View previous topic :: View next topic |
Author |
Message |
beandog Bodhisattva
Joined: 04 May 2003 Posts: 2072 Location: /usa/utah
|
Posted: Wed May 05, 2004 10:42 am Post subject: [HOWTO] Use the source: Apache 1.3.x + mod_ssl + PHP5 + PEAR |
|
|
[HOWTO] Use the source: Apache 1.3.x + mod_ssl + PHP5 + PEAR
This is an updated version of my old Apache 1.3 + PHP4 tutorial.
Note: I'm probably going to ditch this tutorial sooner or later, and just write tweaked ebuilds with lotsa options that can be used in your overlay directory.
Table of Contents
- Download the packages
- Setup tools
- Unpack packages
- Configure mod_ssl
- Configure apache
- Install apache + mod_ssl
- Configure php
- Install php
- Setup PEAR
- Apache config files
- Init script
- Test your setup
Introduction
Portage can be a little finicky with emerging the virtual package apache. Even with your USE flags set to include "apache1", running emerge apache will want to install Apache2. If you really want to use Apache 1.3.x instead of Apache 2.0.x (for whatever reason), just download through portage a module that apache1 uses.
To see what I'm trying to explain, run these commands (with neither apache or mod_php emerged):
Code: | emerge -pv mod_ssl mod_php # wants to install apache1 + php
emerge -pv mod_php # wants to install apache2 |
I prefer to sidestep the issue completely, and at the same time gain more configuration options by using the source instead of hacking ebuilds. Note that if you are *not* looking for tweaking your Apache or PHP configuration options, this guide is pretty much useless. Just emerge mod_php which will automatically install Apache 2 w/ssl support, and mod_php. Otherwise, read on.
Notes:
I know how *completely* frustrating it can be when you want do a vanilla install, and someone's documentation uses some weird option somewhere which isn't standard, and you can't help but think that's the reason something isn't working when it doesn't. I'll keep to a clean install using standard tools, and give you the options to tweak along the way. If you're not feeling adventurous, don't wander too far from the basics.
Download the packages
Code: | # emerge -f mod_ssl
# emerge -f /usr/portage/dev-php/php/php-5.0.0.ebuild |
Unpack packages
Please note -- package versions will definately change as they get updated. Just replace my examples with real world filenames.
Code: | # cd /tmp
# tar zxf /usr/portage/distfiles/apache_1.3.31.tar.gz
# tar zxf /usr/portage/distfiles/mod_ssl-2.8.19-1.3.31.tar.gz
# tar jxf /usr/portage/distfiles/php-5.0.0.tar.bz2 |
Configure mod_ssl
Code: | # cd mod_ssl-2.8.19-1.3.31/
# ./configure --with-apache=../apache_1.3.31/ |
You should see some output similar to this:
Code: | Configuring mod_ssl/2.8.19 for Apache/1.3.31
+ Apache location: ../apache_1.3.31/ (Version 1.3.31)
+ Auxiliary patch tool: ./etc/patch/patch (local)
+ Applying packages to Apache source tree:
o Extended API (EAPI)
o Distribution Documents
o SSL Module Source
o SSL Support
o SSL Configuration Additions
o SSL Module Documentation
o Addons
Done: source extension and patches successfully applied.
Now proceed with the following commands (Bourne-Shell syntax):
$ cd ../apache_1.3.31/
$ SSL_BASE=/path/to/openssl ./configure ... --enable-module=ssl
$ make
$ make certificate
$ make install |
Configure Apache 1.3.x + test certificate
If you have any custom configuration options you want to pass when compiling Apache, now is to make sure you know what they are. This guide uses three common ones:
--enable-module=so # to let php run as an apache module + required for php installation
--enable-module=ssl # required to install mod_ssl as a module, optional if you don't want https support
--prefix=/www # instead of putting apache binaries and config files in different directories, this creates and puts everything in /www. You can change the value to whatever you would like.
