Vengala Vinay

Having 12+ Years of Experience in Software Development

Home » Installing and Configuring Apache with HTTP2 support and static PHP-FPM sockets on openSUSE Leap 15.5

Installing and Configuring Apache with HTTP2 support and static PHP-FPM sockets on openSUSE Leap 15.5

Prerequisites and System Update

Before proceeding, ensure your openSUSE Leap 15.5 system is up-to-date. This guarantees you have the latest security patches and package versions, which is crucial for a production environment. We will also verify the presence of necessary packages.

Execute the following commands to update your system and install Apache, PHP-FPM, and necessary modules:

sudo zypper refresh
sudo zypper update -y
sudo zypper install -y apache2 apache2-mod_http2 php php-fpm

Configuring PHP-FPM with Static Sockets

For optimal performance and predictable behavior, especially under load, we will configure PHP-FPM to use static Unix domain sockets instead of dynamic TCP ports. This eliminates the overhead of TCP connection management and provides faster inter-process communication between Apache and PHP-FPM.

First, locate the PHP-FPM configuration directory. On openSUSE Leap 15.5, this is typically /etc/php-fpm/. We will modify the main configuration file, php-fpm.conf, and the pool configuration file, usually named www.conf.

Edit the PHP-FPM pool configuration file. The default pool is often named ‘www’.

sudo vi /etc/php-fpm.d/www.conf

Within this file, find the listen directive. Comment out any existing TCP listen directives (e.g., listen = 127.0.0.1:9000) and uncomment or add a Unix socket listener. Ensure the directory for the socket exists and has appropriate permissions.

;listen = 127.0.0.1:9000
listen = /run/php-fpm/www.sock

; Ensure the user and group are appropriate for your web server.
; For Apache on openSUSE, this is typically 'wwwrun' and 'www'.
user = wwwrun
group = wwwrun

; Ensure the directory for the socket exists and has correct permissions.
; This is often handled by systemd service files, but good to verify.
listen.owner = wwwrun
listen.group = www
listen.mode = 0660

Next, ensure the listen.owner, listen.group, and listen.mode directives are set correctly to allow Apache (running as user wwwrun) to access the socket. The listen.mode = 0660 is crucial for secure communication.

After modifying www.conf, restart the PHP-FPM service to apply the changes:

sudo systemctl restart php-fpm

Verify that the PHP-FPM service is running without errors:

sudo systemctl status php-fpm

Configuring Apache HTTP Server for HTTP/2 and PHP-FPM Sockets

Now, we will configure Apache to leverage HTTP/2 for enhanced performance and to communicate with the PHP-FPM service via the static Unix sockets we just set up.

First, enable the necessary Apache modules. The http2 module is essential for HTTP/2 support, and proxy_fcgi is required for FastCGI communication with PHP-FPM.

sudo a2enmod http2 proxy proxy_fcgi setenvif
sudo systemctl restart apache2

Next, we need to configure Apache’s virtual host to use HTTP/2 and to proxy requests to the PHP-FPM socket. Edit your virtual host configuration file. For a default setup, this might be /etc/apache2/vhosts.d/vhost-default.conf or a custom file in /etc/apache2/vhosts.d/.

# Ensure this is within a <VirtualHost *:443> or <VirtualHost *:80> block
# For HTTP/2, it's best to configure it on the TLS-enabled port (443)
# Apache will negotiate HTTP/2 if both client and server support it.

<VirtualHost *:443>
    ServerName your_domain.com
    DocumentRoot /srv/www/your_domain/public_html

    # Enable HTTP/2 for this virtual host
    Protocols h2 http/1.1

    # Proxy configuration for PHP-FPM using Unix socket
    ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://unix:/run/php-fpm/www.sock|fcgi://unix:/run/php-fpm/www.sock/
    ProxyFCGISetEnvIf Request_URI "^/(.*\.php(/.*)?)$" SCRIPT_FILENAME $DOCUMENT_ROOT/$1
    ProxyFCGISetEnvIf Request_URI "^/(.*\.php(/.*)?)$" SCRIPT_FILENAME $DOCUMENT_ROOT/$1

    # Other SSL/TLS configurations (e.g., SSLEngine, SSLCertificateFile, SSLCertificateKeyFile)
    # ...

    # Standard Apache configurations
    ErrorLog /var/log/apache2/your_domain.com-error.log
    CustomLog /var/log/apache2/your_domain.com-access.log combined

    <Directory /srv/www/your_domain/public_html>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
</VirtualHost>

# Optional: Redirect HTTP to HTTPS
<VirtualHost *:80>
    ServerName your_domain.com
    Redirect permanent / https://your_domain.com/
</VirtualHost>

Explanation of Key Directives:

  • Protocols h2 http/1.1: This directive enables HTTP/2 (h2) and HTTP/1.1 for the virtual host. Apache will attempt to negotiate the highest supported protocol with the client.
  • ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://unix:/run/php-fpm/www.sock|fcgi://unix:/run/php-fpm/www.sock/: This is the core directive for proxying PHP requests. It matches any URL ending in .php (or with path segments after .php) and forwards them to the PHP-FPM process via the specified Unix socket. The |fcgi://... part is a fallback mechanism, though for static sockets, the first part is primary.
  • ProxyFCGISetEnvIf Request_URI "^/(.*\.php(/.*)?)$" SCRIPT_FILENAME $DOCUMENT_ROOT/$1: This directive sets the SCRIPT_FILENAME environment variable, which PHP-FPM uses to determine the actual PHP script to execute. It’s crucial for PHP to function correctly.
  • listen.owner, listen.group, listen.mode in PHP-FPM configuration: These ensure that the Apache user (wwwrun) has the necessary permissions to access the PHP-FPM socket.

After saving your virtual host configuration, test Apache for syntax errors:

sudo apache2ctl configtest

If the configuration test passes, restart Apache to apply the changes:

sudo systemctl restart apache2

Verification and Testing

To confirm that HTTP/2 is active and PHP-FPM is processing requests correctly, create a simple PHP info file.

Create a file named info.php in your web server’s document root (e.g., /srv/www/your_domain/public_html/info.php) with the following content:

<?php
phpinfo();
?>

Access this file through your web browser (e.g., https://your_domain.com/info.php). Look for the following indicators:

  • HTTP/2 Support: In your browser’s developer tools (Network tab), check the protocol used for the request. It should show “HTTP/2” or “h2”. Some browsers also display this information directly in the address bar or page details.
  • PHP Version and Configuration: The phpinfo() output should display the correct PHP version and confirm that it’s running via FPM/FastCGI. You should see details about the server API, indicating it’s FPM-FCGI.

If you encounter issues, check the Apache error logs (/var/log/apache2/error.log and your virtual host’s specific error log) and the PHP-FPM logs (often found in /var/log/php-fpm/ or accessible via journalctl -u php-fpm). Common problems include incorrect socket permissions, misconfigured proxy directives, or issues with the PHP-FPM service itself.

Reader Interactions

Leave a Reply

Recent Posts

Top Categories

Our Products

Our Services