A complicated nginx/php-fpm chroot setup

Rsaesha asked:

I’m running nginx and php-fpm, and I want to set up jails for each host. My setup is a little complicated, so following tutorials on the web gets me nowhere.

Each site has a directory /var/www/domain.name/

Inside that directory, there will be a public/ directory which will be the website root, a logs/ directory which will store nginx logs for that site specifically, and the chroot filesystem (etc/, usr/, etc.)

The first problem I’ve run into is that nomatter how I configure it, PHP-FPM cannot find the files that are passed to it via nginx. They result in a “Primary script unknown” error, and to make matters worse, the error messages from PHP-FPM are no more verbose than that, so I can’t figure out what path is being passed by nginx.

A php-fpm pool configuration for a host looks like this:

[host]
user = host
group = www-data
chroot = /var/www/domain.name
chdir = /public
listen = 127.0.0.1:900x

‘x’ is incremented for each pool.

The nginx config for this host looks like this:

server
{
    listen  80;

    server_name     domain.name *.domain.name;

    root            /var/www/domain.name/public;
    index           index.php index.html index.html;

    location ~ \.php$
    {
            expires epoch;

            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            include fastcgi_params;
            fastcgi_index index.php;

            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

            fastcgi_pass 127.0.0.1:9001;
    }
}

I’m guessing that the problem is the SCRIPT_FILENAME parameter, but I’ve changed it to just $fastcgi_script_name, and various other combinations, but to no avail.

Can anyone help?

            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

            fastcgi_param SCRIPT_FILENAME /public$fastcgi_script_name;