User Tools

This is an old revision of the document!

Using independent PHP for different services

Ideally, you want to run each PHP-based service within the boundaries of it's own PHP instance. The advantages of such a solution would be that each PHP instance can run as the service user which guarantee service isolation and more protection in data access.

Gentoo does not provide a simple way to do so for more than two instances (see here) but even in that case the solution relies in one service running with Apache and one service running with PHP-FPM, which does not scale to more than two services.

The solution i am proposing here requires to duplicate your PHP configuration files and init scripts, but albeit requiring a bit more maintenance in the long run, it provides a much more scalable approach.

The approach

The basic idea is to leverage the Gentoo PHP-FPM init script that already support running more than one instance but with different PHP versions.

The idea is to symlink the /etc/init.d/php-fpm script to /etc/init.d/php-fpm-service1: 

ln -s /etc/init.d/php-fpm /etc/init.d/php-fpm-service1

the script will assume you want to run PHP-FPM with a version of PHP called service1, so the only thing you need to do is to copy the configuration files under /etc/php and create a proper symlink for the php version under /usr/lib64. You are basically “creating” a specific version of PHP which does not exist.

So, copy (don't link, as you will need to edit that per service) the configs: 

cp -a /etc/php/fpm-php8.2 /etc/php/fpm-service1

Choose your preferred (or required) PHP version for service1.

Then, link the libraries (i know, this step is ugly and bad, but i tihnk it's better than modifying the init script. In both cases you would need some post-update maintenance, so…): 

ln -s /usr/lib64/php8.2 /usr/lib64/service1

Here you need to symlink it, you don't really want two copies of php.

Now, assuming the service1 runs as service1 user and group, edit the php configuration file to run the php daemon as user service1. Edit /etc/php/fpm-service1/fpm.d/www.conf to match the following lines (also replace the port with an available one!): 

user = service1
group = service1
listen = 127.0.0.1:9000

and then you can start it and add to boot: 

rc-update add php-fpm-service1 default
/etc/init.d/php-fpm-service1 start

done!

Updating php

This approach will load configuration files from /etc/php/fpm-service1

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information