-max-len 1024 | |
| hash-max-ziplist-entries 512 | |
| hash-max-ziplist-value 64 | |
| list-max-ziplist-entries 512 | |
| list-max-ziplist-value 64 | |
| set-max-intset-entries 512 | |
| zset-max-ziplist-entries 128 | |
| zset-max-ziplist-value 64 | |
| activerehashing yes | |
| hz 100 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /etc/php5/fpm/conf.d/apc.ini | |
| /etc/php5/fpm/conf.d/curl.ini | |
| /etc/php5/fpm/conf.d/gd.ini | |
| /etc/php5/fpm/conf.d/lzf.ini | |
| /etc/php5/fpm/conf.d/mcrypt.ini | |
| /etc/php5/fpm/conf.d/mysql.ini | |
| /etc/php5/fpm/conf.d/mysqli.ini | |
| /etc/php5/fpm/conf.d/newrelic.ini | |
| /etc/php5/fpm/conf.d/pdo.ini | |
| /etc/php5/fpm/conf.d/pdo_mysql.ini | |
| /etc/php5/fpm/conf.d/redis.ini | |
| /etc/php5/fpm/conf.d/suhosin.ini | |
| /etc/php5/fpm/conf.d/xmlrpc.ini |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| # the web hosts have 8 CPU cores | |
| worker_processes 8; | |
| pid /var/run/nginx.pid; | |
| events { | |
| worker_connections 1024; | |
| # multi_accept on; | |
| } | |
| http { | |
| # Basic Settings | |
| sendfile on; | |
| tcp_nopush on; | |
| tcp_nodelay on; | |
| keepalive_timeout 65; | |
| types_hash_max_size 2048; | |
| # decrease side channel leaks | |
| server_tokens off; | |
| root /var/www/www.company-name.com/current; | |
| index index.php; | |
| # add forwarded for to aid debugging | |
| log_format main '$remote_addr - $remote_user $time_local ' | |
| '"$request" $status $body_bytes_sent "$http_referer" ' | |
| '"$http_user_agent" $http_x_forwarded_for'; | |
| # allow odd HTTP headers from Barracuda devices http://stackoverflow.com/questions/8300136/where-does-the-cuda-cliip-http-header-come-from | |
| underscores_in_headers on; | |
| # requires nginx 1.2.6 or later | |
| # https://newrelic.com/docs/features/request-queuing-and-tracking-front-end-time | |
| fastcgi_param HTTP_X_REQUEST_START "t=${msec}000"; | |
| proxy_buffering off; | |
| # PHP back end | |
| upstream backend { | |
| # matches path defined in /etc/php5/fpm/pool.d/www.conf | |
| server unix:/tmp/php-cgi.socket; | |
| } | |
| upstream admin-backend { | |
| # Magento admin requests are passed through to admin-specific hosts | |
| # This keeps long/complex requests out of the public-facing resources | |
| # Admin hosts have higher memory_limit values in php.ini | |
| server 10.1.0.104; | |
| } | |
| server { | |
| server_name www.client-name.com production.alternate-domain.com; | |
| access_log /var/log/nginx/www.company-name.com.access.log main; | |
| error_log /var/log/nginx/www.company-name.com.error.log info; | |
| # 504 is a PHP timeout and must be static | |
| # 502 is momentary during a PHP restart and should be treated like maintenance | |
| # other 50x errors are handled by Magento | |
| error_page 502 504 /errors/company-name/504.html; | |
| listen 80; | |
| listen 443 ssl; | |
| # pass all Magento admin requests to the dedicated admin web hosts | |
| location ~* /(index\.php/admin|admin) { | |
| proxy_pass http://admin-backend; | |
| proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; | |
| proxy_set_header Accept-Encoding ""; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| # this header prevents Magento from redirecting out of admin | |
| add_header Front-End-Https on; | |
| proxy_redirect off; | |
| } | |
| location ~ ^/(.*)sitemap([0-9]*).xml$ { | |
| root /var/www/www.company-name.com/current/sitemaps; | |
| } | |
| location /sitemaps/sitemap.xml { allow all; } | |
| location /sitemaps/image-sitemap.xml { allow all; } | |
| ssl_certificate /etc/ssl/certs/_.company-name.com.crt; | |
| ssl_certificate_key /etc/ssl/private/_.company-name.com.key; | |
| # PCI specified ciphers | |
| ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH; | |
| # PCI specified protocols | |
| ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; | |
| # anti BEAST | |
| ssl_prefer_server_ciphers on; | |
| # the hardware load balancers statefully route SSL | |
