Phusion Passenger users guide, Apache version ============================================= image:images/phusion_banner.png[link="http://www.phusion.nl/"] Phusion Passenger is an application server which can directly integrate into Apache. It is designed to be easy to use, fast, stable and reliable and is used by link:http://trends.builtwith.com/Web-Server/Phusion-Passenger[hundreds of thousands of websites] all over the world. Phusion Passenger is a so-called polyglot application server because it supports applications written in multiple programming languages. At this time, Ruby and Python are supported. This users guide will teach you: - How to install Phusion Passenger. - How to configure Phusion Passenger. - How to deploy Ruby and Python applications. - How to solve common problems. This guide assumes that the reader is somewhat familiar with Apache and with using the command line. == Support information include::users_guide_snippets/support_information.txt[] == Installation include::users_guide_snippets/installation.txt[] == Deploying a Ruby on Rails 1.x or 2.x (but NOT Rails >= 3.x) application == Suppose you have a Ruby on Rails application in '/webapps/mycook', and you own the domain 'www.mycook.com'. You can either deploy your application to the virtual host's root (i.e. the application will be accessible from the root URL, 'http://www.mycook.com/'), or in a sub URI (i.e. the application will be accessible from a sub URL, such as 'http://www.mycook.com/railsapplication'). NOTE: The default `RAILS_ENV` environment in which deployed Rails applications are run, is ``production''. You can change this by changing the <> configuration option. === Deploying to a virtual host's root === Add a virtual host entry to your Apache configuration file. Make sure that the following conditions are met: - The virtual host's document root must point to your Ruby on Rails application's 'public' folder. - The Apache per-directory permissions must allow access to this folder. - MultiViews must be disabled for this folder. For example: ------------------------------------------- ServerName www.mycook.com DocumentRoot /webapps/mycook/public Allow from all Options -MultiViews ------------------------------------------- You may also need to tweak your file/folder permissions. Make sure that the following folders are readable and executable by Apache: * this 'public' folder. * the application's 'config' folder. * all parent folders. That is, /webapps/mycook and /webapps must also be readable and executable by Apache. Then restart Apache. The application has now been deployed. [[deploying_rails_to_sub_uri]] === Deploying to a sub URI === Suppose that you already have a virtual host: ------------------------------------------- ServerName www.phusion.nl DocumentRoot /websites/phusion Allow from all ------------------------------------------- And you want your Ruby on Rails application to be accessible from the URL 'http://www.phusion.nl/rails'. To do this, make a symlink in the virtual host's document root, and have it point to your Ruby on Rails application's 'public' folder. For example: ------------------------------------------- ln -s /webapps/mycook/public /websites/phusion/rails ------------------------------------------- Next, add a <> option to the virtual host configuration, and also make sure that: - The Apache per-directory permissions allow access to this folder. - MultiViews is disabled for this folder. For example: ------------------------------------------- ServerName www.phusion.nl DocumentRoot /websites/phusion Allow from all RailsBaseURI /rails # <-- These lines have # <-- been added. Options -MultiViews # <-- # <-- ------------------------------------------- Then restart Apache. The application has now been deployed. NOTE: If you're deploying to a sub-URI then please make sure that your view templates correctly handles references to sub-URI static assets! Otherwise you may find broken links to images, CSS files, JavaScripts, etc. Please read <> for more information. [TIP] ====================================== You can deploy multiple Rails applications under a virtual host, by specifying <> multiple times. For example: --------------------------------- .... RailsBaseURI /app1 RailsBaseURI /app2 RailsBaseURI /app3 --------------------------------- ====================================== === Redeploying (restarting the Ruby on Rails application) === Deploying a new version of a Ruby on Rails application is as simple as re-uploading the application files, and restarting the application. There are two ways to restart the application: 1. By restarting Apache. 2. By creating or modifying the file 'tmp/restart.txt' in the Rails application's <>. Phusion Passenger will automatically restart the application during the next request. For example, to restart our example MyCook application, we type this in the command line: ------------------------------------------- touch /webapps/mycook/tmp/restart.txt ------------------------------------------- Please note that, unlike earlier versions of Phusion Passenger, 'restart.txt' is not automatically deleted. Phusion Passenger checks whether the timestamp of this file has changed in order to determine whether the application should be restarted. === Migrations === Phusion Passenger is not related to Ruby on Rails migrations in any way. To run migrations on your deployment server, please login to your deployment server (e.g. with 'ssh') and type `rake db:migrate RAILS_ENV=production` in a shell console, just like one would normally run migrations. === Capistrano integration === See <>. == Deploying a Rack-based Ruby application (including Rails >= 3) == Phusion Passenger supports arbitrary Ruby web applications that follow the link:http://rack.rubyforge.org/[Rack] interface. Phusion Passenger assumes that Rack application directories have a certain layout. Suppose that you have a Rack application in '/webapps/rackapp'. Then that folder must contain at least three entries: - 'config.ru', a Rackup file for starting the Rack application. This file must contain the complete logic for initializing the application. - 'public/', a folder containing public static web assets, like images and stylesheets. - 'tmp/', used for 'restart.txt' (our application restart mechanism). This will be explained in a following subsection. So '/webapps/rackapp' must, at minimum, look like this: ---------------------- /webapps/rackapp | +-- config.ru | +-- public/ | +-- tmp/ ---------------------- Suppose you own the domain 'www.rackapp.com'. You can either deploy your application to the virtual host's root (i.e. the application will be accessible from the root URL, 'http://www.rackapp.com/'), or in a sub URI (i.e. the application will be accessible from a sub URL, such as 'http://www.rackapp.com/rackapp'). NOTE: The default `RACK_ENV` environment in which deployed Rack applications are run, is ``production''. You can change this by changing the <> configuration option. === Tutorial/example: writing and deploying a Hello World Rack application === First we create a Phusion Passenger-compliant Rack directory structure: ------------------------------------------- $ mkdir /webapps/rack_example $ mkdir /webapps/rack_example/public $ mkdir /webapps/rack_example/tmp ------------------------------------------- Next, we write a minimal "hello world" Rack application: ------------------------------------------- $ cd /webapps/rack_example $ some_awesome_editor config.ru ...type in some source code... $ cat config.ru app = proc do |env| [200, { "Content-Type" => "text/html" }, ["hello world"]] end run app ------------------------------------------- Finally, we deploy it by adding the following configuration options to the Apache configuration file: ------------------------------------------- ServerName www.rackexample.com DocumentRoot /webapps/rack_example/public Allow from all Options -MultiViews ------------------------------------------- And we're done! After an Apache restart, the above Rack application will be available under the URL 'http://www.rackexample.com/'. === Deploying to a virtual host's root === Add a virtual host entry to your Apache configuration file. Make sure that the following conditions are met: - The virtual host's document root must point to your Rack application's 'public' folder. - The Apache per-directory permissions must allow access to this folder. - MultiViews must be disabled for this folder. For example: ------------------------------------------- ServerName www.rackapp.com DocumentRoot /webapps/rackapp/public Allow from all Options -MultiViews ------------------------------------------- You may also need to tweak your file/folder permissions. Make sure that the following folders are readable and executable by Apache: * this 'public' folder. * the application's 'config' folder. * all parent folders. That is, /webapps/rackapp and /webapps must also be readable and executable by Apache. Then restart Apache. The application has now been deployed. [[deploying_rack_to_sub_uri]] === Deploying to a sub URI === Suppose that you already have a virtual host: ------------------------------------------- ServerName www.phusion.nl DocumentRoot /websites/phusion Allow from all ------------------------------------------- And you want your Rack application to be accessible from the URL 'http://www.phusion.nl/rack'. To do this, make a symlink in the virtual host's document root, and have it point to your Rack application's 'public' folder. For example: ------------------------------------------- ln -s /webapps/rackapp/public /websites/phusion/rack ------------------------------------------- Next, add a <> option to the virtual host configuration, and also make sure that: - The Apache per-directory permissions allow access to this folder. - MultiViews is disabled for this folder. For example: ------------------------------------------- ServerName www.phusion.nl DocumentRoot /websites/phusion Allow from all RackBaseURI /rack # <-- These lines have # <-- been added. Options -MultiViews # <-- # <-- ------------------------------------------- Then restart Apache. The application has now been deployed. [TIP] ====================================== You can deploy multiple Rack applications under a virtual host, by specifying <> multiple times. For example: --------------------------------- .... RackBaseURI /app1 RackBaseURI /app2 RackBaseURI /app3 --------------------------------- ====================================== === Redeploying (restarting the Rack application) === Deploying a new version of a Rack application is as simple as re-uploading the application files, and restarting the application. There are two ways to restart the application: 1. By restarting Apache. 