Clonweb

From CLONWiki
Revision as of 17:13, 30 September 2007 by Boiarino (talk | contribs)
Jump to navigation Jump to search

clonweb is CLON group web server holding monitoring and utility tools as well as documentation. It assume to be viewed by everybody but can be modified by CLON system experts only. It is running RHEL4 in almost standard configuration, with extra 'clonweb' partition from file server mounted as '/www' where all CLON applications are held. There are some restrictions since 'clonweb' is visible from outside of JLAB firewalls. Access to 'clonweb' is opened through port 80 only, so only web browsing shell be used. Main index.html menu contains full list of applications running on 'clonweb'. 

Those restrictions includes:

Following procedures were used to install an applications:


apache

 su
 download 'httpd-2.2.3.tar.gz' from web to '/usr/local/download/'
 cp /usr/local/download/httpd-2.2.3.tar.gz /usr/local/src
 cd /usr/local/src
 gunzip httpd-2.2.3.tar.gz
 tar xvf httpd-2.2.3.tar
 mv httpd-2.2.3 httpd-2.2.3_clonweb
 cd /usr/local/src/httpd-2.2.3_clonweb
 ./configure --enable-module=so --prefix=/www/apache2.2.3
 make
 make install

make sure that user set to 'apache' (should exist already): 

 grep "^User" /www/apache2.2.3/conf/httpd.conf
 emacs /www/apache2.2.3/conf/httpd.conf
 set User (and Group) to 'apache' if necessary

php

 su
 download 'php-5.2.0.tar.gz' from web to '/usr/local/download/'
 cp /usr/local/download/php-5.2.0.tar.gz /usr/local/src
 cd /usr/local/src
 gunzip php-5.2.0.tar.gz
 tar xvf php-5.2.0.tar
 mv php-5.2.0 php-5.2.0_clonweb
 cd /usr/local/src/php-5.2.0_clonweb
 ./configure --with-mysql --with-apxs2=/www/apache2.2.3/bin/apxs
 make
 ##make install
 cp /usr/local/src/php-5.2.0_clonweb/libs/libphp5.so /www/apache2.2.3/modules

Fix apache config file /www/apache2.2.3/conf/httpd.conf: 

 DirectoryIndex index.php index.html
 LoadModule php5_module modules/libphp5.so
 AddType application/x-httpd-php .php
 AddType application/x-httpd-php .php3
 AddType application/x-httpd-php .phtml

Edit /www/apache2.2.3/htdocs/index.html file.

To start/stop apache server do following: 

 /www/apache2.2.3/bin/apachectl start
 /www/apache2.2.3/bin/apachectl stop

If it started fine, fix startup script '/etc/rc.d/init.d/httpd' setting correct pathes: 

 # config: /www/apache2.2.3/conf/httpd.conf
 # pidfile: /www/apache2.2.3/logs/httpd.pid
 apachectl=/www/apache2.2.3/bin/apachectl
 httpd=${HTTPD-/www/apache2.2.3/bin/httpd}
 pidfile=${PIDFILE-/www/apache2.2.3/logs/httpd.pid}

Now apache can be controled by following commands: 

 /etc/init.d/httpd stop
 /etc/init.d/httpd start
 /etc/init.d/httpd restart

Add apache to the list of services to be started at boot time using: 

 /usr/bin/system-config-services

mediawiki

Create user 'clonwiki' with private group.