| ssl_session_cache shared:SSL:10m; | |
| ssl_session_timeout 10m; | |
| # header from the hardware load balancers | |
| real_ip_header X-Forwarded-For; | |
| # trust this header from anything inside the subnet; possibly risky | |
| set_real_ip_from 10.1.0.0/24; | |
| # the header is a comma-separated list; the left-most IP is the end user | |
| real_ip_recursive on; | |
| # ensure zero calls are written to disk | |
| client_max_body_size 16m; | |
| client_body_buffer_size 2m; | |
| client_header_buffer_size 16k; | |
| large_client_header_buffers 8 8k; | |
| # default ENV vars | |
| fastcgi_param MAGE_RUN_CODE base; | |
| fastcgi_param MAGE_RUN_TYPE website; | |
| fastcgi_read_timeout 90s; | |
| fastcgi_send_timeout 60s; | |
| fastcgi_index index.php; | |
| # ensures Magento works and provides some protection against malicious files | |
| fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
| fastcgi_param SCRIPT_NAME $fastcgi_script_name; | |
| include fastcgi_params; | |
| # ensure zero calls are written to disk | |
| fastcgi_buffers 512 16k; | |
| fastcgi_buffer_size 512k; | |
| fastcgi_busy_buffers_size 512k; | |
| # Maintenance HTML page can override Magento | |
| index index.html index.php; | |
| # rewrite API2 calls to api.php (REST only) | |
| rewrite ^/api/rest(.*) /api.php?$1&type=rest; | |
| # Deny protected Magento files | |
| location /app/ { deny all; access_log off; } | |
| location /cert/ { deny all; access_log off; } | |
| location /chef/ { deny all; access_log off; } | |
| location /cron.php { deny all; access_log off; } | |
| location /db_back/ { deny all; access_log off; } | |
| location /downloader/ { deny all; access_log off; } | |
| location /includes/ { deny all; access_log off; } | |
| location /index.php.dev.php { deny all; access_log off; } | |
| location /install.php { deny all; access_log off; } | |
| location /lib/ { deny all; access_log off; } | |
| location /media/downloadable/ { deny all; access_log off; } | |
| location /pagoda/ { deny all; access_log off; } | |
| location /pkginfo/ { deny all; access_log off; } | |
| location /prototype/ { deny all; access_log off; } | |
| location /report/config.xml { deny all; access_log off; } | |
| location /utility/ { deny all; access_log off; } | |
| location /util/ { deny all; access_log off; } | |
| location /var/ { deny all; access_log off; } | |
| # deny access to dotfiles | |
| location ~ /\. { | |
| deny all; | |
| access_log off; | |
| log_not_found off; | |
| } | |
| # Disable PHP execution in var and media | |
| location /var { location ~ \.php$ {return 403;} } | |
| location /media { location ~ \.php$ {return 403;} } | |
| # remove the cache-busting timestamp | |
| location ~* (.+)\.(\d+)\.(js|css|png|jpg|jpeg|gif)$ { | |
| try_files $uri $1.$3; | |
| access_log off; | |
| log_not_found off; | |
| expires 21d; | |
| add_header Cache-Control "public"; | |
| } | |
| # do not log static files; regexp should capture alternate cache-busting timestamps | |
| location ~* \.(jpg|jpeg|gif|css|png|js|ico|txt|swf|xml|svg|svgz|mp4|ogg|ogv)(\?[0-9]+)?$ { | |
| access_log off; | |
| log_not_found off; | |
| expires 21d; | |
| add_header Cache-Control "public"; | |
| } | |
| # CSS and JS | |
| rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last; | |
| rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last; | |
| location /lib/minify/ { | |
| allow all; | |
| } | |
| # the javascript compressor | |
| location ^~ /js/index.php { | |
| access_log off; | |
| expires 30d; | |
| fastcgi_pass backend; | |
| } | |
| # use fastcgi for all php files | |
| location ~ \.php$ { | |
| expires off; | |
| # 404 if the file does not exist | |
| try_files $uri =404; | |
| fastcgi_pass backend; | |
| } | |
| # pass everything else over to PHP-FPM | |
| location / { | |
| # 404 if the file does not exist | |
| try_files $uri $uri/ /index.php =404; | |
| fastcgi_pass backend; | |
| } | |
| } | |
| server { | |
| server_name internal.company-name.com internal.alternate-domain.com; | |