For this instance, we're also making a test certificate.
Code: | # cd ../apache_1.3.31
# ./configure --enable-module=ssl --prefix=/www --enable-module=so
# make certificate TYPE=test |
Fill in all the answers. I don't know a lot about making certificates, so you'll have to look for another guide there. :T I'm only making a self-signed one that will have to be manually accepted on most browsers just so I can have https support.
Install apache + mod_ssl
Now you've got apache + mod_ssl configured with SSL support, and you should be good to go. If you aren't looking for PHP support, you could stop here. If you'd like to test your apache configuration right now, try this:
Start apache without SSL support (http:// only):
Code: | /www/bin/apachectl start |
OR Start apache with SSL support (http:// AND https://):
Code: | /www/bin/apachectl startssl |
After you've browsed to http://localhost/ or https://localhost/ stop apache since we'll have to start it back up after installing PHP. I also include a custom init.d script you can use later in the guide to start/stop apache easily.
Code: | /www/bin/apachectl stop |
Configure PHP5
DO NOT FORGET that MySQL support is disabled by default in PHP 5.0.0. I can't remember why. The point is that you have to make sure to enable it if you want to be able to connect to a MySQL database with PHP.
I'll start with some basic configuration options, and present some other common PHP options you might want to use, and which packages you will need to emerge in order to use them.
Basic PHP configuration for a PHP5 module:
Code: | #./configure --with-apxs=/www/bin/apxs |
Basic + MySQL support -- see http://www.php.net/manual/en/ref.mysql.php for more info
Code: | # emerge mysql
# ./configure --with-apxs=/www/bin/apxs --with-mysql |
Basic + PostgreSQL support -- see http://www.php.net/manual/en/ref.pgsql.php
Code: | # emerge postgresql
# ./configure --with-apxs=/www/bin/apxs --with-pgsql |
Basic + zlib support (gzip compress/uncompress) -- see http://www.php.net/manual/en/ref.zlib.php for more info
Code: | # emerge zlib
# ./configure --with-apxs=/www/bin/apxs --with-zlib |
zlib is probably already installed. I'd be surprised if it wasn't.
Add SQLite support -- see http://www.php.net/manual/en/ref.sqlite.php for info
SQLite support in php5 is enabled by default, and will be included in your configuration if it can link against the sqlite libraries.
Add zip support -- see http://www.php.net/manual/en/ref.zip.php for info
You install ZIP support later with PEAR, but you need zziplib emerged before you get there.
Disable CGI support if you don't need it (you probably don't):
Code: | # ./configure --with-apxs=/www/bin/apxs --disable-cgi |
Add GNU MP (gmp) support -- see http://www.php.net/manual/en/ref.gmp.php and http://www.swox.com/gmp/ for info
Code: | # emerge gmp
# ./configure --with-apxs=/www/bin/apxs --with-gmp |
Add IMAP(S)/POP3(S) support -- see http://us3.php.net/manual/en/ref.imap.php
Required if you want to run something like Horde or SquirrelMail
Code: | # emerge c-client
# ./configure --with-apxs=/www/bin/apxs --with-imap # <-- imap/pop3 only
# ./configure --with-apxs=/www/bin/apxs --with-imap-ssl # <-- plus imaps/pop3s support (pick one or the other) |
One last word of warning -- don't enable a feature if you THINK you're going to use it someday. Add what you need, and leave it at that. Get it stable first -- THEN break it.
Add them all up:
Code: | # ./configure --with-mysql --with-zlib --with-pgsql --disable-cgi --with-gmp --with-imap-ssl --with-apxs=/www/bin/apxs |
Then, compile and install php:
Code: | # make && make install |
Use the default php.ini:
Code: | # cp php.ini-dist /usr/local/lib/php.ini |
Tweaks -- Make life a bit easier:
Code: | # ln -s /usr/local/lib/php.ini /etc/php.ini
# ln -s /www/conf/httpd.conf /etc/httpd.conf
|
There you go -- now you have Apache + php5 setup. Congratulations. All that's left is to setup PEAR (optional) tweak your apache config files and setup a custom init script.
