How can I stop all files being read only to PHP?
SELinux does not allow nginx or php-fpm to write to random directories. You need to tell SELinux which directories should be writable by setting their default context to httpd_sys_rw_content_t
and then setting the context of any existing files. For example:
semanage fcontext -a -t httpd_sys_rw_content_t "/srv/www/my/uploads(/.*)?"
restorecon -rv /srv/www/my/uploads