| access_log /var/log/nginx/internal.company-name.com.access.log main; | |
| error_log /var/log/nginx/internal.company-name.com.error.log info; | |
| # 504 is a PHP timeout and must be static | |
| # 502 is momentary during a PHP restart and should be treated like maintenance | |
| # other 50x errors are handled by Magento | |
| error_page 502 504 /errors/company-name/504.html; | |
| listen 80; | |
| listen 443 ssl; | |
| location ~* /(index\.php/admin|admin) { | |
| proxy_pass http://admin-backend; | |
| proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; | |
| proxy_set_header Accept-Encoding ""; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| add_header Front-End-Https on; | |
| proxy_redirect off; | |
| } | |
| location ~ ^/(.*)sitemap([0-9]*).xml$ { | |
| root /var/www/www.company-name.com/current/sitemaps; | |
| } | |
| location /sitemaps/sitemap.xml { allow all; } | |
| location /sitemaps/image-sitemap.xml { allow all; } | |
| ssl_certificate /etc/ssl/certs/_.company-name.com.crt; | |
| ssl_certificate_key /etc/ssl/private/_.company-name.com.key; | |
| # PCI specified ciphers | |
| ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH; | |
| # PCI specified protocols | |
| ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; | |
| # anti BEAST | |
| ssl_prefer_server_ciphers on; | |
| # | |
| ssl_session_cache shared:SSL:10m; | |
| ssl_session_timeout 10m; | |
| real_ip_header X-Forwarded-For; | |
| set_real_ip_from 10.1.0.0/24; | |
| real_ip_recursive on; | |
| client_max_body_size 16m; | |
| client_body_buffer_size 2m; | |
| client_header_buffer_size 16k; | |
| large_client_header_buffers 8 8k; | |
| # default ENV vars | |
| fastcgi_param MAGE_RUN_CODE internal; | |
| fastcgi_param MAGE_RUN_TYPE website; | |
| fastcgi_read_timeout 90s; | |
| fastcgi_send_timeout 60s; | |
| fastcgi_index index.php; | |
| fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
| fastcgi_param SCRIPT_NAME $fastcgi_script_name; | |
| include fastcgi_params; | |
| fastcgi_buffers 512 16k; | |
| fastcgi_buffer_size 512k; | |
| fastcgi_busy_buffers_size 512k; | |
| # Maintenance HTML page can override PHP | |
| index index.html index.php; | |
| # rewrite API2 calls to api.php (REST only) | |
| rewrite ^/api/rest(.*) /api.php?$1&type=rest; | |
| # Deny protected Magento files | |
| location /app/ { deny all; access_log off; } | |
| location /cert/ { deny all; access_log off; } | |
| location /chef/ { deny all; access_log off; } | |
| location /cron.php { deny all; access_log off; } | |
| location /db_back/ { deny all; access_log off; } | |
| location /downloader/ { deny all; access_log off; } | |
| location /includes/ { deny all; access_log off; } | |
| location /index.php.dev.php { deny all; access_log off; } | |
| location /install.php { deny all; access_log off; } | |
| location /lib/ { deny all; access_log off; } | |
| location /media/downloadable/ { deny all; access_log off; } | |
| location /pagoda/ { deny all; access_log off; } | |
| location /pkginfo/ { deny all; access_log off; } | |
| location /prototype/ { deny all; access_log off; } | |
| location /report/config.xml { deny all; access_log off; } | |
| location /utility/ { deny all; access_log off; } | |
| location /util/ { deny all; access_log off; } | |
| location /var/ { deny all; access_log off; } | |
| # deny access to dotfiles | |
| location ~ /\. { | |
| deny all; | |
| access_log off; | |
| log_not_found off; | |
| } | |
| # Disable PHP execution in var and media | |
| location /var { location ~ \.php$ {return 403;} } | |
| location /media { location ~ \.php$ {return 403;} } | |
| location ~* (.+)\.(\d+)\.(js|css|png|jpg|jpeg|gif)$ { | |
| try_files $uri $1.$3; | |
| access_log off; | |
| log_not_found off; | |
| expires 21d; | |
| add_header Cache-Control "public"; | |
| } | |
| # do not log static files; regexp should capture cache-busting timestamps | |
| location ~* \.(jpg|jpeg|gif|css|png|js|ico|txt|swf|xml|svg|svgz|mp4|ogg|ogv)(\?[0-9]+)?$ { | |
