Note:

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "Package:Apache"

From Funtoo
Jump to navigation Jump to search
m
m (Updated the /etc/conf.d/apache2 information to reflect the changes for new PHP versions.)
 
(12 intermediate revisions by 4 users not shown)
Line 14: Line 14:


== Install ==
== Install ==
=== USE Flags ===
=== Configure USE Flags ===
{| class="wikitable" style="margin: 1em auto;" width=80%
Depending upon one's personal preferences, flag changes are sometimes necessary. To extend default USE flags in an Apache ebuild, compile a custom flavor. This can be achieved by Portage's <code>package.use</code>. Create a directory <code>/etc/portage/package.use</code> and file called <code>/etc/portage/package.use/apache</code>, and add the USE flags you want. For example:
! width="20%" | Use flag
<console>###i## install -d /etc/portage/package.use</console>
! width="10%" | Default
! width="10%" | Recommended
! width="60%" | Description
|-
| style="text-align: center;" | debug
| style="text-align: center;" | No
| style="text-align: center; background-color: red;" | No
| style="text-align: center;" | Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see http://www.gentoo.org/proj/en/qa/backtraces.xml.
|-
| style="text-align: center;" | doc
| style="text-align: center;" | No
| style="text-align: center;" |
| style="text-align: center;" |  Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally
|-
| style="text-align: center;" | ldap
| style="text-align: center;" | No
| style="text-align: center;" |
| style="text-align: center;" | Add LDAP support (Lightweight Directory Access Protocol).
|-
| style="text-align: center;" | selinux
| style="text-align: center;" | No
| style="text-align: center; background-color: yellow" | No, unless selected by default.
| style="text-align: center;" | !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
|-
| style="text-align: center;" | ssl
| style="text-align: center;" | Yes
| style="text-align: center;" |
| style="text-align: center;" | Add support for Secure Socket Layer connections.
|-
| style="text-align: center;" | static
| style="text-align: center;" | No
| style="text-align: center;" |
| style="text-align: center;" | !!do not set this during bootstrap!! Causes binaries to be statically linked instead of dynamically.
|-
| style="text-align: center;" | threads
| style="text-align: center;" | No
| style="text-align: center;" |
| style="text-align: center;" | Add threads support for various packages. Usually pthreads.
|}
 
If you want to enable any of the above use flags, create a file called <tt>/etc/portage/package.use/apache</tt> and add the options that you want to enable to it. For example:
{{file|name=/etc/portage/package.use/apache|desc= |body=
{{file|name=/etc/portage/package.use/apache|desc= |body=
www-servers/apache ssl threads
www-servers/apache ssl threads
}}
}}
 
Alternatively, if one prefers a <code>/etc/portage/package.use</code> flat file:
<console>###i## echo 'www-servers/apache ssl threads' >> /etc/portage/package.use</console>
=== Emerge ===
=== Emerge ===
After you have configured the USE flags that you want to build Apache with, emerge it:
After configuring your preferred USE flags, emerge Apache:
<console>###i## emerge apache</console>
<console>###i## emerge apache</console>


== Configuration ==
== Configuration ==
=== System ===
=== System ===
Many packages have apache2 use flags. These use flags are often required for an application to be supported by Apache. Setting a system wide apache2 use flag is a good idea.
Many packages have Apache2 USE flags. These USE flags are often required for an application to be supported by Apache. Setting a system wide Apache2 USE flag is a good idea.


{{file|name=/etc/portage/make.conf|desc=set system wide apache2 useflag|body=
{{file|name=/etc/portage/make.conf|desc=set system wide apache2 useflag|body=
Line 81: Line 41:
*<code>/etc/apache2/vhosts.d/*</code>
*<code>/etc/apache2/vhosts.d/*</code>


<code>conf.d</code> controls the init script, adding things to it such as -D SECURITY & -D PHP5 will enable web application fire-walling & the php scripting language.
<code>conf.d</code> controls the init script, adding things to it such as -D SECURITY & -D PHP will enable web application fire-walling & the php scripting language.


<code>httpd.conf</code> controls how the server behaves, at the bottom of the file it has directives to include configuration files ending in .conf in <code>/etc/apache2/modules.d</code> and <code>/etc/apache2/vhosts.d</code>
<code>httpd.conf</code> controls how the server behaves, at the bottom of the file it has directives to include configuration files ending in .conf in <code>/etc/apache2/modules.d</code> and <code>/etc/apache2/vhosts.d</code>


=== {{package|dev-lang/php}} ===
==== DSO / mod_php ====
To show which PHP versions are available for Apache on your system:
<console>###i## eselect php list apache2
  [1]  php5.5
  [2]  php5.6 *
</console>
To select PHP 5.5:
<console>###i## eselect php set apache2 php5.5</console>
{{file|name=/etc/conf.d/apache2|lang=|desc=enable php dso module|body=
"... -D PHP"
}}
Restart Apache:
<console>###i## rc-service apache2 restart</console>
If php code is showing instead of processing server side, ensure you have emerged app-eselect/eselect-php with the apache2 useflag.
==== Php-fpm ====
Apache supports php-fpm also, this is the preferred method to serve php.
{{file|name=/etc/portage/make.conf|lang=|desc=enable proxy & fcgi modules|body=
...
APACHE2_MODULES="actions alias auth_basic auth_digest authn_alias authn_anon authn_core authn_dbm authn_file authz_core authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif socache_shmcb speling status unique_id unixd userdir usertrack vhost_alias proxy proxy_fcgi"
...
}}
{{file|name=/etc/conf.d/apache2|lang=|desc=enable proxy module|body=
"... -D PROXY"
}}
{{file|name=/etc/apache2/vhosts.d/00_default_vhost.conf|lang=|desc=configure php-fpm vhosts.|body=
...
<VirtualHost *:80>
ServerName localhost
Include /etc/apache2/vhosts.d/default_vhost.include
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/localhost/htdocs/$1
DirectoryIndex /index.php
...
}}
Do not forget to start php-fpm:
{{console|body=###i## rc-update add php-fpm default
rc}}
=== Enabling Security Module ===
<console>###i## emerge mod_security</console>
{{file|name=/etc/conf.d/apache2|lang=|desc=enable mod_security|body=
APACHE2_OPTS="... -D SECURITY"}}
Control this module by editing these files, and restarting Apache.
<code>/etc/apache2/modules.d/79_modsecurity.conf</code> & <code>/etc/apache2/modules.d/80_modsecurity-crs.conf</code>
== Service ==
== Service ==


To start apache immediately:
To start Apache temporarily:
<console>
<console>
###i## rc-service apache2 start
###i## rc-service apache2 start
</console>
</console>


To start apache upon boot:
To start Apache immediately, and every boot:
<console>
<console>
###i## rc-update add apache2
###i## rc-update add apache2 default
###i## rc
</console>
</console>


Line 124: Line 141:


Then point your browser to http://127.0.0.1/test.html. You should see that the text from rewrite.html has been loaded.
Then point your browser to http://127.0.0.1/test.html. You should see that the text from rewrite.html has been loaded.
{{EbuildFooter}}
{{EbuildFooter}}

Latest revision as of 09:01, April 27, 2016

Apache

   Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

Apache is a powerful web server which serves html/css/cgi/pl out of the box, and can serve other languages/frameworks via extensions.

The Apache Homepage says this of Apache:

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Install

Configure USE Flags

Depending upon one's personal preferences, flag changes are sometimes necessary. To extend default USE flags in an Apache ebuild, compile a custom flavor. This can be achieved by Portage's package.use. Create a directory /etc/portage/package.use and file called /etc/portage/package.use/apache, and add the USE flags you want. For example:

root # install -d /etc/portage/package.use
   /etc/portage/package.use/apache
www-servers/apache ssl threads

Alternatively, if one prefers a /etc/portage/package.use flat file:

root # echo 'www-servers/apache ssl threads' >> /etc/portage/package.use

Emerge

After configuring your preferred USE flags, emerge Apache:

root # emerge apache

Configuration

System

Many packages have Apache2 USE flags. These USE flags are often required for an application to be supported by Apache. Setting a system wide Apache2 USE flag is a good idea.

   /etc/portage/make.conf - set system wide apache2 useflag
USE="...,apache2,..."

Package

Apache's configuration files are broken up and located in several spots.

  • /etc/conf.d/apache2
  • /etc/apache2/httpd.conf
  • /etc/apache2/modules.d/*
  • /etc/apache2/vhosts.d/*

conf.d controls the init script, adding things to it such as -D SECURITY & -D PHP will enable web application fire-walling & the php scripting language.

httpd.conf controls how the server behaves, at the bottom of the file it has directives to include configuration files ending in .conf in /etc/apache2/modules.d and /etc/apache2/vhosts.d

dev-lang/php

DSO / mod_php

To show which PHP versions are available for Apache on your system:

root # eselect php list apache2
  [1]   php5.5
  [2]   php5.6 *

To select PHP 5.5:

root # eselect php set apache2 php5.5
   /etc/conf.d/apache2 - enable php dso module
"... -D PHP"

Restart Apache:

root # rc-service apache2 restart

If php code is showing instead of processing server side, ensure you have emerged app-eselect/eselect-php with the apache2 useflag.

Php-fpm

Apache supports php-fpm also, this is the preferred method to serve php.

   /etc/portage/make.conf - enable proxy & fcgi modules
...
APACHE2_MODULES="actions alias auth_basic auth_digest authn_alias authn_anon authn_core authn_dbm authn_file authz_core authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif socache_shmcb speling status unique_id unixd userdir usertrack vhost_alias proxy proxy_fcgi"
...
   /etc/conf.d/apache2 - enable proxy module
"... -D PROXY"
   /etc/apache2/vhosts.d/00_default_vhost.conf - configure php-fpm vhosts.
...
<VirtualHost *:80>
	ServerName localhost
	Include /etc/apache2/vhosts.d/default_vhost.include
	ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/localhost/htdocs/$1
	DirectoryIndex /index.php
...

Do not forget to start php-fpm:

root # rc-update add php-fpm default
rc

Enabling Security Module

root # emerge mod_security
   /etc/conf.d/apache2 - enable mod_security
APACHE2_OPTS="... -D SECURITY"

Control this module by editing these files, and restarting Apache.

/etc/apache2/modules.d/79_modsecurity.conf & /etc/apache2/modules.d/80_modsecurity-crs.conf

Service

To start Apache temporarily:

root # rc-service apache2 start

To start Apache immediately, and every boot:

root # rc-update add apache2 default
root # rc

mod_rewrite

What is mod_rewrite?

The Apache documentation describes mod_rewrite as:

The mod_rewrite module uses a rule-based rewriting engine, based on a PCRE regular-expression parser, to rewrite requested URLs on the fly. By default, mod_rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL, or to invoke an internal proxy fetch.

Setting it up

mod_rewrite has a reputation of being difficult to set up. mod_rewrite requires following symlinks & Order allow,deny (apache 2.2) or Require all granted (apache 2.4) is set. To test functionality of mod_rewrite we will need to make a few files.

   Note

If you want to test this for web applications such as mediawiki adjust the path to /var/www/localhost/htdocs/mediawiki/.htaccess

   /var/www/localhost/htdocs/.htaccess - enable the rewrite engine
RewriteEngine on 
RewriteRule ^test.html$ rewrite.html
   /var/www/localhost/htdocs/test.html - set system wide apache2 useflag
rewrite is not working
   /var/www/localhost/htdocs/rewrite.html - set system wide apache2 useflag
rewrite is working

Then point your browser to http://127.0.0.1/test.html. You should see that the text from rewrite.html has been loaded.