Create database: 

 ssh root@clondb1
 mysql -u root -p
 create database wikidb\g
 grant create, select, insert, update, delete, lock tables on wikidb.* to boiarino@clonweb.jlab.org identified by    '*********'\g
 flush privileges\g
 \q

Download and install mediawiki: 

 su
 download 'mediawiki-1.6.8.tar.gz' from web to '/usr/local/download'
 cp mediawiki-1.6.8.tar.gz /www/apache2.2.3/htdocs/
 cd /www/apache2.2.3/htdocs
 gunzip mediawiki-1.6.8.tar.gz
 tar xvf mediawiki-1.6.8.tar
 mv mediawiki-1.6.8 wiki

Installation procedure was not recorded - next time ...

phpmyadmin

 su
 download 'phpMyAdmin-2.9.1.1-english.tar.gz' from web to '/usr/local/downloads'
 cp phpMyAdmin-2.9.1.1-english.tar.gz /www/apache2.2.3/htdocs
 cd /www/apache2.2.3/htdocs
 gunzip  phpMyAdmin-2.9.1.1-english.tar.gz
 tar xvf phpMyAdmin-2.9.1.1-english.tar
 mv phpMyAdmin-2.9.1.1-english phpMyAdmin
 cd phpMyAdmin
 cp config.sample.inc.php config.inc.php

Edit config.inc.php setting following ('controlpass' must be the root password to mysql): If 'holla' is not set message 'The configuration file now needs a secret passphrase (blowfish_secret).' will shows up ('holla' can be any word ???): 

 $cfg['blowfish_secret'] = 'holla'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 $cfg['Servers'][$i]['host'] = 'clondb1.jlab.org';
 $cfg['Servers'][$i]['controluser'] = 'root';
 $cfg['Servers'][$i]['controlpass'] = '********';

Change config file's owner to 'apache' and set maximum protective mode: 

 chown apache.apache config.inc.php
 chmod 400 config.inc.php

NOTE: make sure that 'mysql -h clondb1 -u root -p' works from clonweb; if not, grant appropriate mysql privileges.

NOTE: following procedure was recommended but did not worked for me: 

 mkdir config
 chmod 777 config
 cp config.sample.inc.php config/config.inc.php
 chmod 666 config/config.inc.php
 open browser (as 'root' ?), type following URL:
     http://clonweb/phpMyAdmin/scripts/setup.php
 Click on the "Add" button in the "Servers" section and fill in the following
 fields:
     Server hostname:	clondb1.jlab.org
        (This is the host that your MySQL server is running on)
     Server port:	3306
        (the port your MySQL server is configured to use)
     Password for config auth:	....
        (the root password for your MySQL server)
 Press the button that says "Add" in green. Then press the "Save" button in
 the "Configuration" section.
 Now copy the configuration file into the main directory and delete the config
 directory:
     cp config/config.inc.php ./
     rm -rf config
 Assuming your MySQL server is running, you are now ready to connect to it and
 administer it with phpMyAdmin.


Start a Web browser and enter the following URL: http://clonweb/phpMyAdmin/

preparations for dual apachies

from web: 

   If you need to run two different apache installations on the same box, the quickest way, IMO, is to have two separate conf files for the
servers (/usr/local/apache/conf/httpd-server1.conf and /usr/local/apache/conf/httpd-server2.conf). In your startup script, you will need
to tell apache where to find the conf file, which I think is -f, but that's off the top of my head. The drawback here is that if both servers 
need to share the machine name (both departments use http://foo), then at least one server will need to be on a non-standard port,
giving you something like http://foo and http://foo:8080. That's fine. It works. It's just extra work for one department.
  Now, if one machine will run both servers, but under different names (i.e., foo1 and foo2) you can use apache's vhosting capabilites. I've
never had to do this, so I don't know how to. :) The conf file that comes with the distro is pretty well documented, so it shouldn't be too
difficult to figure.
  A third option is to use .htaccess. I'm going to assume that some form of authentication is going to be used. If not, one department
could just as easily look at http://foo1 as changing from http://foo/dept1 to http://foo/dept2. Using .htaccess, you can restrict access to
the directories on a per-user basis (which can present maintenance issues) and serve all content off one server. I don't know all the
particulars of your situation, but this is what I would lean toward if I could.


NOTES:

smartd fails on boot startup 17-jan-2007

Retrieved from "https://clonwiki0.jlab.org/wiki/index.php?title=Clonweb&oldid=2303"