Setup PEAR
PEAR stands for PHP Extension and Application Repository. I think. I prefer to think of it as official php classes that absolutely rock and save a lot of time. Unfortunately, PEAR can be a bit annoying to setup (especially with dependencies). Here's the basics.
Upgrade all your packages to the latest version:
Tweaks -- Fix PEAR's funky settings for PECL extensions:
Code: | # mkdir /usr/local/lib/php/extensions
# pear config-set ext_dir /usr/local/lib/php/extensions |
Running pear-config modifies ~/.pearrc so MAKE SURE you run that command as root, since you'll be installing PEAR packages as root.
Now you can install some PECL modules (such as bz2 and zip) and they will drop the modules in /usr/local/lib/php/extensions
Use PEAR -- Add the classes directory to your include_path:
Code: | # vim /usr/local/lib/php.ini
Old: include_path = ".:/php/includes"
New: include_path = ".:/usr/local/lib/php" |
Apache config files
After you run make install on php5, it will automatically add a line to the apache config (/www/conf/httpd.conf) that will include the php5 module. However, it doesn't set it up to start parsing .php files through the module. You'll have to do that yourself:
Code: | # echo "AddType application/x-httpd-php .php" >> /www/conf/httpd.conf
# echo "AddType application/x-httpd-php-source .phps" >> /www/conf/httpd.conf |
Next, change the conf file to read index.php as the index page of a directory:
Code: | # vim /www/conf/httpd.conf
Old: DirectoryIndex index.html
New: DirectoryIndex index.php index.html |
That's it -- you should be set and ready to go, and start serving up PHP pages without any problems. What's next is some of my own tweaks I like to use INSTEAD OF manually editing httpd.conf and adding those lines I just mentioned.
I like to save all my custom apache config files in one place and then "include" them in the original httpd.conf. That way, anytime I upgrade Apache, all I have to add one line to the config file. It makes things pretty simple. Here's how it works:
Create a place to store custom config files:
Code: | # mkdir /etc/conf
# mkdir /etc/conf/apache |
Create a config file for the general settings:
Code: | # vim /etc/conf/apache/general.conf
Add:
ServerName localhost
DocumentRoot "/home/steve/public_html"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/home/steve/public_html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory> |
Create a file to include the php settings:
Code: | # vim /etc/conf/apache/php.conf
Add:
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
DirectoryIndex index.php index.html |
Create a file for virtualhosts:
Code: | # echo "127.0.0.1 dev" >> /etc/hosts
# vim /etc/conf/apache/vhosts.conf
Add:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName localhost
Options Indexes
DocumentRoot /home/steve/public_html
</VirtualHost>
<VirtualHost *:80>
ServerName dev
DocumentRoot /home/steve/dev
</VirtualHost> |
Tell apache to include all those config files with one line:
Code: | # echo "Include /etc/conf/apache/*" >> /www/conf/httpd.conf |
And you're done.
Init script
The Gentoo ebuilds will create entries for apache in /etc/init.d/ to make it easy to add it to a runlevel. Since you're installing from source, here's one you can use yourself. Save it as /etc/init.d/httpd
Code: | #!/sbin/runscript
depend() {
need net
}
start() {
ebegin "Starting apache"
/www/bin/apachectl start
eend $?
}
stop() {
ebegin "Stopping apache"
/www/bin/apachectl stop
eend $?
}
graceful() {
ebegin "Restarting apache gracefully"
/www/bin/apachectl graceful
eend $?
}
restart() {
svc_stop
sleep 1
svc_start
} |
Note that if you want Apache to start with https support, change
Code: | /www/bin/apachectl start |
to this:
Code: | /www/bin/apachectl startssl |
After you save the file, chmod it to 755 so it can be executed.
