Clonweb: Difference between revisions

From CLONWiki
Jump to navigation Jump to search
Boiarino (talk | contribs)
No edit summary
Boiarino (talk | contribs)
No edit summary
Line 12: Line 12:
== apache ==
== apache ==


 
See [[Apache]] for installation procedure.
  su
  download 'httpd-2.2.3.tar.gz' from web to '/usr/local/download/'
  cp /usr/local/download/httpd-2.2.3.tar.gz /usr/local/src
  cd /usr/local/src
  gunzip httpd-2.2.3.tar.gz
  tar xvf httpd-2.2.3.tar
  mv httpd-2.2.3 httpd-2.2.3_clonweb
  cd /usr/local/src/httpd-2.2.3_clonweb
  ./configure --enable-module=so --prefix=/www/apache2.2.3
  make
  make install
 
make sure that user set to 'apache' (should exist already):
 
  grep "^User" /www/apache2.2.3/conf/httpd.conf
  emacs /www/apache2.2.3/conf/httpd.conf
  set User (and Group) to 'apache' if necessary


== php ==
== php ==

Revision as of 08:53, 4 January 2008

TO BE: Sun X4100 server, JLAB property tag is F423602, s/n 0741BD103F.

clonweb is CLON group web server holding monitoring and utility tools as well as documentation. It assume to be viewed by everybody but can be modified by CLON system experts only. It is running RHEL4 in almost standard configuration, with extra 'clonweb' partition from file server mounted as '/www' where all CLON applications are held. There are some restrictions: 'clonweb' is not visible from outside of JLAB firewall. Access to 'clonweb' is opened through port 80 only, so only web browsing shell be used. Main index.html menu contains full list of applications running on 'clonweb'.

Following procedures were used to install an applications:

apache

See Apache for installation procedure.

php

 su
 download 'php-5.2.0.tar.gz' from web to '/usr/local/download/'
 cp /usr/local/download/php-5.2.0.tar.gz /usr/local/src
 cd /usr/local/src
 gunzip php-5.2.0.tar.gz
 tar xvf php-5.2.0.tar
 mv php-5.2.0 php-5.2.0_clonweb
 cd /usr/local/src/php-5.2.0_clonweb
 ./configure --with-mysql --with-apxs2=/www/apache2.2.3/bin/apxs
 make
 ##make install
 cp /usr/local/src/php-5.2.0_clonweb/libs/libphp5.so /www/apache2.2.3/modules

Fix apache config file /www/apache2.2.3/conf/httpd.conf:

 DirectoryIndex index.php index.html
 LoadModule php5_module modules/libphp5.so
 AddType application/x-httpd-php .php
 AddType application/x-httpd-php .php3
 AddType application/x-httpd-php .phtml

Edit /www/apache2.2.3/htdocs/index.html file.

To start/stop apache server do following:

 /www/apache2.2.3/bin/apachectl start
 /www/apache2.2.3/bin/apachectl stop

If it started fine, fix startup script '/etc/rc.d/init.d/httpd' setting correct pathes:

 # config: /www/apache2.2.3/conf/httpd.conf
 # pidfile: /www/apache2.2.3/logs/httpd.pid
 apachectl=/www/apache2.2.3/bin/apachectl
 httpd=${HTTPD-/www/apache2.2.3/bin/httpd}
 pidfile=${PIDFILE-/www/apache2.2.3/logs/httpd.pid}

Modified file is saved as /www/apache2.2.3/httpd.for_etc_init_d, copy it as /etc/init.d/httpd.

Now apache can be controled by following commands:

 /etc/init.d/httpd stop
 /etc/init.d/httpd start
 /etc/init.d/httpd restart

Add apache to the list of services to be started at boot time using:

 /usr/bin/system-config-services

wiki

See Wiki for installation procedure.

phpmyadmin

 su
 download 'phpMyAdmin-2.9.1.1-english.tar.gz' from web to '/usr/local/downloads'
 cp phpMyAdmin-2.9.1.1-english.tar.gz /www/apache2.2.3/htdocs
 cd /www/apache2.2.3/htdocs
 gunzip  phpMyAdmin-2.9.1.1-english.tar.gz
 tar xvf phpMyAdmin-2.9.1.1-english.tar
 mv phpMyAdmin-2.9.1.1-english phpMyAdmin
 cd phpMyAdmin
 cp config.sample.inc.php config.inc.php

Edit config.inc.php setting following ('controlpass' must be the root password to mysql): If 'holla' is not set message 'The configuration file now needs a secret passphrase (blowfish_secret).' will shows up ('holla' can be any word ???):

 $cfg['blowfish_secret'] = 'holla'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 $cfg['Servers'][$i]['host'] = 'clondb1.jlab.org';
 $cfg['Servers'][$i]['controluser'] = 'root';
 $cfg['Servers'][$i]['controlpass'] = '********';

Change config file's owner to 'apache' and set maximum protective mode:

 chown apache.apache config.inc.php
 chmod 400 config.inc.php

NOTE: make sure that 'mysql -h clondb1 -u root -p' works from clonweb; if not, grant appropriate mysql privileges.

NOTE: following procedure was recommended but did not worked for me:

 mkdir config
 chmod 777 config
 cp config.sample.inc.php config/config.inc.php
 chmod 666 config/config.inc.php
 open browser (as 'root' ?), type following URL:
     http://clonweb/phpMyAdmin/scripts/setup.php
 Click on the "Add" button in the "Servers" section and fill in the following
 fields:
     Server hostname:	clondb1.jlab.org
        (This is the host that your MySQL server is running on)
     Server port:	3306
        (the port your MySQL server is configured to use)
     Password for config auth:	....
        (the root password for your MySQL server)
 Press the button that says "Add" in green. Then press the "Save" button in
 the "Configuration" section.
 Now copy the configuration file into the main directory and delete the config
 directory:
     cp config/config.inc.php ./
     rm -rf config
 Assuming your MySQL server is running, you are now ready to connect to it and
 administer it with phpMyAdmin.


Start a Web browser and enter the following URL: http://clonweb/phpMyAdmin/

preparations for dual apachies

from web:

   If you need to run two different apache installations on the same box, the quickest way, IMO, is to have two separate conf files for the
servers (/usr/local/apache/conf/httpd-server1.conf and /usr/local/apache/conf/httpd-server2.conf). In your startup script, you will need
to tell apache where to find the conf file, which I think is -f, but that's off the top of my head. The drawback here is that if both servers 
need to share the machine name (both departments use http://foo), then at least one server will need to be on a non-standard port,
giving you something like http://foo and http://foo:8080. That's fine. It works. It's just extra work for one department.
  Now, if one machine will run both servers, but under different names (i.e., foo1 and foo2) you can use apache's vhosting capabilites. I've
never had to do this, so I don't know how to. :) The conf file that comes with the distro is pretty well documented, so it shouldn't be too
difficult to figure.
  A third option is to use .htaccess. I'm going to assume that some form of authentication is going to be used. If not, one department
could just as easily look at http://foo1 as changing from http://foo/dept1 to http://foo/dept2. Using .htaccess, you can restrict access to
the directories on a per-user basis (which can present maintenance issues) and serve all content off one server. I don't know all the
particulars of your situation, but this is what I would lean toward if I could.

see also page http://httpd.apache.org/docs/2.0/vhosts/examples.html, in particular:

The server has two IP addresses. On one (172.20.30.40), we will serve the "main" server, server.domain.com and on the other (172.20.30.50), 
we will serve two or more virtual hosts. Server configuration:
    Listen 80
    # This is the "main" server running on 172.20.30.40
    ServerName server.domain.com
    DocumentRoot /www/mainserver
    # This is the other address
    NameVirtualHost 172.20.30.50
    <VirtualHost 172.20.30.50>
    DocumentRoot /www/example1
    ServerName www.example1.com
    # Other directives here ...
    </VirtualHost>
    <VirtualHost 172.20.30.50>
    DocumentRoot /www/example2
    ServerName www.example2.org
    # Other directives here ...
    </VirtualHost>
Any request to an address other than 172.20.30.50 will be served from the main server. A request to 172.20.30.50
with an unknown hostname, or no Host: header, will be served from www.example1.com.
The server machine has two IP addresses (192.168.1.1 and 172.20.30.40). The machine is sitting between an internal (intranet)
network and an external (internet) network. Outside of the network, the name server.example.com resolves to the external 
address (172.20.30.40), but inside the network, that same name resolves to the internal address (192.168.1.1).
The server can be made to respond to internal and external requests with the same content, with just one VirtualHost section.
Server configuration:
    NameVirtualHost 192.168.1.1
    NameVirtualHost 172.20.30.40
    <VirtualHost 192.168.1.1 172.20.30.40>
    DocumentRoot /www/server1
    ServerName server.example.com
    ServerAlias server
    </VirtualHost>
Now requests from both networks will be served from the same VirtualHost.
Note:
  On the internal network, one can just use the name server rather than the fully qualified host name server.example.com.
  Note also that, in the above example, you can replace the list of IP addresses with *, which will cause the server to respond the same
  on all addresses.



NOTES:

smartd fails on boot startup 17-jan-2007