dunglas / frankenphp

🧟 The modern PHP app server
https://frankenphp.dev
MIT License
6.93k stars 242 forks source link

How would you replace a PHP-FPM environment with FrankenPHP #619

Open monkburger opened 8 months ago

monkburger commented 8 months ago

We're looking at using FrankenPHP as a replacement for FPM, mostly because of performance. We have a traditional setup (eg: Apache or Nginx talking to FPM over a UDS).

How does FrankenPHP work in this context? It seems to have no idea about UIDs in the config (I could be mistaken)

If this has been covered elsewhere, I do apologize in advance, but I did not see anything specific (outside of https://github.com/dunglas/frankenphp/issues/583)

One possibility is we would have to configure FrankenPHP as a reverse proxy from behind x/y/z, and only handle PHP files. But I really don't want to run PHP executing daemons as root.

withinboredom commented 8 months ago

I really don't want to run PHP executing daemons as root.

You don't have to run it as root, but if you want to bind to a privileged port, you will need to give it permission to do so (see https://frankenphp.dev/docs/docker/#running-as-a-non-root-user) -- as well as giving it permissions to whatever files it needs access to.

583 is more of a multitenant setup in the same process vs. non-root.