From 29785ece4830ecb6807f2c177722d348cc200a81 Mon Sep 17 00:00:00 2001 From: Adam Outler Date: Sat, 10 Jan 2026 04:41:29 +0000 Subject: [PATCH 1/5] Adjust PHP buffer sizes --- .../services/config/php/php-fpm.d/www.conf | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/install/production-filesystem/services/config/php/php-fpm.d/www.conf b/install/production-filesystem/services/config/php/php-fpm.d/www.conf index ec0ede63..47d9ebd3 100755 --- a/install/production-filesystem/services/config/php/php-fpm.d/www.conf +++ b/install/production-filesystem/services/config/php/php-fpm.d/www.conf @@ -491,9 +491,12 @@ env[TEMP] = /tmp/run/tmp ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com php_admin_value[sys_temp_dir] = /tmp/run/tmp php_admin_value[upload_tmp_dir] = /tmp/run/tmp -php_admin_value[session.save_path] = /tmp/run/tmp -php_admin_value[output_buffering] = 262144 +php_admin_value[upload_max_filesize] = 1 M +php_admin_value[post_max_size] = 1M +php_admin_value[output_buffering] = 524288 php_admin_flag[implicit_flush] = off php_admin_value[realpath_cache_size] = 4096K +php_admin_value[session.save_path] = /tmp/run/tmp +php_admin_value[realpath_cache_size] = 4096K php_admin_value[realpath_cache_ttl] = 600 php_admin_value[memory_limit] = 256M From bdf89dc92712baf248f57d646fa33f59e35eb156 Mon Sep 17 00:00:00 2001 From: Adam Outler Date: Sat, 10 Jan 2026 04:42:22 +0000 Subject: [PATCH 2/5] Enable PHP running as root --- install/production-filesystem/services/start-php-fpm.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/install/production-filesystem/services/start-php-fpm.sh b/install/production-filesystem/services/start-php-fpm.sh index 81a245ce..0f829650 100755 --- a/install/production-filesystem/services/start-php-fpm.sh +++ b/install/production-filesystem/services/start-php-fpm.sh @@ -28,6 +28,13 @@ trap forward_signal INT TERM echo "Starting /usr/sbin/php-fpm83 -y \"${PHP_FPM_CONFIG_FILE}\" -F (tee stderr to app.php_errors.log)" php_fpm_cmd=(/usr/sbin/php-fpm83 -y "${PHP_FPM_CONFIG_FILE}" -F) + +#In the event PUID is 0 we need to run php-fpm as root +#This is useful on legacy systems where we cannot provision root access to a binary +if [[ $(id -u) -eq 0 ]]; then + php_fpm_cmd+=(-R) +fi + "${php_fpm_cmd[@]}" 2> >(tee -a "${LOG_APP_PHP_ERRORS}" >&2) & php_fpm_pid=$! From 8452902703043b25f8c10a35e45b9abcefeb68e1 Mon Sep 17 00:00:00 2001 From: Adam Outler Date: Sat, 10 Jan 2026 04:42:30 +0000 Subject: [PATCH 3/5] enable nginx running as root --- .../services/config/nginx/netalertx.conf.template | 3 +++ install/production-filesystem/services/start-nginx.sh | 9 ++++++++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/install/production-filesystem/services/config/nginx/netalertx.conf.template b/install/production-filesystem/services/config/nginx/netalertx.conf.template index 97637e11..6a567056 100755 --- a/install/production-filesystem/services/config/nginx/netalertx.conf.template +++ b/install/production-filesystem/services/config/nginx/netalertx.conf.template @@ -1,3 +1,6 @@ +# Set user if running as root (substituted by start-nginx.sh) +${NGINX_USER_DIRECTIVE} + # Set number of worker processes automatically based on number of CPU cores. worker_processes auto; diff --git a/install/production-filesystem/services/start-nginx.sh b/install/production-filesystem/services/start-nginx.sh index 881f8e6b..7f17fbac 100755 --- a/install/production-filesystem/services/start-nginx.sh +++ b/install/production-filesystem/services/start-nginx.sh @@ -35,9 +35,16 @@ done TEMP_CONFIG_FILE=$(mktemp "${TMP_DIR}/netalertx.conf.XXXXXX") +#In the event PUID is 0 we need to run nginx as root +#This is useful on legacy systems where we cannot provision root access to a binary +export NGINX_USER_DIRECTIVE="" +if [ "$(id -u)" -eq 0 ]; then + NGINX_USER_DIRECTIVE="user root;" +fi + # Shell check doesn't recognize envsubst variables # shellcheck disable=SC2016 -if envsubst '${LISTEN_ADDR} ${PORT}' < "${SYSTEM_NGINX_CONFIG_TEMPLATE}" > "${TEMP_CONFIG_FILE}" 2>/dev/null; then +if envsubst '${LISTEN_ADDR} ${PORT} ${NGINX_USER_DIRECTIVE}' < "${SYSTEM_NGINX_CONFIG_TEMPLATE}" > "${TEMP_CONFIG_FILE}" 2>/dev/null; then mv "${TEMP_CONFIG_FILE}" "${SYSTEM_SERVICES_ACTIVE_CONFIG_FILE}" else echo "Note: Unable to write to ${SYSTEM_SERVICES_ACTIVE_CONFIG_FILE}. Using default configuration." From a52cf764d2ea98c961cee946747500ec9825ffd3 Mon Sep 17 00:00:00 2001 From: Adam Outler Date: Sat, 10 Jan 2026 01:37:40 -0500 Subject: [PATCH 4/5] Update install/production-filesystem/services/config/php/php-fpm.d/www.conf Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- .../production-filesystem/services/config/php/php-fpm.d/www.conf | 1 - 1 file changed, 1 deletion(-) diff --git a/install/production-filesystem/services/config/php/php-fpm.d/www.conf b/install/production-filesystem/services/config/php/php-fpm.d/www.conf index 47d9ebd3..9fa238a5 100755 --- a/install/production-filesystem/services/config/php/php-fpm.d/www.conf +++ b/install/production-filesystem/services/config/php/php-fpm.d/www.conf @@ -497,6 +497,5 @@ php_admin_value[output_buffering] = 524288 php_admin_flag[implicit_flush] = off php_admin_value[realpath_cache_size] = 4096K php_admin_value[session.save_path] = /tmp/run/tmp -php_admin_value[realpath_cache_size] = 4096K php_admin_value[realpath_cache_ttl] = 600 php_admin_value[memory_limit] = 256M From 15679a6a21554647cd360c8c6775b6f4fc8e3ff0 Mon Sep 17 00:00:00 2001 From: Adam Outler Date: Sat, 10 Jan 2026 01:37:58 -0500 Subject: [PATCH 5/5] Update install/production-filesystem/services/config/php/php-fpm.d/www.conf Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- .../services/config/php/php-fpm.d/www.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/production-filesystem/services/config/php/php-fpm.d/www.conf b/install/production-filesystem/services/config/php/php-fpm.d/www.conf index 9fa238a5..438af82a 100755 --- a/install/production-filesystem/services/config/php/php-fpm.d/www.conf +++ b/install/production-filesystem/services/config/php/php-fpm.d/www.conf @@ -491,7 +491,7 @@ env[TEMP] = /tmp/run/tmp ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com php_admin_value[sys_temp_dir] = /tmp/run/tmp php_admin_value[upload_tmp_dir] = /tmp/run/tmp -php_admin_value[upload_max_filesize] = 1 M +php_admin_value[upload_max_filesize] = 1M php_admin_value[post_max_size] = 1M php_admin_value[output_buffering] = 524288 php_admin_flag[implicit_flush] = off