2. By creating or modifying the file 'tmp/restart.txt' in the Rack application's <>. Phusion Passenger will automatically restart the application. For example, to restart our example application, we type this in the command line: ------------------------------------------- touch /webapps/rackapp/tmp/restart.txt ------------------------------------------- === Rackup specifications for various web frameworks === include::users_guide_snippets/rackup_specifications.txt[] == Deploying a WSGI (Python) application Phusion Passenger supports all WSGI-compliant Python web applications. Suppose that you have a WSGI application in '/webapps/wsgiapp'. Then that folder must contain at least three entries: - 'passenger_wsgi.py', which Phusion Passenger will use as the main entry point for your application. This file must export a WSGI object called `application`. - 'public/', a folder containing public static web assets, like images and stylesheets. - 'tmp/', used for 'restart.txt' (our application restart mechanism). This will be explained in a following subsection. So '/webapps/wsgiapp' must, at minimum, look like this: ---------------------- /webapps/wsgiapp | +-- config.ru | +-- public/ | +-- tmp/ ---------------------- === Tutorial/example: writing and deploying a Hello World WSGI application === First we create a Phusion Passenger-compliant WSGI directory structure: ------------------------------------------- $ mkdir /webapps/wsgi_example $ mkdir /webapps/wsgi_example/public $ mkdir /webapps/wsgi_example/tmp ------------------------------------------- Next, we write a minimal "hello world" WSGI application: ------------------------------------------- $ cd /webapps/wsgi_example $ some_awesome_editor passenger_wsgi.py ...type in some source code... $ cat passenger_wsgi.py def application(environ, start_response): start_response('200 OK', [('Content-Type', 'text/plain')]) return ["hello world!\n"] ------------------------------------------- Finally, we deploy it by adding the following configuration options to the Apache configuration file: ------------------------------------------- ServerName www.wsgiexample.com DocumentRoot /webapps/wsgi_example/public Allow from all Options -MultiViews ------------------------------------------- And we're done! After an Apache restart, the above WSGI application will be available under the URL 'http://www.wsgiexample.com/'. === Deploying to a virtual host's root === Add a virtual host entry to your Apache configuration file. Make sure that the following conditions are met: - The virtual host's document root must point to your WSGI application's 'public' folder. - The WSGI per-directory permissions must allow access to this folder. - MultiViews must be disabled for this folder. For example: ------------------------------------------- ServerName www.wsgiapp.com DocumentRoot /webapps/wsgiapp/public Allow from all Options -MultiViews ------------------------------------------- You may also need to tweak your file/folder permissions. Make sure that the following folders are readable and executable by Apache: * this 'public' folder. * the application's 'config' folder. * all parent folders. That is, /webapps/wsgiapp and /webapps must also be readable and executable by Apache. Then restart Apache. The application has now been deployed. === Redeploying (restarting the WSGI application) === Deploying a new version of a WSGI application is as simple as re-uploading the application files, and restarting the application. There are two ways to restart the application: 1. By restarting Apache. 2. By creating or modifying the file 'tmp/restart.txt' in the WSGI application's <>. Phusion Passenger will automatically restart the application. For example, to restart our example application, we type this in the command line: ------------------------------------------- touch /webapps/wsgiapp/tmp/restart.txt ------------------------------------------- == Configuring Phusion Passenger == After installation, Phusion Passenger does not need any further configurations. Nevertheless, the system administrator may be interested in changing Phusion Passenger's behavior. Phusion Passenger's Apache module supports the following configuration options: === PassengerRoot === The location to the Phusion Passenger root directory. This configuration option is essential to Phusion Passenger, and allows Phusion Passenger to locate its own data files. The correct value is given by the installer. If you've moved Phusion Passenger to a different directory then you need to update this option as well. Please read <> for more information. This required option may only occur once, in the global server configuration. [[PassengerRuby]] === PassengerRuby === This option allows one to specify the Ruby interpreter to use. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. The default value is 'ruby', meaning that the Ruby interpreter will be looked up according to the `PATH` environment variable. [[PassengerAppRoot]] === PassengerAppRoot === By default, Phusion Passenger assumes that the application's root directory is the parent directory of the 'public' directory. This option allows one to specify the application's root independently from the DocumentRoot, which is useful if the 'public' directory lives in a non-standard place. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. Example: ----------------------------- DocumentRoot /var/rails/zena/sites/example.com/public PassengerAppRoot /var/rails/zena # <-- normally Phusion Passenger would # have assumed that the application # root is "/var/rails/zena/sites/example.com" ----------------------------- [[PassengerSpawnMethod]] === PassengerSpawnMethod === [TIP] ."What spawn method should I use?" ========================================================= This subsection attempts to describe spawn methods, but it's okay if you don't (want to) understand it, as it's mostly a technical detail. You can basically follow this rule of thumb: ************************************************ If your application works on Mongrel, but not on Phusion Passenger, then set `PassengerSpawnMethod` to 'conservative'. Otherwise, leave it at 'smart-lv2' (the default). ************************************************ However, we do recommend you to try to understand it. The 'smart' and 'smart-lv2' spawn methods bring many benefits. ========================================================= include::users_guide_snippets/passenger_spawn_method.txt[] This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. In each place, it may be specified at most once. The default value is 'smart-lv2'. === PassengerEnabled === You can set this option to 'off' to completely disable Phusion Passenger for a certain location. This is useful if, for example, you want to integrate a PHP application into the same virtual host as a Rails application. Suppose that you have a Rails application in '/apps/foo'. Suppose that you've dropped Wordpress -- a blogging application written in PHP -- in '/apps/foo/public/wordpress'. You can then configure Phusion Passenger as follows: ------------------------------------ ServerName www.foo.com DocumentRoot /apps/foo/public PassengerEnabled off AllowOverride all # <-- Makes Wordpress's .htaccess file work. ------------------------------------ This way, Phusion Passenger will not interfere with Wordpress. 'PassengerEnabled' may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess'. In each place, it may be specified at most once. The default value is 'on'. [[PassengerTempDir]] === PassengerTempDir === Specifies the directory that Phusion Passenger should use for storing temporary files. This includes things such as Unix socket files, buffered file uploads (see also <>), etc. This option may be specified once, in the global server configuration. The default temp directory that Phusion Passenger uses is '/tmp'. This option is especially useful if Apache is not allowed to write to /tmp (which is the case on some systems with strict SELinux policies) or if the partition that /tmp lives on doesn't have enough disk space. .Command line tools Some Phusion Passenger command line administration tools, such as `passenger-status`, must know what Phusion Passenger's temp directory is in order to function properly. You can pass the directory through the `PASSENGER_TMPDIR` environment variable, or the `TMPDIR` environment variable (the former will be used if both are specified). For example, if you set 'PassengerTempDir' to '/my_temp_dir', then invoke `passenger-status` after you've set the `PASSENGER_TMPDIR` or `TMPDIR` environment variable, like this: ---------------------------------------------------------- export PASSENGER_TMPDIR=/my_temp-dir sudo -E passenger-status # The -E option tells 'sudo' to preserve environment variables. ---------------------------------------------------------- [[PassengerUploadBufferDir]] === PassengerUploadBufferDir === Phusion Passenger buffers large file uploads to disk in order prevent slow file uploads from blocking web applications. By default, a subdirectory in the system's temporary files directory (or a subdirectory in the directory specified in <>, if set) is automatically created for storing these buffered file uploads. This configuration directive allows you to specify a different directory for storing buffered file uploads. If you've specified such a directory (as opposed to using Phusion Passenger's default) then you *must* ensure that this directory exists. This configuration directive is also useful if you're using apache2-mpm-itk. The buffered file upload directory that Phusion Passenger creates by default has very strict permissions: it can only be accessed by the Apache worker processes. However, Phusion Passenger assumes that all Apache worker processes are running as the same user. apache2-mpm-itk breaks this assumption by running multiple Apache worker processes as different users. So if you're using apace2-mpm-itk, you should set this option to a directory that is writable by all Apache worker processes, such as '/tmp'. You may specify 'PassengerUploadBufferDir' in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverrides Options` is enabled. In each place, it may be specified at most once. === PassengerRestartDir === As described in the deployment chapters of this document, Phusion Passenger checks the file 'tmp/restart.txt' in the applications' <> for restarting applications. Sometimes it may be desirable for Phusion Passenger to look in a different directory instead, for example for security reasons (see below). This option allows you to customize the directory in which 'restart.txt' is searched for. You may specify 'PassengerRestartDir' in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverrides Options` is enabled. In each place, it may be specified at most once. You can either set it to an absolute directory, or to a directory relative to the <>. Examples: ----------------------------------- ServerName www.foo.com # Phusion Passenger will check for /apps/foo/public/tmp/restart.txt DocumentRoot /apps/foo/public ServerName www.bar.com DocumentRoot /apps/bar/public # An absolute filename is given; Phusion Passenger will # check for /restart_files/bar/restart.txt PassengerRestartDir /restart_files/bar ServerName www.baz.com DocumentRoot /apps/baz/public # A relative filename is given; Phusion Passenger will # check for /apps/baz/restart_files/restart.txt # # Note that this directory is relative to the APPLICATION ROOT, *not* # the value of DocumentRoot! PassengerRestartDir restart_files ----------------------------------- .What are the security reasons for wanting to customize PassengerRestartDir? Touching restart.txt will cause Phusion Passenger to restart the application. So anybody who can touch restart.txt can effectively cause a Denial-of-Service attack by touching restart.txt over and over. If your web server or one of your web applications has the permission to touch restart.txt, and one of them has a security flaw which allows an attacker to touch restart.txt, then that will allow the attacker to cause a Denial-of-Service. You can prevent this from happening by pointing PassengerRestartDir to a directory that's readable by Apache, but only writable by administrators. [[PassengerBufferResponse]] === PassengerBufferResponse === When turned on, application-generated responses are buffered by Apache. Buffering will happen in memory. Before we proceed with explaining this configuration option, we want to state the following to avoid confusion. If you use Phusion Passenger for Apache, there are in fact two response buffering systems active: 1. The Apache response buffering system. `PassengerBufferResponse` turns this on or off. 2. The Phusion Passenger response buffering system, a.k.a. 'real-time disk-backed response buffering'. This buffering system is always on, regardless of the value of `PassengerBufferResponse`. Response buffering is useful because it protects against slow HTTP clients that do not read responses immediately or quickly enough. Buffering prevents such slow clients from blocking web applications that have limited concurrency. Because Phusion Passenger's response buffering is always turned on, you are always protected. Therefore, `PassengerBufferResponse` is off by default, and you never should have to turn it on. If for whatever reason you want to turn Apache-level response buffering on, you can do so with this option. Apache's response buffering works differently from Phusion Passenger's. Apache's buffering system buffers the entire response before attempting to send it to the client, while Phusion Passenger's attempts to send the data to the client immediately. Therefore, if you turn on `PassengerBufferResponse`, you may interfere with applications that want to stream responses to the client. Apache's version also buffers to memory only, making it problematic for large responses. Phusion Passenger's version buffers to disk when the response exceeds a certain threshold. How does response buffering - whether it's done by Apache or by Phusion Passenger - exactly protect against slow clients? Consider an HTTP client that's on a dial-up modem link, and your application process generates a 2 MB response. If the response is buffered then your application process will be blocked until the entire 2 MB has been sent out to the HTTP client. This disallows your application process to do any useful work in the mean time. By buffering responses, Phusion Passenger or Apache will read the application response as quickly as possible and will take care of forwarding the data to slow clients. So keep in mind that enabling `passenger_buffering_response` will make streaming responses impossible. Consider for example this piece of Rails code: -------------------------------- render :text => lambda { |response, output| 10.times do |i| output.write("entry #{i}\n") output.flush sleep 1 end } -------------------------------- ...or this piece of Rack code: -------------------------------- class Response def each 10.times do |i| yield("entry #{i}\n") sleep 1 end end end app = lambda do |env| [200, { "Content-Type" => "text/plain" }, Response.new] end -------------------------------- When `PassengerBufferResponse` is turned on, Apache will wait until the application is done sending the entire response before forwarding it to the client. The client will not receive anything for 10 seconds, after which it receives the entire response at once. When `PassengerBufferResponse` is turned off, it works as expected: the client receives an "entry X" message every second for 10 seconds. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess'. In each place, it may be specified at most once. The default value is 'off'. [NOTE] ===================================================== The <> directive should be turned off if responses can be huge. Because entire responses are buffered in memory when turned on. ===================================================== [[PassengerRollingRestarts]] === PassengerRollingRestarts === :version: 3.0.0 include::users_guide_snippets/enterprise_only.txt[] Enables or disables support for rolling restarts. Normally when you restart an application (by touching restart.txt), Phusion Passenger would shut down all application processes and spawn a new one. The spawning of a new application process could take a while, and any requests that come in during this time will be blocked until this first application process has spawned. But when rolling restarts are enabled, Phusion Passenger Enterprise will: 1. Spawn a new process in the background. 2. When it's done spawning, Phusion Passenger Enterprise will replace one of the old processes with this newly spawned one. 3. Step 1 and 2 are repeated until all processes have been replaced. This way, visitors will not experience any delays when you are restarting your application. This allows you to, for example, upgrade your application often without degrading user experience. Rolling restarts have a few caveat however that you should be aware of: - Upgrading an application sometimes involves upgrading the database schema. With rolling restarts, there may be a point in time during which processes belonging to the previous version and processes belonging to the new version both exist at the same time. Any database schema upgrades you perform must therefore be backwards-compatible with the old application version. - Because there's no telling which process will serve a request, users may not see changes brought about by the new version until all processes have been restarted. It is for this reason that you should not use rolling restarts in development, only in production. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. The default value is 'off'. === PassengerResistDeploymentErrors === :version: 3.0.0 include::users_guide_snippets/enterprise_only.txt[] Enables or disables resistance against deployment errors. Suppose you've upgraded your application and you've issues a command to restart it (by touching restart.txt), but the application code contains an error that prevents Phusion Passenger from successfully spawning a process (e.g. a syntax error). Phusion Passenger would normally display an error message in response to this. By enabling deployment error resistance, Phusion Passenger Enterprise would instead do this: - It passes the request to one of the existing application processes (that belong to the previous version of the application). The visitor will not see a Phusion Passenger process spawning error message. - It logs the error to the global web server error log file. - It sets an internal flag so that no processes for this application will be spawned (even when the current traffic would normally result in more processes being spawned) and no processes will be idle cleaned. Processes *could* still be shutdown because of other events, e.g. because their <> have been reached. This way, visitors will suffer minimally from deployment errors. Phusion Passenger will attempt to restart the application again next time restart.txt is touched. Enabling deployment error resistance only works if <> is also enabled. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. The default value is 'off'. === Security options === [[PassengerUserSwitching]] ==== PassengerUserSwitching ==== Whether to enable <>. This option may only occur once, in the global server configuration. The default value is 'on'. ==== PassengerUser ==== If <> is enabled, then Phusion Passenger will by default run the web application as the owner of the file 'config/environment.rb' (for Rails apps) or 'config.ru' (for Rack apps). This option allows you to override that behavior and explicitly set a user to run the web application as, regardless of the ownership of 'environment.rb'/'config.ru'. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. In each place, it may be specified at most once. ==== PassengerGroup ==== If <> is enabled, then Phusion Passenger will by default run the web application as the primary group of the owner of the file 'config/environment.rb' (for Rails apps) or 'config.ru' (for Rack apps). This option allows you to override that behavior and explicitly set a group to run the web application as, regardless of the ownership of 'environment.rb'/'config.ru'. '' may also be set to the special value '!STARTUP_FILE!', in which case the web application's group will be set to 'environment.rb'/'config.ru''s group. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. In each place, it may be specified at most once. [[PassengerDefaultUser]] ==== PassengerDefaultUser ==== Phusion Passenger enables <> by default. This configuration option allows one to specify the user that applications must run as, if user switching fails or is disabled. This option may only occur once, in the global server configuration. The default value is 'nobody'. [[PassengerDefaultGroup]] ==== PassengerDefaultGroup ==== Phusion Passenger enables <> by default. This configuration option allows one to specify the group that applications must run as, if user switching fails or is disabled. This option may only occur once, in the global server configuration. The default value is the primary group of the user specifified by <>. ==== PassengerFriendlyErrorPages ==== Phusion Passenger can display friendly error pages whenever an application fails to start. This friendly error page presents the startup error message, some suggestions for solving the problem, and a backtrace. This feature is very useful during application development and useful for less experienced system administrators, but the page might reveal potentially sensitive information, depending on the application. Experienced system administrators who are using Phusion Passenger on serious production servers should consider turning this feature off. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. The default value is 'on'. === Resource control and optimization options === ==== PassengerMaxPoolSize ==== The maximum number of <> that may simultaneously exist. A larger number results in higher memory usage, but improved ability to handle concurrent HTTP clients. The optimal value depends on your system's hardware and the server's average load. You should experiment with different values. But generally speaking, the value should be at least equal to the number of CPUs (or CPU cores) that you have. If your system has 2 GB of RAM, then we recommend a value of '15'. If your system is a Virtual Private Server (VPS) and has about 256 MB RAM, and is also running other services such as MySQL, then we recommend a value of '2'. If you find that your server is unable to handle the load on your Rails/Rack websites (i.e. running out of memory) then you should lower this value. (Though if your sites are really that popular, then you should strongly consider upgrading your hardware or getting more servers.) This option may only occur once, in the global server configuration. The default value is '6'. TIP: We strongly recommend you to <>. This allows you to reduce the memory usage of your Ruby on Rails applications by about 33%, and it's not hard to install. [[PassengerMinInstances]] ==== PassengerMinInstances ==== This specifies the minimum number of application processes that should exist for a given application. You should set this option to a non-zero value if you want to avoid potentially long startup times after a website has been <> for an extended period. Please note that this option does *not* pre-start application processes during Apache startup. It just makes sure that when the application is first accessed: 1. at least the given number of processes will be spawned. 2. the given number of processes will be kept around even when processes are being idle cleaned (see <>). If you want to pre-start application processes during Apache startup, then you should use the <> directive, possibly in combination with 'PassengerMinInstances'. This behavior might seem counter-intuitive at first sight, but <> explains the rationale behind it. For example, suppose that you have the following configuration: --------------------------------- PassengerMaxPoolSize 15 PassengerPoolIdleTime 10 ServerName foobar.com DocumentRoot /webapps/foobar/public PassengerMinInstances 3 --------------------------------- When you start Apache, there are 0 application processes for 'foobar.com'. Things will stay that way until someone visits 'foobar.com'. Suppose that there is only 1 visitor. 1 application process will be started immediately to serve the visitor, while 2 will be spawned in the background. After 10 seconds, when the idle timeout has been reached, these 3 application processes will not be cleaned up. Now suppose that there's a sudden spike of traffic, and 100 users visit 'foobar.com' simultanously. Phusion Passenger will start 12 more application processes. After the idle timeout of 10 seconds have passed, Phusion Passenger will clean up 12 application processes, keeping 3 processes around. The PassengerMinInstances option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Limits` is on. In each place, it may be specified at most once. The default value is '1'. ==== PassengerMaxInstances ==== :version: 3.0.0 include::users_guide_snippets/enterprise_only.txt[] The maximum number of application processes that may simultaneously exist for an application. This helps to make sure that a single application will not occupy all available slots in the application pool. This value must be less than <>. A value of 0 means that there is no limit placed on the number of processes a single application may spawn, i.e. only the global limit of <> will be enforced. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. In each place, it may be specified at most once. The default value is '0'. .Practical usage example [TIP] =========================================================================== Suppose that you're hosting two web applications on your server, a personal blog and an e-commerce website. You've set <> to 10. The e-commerce website is more important to you. You can then set 'PassengerMaxInstances' to 3 for your blog, so that it will never spawn more than 3 processes, even if it suddenly gets a lot of traffic. Your e-commerce website on the other hand will be free to spawn up to 10 processes if it gets a lot of traffic. =========================================================================== ==== PassengerMaxInstancesPerApp ==== The maximum number of application processes that may simultaneously exist for a single application. This helps to make sure that a single application will not occupy all available slots in the application pool. This value must be less than <>. A value of 0 means that there is no limit placed on the number of processes a single application may use, i.e. only the global limit of <> will be enforced. This option may only occur once, in the global server configuration. The default value is '0'. .Practical usage example [TIP] =========================================================================== Suppose that you're hosting two blogs (blog A and B) on your server, and that you've set <> to 10. Under normal circumstances, if blog A suddenly gets a lot of traffic, then A will use all 10 pool slots. If blog B suddenly gets some traffic, then it will only be able to use 1 pool slot (forcefully releasing 1 slot from A) until A's traffic has settled down and it has released more pool slots. If you consider both blogs equally important, then you can set 'PassengerMaxInstancesPerApp' to 5. This way, both blogs will never use more than 5 pool slots. =========================================================================== .Relation with PassengerMaxInstances [NOTE] =========================================================================== Unlike <>, this configuration option is global and applies to all applications. 'PassengerMaxInstances' on the other hand is per-virtual host. Suppose that you're hosting two web applications on your server, a personal blog and an e-commerce website. You've set <> to 10. The e-commerce website is more important to you. You can then set 'PassengerMaxInstances' to 3 for your blog, so that it will never use more than 3 pool slots, even if it suddenly gets a lot of traffic. Your e-commerce website on the other hand will be free to use up all 10 slots if it gets a lot of traffic. In summary, 'PassengerMaxInstancesPerApp' divides the pool equally among the different web applications, while 'PassengerMaxInstances' allows one to divide the pool unequally, according to each web application's relative importance. =========================================================================== [[PassengerPoolIdleTime]] ==== PassengerPoolIdleTime ==== The maximum number of seconds that an application process may be idle. That is, if an application process hasn't received any traffic after the given number of seconds, then it will be shutdown in order to conserve memory. Decreasing this value means that applications will have to be spawned more often. Since spawning is a relatively slow operation, some visitors may notice a small delay when they visit your Rails/Rack website. However, it will also free up resources used by applications more quickly. The optimal value depends on the average time that a visitor spends on a single Rails/Rack web page. We recommend a value of `2 * x`, where `x` is the average number of seconds that a visitor spends on a single Rails/Rack web page. But your mileage may vary. When this value is set to '0', application processes will not be shutdown unless it's really necessary, i.e. when Phusion Passenger is out of application processes for a given application and one of the <> needs to make place for another application process. Setting the value to 0 is recommended if you're on a non-shared host that's only running a few applications, each which must be available at all times. This option may only occur once, in the global server configuration. The default value is '300'. ==== PassengerMaxPreloaderIdleTime ==== The ApplicationSpawner server (explained in <>) has an idle timeout, just like the backend processes spawned by Phusion Passenger do. That is, it will automatically shutdown if it hasn't done anything for a given period. This option allows you to set the ApplicationSpawner server's idle timeout, in seconds. A value of '0' means that it should never idle timeout. Setting a higher value will mean that the ApplicationSpawner server is kept around longer, which may slightly increase memory usage. But as long as the ApplicationSpawner server is running, the time to spawn a Ruby on Rails backend process only takes about 10% of the time that is normally needed, assuming that you're using the 'smart' or 'smart-lv2' <>. So if your system has enough memory, is it recommended that you set this option to a high value or to '0'. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. In each place, it may be specified at most once. The default value is '300' (5 minutes). [[PassengerConcurrencyModel]] ==== PassengerConcurrencyModel ==== :version: 4.0.0 include::users_guide_snippets/enterprise_only.txt[] Specifies the I/O concurrency model that should be used for application processes. Phusion Passenger supports two concurrency models: * 'process' - single-threaded, multi-processed I/O concurrency. Each application process only has a single thread and can only handle 1 request at a time. This is the concurrency model that Ruby applications traditionally used. It has excellent compatiblity (can work with applications that are not designed to be thread-safe) but is unsuitable workloads in which the application has to wait for a lot of external I/O (e.g. HTTP API calls), and uses more memory because each process has a large memory overhead. * 'thread' - multi-threaded, multi-processed I/O concurrency. Each application process has multiple threads (customizable via <>). This model provides much better I/O concurrency and uses less memory because threads share memory with each other within the same process. However, using this model may cause compatibility problems if the application is not designed to be thread-safe. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess'. In each place, it may be specified at most once. The default value is 'process'. [[PassengerThreadCount]] ==== PassengerThreadCount ==== :version: 4.0.0 include::users_guide_snippets/enterprise_only.txt[] Specifies the number of threads that Phusion Passenger should spawn per application process. This option only has effect if <> is 'thread'. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess'. In each place, it may be specified at most once. The default value is '1'. [[PassengerMaxRequests]] ==== PassengerMaxRequests ==== The maximum number of requests an application process will process. After serving that many requests, the application process will be shut down and Phusion Passenger will restart it. A value of 0 means that there is no maximum: an application process will thus be shut down when its idle timeout has been reached. This option is useful if your application is leaking memory. By shutting it down after a certain number of requests, all of its memory is guaranteed to be freed by the operating system. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Limits` is on. In each place, it may be specified at most once. The default value is '0'. [CAUTION] ===================================================== The <> directive should be considered as a workaround for misbehaving applications. It is advised that you fix the problem in your application rather than relying on these directives as a measure to avoid memory leaks. ===================================================== [[PassengerMaxRequestTime]] ==== PassengerMaxRequestTime ==== :version: 3.0.0 include::users_guide_snippets/enterprise_only.txt[] The maximum amount of time, in seconds, that an application process may take to process a request. If the request takes longer than this amount of time, then the application process will be forcefully shut down, and possibly restarted upon the next request. A value of 0 means that there is no time limit. This option is useful for preventing your application from freezing for an indefinite period of time. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Limits` is on. In each place, it may be specified at most once. The default value is '0'. .Example Suppose that most of your requests are known to finish within 2 seconds. However, there is one URI, '/expensive_computation', which is known to take up to 10 seconds. You can then configure Phusion Passenger as follows: ---------------------------------------------- ServerName www.example.com DocumentRoot /webapps/my_app/public PassengerMaxRequestTime 2 PassengerMaxRequestTime 10 ---------------------------------------------- If a request to '/expensive_computation' takes more than 10 seconds, or if a request to any other URI takes more than 2 seconds, then the corresponding application process will be forced to shutdown. [CAUTION] ===================================================== The <> directive should be considered as a workaround for misbehaving applications. It is advised that you fix the problem in your application rather than relying on these directives as a measure to avoid freezing applications. ===================================================== [[PassengerMemoryLimit]] ==== PassengerMemoryLimit ==== :version: 3.0.0 include::users_guide_snippets/enterprise_only.txt[] The maximum amount of memory that an application process may use, in megabytes. Once an application process has surpassed its memory limit, it will process all the requests currently present in its queue and then shut down. A value of 0 means that there is no maximum: the application's memory usage will not be checked. This option is useful if your application is leaking memory. By shutting it down, all of its memory is guaranteed to be freed by the operating system. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Limits` is on. In each place, it may be specified at most once. The default value is '200'. [NOTE] .A word about permissions ===================================================== The <> directive requires that the user that the application is running as (see <>) to have access to the `/proc` file system, or to be able to inspect its status with `ps` (which on Linux and FreeBSD systems basically means the same thing, since `ps` reads process information from `/proc`). Therefore, on servers running with tight permissions on `/proc`, this directive may not work. If you wish to use this directive and your `/proc` permissions are too tight, then please consider untightening the permissions. ===================================================== [TIP] .FreeBSD and `/proc` ===================================================== On many FreeBSD systems, `/proc` is not mounted by default. `/proc` *must* be mounted in order for <> to work. It is also advised that you mount `/proc` with the `linprocfs` filesystem type instead of the regular FreeBSD `proc` filesystem type. The `linprocfs` filesystem type allows Phusion Passenger to read memory information from `/proc` directly, which is very fast. If you mount `/proc` with a different filesystem type, then Phusion Passenger must resort to querying memory information from the `ps` command, which is a lot slower. ===================================================== [CAUTION] ===================================================== The <> and <> directives should be considered as workarounds for misbehaving applications. It is advised that you fix the problem in your application rather than relying on these directives as a measure to avoid memory leaks. ===================================================== ==== PassengerStatThrottleRate ==== By default, Phusion Passenger performs several filesystem checks (or, in programmers jargon, 'stat() calls') each time a request is processed: - It checks whether 'config/environment.rb', 'config.ru' or 'passenger_wsgi.py' is present, in order to autodetect Rails, Rack and WSGI applications. - It checks whether 'restart.txt' has changed or whether 'always_restart.txt' exists, in order to determine whether the application should be restarted. On some systems where disk I/O is expensive, e.g. systems where the harddisk is already being heavily loaded, or systems where applications are stored on NFS shares, these filesystem checks can incur a lot of overhead. You can decrease or almost entirely eliminate this overhead by setting 'PassengerStatThrottleRate'. Setting this option to a value of 'x' means that the above list of filesystem checks will be performed at most once every 'x' seconds. Setting it to a value of '0' means that no throttling will take place, or in other words, that the above list of filesystem checks will be performed on every request. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Limits` is on. In each place, it may be specified at most once. The default value is '0'. [[PassengerPreStart]] ==== PassengerPreStart ==== By default, Phusion Passenger does not start any application processes until said web application is first accessed. The result is that the first visitor of said web application might experience a small delay as Phusion Passenger is starting the web application on demand. If that is undesirable, then this directive can be used to pre-started application processes during Apache startup. A few things to be careful of: - This directive accepts the *URL* of the web application you want to pre-start, not a on/off value! This might seem a bit weird, but read on for rationale. As for the specifics of the URL: * The domain part of the URL must be equal to the value of the 'ServerName' directive of the VirtualHost block that defines the web application. * Unless the web application is deployed on port 80, the URL should contain the web application's port number too. * The path part of the URL must point to some URI that the web application handles. - You will probably want to combine this option with <> because application processes started with 'PassengerPreStart' are subject to the usual idle timeout rules. See the example below for an explanation. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. In each place, it may be specified any number of times. ===== Example 1: basic usage ===== Suppose that you have the following web applications. --------------------------- ServerName foo.com DocumentRoot /webapps/foo/public ServerName bar.com DocumentRoot /webapps/bar/public --------------------------- You want both of them to be pre-started during Apache startup. The URL for foo.com is 'http://foo.com/' (or, equivalently, 'http://foo.com:80/') and the URL for bar.com is 'http://bar.com:3500/'. So we add two PassengerPreStart directives, like this: --------------------------- ServerName foo.com DocumentRoot /webapps/foo/public ServerName bar.com DocumentRoot /webapps/bar/public PassengerPreStart http://foo.com/ # <--- added PassengerPreStart http://bar.com:3500/ # <--- added --------------------------- ===== Example 2: pre-starting apps that are deployed in sub-URIs ===== Suppose that you have a web application deployed in a sub-URI '/store', like this: --------------------------- ServerName myblog.com DocumentRoot /webapps/wordpress RailsBaseURI /store --------------------------- Then specify the domain name of its containing virtual host followed by the sub-URI, like this: --------------------------- ServerName myblog.com DocumentRoot /webapps/wordpress RailsBaseURI /store PassengerPreStart http://myblog.com/store # <----- added --------------------------- The sub-URI *must* be included; if you don't then the directive will have no effect. The following example is wrong and won't pre-start the store web application: --------------------------- PassengerPreStart http://myblog.com/ # <----- WRONG! Missing "/store" part. --------------------------- ===== Example 3: combining with PassengerMinInstances ===== Application processes started with PassengerPreStart are also subject to the idle timeout rules as specified by <>! That means that by default, the pre-started application processes for foo.com are bar.com are shut down after a few minutes of inactivity. If you don't want that to happen, then you should combine PassengerPreStart with <>, like this: --------------------------- ServerName foo.com DocumentRoot /webapps/foo/public # Added! PassengerMinInstances 1 ServerName bar.com DocumentRoot /webapps/bar/public # Added! PassengerMinInstances 1 PassengerPreStart http://foo.com/ PassengerPreStart http://bar.com:3500/ --------------------------- ===== So why a URL? Why not just an on/off flag? ===== A directive that accepts a simple on/off flag is definitely more intuitive, but due technical difficulties w.r.t. the way Apache works, it's very hard to implement it like that: - It is very hard to obtain a full list of web applications defined in the Apache configuration file(s). In other words, it's hard for Phusion Passenger to know which web applications are deployed on Apache until a web application is first accessed, and without such a list Phusion Passenger wouldn't know which web applications to pre-start. It's probably not completely impossible to obtain such a list, but this brings us to the following point; - Users expect things like 'mod_env' to work even in combination with Phusion Passenger. For example some people put ``SetEnv PATH=....'' in their virtual host block and they expect the web application to pick that environment variable up when it's started. Information like this is stored in module-specific locations that Phusion Passenger cannot access directly. Even if the previous bullet point is solved and we can obtain a list of web applications, we cannot start the application with the correct mod_env information. mod_env is just one such example; there are probably many other Apache modules, all of which people expect to work, but we cannot answer to those expectations if PassengerPreStart is implemented as a simple on/off flag. So as a compromise, we made it accept a URL. This is easier to implement for us and altough it looks weird, it behaves consistently w.r.t. cooperation with other Apache modules. ===== What does Phusion Passenger do with the URL? ===== During Apache startup, Phusion Passenger will send a dummy HEAD request to the given URL and discard the result. In other words, Phusion Passenger simulates a web access at the given URL. However this simulated request is always sent to localhost, *not* to the IP that the domain resolves to. Suppose that bar.com in example 1 resolves to 209.85.227.99; Phusion Passenger will send the following HTTP request to 127.0.0.1 port 3500 (and not to 209.85.227.99 port 3500): ---------------------- HEAD / HTTP/1.1 Host: bar.com Connection: close ---------------------- Similarly, for example 2, Phusion Passenger will send the following HTTP request to 127.0.0.1 port 80: ---------------------- HEAD /store HTTP/1.1 Host: myblog.com Connection: close ---------------------- ===== Do I need to edit /etc/hosts and point the domain in the URL to 127.0.0.1? ===== No. See previous subsection. ===== My web application consists of multiple web servers. What URL do I need to specify, and in which web server's Apache config file? ===== Put the web application's virtual host's ServerName value and the virtual host's port in the URL, and put PassengerPreStart on all machines that you want to pre-start the web application on. The simulated web request is always sent to 127.0.0.1, with the domain name in the URL as value for the 'Host' HTTP header, so you don't need to worry about the request ending up at a different web server in the cluster. ===== Does PassengerPreStart support https:// URLs? ===== Yes. And it does not perform any certificate validation. [[PassengerHighPerformance]] ==== PassengerHighPerformance ==== By default, Phusion Passenger is compatible with mod_rewrite and most other Apache modules. However, a lot of effort is required in order to be compatible. If you turn 'PassengerHighPerformance' to 'on', then Phusion Passenger will be a little faster, in return for reduced compatibility with other Apache modules. In places where 'PassengerHighPerformance' is turned on, mod_rewrite rules will likely not work. mod_autoindex (the module which displays a directory index) will also not work. Other Apache modules may or may not work, depending on what they exactly do. We recommend you to find out how other modules behave in high performance mode via testing. This option is *not* an all-or-nothing global option: you can enable high performance mode for certain virtual hosts or certain URLs only. The 'PassengerHighPerformance' option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess'. In each place, it may be specified at most once. The default value is 'off', so high performance mode is disabled by default, and you have to explicitly enable it. .When to enable high performance mode? If you do not use mod_rewrite or other Apache modules then it might make sense to enable high performance mode. It's likely that some of your applications depend on mod_rewrite or other Apache modules, while some do not. In that case you can enable high performance for only those applications that don't use other Apache modules. For example: ------------------------------------ ServerName www.foo.com DocumentRoot /apps/foo/public .... mod_rewrite rules or options for other Apache modules here ... ServerName www.bar.com DocumentRoot /apps/bar/public PassengerHighPerformance on ------------------------------------ In the above example, high performance mode is only enabled for www.bar.com. It is disabled for everything else. If your application generally depends on mod_rewrite or other Apache modules, but a certain URL that's accessed often doesn't depend on those other modules, then you can enable high performance mode for a certain URL only. For example: ------------------------------------ ServerName www.foo.com DocumentRoot /apps/foo/public .... mod_rewrite rules or options for other Apache modules here ... PassengerHighPerformance on ------------------------------------ This enables high performance mode for http://www.foo.com/chatroom/ajax_update_poll only. ///////////////////////////////////////// ///////////////////////////////////////// === Compatibility options === [[PassengerResolveSymlinksInDocumentRoot]] ==== PassengerResolveSymlinksInDocumentRoot ==== Configures whether Phusion Passenger should resolve symlinks in the document root. Please refer to <> for more information. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. It is off by default. ==== PassengerAllowEncodedSlashes ==== By default, Apache doesn't support URLs with encoded slashes (%2f), e.g. URLs like this: `/users/fujikura%2fyuu`. If you access such an URL then Apache will return a 404 Not Found error. This can be solved by turning on PassengerAllowEncodedSlashes as well as Apache's link:http://httpd.apache.org/docs/2.0/mod/core.html#allowencodedslashes[AllowEncodedSlashes]. Is it important that you turn on both AllowEncodedSlashes *and* PassengerAllowEncodedSlashes, otherwise this feature will not work properly. PassengerAllowEncodedSlashes may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. It is off by default. Please note however that turning on support for encoded slashes will break support for mod_rewrite passthrough rules. Because of bugs/limitations in Apache, Phusion Passenger can support either encoded slashes or mod_rewrite passthrough rules, but not both at the same time. Luckily this option can be specified anywhere, so you can enable it only for virtual hosts or URLs that need it: ---------------------------------- ServerName www.example.com DocumentRoot /webapps/example/public AllowEncodedSlashes on RewriteEngine on # Check for maintenance file and redirect all requests RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f RewriteCond %{SCRIPT_FILENAME} !maintenance.html RewriteRule ^.*$ /system/maintenance.html [L] # Make /about an alias for /info/about. RewriteRule ^/about$ /info/about [PT,L] # In a location block so that it doesn't interfere with the # above /about mod_rewrite rule. PassengerAllowEncodedSlashes on ---------------------------------- With this, http://www.example.com/users/fujikura%2fyuu will work properly, and accessing http://www.example.com/about will properly display the result of http://www.example.com/info/about. Notice that PassengerAllowEncodedSlashes only interferes with passthrough rules, not with any other mod_rewrite rules. The rules for displaying maintenance.html will work fine even for URLs starting with "/users". === Logging and debugging options === ==== PassengerLogLevel ==== This option allows one to specify how much information Phusion Passenger should write to the Apache error log file. A higher log level value means that more information will be logged. Possible values are: - '0': Show only errors and warnings. - '1': Show the most important debugging information. This might be useful for system administrators who are trying to figure out the cause of a problem. - '2': Show more debugging information. This is typically only useful for developers. - '3': Show even more debugging information. This option may only occur once, in the global server configuration. The default is '0'. ==== PassengerDebugLogFile ==== By default Phusion Passenger debugging and error messages are written to the global web server error log. This option allows one to specify the file that debugging and error messages should be written to instead. This option may only occur once, in the global server configuration. ==== PassengerDebugger ==== :version: 3.0.0 include::users_guide_snippets/enterprise_only.txt[] Turns support for application debugging on or off. In case of Ruby applications, turning this option on will cause them to load the `ruby-debug` gem (when on Ruby 1.8) or the `debugger` gem (when on Ruby 1.9). If you're using Bundler, you should add this to your Gemfile: ------------------------------------------- gem 'ruby-debug', :platforms => :ruby_18 gem 'debugger', :platforms => :ruby_19 ------------------------------------------- Once debugging is turned on, you can use the command `passenger-irb --debug ` to attach an rdebug console to the application process with the given PID. Attaching will succeed once the application process executes a `debugger` command. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. The default value is 'off'. === Classic Ruby on Rails (<= 2.x)-specific options === These options only have effect on classic Ruby on Rails 1.x and 2.x applications. Ruby on Rails >= 3.x applications are considered Rack applications. ==== RailsAutoDetect ==== Whether Phusion Passenger should automatically detect whether a virtual host's document root is a Ruby on Rails application. The default is 'on'. This option may occur in the global server configuration or in a virtual host configuration block. For example, consider the following configuration: ----------------------------- RailsAutoDetect off ServerName www.mycook.com DocumentRoot /webapps/mycook/public ----------------------------- If one goes to 'http://www.mycook.com/', the visitor will see the contents of the '/webapps/mycook/public' folder, instead of the output of the Ruby on Rails application. It is possible to explicitly specify that the host is a Ruby on Rails application by using the <> configuration option: ----------------------------- RailsAutoDetect off ServerName www.mycook.com DocumentRoot /webapps/mycook/public RailsBaseURI / # This line has been added. ----------------------------- [[RailsBaseURI]] ==== RailsBaseURI ==== Used to specify that the given URI is a Rails application. See <> for an example. It is allowed to specify this option multiple times. Do this to deploy multiple Rails applications in different sub-URIs under the same virtual host. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. [[rails_env]] ==== RailsEnv ==== This option allows one to specify the default `RAILS_ENV` value. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. The default value is 'production'. === Rack and Rails >= 3 specific options === ==== RackAutoDetect ==== Whether Phusion Passenger should automatically detect whether a virtual host's document root is a Rack application. The default is 'on'. This option may occur in the global server configuration or in a virtual host configuration block. For example, consider the following configuration: ----------------------------- RackAutoDetect off ServerName www.rackapp.com DocumentRoot /webapps/my_rack_app/public ----------------------------- If one goes to 'http://www.rackapp.com/', the visitor will see the contents of the '/webapps/my_rack_app/public' folder, instead of the output of the Rack application. It is possible to explicitly specify that the host is a Rack application by using the <> configuration option: ----------------------------- RackAutoDetect off ServerName www.rackapp.com DocumentRoot /webapps/my_rack_app/public RackBaseURI / # This line was added ----------------------------- [[RackBaseURI]] ==== RackBaseURI ==== Used to specify that the given URI is a Rack application. See <> for an example. It is allowed to specify this option multiple times. Do this to deploy multiple Rack applications in different sub-URIs under the same virtual host. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. [[rack_env]] ==== RackEnv ==== The given value will be accessible in Rack applications in the `RACK_ENV` environment variable. This allows one to define the environment in which Rack applications are run, very similar to `RAILS_ENV`. This option may occur in the following places: * In the global server configuration. * In a virtual host configuration block. * In a `` or `` block. * In '.htaccess', if `AllowOverride Options` is on. In each place, it may be specified at most once. The default value is 'production'. === Deprecated options === The following options have been deprecated, but are still supported for backwards compatibility reasons. ==== RailsRuby ==== Deprecated in favor of <>. ==== RailsUserSwitching ==== Deprecated in favor of <>. ==== RailsDefaultUser ==== Deprecated in favor of <>. ==== RailsAllowModRewrite ==== This option doesn't do anything anymore in recent versions of Phusion Passenger. ==== RailsSpawnMethod ==== Deprecated in favor of <>. [[troubleshooting]] == Troubleshooting == === Operating system-specific problems === ==== MacOS X: The installer cannot locate MAMP's Apache ==== .Symptoms ******************************************************************************* The installer finds Apache 2 development headers at `/Applications/MAMP/Library/bin/apxs`. However, Apache cannot be found. The installer also outputs the following error: ------------------------------------ cannot open /Applications/MAMP/Library/build/config_vars.mk: No such file or directory at /Applications/MAMP/Library/bin/apxs line 218. ------------------------------------ ******************************************************************************* Your MAMP installation seems to be broken. In particular, 'config_vars.mk' is missing. Please read link:http://forum.mamp.info/viewtopic.php?t=1866[this forum topic] to learn how to fix this problem. See also link:http://code.google.com/p/phusion-passenger/issues/detail?id=12[this bug report]. === Problems during installation === [[installing_ruby_dev]] ==== Ruby development headers aren't installed ==== .Symptoms ******************************************************************************* Installing Phusion Passenger fails because of one of the following errors: - The Phusion Passenger installer tells you that the Ruby development headers aren't installed. - The error message ``'no such file to load -- mkmf''' occurs. - The error message ``'ruby.h: No such file or directory''' occurs. ******************************************************************************* Phusion Passenger makes use of a native extension, so the Ruby development headers must be installed. On most Linux systems, Ruby and the Ruby development headers are contained in separate packages, so having Ruby installed does not automatically imply having the development headers installed. Here's how you can install the development headers: Ubuntu/Debian:: Please type: + ----------------------------------------- sudo apt-get install ruby1.8-dev ----------------------------------------- Fedora/CentOS/RHEL:: Please type: + ----------------------------------------- su -c 'yum install ruby-devel' ----------------------------------------- FreeBSD:: Please install Ruby from 'ports' or with `pkg_add`. If that fails, please install Ruby from source. MacOS X:: Please install Ruby from source. Other operating systems:: Please consult your operating system's native package database. There should be a package containing the Ruby development headers. If that fails, please install Ruby from source. NOTE: If you've installed a new Ruby version (i.e. your system now contains multiple Ruby installations), then you will need to tell Phusion Passenger which Ruby installation you want to use. Please read <>. ==== Apache development headers aren't installed ==== .Symptoms ******************************************************************************* Installing Phusion Passenger fails because of one of the following errors: - The installer says that the Apache development headers aren't installed. - The error message ``'httpd.h: No such file or directory''' occurs. + (Instead of 'httpd.h', the message might also be 'http_config.h' or something else similar to 'http_*.h'.) ******************************************************************************* Ubuntu:: Please type: + ----------------------------------------- sudo apt-get install apache2-prefork-dev ----------------------------------------- Debian:: Please type: + ----------------------------------------- sudo apt-get install apache2-dev ----------------------------------------- Fedora/CentOS/RHEL:: Please type: + -------------------------------- su -c 'yum install httpd-devel' -------------------------------- FreeBSD:: Please install Apache from 'ports' or with `pkg_add`. If that fails, please install Apache from source. MacOS X:: Please install Apache from source. Other operating systems:: Please consult your operating system's native package database. There should be a package containing the Apache development headers. If that fails, please install Apache from source. ==== APR development headers aren't installed ==== .Symptoms ******************************************************************************* Installing Phusion Passenger fails because one of the following errors: - The installer tells you that APR development headers aren't installed. - The error message ``'apr_pools.h: No such file or directory''' occurs. - The error message ``'apr_strings.h: No such file or directory''' occurs. ******************************************************************************* Ubuntu:: Please type: + ----------------------------------------- sudo apt-get install libapr1-dev ----------------------------------------- Debian:: Please type: + ----------------------------------------- sudo apt-get install libapr1-dev ----------------------------------------- Fedora/CentOS/RHEL:: Please type: + -------------------------------- su -c 'yum install apr-devel' -------------------------------- Other Linux distributions:: Please consult your distribution's package database. There should be a package which provides APR development headers. Other operating systems:: The APR development are bundled with Apache. If the APR headers aren't, then it probably means that they have been removed after Apache's been installed. Please reinstall Apache to get back the APR headers. ==== Phusion Passenger is using the wrong Apache during installation ==== Please <>, and re-run the Phusion Passenger installer. ==== Phusion Passenger is using the wrong Ruby during installation ==== Please <>, and re-run the Phusion Passenger installer. === Problems after installation === [TIP] .The golden tip: read your Apache error logs! ===================================================== 'mod_passenger' will write all errors to the Apache error log. So if you're experiencing post-installation problems, please look inside the Apache error logs. It will tell you what exactly went wrong. ===================================================== ==== My Rails application works on Mongrel, but not on Phusion Passenger ==== Please try setting <> to 'conservative'. ==== Phusion Passenger has been compiled against the wrong Apache installation ==== .Symptoms ******************************************************************************* Apache crashes during startup (after being daemonized). The Apache error log says ``'seg fault or similar nasty error detected in the parent process'''. ******************************************************************************* This problem is most likely to occur on MacOS X. Most OS X users have multiple Apache installations on their system. To solve this problem, please <>, and <>. ==== I get a "403 Forbidden" error ==== See next subsection. ==== Static assets such as images and stylesheets aren't being displayed ==== Static assets are accelerated, i.e. they are served directly by Apache and do not go through the Rails stack. There are two reasons why Apache doesn't serve static assets correctly: 1. Your Apache configuration is too strict, and does not allow HTTP clients to access static assets. This can be achieved with an `Allow from all` directive in the correct place. For example: + ----------------------------------------- Options FollowSymLinks AllowOverride None Order allow,deny Allow from all ----------------------------------------- + See also link:http://groups.google.com/group/phusion-passenger/browse_thread/thread/9699a639a87f85f4/b9d71a03bf2670a5[this discussion]. 