User:Jaaf/draft2

From Gentoo Wiki
Jump to: navigation, search
Warning
This page is a work in progress by jaaf (talk | contribs). Treat its contents with caution.

The Apache HTTP Server is a efficient and extensible web server and the most popular on the Internet.

Installation

Note
If you're only updating, check the upgrading guide.
root #emerge --ask www-servers/apache

USE flags

USE flags for www-servers/apache The Apache Web Server

debug Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
doc Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally
gdbm Add support for sys-libs/gdbm (GNU database libraries)
ldap Add LDAP support (Lightweight Directory Access Protocol)
libressl Use dev-libs/libressl instead of dev-libs/openssl when applicable (see also the ssl useflag)
selinux !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
ssl Add support for SSL/TLS connections (Secure Socket Layer / Transport Layer Security)
static Link in apache2 modules statically rather then plugins
suexec Install suexec with apache
suexec-caps Install suexec with capabilities instead of SUID
suexec-syslog Log suexec to syslog instead of to a separate file
threads Add threads support for various packages. Usually pthreads

Support in other packages

There is a global USE flag apache2 which enables support for Apache in other packages. This may cause www-servers/apache to be pulled in automatically if such packages are used.

FILE /etc/portage/make.conf
USE="... apache2 ..."

After setting this you want to update your system so the changes take effect:

root #emerge --ask --changed-use --deep @world

Launching and restarting

Start the Apache server:

root #/etc/init.d/apache2 start

Add Apache to the default runlevel:

root #rc-update add apache2 default

Restart the Apache service:

root #/etc/init.d/apache2 restart


Testing

Verifying IP interfaces and ports on which apache2 is running on and listening to:

root #netstat -tulpen | grep apache
tcp     0     0 0.0.0.0:80      0.0.0.0:*     LISTEN     0     10932720     4544/apache2        
tcp     0     0 0.0.0.0:443     0.0.0.0:*     LISTEN     0     10932716     4544/apache2        

Testing if a connection to a Apache server is working on localhost:

user $telnet localhost 80
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.

Interrupt the connection test with Ctrl+c and Enter.


Configuration

Configuration files

Apache server's configuration in Gentoo is somewhat different from others distribution and this deserves some explanations. There are 2 main files that preside to this configuration.

  • Gentoo's own apache2 configuration file /etc/conf.d/apache2
  • Apache server's conventionnal configuration file /etc/apache2/httpd.conf

Gentoo's own configuration file

The only active line in this file is as follow :

FILE /etc/conf.d/apache2
APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE"

This line defines options that will be interpreted by the various configuration files using the <IfDefine option-name> statement to activate or deactivate some part of the whole configuration. We will come back to this where appropriate in the rest of this guide.

Apache server's conventionnal configuration file httpd.conf

In fact this file is only an entry point as the whole configuration is splitted in many files in the /etc/apache2/ directory, that are assembled together using the Include directive. For example, the statement Include /etc/apache2/modules.d/*.conf, in httpd.conf, aims at including all the files in /etc/apache2/modules.d/ which name ends with .conf.

Taking into account what has been said in the subsection above, and as module configuration files (files in /etc/apache2/modules.d) almost always start with the <IfDefine module-name>, the content of one file inside /ect/apache2/modules.d, will ONLY be assembled with the rest of the configuration, if the matching option is set using a -D module-name flag in the APACHE2_OPTS variable in the /etc/conf.d/apache2 file. The 00_default_settings.conf configuration file is an exception to this rule as it doesn't start with an IfDefine statement and therefore is always included in the resulting configuration.

Default configuration

After a fresh install of apache server, the configuration resulting from the assemblage of the different configuration files is as follow. We start with the entry point /etc/apache2/httpd.conf and add the included parts with a comment stating it in an obvious manner.


Warning
This is ONLY given for quick reference and to give you an overall view. You are strongly invited to review the comments included in the various files to understand the ins and out of the configuration. Please also refer to the apache manual for an in depth understanding.