| access_log off; | |
| log_not_found off; | |
| expires 21d; | |
| add_header Cache-Control "public"; | |
| } | |
| # CSS and JS | |
| rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last; | |
| rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last; | |
| location /lib/minify/ { | |
| allow all; | |
| } | |
| # the javascript compressor | |
| location ^~ /js/index.php { | |
| access_log off; | |
| expires 30d; | |
| fastcgi_pass backend; | |
| } | |
| # use fastcgi for all php files | |
| location ~ \.php$ { | |
| expires off; | |
| # 404 if the file does not exist | |
| try_files $uri =404; | |
| fastcgi_pass backend; | |
| } | |
| # pass everything else over to PHP-FPM | |
| location / { | |
| # 404 if the file does not exist | |
| try_files $uri $uri/ /index.php =404; | |
| fastcgi_pass backend; | |
| } | |
| } | |
| # server_names_hash_bucket_size 64; | |
| # server_name_in_redirect off; | |
| include /etc/nginx/mime.types; | |
| default_type application/octet-stream; | |
| ## | |
| # Gzip Settings | |
| ## | |
| gzip on; | |
| gzip_disable "msie6"; | |
| gzip_vary on; | |
| gzip_proxied any; | |
| gzip_comp_level 6; | |
| gzip_buffers 48 8k; | |
| gzip_http_version 1.1; | |
| gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; | |
| ## | |
| # Virtual Host Configs | |
| ## | |
| include /etc/nginx/conf.d/*.conf; | |
| #include /etc/nginx/sites-enabled/*; | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;;;;;;;;;;;;;;;;;;;;; | |
| ; FPM Configuration ; | |
| ;;;;;;;;;;;;;;;;;;;;; | |
| ;;;;;;;;;;;;;;;;;; | |
| ; Global Options ; | |
| ;;;;;;;;;;;;;;;;;; | |
| [global] | |
| pid = /var/run/php5-fpm.pid | |
| error_log = /var/log/php/php5-fpm.error.log | |
| log_level = notice | |
| ;emergency_restart_threshold = 0 | |
| ;emergency_restart_interval = 0 | |
| ;process_control_timeout = 0 | |
| process.max = 128 | |
| daemonize = yes | |
| ;;;;;;;;;;;;;;;;;;;; | |
| ; Pool Definitions ; | |
| ;;;;;;;;;;;;;;;;;;;; | |
| include=/etc/php5/fpm/pool.d/*.conf |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [PHP] | |
| engine = On | |
| short_open_tag = On | |
| asp_tags = Off | |
| precision = 14 | |
| y2k_compliance = On | |
| output_buffering = 4096 | |
| ;output_handler = | |
| zlib.output_compression = Off | |
| ;zlib.output_compression_level = -1 | |
| ;zlib.output_handler = | |
| implicit_flush = Off | |
| unserialize_callback_func = | |
| serialize_precision = 17 | |
| allow_call_time_pass_reference = Off | |
| safe_mode = Off | |
| safe_mode_gid = Off | |
| safe_mode_include_dir = | |
| safe_mode_exec_dir = | |
| safe_mode_allowed_env_vars = PHP_ | |
| safe_mode_protected_env_vars = LD_LIBRARY_PATH | |
| ;open_basedir = | |
| disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, | |
| disable_classes = | |
| ; user abort is difficult to detect behind load balancers; for safety, complete full requests | |
| ignore_user_abort = On | |
| realpath_cache_size = 256k | |
| realpath_cache_ttl = 300 | |
| zend.enable_gc = On | |
| zend.ze1_compatibility_mode = off | |
| expose_php = Off | |
| max_execution_time = 120 | |
| max_input_time = 60 | |
| ;max_input_nesting_level = 64 | |
| max_input_vars = 1000 | |
| memory_limit = 512M | |
| error_reporting = E_ALL & ~E_DEPRECATED | |
| display_errors = Off | |
| display_startup_errors = On | |
| log_errors = On | |
| log_errors_max_len = 1024 | |
| ignore_repeated_errors = Off | |
| ignore_repeated_source = Off | |
| report_memleaks = On | |
| ;report_zend_debug = 0 | |
| track_errors = Off | |
| ;xmlrpc_errors = 0 | |
| ;xmlrpc_error_number = 0 | |
| html_errors = Off | |
| ;docref_root = "/phpmanual/" | |
| ;docref_ext = .html | |
| ;error_prepend_string = "<span style='color: #ff0000'>" | |
| ;error_append_string = "</span>" | |
| error_log = /var/log/php/php5-fpm.error.log | |
| ;arg_separator.output = "&" | |
| ;arg_separator.input = ";&" | |
| variables_order = "GPCS" | |
| request_order = "GP" | |
