I ran into this issue and I figured that I would share how I fixed it on Ubuntu running PHP 7 in case it can help someone. I adapted the following after reading this article that outlines how it is done with PHP 5.

Nginx needs to be optimized with PHP pools in order to give ownership of files and folders to users.

First, you need to create a new PHP-FPM memory pool. Do this by copying the default memory pool and renaming it with the user that you want to associate it with:

sudo cp /etc/php/7.0/fpm/pool.d/www.conf /etc/php/7.0/fpm/pool.d/username.conf

Edit the file:

sudo nano /etc/php/7.0/fpm/pool.d/username.conf

Go through the file and change username in the following locations:

; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[username]


; Note: The user is mandatory. If the group is not set, the default user's group
;       will be used.
user = username


listen = /run/php/php7.0-fpm.username.sock

Now you need to update your server block(s). You will need to adjust to the correct sockets to allow access to the newly created pool.

Open your server configuration file:

sudo nano /etc/nginx/sites-available/default

Or if you setup server blocks (virtual hosts), then:

sudo nano /etc/nginx/sites-available/example.com

Edit the following line and replace username:

fastcgi_pass unix:/run/php/php7.0-fpm.username.sock;

Finally, restart Nginx:

sudo service nginx restart

On a debian server I followed these steps. It might not be the most secure solution as I read here, but it works (wordpress can edit, upload and upgrade - and I can upload using sftp).

• Create a new user "user"

• Create a new group "group" (you can choose to use www-data as group as well)

• Add user and www-data to group

  usermod -G group user
  usermod -G group www-data
  

• Check group numerical id in /etc/group e.g. group:x:1002

• Change default group of www-data and user in /etc/passwd e.g. user:x:1001:1002:...

• In /etc/php5/fpm/pool.d/www.conf (in my case) change group=www-data to ;group=www-data. Now nginx will use the default group of www-data which we just set to "group". Reload service (php5-fpm).

• Recursively change owner of your wordpress folder to user:group

  chown -R user:group /var/www/html
  

• Change permissions in your wordpress folder (The 2 is to assign new files to the parent folder's group)

  find /var/www/html/ -type d -exec chmod 2775 {} +
  find /var/www/html/ -type f -exec chmod 664 {} +
  

• Change umask to UMASK 0002 in /etc/login.defs

• In wordpress, enforce direct upload (so no ftp) by adding define('FS_METHOD','direct'); to wp-config.php. In my case, this was an essential step.

• To get things working, I needed to reboot.