Code: | # chmod 755 /etc/init.d/httpd |
Add httpd to the default runlevel:
Code: | # rc-update add httpd default |
Test your setup
Now you should be ready to go. The best way to test your setup is to start up apache manually and goto http://localhost/ with your browser.
Code: | # /www/bin/apachectl start |
You should see some kind of generic welcome to apache screen.
Now, create a test php script to make sure that's working as well:
Code: | # vim /www/htdocs/phpinfo.php
Add:
<? phpinfo(); ?> |
Save the file then browse to http://localhost/phpinfo.php You should see the PHP configuration page. If not, make sure your PHP settings are setup correctly in the apache config file.
I hope that helps -- please let me know about any errors I may have hit along the way. Good luck with your Apache+PHP setup!
Steve _________________ If it ain't broke, tweak it. dvds | blurays | blog | wiki
Last edited by beandog on Tue Nov 30, 2004 4:03 pm; edited 10 times in total |
|
Back to top |
|
|
Insanity5902 Veteran
Joined: 23 Jan 2004 Posts: 1228 Location: Fort Worth, Texas
|
Posted: Wed May 05, 2004 1:03 pm Post subject: |
|
|
I started setting up apache and php a few weeks ago, and I emerge php, and it installs cli php and says it isn't for web servers. Do you need to emerge php-core? Here is exactly what it says when you emerge php
Code: | * The INI file for this build is /etc/php/cli-php4/php.ini
* This is a CLI only build.
* You cannot use it on a webserver. |
Don't know if that is b/c of the ebuild or what, but I notice you are using that to grap the source, just thought I would share that. Hopefully you can prove me wrong. _________________ Join the adopt an unanswered post initiative today |
|
Back to top |
|
|
Insanity5902 Veteran
Joined: 23 Jan 2004 Posts: 1228 Location: Fort Worth, Texas
|
Posted: Wed May 05, 2004 1:38 pm Post subject: |
|
|
after some more playing I figured out, I forgot to emerge mod_php, sorry for the post above, but if anyemerges those and sees that , it is okay, you just need to emerge mod_php to have it work with apache. _________________ Join the adopt an unanswered post initiative today |
|
Back to top |
|
|
beandog Bodhisattva
Joined: 04 May 2003 Posts: 2072 Location: /usa/utah
|
Posted: Sat Jul 31, 2004 10:53 pm Post subject: |
|
|
*bump*
Just revised the tutorial from php4 to php5 _________________ If it ain't broke, tweak it. dvds | blurays | blog | wiki |
|
Back to top |
|
|
Double Click Tux's lil' helper
Joined: 21 May 2004 Posts: 148
|
Posted: Wed Aug 25, 2004 11:50 pm Post subject: |
|
|
Thanks a lot for the wonderful guide
Had to setup a webserver for our developer and I was very concerned about security since I have very little knowledge concerning web development and I am kind new to Gentoo.
Amazangly I got the installation first time right thanks to your guide
Only minor problem I had when I was Code: | # make && make install |
it gave me a error about libxml2 or something and I just emerge that package which solved the problem.
Just one question ... when I was
I noticed a heck of a lot of xorg code flying by. Is this normal?
... Thanks again dude for the awesome guide ... |
|
Back to top |
|
|
beandog Bodhisattva
Joined: 04 May 2003 Posts: 2072 Location: /usa/utah
|
Posted: Thu Aug 26, 2004 1:16 am Post subject: |
|
|
Double Click wrote: | Just one question ... when I was
I noticed a heck of a lot of xorg code flying by. Is this normal?
... Thanks again dude for the awesome guide ... |
I'm guessing you had +sdl as a USE flag in your make.conf, and if that's the case then yes, there will be a lot of X dependencies that it probably needs. That's my guess since I have mine turned off, just re-emerged it (with -sdl) and I didn't see anything weird go by.
