I’ve been running on this issue for a few days.
I haven’t made configuration changes, apart from the usual system/security updates.
Server runs on Debian Wheezy
I’m running a PHP/Postgresql app.
Nginx uses php-fpm in a chrooted environment.
It took me some time to isolate the cause of a 504 bad gateway error that my users started to get last week.
The log for php-fpm shows that kind of errors :
2015/05/28 15:19:32 [error] 6393#6393: *792 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 22.214.171.124, server: www.myhost.com, request: "POST /myapp/?page=account&password HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.mypool.sock", host: "www.myhost.com", referrer: "https://www.myhost.com/myapp/?page=account&password"
After a bit of googling, I raised the capacity of php-fpm :
pm.max_children = 70 pm.start_servers = 20 pm.min_spare_servers = 20 pm.max_spare_servers = 35 pm.max_requests = 500
(The hardware can handle it)
And I also added the directive for nginx :
I have the slowlog on, and this error seems linked to the server not responding:
[28-May-2015 15:17:35] [pool mypool] pid 6970 script_filename = htdocs//app/index.php [0x00007f509caa9de8] fgets() /usr/share/php/Net/Socket.php:486 [0x00007f509caa9740] readLine() /usr/share/php/Net/SMTP.php:335 [0x00007f509caa9568] _parseResponse() /usr/share/php/Net/SMTP.php:1278 [0x00007f509caa8d20] rset() /usr/share/php/Mail/smtp.php:381 [0x00007f509caa7d18] getSMTPObject() /usr/share/php/Mail/smtp.php:248 [0x00007f509caa7478] send() /htdocs/app/lib/mail.func.php:86 [0x00007f509caa7180] msg() /htdocs/app/lib/account.func.php:421 [0x00007f509caa69b0] sendToken() /htdocs/app/lib/account.func.php:386 [0x00007f509caa5fe8] newToken() /htdocs/app/lib/account.func.php:425 [0x00007f509caa4ce0] +++ dump failed
It seems the error is occurring within PEAR’s internal soup.
There is a copy of
/usr/share/php in the chrooted environment for nginx and php-fpm to access and I made sure the copy is up to date.
My app relies on PEAR::Mail to send formated e-mails, like when a user needs to recover his password. My users being short-minded, they need to recover it often and crash the server every time.
I set a cron job to restart the server regularly, but this is short term : I need the mail function to work properly as it used to.
Has anyone got an idea as to what I should/could do ?
EDIT – After some playing around, it seems to be a matter of correctly resolving the smtp server’s address, that might be related to nginx and php-fpm being chrooted, as I managed to get it to work in a “normal” environment (not chrooted).
nslookup from the server.
php.ini, I made sure :
allow_url_fopen on allow_url_include on
(though the latter doesn’t look really necessary in my case)
I also made sure that php has openssl and sockets enabled.
I even added a
resolver directive in my
nginx.conf and copied
/etc/hosts (with an entry for my mail server) in the chrooted tree.
Now when I change the host in my smtp settings, I get different error messages :
host = mail.server.net
the server hangs and I get a 504
host = ip
the server hangs and I get a 504
- host =
Failed to connect to ssl://mail.server.net:465 [SMTP: Failed to connect socket: fsockopen(): unable to connect to ssl://mail.server.net:465 (Unknown error) (code: -1, response: )]
- host =
Failed to connect to https://ns0.ovh.net:465 [SMTP: Failed to connect socket: fsockopen(): unable to connect to https://ns0.ovh.net:465 (Unable to find the socket transport "https" - did you forget to enable it when you configured PHP?) (code: -1, response: )]
Registered PHP Streams : https, ftps, compress.zlib, compress.bzip2, php, file, glob, data, http, ftp, zip, phar
Registered Stream Socket Transports : tcp, udp, unix, udg, ssl, sslv3, tls
I see I don’t have the socket transport “https” : how can I enable it ?
What I deduce from your stack trace is:
- Your web app is contacting an external SMTP server to deliver some mail.
- The PEAR library sent an RSET command to the SMTP server.
- The SMTP server did not send a response to the command; it just hung.
The big problem I see here is that you only send an RSET command to a mail server if it has already rejected a message you proposed to send. I suspect the mail server, after rejecting the email, simply firewalled you or otherwise ignored you.
Your next step is to contact the mail server administrator.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.