Nothing is ever easy...
The setup is as follows.
- I want to have a default website for connection to the raw ip-number of my server,
- i also want multiple virtual hosts
- i want to use php5-fpm
- i want to have each site having its own user and not the default www-data (apache)
- And i want it to be fast, nice and easy to administer.
So to start, install apache, php5 and php5-fpm, set it up using sockets to same server.
Then in /etc/apache2/sites-available/000-default.conf
AssignUserId username groupname
AddHandler php5-fcgi-pool-default .php
Action php5-fcgi-pool-default /php5-fcgi-pool-default
Alias /php5-fcgi-pool-default /usr/lib/cgi-bin/php5-fcgi-pool-default
FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi-pool-default -socket /var/run/php5-fpm-pool-default.sock -pass-header Authorization
Require all granted
...normal virtualhost directives
Now in /etc/php5fpm/pool.d
copy file www.conf to 000-default.conf
Alter everywhere any of the above pool/socket name name should be entered.
Create a user and a group with /bin/nologin
useradd -g username groupname
edit the above poolname.conf file and set username and groupname
For any virtual host you have to have its own poolname/socketname so you will get lots of processes, those have to be unique, effectively meaning, if you want to have a site as default and then same site as a virtual host (for any reason) you need 1(one) username.groupname but 2(two) pool configuration with 2(two) sockets
For any virtual host you dont do the above it will run as www-data (as apache user)
Remember to set permissions for /var/www/site_public_folder to be owned by root but readable by username
Remeber to set all subsequent files/folders to be readable by username