If you want to set the USE flag to -sdl for just that package, just setup your PORTDIR_OVERLAY in /etc/make.conf (I set mine to /etc/portage, but hey ... its up to you) and then do this as root:
Code: | # echo "dev-libs/zziplib -sdl" >> /etc/portage/package.use |
and then re-emerge zziplib and it will do it without the sdl dependencies.
I apologize I wasn't more clear on that ... near the end of the post I was running out of gas and started hitting some shortcuts. I"ll have to clean it up sometime.
Oh, and thanks for the input. _________________ If it ain't broke, tweak it. dvds | blurays | blog | wiki
Last edited by beandog on Wed Sep 01, 2004 1:10 pm; edited 1 time in total |
|
Back to top |
|
|
Double Click Tux's lil' helper
Joined: 21 May 2004 Posts: 148
|
Posted: Mon Aug 30, 2004 6:56 pm Post subject: |
|
|
Worked like a charm ... I think at least.
Anyway .... I noticed that a lot of other guides use Apache 2. Since we did not install Apache 2 how can I upgrade without breaking the whole setup
As you might have guessed I am a wee bit green behind the ears ....
Enjoy your day. |
|
Back to top |
|
|
beandog Bodhisattva
Joined: 04 May 2003 Posts: 2072 Location: /usa/utah
|
Posted: Wed Sep 01, 2004 1:10 pm Post subject: |
|
|
In most cases, everything will work with either version of apache. You can emerge apache, and as long as you don't start it up, it actually won't affect this custom install in the least. That's one way you can solve portage dependencies for packages that want Apache installed.
Other than that, if you wanted to do install apache2 from source, its not that different at all. In fact, just about the only two things you change are:
- use --with-apxs2=/www/bin/apxs instead of --with-apxs and
- don't use mod_ssl - its included in apache2 already
I think your best bet though is just to inject or emerge apache2 to make portage happy. _________________ If it ain't broke, tweak it. dvds | blurays | blog | wiki |
|
Back to top |
|
|
Double Click Tux's lil' helper
Joined: 21 May 2004 Posts: 148
|
Posted: Fri Sep 10, 2004 9:43 pm Post subject: |
|
|
Hi,
Just a question ... how do I uninstall all related packages from my system? Do I just stop all the services and delete the /www/* directory? |
|
Back to top |
|
|
beandog Bodhisattva
Joined: 04 May 2003 Posts: 2072 Location: /usa/utah
|
Posted: Mon Sep 13, 2004 1:48 am Post subject: |
|
|
Yahp. _________________ If it ain't broke, tweak it. dvds | blurays | blog | wiki |
|
Back to top |
|
|
trebor n00b
Joined: 26 Sep 2004 Posts: 1
|
Posted: Sun Sep 26, 2004 5:45 pm Post subject: Compile PHP *in* Apache? |
|
|
Can one build Apache with PHP built-in, as in not as a module? I do this on a FreeBSD server and building from source, but I'd like to do it and continue to use Gentoo's emerge.
Thanks. |
|
Back to top |
|
|
jaybird n00b
Joined: 11 Jun 2004 Posts: 59 Location: Alberta, Canada
|
Posted: Thu Sep 30, 2004 7:01 am Post subject: |
|
|
This setup with a manually installed php5 is what I basically have on my box.
I am having a problem when I run:
I get it wanting to re-install php everytime there is an update to the portage (eg. right now it wants to install php 4.3.9).
The other packages it is going to update I want but if I let it, it does them all and breaks my php5 installation and I have to redo it.
I already ran emerge -C php mod_php but the reason I think it wants to update php is I have phpmyadmin installed via emerge so it sees php and mod_php as dependants.