| register_globals = Off | |
| register_long_arrays = Off | |
| register_argc_argv = Off | |
| auto_globals_jit = On | |
| post_max_size = 16M | |
| magic_quotes_gpc = Off | |
| magic_quotes_runtime = Off | |
| magic_quotes_sybase = Off | |
| auto_prepend_file = | |
| auto_append_file = | |
| default_mimetype = "text/html" | |
| enable_dl = Off | |
| cgi.force_redirect = 1 | |
| ;cgi.nph = 1 | |
| cgi.redirect_status_env = ; | |
| cgi.fix_pathinfo=1 | |
| file_uploads = On | |
| upload_max_filesize = 16M | |
| max_file_uploads = 20 | |
| allow_url_fopen = On | |
| allow_url_include = Off | |
| default_socket_timeout = 300 | |
| [Pdo] | |
| ; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" | |
| ; http://php.net/pdo-odbc.connection-pooling | |
| ;pdo_odbc.connection_pooling=strict | |
| ;pdo_odbc.db2_instance_name | |
| [Pdo_mysql] | |
| ; If mysqlnd is used: Number of cache slots for the internal result set cache | |
| ; http://php.net/pdo_mysql.cache_size | |
| pdo_mysql.cache_size = 2000 | |
| ; Default socket name for local MySQL connects. If empty, uses the built-in | |
| ; MySQL defaults. | |
| ; http://php.net/pdo_mysql.default-socket | |
| pdo_mysql.default_socket= | |
| [MySQLi] | |
| mysqli.max_persistent = -1 | |
| ;mysqli.allow_local_infile = On | |
| mysqli.allow_persistent = On | |
| mysqli.max_links = -1 | |
| mysqli.cache_size = 2000 | |
| mysqli.default_port = 3306 | |
| mysqli.default_socket = | |
| mysqli.default_host = | |
| mysqli.default_user = | |
| mysqli.default_pw = | |
| mysqli.reconnect = Off | |
| [bcmath] | |
| bcmath.scale = 0 | |
| [Session] | |
| session.use_cookies = 1 | |
| session.use_only_cookies = 1 | |
| session.name = PHPSESSID | |
| session.auto_start = 0 | |
| session.cookie_lifetime = 0 | |
| session.cookie_path = / | |
| session.cookie_domain = | |
| session.cookie_httponly = | |
| session.serialize_handler = php | |
| # crontab cleans sessions | |
| session.gc_probability = 0 | |
| session.gc_divisor = 1000 | |
| session.gc_maxlifetime = 3600 | |
| session.bug_compat_42 = Off | |
| session.bug_compat_warn = Off | |
| session.referer_check = | |
| session.entropy_length = 0 | |
| ;session.entropy_file = /dev/urandom | |
| session.cache_limiter = private | |
| session.cache_expire = 180 | |
| session.use_trans_sid = 0 | |
| session.hash_function = 0 | |
| session.hash_bits_per_character = 5 | |
| url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" | |
| [soap] | |
| soap.wsdl_cache_enabled=1 | |
| soap.wsdl_cache_dir="/tmp" | |
| soap.wsdl_cache_ttl=86400 | |
| soap.wsdl_cache_limit = 5 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [www] | |
| user = www-data | |
| group = www-data | |
| listen = /tmp/php-cgi.socket | |
| listen.backlog = 4096 | |
| listen.owner = www-data | |
| listen.group = www-data | |
| listen.mode = 0660 | |
| ; only allow localhost to connect | |
| listen.allowed_clients = 127.0.0.1 | |
| ; a fixed number of child processes | |
| pm = static | |
| ; 48 came from trial and error | |
| pm.max_children = 48 | |
| ; with static process manager, these values don’t matter: | |
| pm.start_servers = 8 | |
| pm.min_spare_servers = 8 | |
| pm.max_spare_servers = 8 | |
| ; restart child processes intermittently to address minor memory leaks | |
| pm.max_requests = 40000 | |
| ;pm.status_path = /status | |
| ;ping.path = /ping | |
| ;ping.response = pong | |
| ;access.log = /var/log/php/$pool.access.log | |
| access.format = %R - %u %t "%m %r%Q%q " %s %f %{mili}d %{megabytes}M %C%% | |
| ;slowlog = /var/log/php/$pool.slow.log | |
| request_slowlog_timeout = 0 | |
| ; 2 minutes chosen to allow for graceful performance degradation and some slow API/admin calls | |
| request_terminate_timeout = 120 | |
| ;chroot = | |
| ;chdir = / | |
| ; log PHP warnings and notices to aid in debugging | |
| catch_workers_output = yes | |
| security.limit_extensions = .php .html .phtml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment