Nginx and PHP as Different Users (Pooling)

So, after having installed a few WordPress sites on my server (namely this one), I ran into some permissions errors.  I couldn’t get plugins nor any updates to install.

The problem first appeared simply as a prompt to enter FTP credentials.  That was bizarre, so I hunted to find why that was.  I realized it was a permissions issue by reading this page (among others).

I scoured the Internet for answers (in other words, I tried a lot of different search terms in Google) for a way to make Nginx, the webserver software I used, to run as the proper user.  I’d setup different users for different websites, so just changing the webserver’s default user/group wasn’t the answer.

My first solution, albeit an ugly one, was to give everybody read+write+execute permissions on my WP folders.  That was an ugly kludge, but it worked.  And so it sat for some time.

Then I finally found how.  Through some bit of serendipity, I found an article on Apache and suExec.  I changed the term to Nginx with suExec, and found the answer… sort of.

Nginx, PHP-FPM, and Pooling

So the key was the “pooling” part of PHP-FPM that I’d basically ignored.  I had read the configuration file, but didn’t really understand it.

But after reading this article about pooling with Nginx and PHP-FPM, I found the answer.

So PHP-FPM can be configured to run different pools.  Basically, that means that there are multiple main processes for PHP, and they can run as different users.

Easy.  Added a new pool, changed it’s name and the user, and the new process (well, processes) appeared, with the correct user.  But how could I attach that to my website, so it ran as the correct user (instead of www-data)?

It’s All In The Socket

The bit of magic that makes Nginx hand off the PHP work to the correct pool is the socket.  The new pool needed to have a unique socket, then the affected websites needed to be reconfigured to use the socket corresponding to the appropriate pool.

I went back and changed my new pool to have a unique socket name, then restarted the php5-fpm process.  I then went and changed my website’s configuration file to use the corresponding socket.

Before restarting Nginx, I changed the permissions on my website’s folder to no longer be world readable/writable.  Then I attempted to delete an old plugin: as expected, I got a permissions error.  Restarted Nginx, then tried again, and it worked.   Woot!

Why Coding and Smalltalk Don’t Work

So, when I’m working on code, and somebody starts trying to talk to me, I sometimes get funny looks from them when I can’t respond right away.  Or because they have to wait a significant amount of time before I let them talk.  Or because I get frustrated right away when they just start talking anyway.

I’m not intentionally being an asshole.  But I do get frustrated by it.  Switching to and from programming/coding isn’t like switching to/from a book or an article or whatever.  It’s way way more involved.

There’s a fair amount of time required to get (back to) programming.  Like one of those choose-your-adventure novels, only… more.

If you chose “I’ll go with the stranger” on page 2, but didn’t take the candy in chapter 12, and you’ve got a machete (from pages 12, 13, 405, 7004, or 7005), go to page 803..  If you chose “I’ll go with the stranger” on page 2, didn’t take the candy in chapter 12, and you’ve got a machete from pages Honey? 85, 99, or 9008, go to page 405.  If you chose “I’ll go with the stranger” on so I was at the store today page 2, didn’t take the candy in chapter 12, and you’ve got a machete from a page that is NOT 12, 13, 85, 99, 405, 7004, 7005, nor 9008, go to page 777.  If you chose “I’ll go with and I saw Jerry the stranger” on page 2, didn’t take the candy in chapter 12, and you don’t have a machete at all…

So now the stranger’s name is Jerry.  And I got the machete from a store… wait, there’s no chapter called “store” in here… SHIT.

Nerd Rage on MySQL and Postgres

MySQL vexes me SOOOOO MUCH.  Why not just use PostgreSQL?

I know, I know, you’re thinking, “I have no idea what you’re talking about.  I don’t even know how to pronounce those two things.”

So, MySQL can just be pronounced “my squeal,” and PostgreSQL can simply be pronounced “post gres.”  There, one part down.

Choosing a database is a developer thing, I guess.  But… WHY?  Here comes the classic car analogy.

On the left, we’ve got the MySQL coupe.

It’s kinda plain looking.  It has a history of doing unexpected things, like not stopping when you press the brakes, and continuing to accelerate when you release the gas.  It looks like any normal car, but there are some rather devious things under the hood, and is definitely not “standards compliant.”

On the right, we’ve got the PostgreSQL coupe.

It looks sleeker, more like a sports car than a run-of-the-mill coupe.  Even though it costs the same as the MySQL coupe.  It does everything you expect it to.  Everything about it is standards-compliant.

So, why choose MySQL at all?  Doing so has zero benefit.  Choosing PostgreSQL means it’s actually pretty easy to convert to MySQL later (right… “hey, I’m trading in my Lamborghini Diablo for a No-Name Turdmobile).

If you’re a developer, and you’re working with a database, just use PostgreSQL.  It will save you time in the end.  SERIOUSLY.