diff options
-rw-r--r-- | etc/inc/system.inc | 26 | ||||
-rw-r--r-- | etc/phpshellsessions/gitsync | 1 | ||||
-rwxr-xr-x | etc/rc | 2 | ||||
-rwxr-xr-x | etc/rc.initial | 2 | ||||
-rwxr-xr-x | etc/rc.php_ini_setup | 69 | ||||
-rwxr-xr-x | usr/local/www/firewall_shaper_queues.php | 2 | ||||
-rw-r--r-- | usr/local/www/firewall_shaper_vinterface.php | 3 | ||||
-rwxr-xr-x | usr/local/www/firewall_shaper_wizards.php | 3 |
8 files changed, 94 insertions, 14 deletions
diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 035c5de..c4857fa 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -982,11 +982,6 @@ function system_generate_lighty_config($filename, $max_php_children = 1; } - if ($captive_portal !== false) - $fast_cgi_path = "{$g['tmp_path']}/php-fastcgi-{$captive_portal}.socket"; - else - $fast_cgi_path = "{$g['tmp_path']}/php-fastcgi.socket"; - if(!isset($config['syslog']['nologlighttpd'])) { $lighty_use_syslog = <<<EOD ## where to send error-messages to @@ -995,7 +990,9 @@ EOD; } - $fastcgi_config = <<<EOD + if ($captive_portal !== false) { + $fast_cgi_path = "{$g['tmp_path']}/php-fastcgi-{$captive_portal}.socket"; + $fastcgi_config = <<<EOD #### fastcgi module ## read fastcgi.txt for more info fastcgi.server = ( ".php" => @@ -1013,6 +1010,23 @@ fastcgi.server = ( ".php" => ) EOD; + } else { + $fast_cgi_path = "{$g['varrun_path']}/php-fpm.socket"; + $fastcgi_config = <<<EOD +#### fastcgi module +## read fastcgi.txt for more info +fastcgi.server = ( ".php" => + ( "localhost" => + ( + "socket" => "{$fast_cgi_path}", + "broken-scriptfilename" => "enable" + ) + ) +) + +EOD; + } + $lighty_config = <<<EOD # diff --git a/etc/phpshellsessions/gitsync b/etc/phpshellsessions/gitsync index 2b4eec1..31fd468 100644 --- a/etc/phpshellsessions/gitsync +++ b/etc/phpshellsessions/gitsync @@ -399,7 +399,6 @@ function post_cvssync_commands() { $fd = fopen("/tmp/restart_lighty", "w"); fwrite($fd, "#!/bin/sh\n"); fwrite($fd, "sleep 5\n"); - fwrite($fd, "killall php\n"); fwrite($fd, "/usr/local/sbin/pfSctl -c 'service restart webgui'\n"); if(file_exists("/var/etc/lighty-CaptivePortal.conf")) fwrite($fd, "/usr/local/sbin/lighttpd -f /var/etc/lighty-CaptivePortal.conf\n"); @@ -369,6 +369,7 @@ fi # Run the php.ini setup file and populate # /usr/local/etc/php.ini and /usr/local/lib/php.ini /etc/rc.php_ini_setup 2>/tmp/php_errors.txt +/usr/local/sbin/php-fpm -c /usr/local/lib/php.ini -y /usr/local/lib/php-fpm.conf -RD 2>&1 >/dev/null # Launch external configuration loader for supported platforms if [ "$PLATFORM" = "embedded" ]; then @@ -391,6 +392,7 @@ if [ -f /etc/rc.custom_boot_early ]; then echo "Done" fi +export fcgipath=/var/run/php-fpm.socket /usr/bin/nice -n20 /usr/local/sbin/check_reload_status # let the PHP-based configuration subsystem set up the system now diff --git a/etc/rc.initial b/etc/rc.initial index 1f9f1e2..c57c0db 100755 --- a/etc/rc.initial +++ b/etc/rc.initial @@ -137,7 +137,7 @@ case ${opmode} in /usr/sbin/tcpdump -s 256 -v -S -l -n -e -ttt -i pflog0 ;; 11 | 111) - /usr/bin/killall -9 php; /usr/bin/killall -9 lighttpd; /etc/rc.restart_webgui + /etc/rc.restart_webgui ;; 12) /usr/local/sbin/pfSsh.php diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup index 589fab8..1105773 100755 --- a/etc/rc.php_ini_setup +++ b/etc/rc.php_ini_setup @@ -53,7 +53,7 @@ REALMEM=`/sbin/sysctl hw.realmem | /usr/bin/awk '{print $2/1048576}' | /usr/bin/ export REALMEM export LOWMEM -if [ "$REALMEM" -lt "$MIN_REALMEM_FOR_APC" ]; then +if [ ${REALMEM} -lt $MIN_REALMEM_FOR_APC ]; then LOWMEM="TRUE" echo ">>> Under $MIN_REALMEM_FOR_APC megabytes of ram detected. Not enabling APC." echo ">>> Under $MIN_REALMEM_FOR_APC megabytes of ram detected. Not enabling APC." | /usr/bin/logger -p daemon.info -i -t rc.php_ini_setup @@ -296,6 +296,73 @@ suhosin.memory_limit = 512435456 EOF +PHPFPMMAX=2 +if [ "$LOWMEM" = "TRUE" ]; then + PHPFPMMAX=1 +elif [ ${REALMEM} -gt 1000 ]; then + PHPFPMMAX=4 +fi + +/bin/cat > /usr/local/lib/php-fpm.conf <<EOF + +[global] +pid = run/php-fpm.pid +error_log=syslog +syslog.facility = daemon +syslog.ident = php-fpm +log_level = notice +daemonize = yes +events.mechanism = kqueue +process.max = ${PHPFPMMAX} + +[lighty] +user = root +group = wheel +;mode = 0600 + +listen = /var/run/php-fpm.socket +listen.owner = root +listen.group = wheel +listen.mode = 0600 + +security.limit_extensions = + +EOF + +if [ "$LOWMEM" = "TRUE" ]; then + /bin/cat >> /usr/local/lib/php-fpm.conf <<EOF + +pm = ondemand +pm.process_idle_timeout = 5 +pm.max_children = 1 +pm.max_requests = 500 + +EOF + +elif [ $REALMEM -gt 1000 ]; then + /bin/cat >> /usr/local/lib/php-fpm.conf <<EOF + +pm = dynamic +pm.process_idle_timeout = 5 +pm.max_children = 3 +pm.start_servers = 1 +pm.max_requests = 500 +pm.min_spare_servers=1 +pm.max_spare_servers=1 + +EOF +else + + /bin/cat >> /usr/local/lib/php-fpm.conf <<EOF + +pm = static +pm.max_children = 2 +pm.max_requests = 500 + +EOF + +fi + # Copy php.ini file to etc/ too (cli) /bin/cp /usr/local/lib/php.ini /usr/local/etc/php.ini diff --git a/usr/local/www/firewall_shaper_queues.php b/usr/local/www/firewall_shaper_queues.php index f8ee5b6..db93524 100755 --- a/usr/local/www/firewall_shaper_queues.php +++ b/usr/local/www/firewall_shaper_queues.php @@ -46,7 +46,7 @@ require_once("shaper.inc"); require_once("rrd.inc"); if($_GET['reset'] <> "") { - mwexec("killall -9 pfctl php"); + mwexec("killall -9 pfctl"); exit; } diff --git a/usr/local/www/firewall_shaper_vinterface.php b/usr/local/www/firewall_shaper_vinterface.php index 9ab72b4..73b98c6 100644 --- a/usr/local/www/firewall_shaper_vinterface.php +++ b/usr/local/www/firewall_shaper_vinterface.php @@ -46,8 +46,7 @@ require_once("filter.inc"); require_once("shaper.inc"); if($_GET['reset'] <> "") { - /* XXX: Huh, why are we killing php? */ - mwexec("/usr/bin/killall -9 pfctl php"); + mwexec("/usr/bin/killall -9 pfctl"); exit; } diff --git a/usr/local/www/firewall_shaper_wizards.php b/usr/local/www/firewall_shaper_wizards.php index 455b932..57f7d02 100755 --- a/usr/local/www/firewall_shaper_wizards.php +++ b/usr/local/www/firewall_shaper_wizards.php @@ -45,8 +45,7 @@ require_once("filter.inc"); require_once("shaper.inc"); if($_GET['reset'] <> "") { - /* XXX: Huh, why are we killing php? */ - mwexec("/usr/bin/killall -9 pfctl php"); + mwexec("/usr/bin/killall -9 pfctl"); exit; } |