2. The Apache process doesn't have permission to access your Rails application's folder. Please make sure that the Rails application's folder, as well as all of its parent folders, have the correct permissions and/or ownerships. ==== The Apache error log says that the spawn manager script does not exist, or that it does not have permission to execute it ==== If you are sure that the 'PassengerRoot' configuration option is set correctly, then this problem is most likely caused by the fact that you're running Apache with SELinux. On Fedora, CentOS and RedHat Enterprise Linux, Apache is locked down by SELinux policies. To solve this problem, you must set some permissions on the Phusion Passenger files and folders, so that Apache can access them. - If you've installed Phusion Passenger via a gem, then run this command to determine Phusion Passenger's root folder: + ------------------------------------------------------------------ passenger-config --root ------------------------------------------------------------------ + Next, run the following command: + ------------------------------------------------------------------ chcon -R -h -t httpd_sys_content_t /path-to-passenger-root ------------------------------------------------------------------ + where '/path-to-passenger-root' should be replaced with whatever `passenger-config --root` printed. - If you've installed Phusion Passenger via the source tarball, then run the following command: + ------------------------------------------------------------------ chcon -R -h -t httpd_sys_content_t /path/to/passenger/folder ------------------------------------------------------------------ Once the permissions are fixed, restart Apache. ==== The Rails application reports that it's unable to start because of a permission error ==== Please check whether your Rails application's folder has the correct permissions. By default, Rails applications are started as the owner of the file 'config/environment.rb', except if the file is owned by root. If the file is owned by root, then the Rails application will be started as 'nobody' (or as the user specify by <>, if that's specified). Please read <> for details. ==== My Rails application's log file is not being written to ==== There are a couple things that you should be aware of: - By default, Phusion Passenger runs Rails applications in 'production' mode, so please be sure to check 'production.log' instead of 'development.log'. See <> for configuration. - By default, Phusion Passenger runs Rails applications as the owner of 'environment.rb'. So the log file can only be written to if that user has write permission to the log file. Please 'chmod' or 'chown' your log file accordingly. + See <> for details. If you're using a RedHat-derived Linux distribution (such as Fedora or CentOS) then it is link:http://code.google.com/p/phusion-passenger/issues/detail?id=4[possible that SELinux is interfering]. RedHat's SELinux policy only allows Apache to read/write directories that have the 'httpd_sys_content_t' security context. Please run the following command to give your Rails application folder that context: ----------------------------------------------------------- chcon -R -h -t httpd_sys_content_t /path/to/your/rails/app ----------------------------------------------------------- ==== I've deployed my app on SSL, but the app thinks its not on SSL ==== Rails and many other frameworks infers whether it's running on SSL through the CGI environment variable `HTTPS`. Apache always sets this variable when on SSL, except when SSL is incorrectly configured. Most Apache installations already configure SSL by default on port 443 (conf/extra/httpd-ssl.conf). Some people think they can save some typing in subsequent SSL vhost blocks, and omit important options like 'SSLEngine on', like this: -------------------------------------- # httpd-ssl.conf contains something like: # # SSLEngine on # ... # Include conf/extra/httpd-ssl.conf ServerName www.example.com DocumentRoot /webapps/example/public -------------------------------------- *This is wrong!* In each SSL vhost block you must re-specify all the SSL options. Otherwise Apache won't properly detect the vhost as an SSL vhost block. Here's the corrected example: -------------------------------------- Include conf/extra/httpd-ssl.conf ServerName www.example.com DocumentRoot /webapps/example/public SSLEngine on ...more SSL options here... -------------------------------------- [[conflicting_apache_modules]] === Conflicting Apache modules === ==== mod_userdir ==== 'mod_userdir' is not compatible with Phusion Passenger at the moment. ==== MultiViews (mod_negotiation) ==== MultiViews is not compatible with Phusion Passenger. You should disable MultiViews for all Phusion Passenger hosts. ==== VirtualDocumentRoot ==== VirtualDocumentRoot is not compatible with Phusion Passenger at the moment. == Analysis and system maintenance == include::users_guide_snippets/analysis_and_system_maintenance.txt[] == Tips == include::users_guide_snippets/tips.txt[] === X-Sendfile support === Phusion Passenger does not provide X-Sendfile support by itself. Please install link:http://tn123.ath.cx/mod_xsendfile/[mod_xsendfile] for X-Sendfile support. === Upload progress === Phusion Passenger does not provide upload progress support by itself. Please try drogus's link:http://github.com/drogus/apache-upload-progress-module/tree/master[ Apache upload progress module] instead. == Under the hood == Phusion Passenger hides a lot of complexity for the end user (i.e. the web server system administrator), but sometimes it is desirable to know what is going on. This section describes a few things that Phusion Passenger does under the hood. === Static assets serving === Phusion Passenger accelerates serving of static files. This means that, if an URI maps to a file that exists, then Phusion Passenger will let Apache serve that file directly, without hitting the web application. Phusion Passenger does all this without the need for any mod_rewrite rules. People who are switching from an old Mongrel-based setup might have mod_rewrite rules such as these: ------------------------------------------------------------ # Check whether this request has a corresponding file; if that # exists, let Apache serve it, otherwise forward the request to # Mongrel. RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ balancer://mongrel%{REQUEST_URI} [P,QSA,L] ------------------------------------------------------------ These kind of mod_rewrite rules are no longer required, and you can safely remove them. === Page caching support === include::users_guide_snippets/under_the_hood/page_caching_support.txt[] [[application_detection]] === How Phusion Passenger detects whether a virtual host is a web application === After you've read the deployment instructions you might wonder how Phusion Passenger knows that the DocumentRoot points to a web application that Phusion Passenger is able to serve, and how it knows what kind of web application it is (e.g. Rails or Rack). Phusion Passenger checks whether the virtual host is a Rails application by checking whether the following file exists: ------------------------------------------------ dirname(DocumentRoot) + "/config/environment.rb" ------------------------------------------------ If you're not a programmer and don't understand the above pseudo-code snippet, it means that Phusion Passenger will: 1. Extract the parent directory filename from the value of the DocumentRoot directory. 2. Append the text "/config/environment.rb" to the result, and check whether the resulting filename exists. So suppose that your document root is '/webapps/foo/public'. Phusion Passenger will check whether the file '/webapps/foo/config/environment.rb' exists. Note that Phusion Passenger does *not* resolve any symlinks in the document root path by default since version 2.2.0 -- in contrast to versions earlier than 2.2.0, which do resolve symlinks. So for example, suppose that your DocumentRoot points to '/home/www/example.com', which in turn is a symlink to '/webapps/example.com/public'. In versions earlier than 2.2.0, Phusion Passenger will check whether '/webapps/example.com/config/environment.rb' exists because it resolves all symlinks. Phusion Passenger 2.2.0 and later however will check for '/home/www/config/environment.rb'. This file of course doesn't exist, and as a result Phusion Passenger will not activate itself for this virtual host, and you'll most likely see an Apache mod_dirindex directory listing. If you need the old symlink-resolving behavior for whatever reason, then you can turn on <>. Another way to solve this situation is to explicitly tell Phusion Passenger what the correct application root is through the <> configuration directive. Autodetection of Rack applications happens through the same mechanism, exception that Phusion Passenger will look for 'config.ru' instead of 'config/environment.rb'. include::users_guide_snippets/appendix_a_about.txt[] include::users_guide_snippets/appendix_b_terminology.txt[] include::users_guide_snippets/appendix_c_spawning_methods.txt[]