Any suggestions to get emerge -u world to always ignore php and mod_php? |
|
Back to top |
|
|
beandog Bodhisattva
Joined: 04 May 2003 Posts: 2072 Location: /usa/utah
|
Posted: Fri Oct 15, 2004 3:15 am Post subject: |
|
|
jaybird wrote: | Any suggestions to get emerge -u world to always ignore php and mod_php? |
Yah, inject them with emerge
emerge -i dev-php/php-5.0.2-r1
emerge -i dev-php/mod_php-5.0.2
steve _________________ If it ain't broke, tweak it. dvds | blurays | blog | wiki |
|
Back to top |
|
|
jaybird n00b
Joined: 11 Jun 2004 Posts: 59 Location: Alberta, Canada
|
Posted: Fri Oct 15, 2004 10:07 pm Post subject: |
|
|
The injecting worked. Thanks |
|
Back to top |
|
|
GentooRocks n00b
Joined: 13 Nov 2004 Posts: 1
|
Posted: Sat Nov 13, 2004 8:31 am Post subject: problems getting apache to start. |
|
|
I just followed this howto and it works great.
However if I use the following:
/www/bin/apachectl startssl
And start my apache server with SSL support (https) then it always prompts me with the following:
Apache/1.3.32 mod_ssl/2.8.21 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide us with the pass phrases.
Server 127.0.0.1:443 (RSA)
Enter pass phrase:
(Please note that the above server IP address has been edited for security reasons. However the rest of the text is exactly as shown.)
At this point I have to enter the pass phrase I used during the process when I made the test certificate.
How do I get it to start without prompting me for the password?
Thanks in advance
Brian |
|
Back to top |
|
|
jaybird n00b
Joined: 11 Jun 2004 Posts: 59 Location: Alberta, Canada
|
Posted: Sun Nov 14, 2004 4:57 pm Post subject: Re: problems getting apache to start. |
|
|
GentooRocks wrote: | How do I get it to start without prompting me for the password? |
It's been a long time since I've set one of these up to automatically use the password for you for unattended restarts. I don't remember how but a quick search on google found
http://docs.sun.com/source/819-0599/trFAQs.html#wp19369
I think when I set it up I found everything I needed to know in apache docs that came with the apache server. |
|
Back to top |
|
|
jtillwick n00b
Joined: 08 Aug 2005 Posts: 18
|
Posted: Wed Apr 19, 2006 1:05 am Post subject: |
|
|
/etc/init.d/apache graceful does not seem to work with gentoo. I get the error:
* ERROR: wrong args ( graceful )
* Usage: apache { start|stop|restart|pause|zap }
* apache without arguments for full help
my init.d script is as follows:
#!/sbin/runscript
JAIL="/jail/users/jeffdev"
APACHE="/bin/httpd"
CONFIGFILE="/etc/apache/apache.conf"
PIDFILE="/var/run/apache.pid"
depend() {
need net
use mysql dns netmount
after sshd
}
start() {
ebegin "Starting Apache 2:"
chroot $JAIL $APACHE -f $CONFIGFILE
eend $?
}
stop() {
ebegin "Stopping Apache 2:"
killproc ${JAIL}${APACHE}
eend $?
}
graceful() {
ebegin "Gracefully Restarting Apache 2:"
kill -USR1 `cat ${PIDFILE}`
eend $?
}
restart() {
svc_stop
sleep 1
svc_start
} |
|
Back to top |
|
|
smalahove n00b
Joined: 03 Jan 2004 Posts: 6 Location: Norway
|
Posted: Thu Apr 20, 2006 3:18 am Post subject: Re: problems getting apache to start. |
|
|
GentooRocks wrote: | How do I get it to start without prompting me for the password?
|
You probably did like me and included -des3 when generating the private key? I followed this guide when I created my apache cert and encountered the same error. For some reason, the part supposed to remove the passphrase didn't work for me.
Just drop 3des and make sure your certificate is readable only by root:
Code: | openssl genrsa -out server.key 1024
openssl rsa -in server.key -out server.pem
openssl req -new -key server.pem -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.pem -out server.crt |
Cheers,
smalahove |
|
Back to top |
|
|
|