FILE http.d
ServerRoot "/usr/lib64/apache2"

#Module loaded unconditionally, assuming the USE flag is no unset in
# /etc/portage/make.conf or in /etc/portage/package.use
LoadModule actions_modulemodules/mod_actions.so
...
#other modules loaded that way : alias_module, auth_basic_module, authn_alias_module,
# authn_anon_module, authn_dbm_module, authn_default_module, authn_file_module, 
# authz_dbm_module, authz_default_module, authz_groupfile_module, authz_host_module, 
# authz_owner_module, authz_user_module, autoindex_module,  cgi_module,  cgid_module, 
# deflate_module, dir_module, env_module, expires_module, ext_filter_module, filter_module,
#  headers_module, include_module,  log_config_module, logio_module, mime_module,  
# mime_magic_module, negotiation_module, rewrite_module, setenvif_module, 
# speling_module,ssl_module, status_module, unique_id_module, usertrack_module, host_alias_module


#Modules loaded conditionally, assuming matching USE flag is not unset in
# /etc/portage/make.conf or in /etc/portage/package.use (flag to be set in )
<IfDefine AUTHNZ_LDAP>
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
</IfDefine>
#other modules loaded that way : cache_module, dav_module, dav_fs_module,
# dav_lock_module,disk_cache_module,  file_cache_module, info_module, ldap_module,
# mem_cache_module, userdir_module


User apache
Group apache

# Supplemental configuration
#**************************************************************************************vvv
#this part is included via Include /etc/apache2/modules.d/*.conf 

#included from /etc/apache2/modules.d/00_default_settings.conf-------------v
#this is always included as there is not option to deactivate it.
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
UseCanonicalName Off
AccessFileName .htaccess
ServerTokens Prod
TraceEnable off
ServerSignature On 
HostnameLookups Off
EnableMMAP On
EnableSendfile On
FileEtag INode MTime Size
ContentDigest Off
ErrorLog /var/log/apache2/error_log
LogLevel warn

<Directory />
	Options FollowSymLinks
	AllowOverride None
	Order deny,allow
	Deny from all
</Directory>

<IfModule dir_module>
	DirectoryIndex index.html index.html.var
</IfModule>
<FilesMatch "^\.ht">
	Order allow,deny
	Deny from all
</FilesMatch>
#--------------------------------------------------------------------------^

#included from 00_mod_info.conf--------------------------------------------v
<IfDefine INFO>
<Location /server-info>
	SetHandler server-info
	Order deny,allow
	Deny from all
	Allow from 127.0.0.1
</Location>
</IfDefine>
#--------------------------------------------------------------------------^

#--------------------------------------------------------------------------v
#included from 00_languages.conf
# Settings for hosting different languages.
<IfDefine LANGUAGE>

	AddLanguage ca .ca
	...
	AddLanguage zh-TW .zh-tw

	LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW

	ForceLanguagePriority Prefer Fallback

	AddCharset us-ascii.ascii	.us-ascii
	AddCharset ISO-8859-1		.iso8859-1 .latin1
	...
	AddCharset shift_jis		.shift_jis .sjis
</IfDefine>
#---------------------------------------------------------------------------^
#**************************************************************************************^^^


#***************************************************************************************vvv
#this part is included via Include /etc/apache2/vhosts.d/*.conf 
#from 00_default_ssl_vhost.conf-----------------------------------------------------vv
<IfDefine SSL>
	<IfDefine SSL_DEFAULT_VHOST>
		<IfModule ssl_module>
			Listen 443

			<VirtualHost _default_:443>
				ServerName localhost
                                #------------------------------------------v
				# this part is included via Include /etc/apache2/vhosts.d/default_vhost.include
				ServerAdmin root@localhost
				DocumentRoot "/var/www/localhost/htdocs"

	
				<Directory "/var/www/localhost/htdocs">
	   				Options Indexes FollowSymLinks
	   				AllowOverride All
	   				Order allow,deny
	   				Allow from all
				</Directory>

				<IfModule alias_module>
	   				ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
				</IfModule>

				<Directory "/var/www/localhost/cgi-bin">
	   				AllowOverride None
	   				Options None
	   				Order allow,deny
	   				Allow from all
				</Directory>
        			#end of Include ---------------------------^
	
				ErrorLog /var/log/apache2/ssl_error_log

				<IfModule log_config_module>
					TransferLog /var/log/apache2/ssl_access_log
				</IfModule>
				SSLEngine on
				SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
				SSLCertificateFile /etc/ssl/apache2/server.crt
				SSLCertificateKeyFile /etc/ssl/apache2/server.key

				<FilesMatch "\.(cgi|shtml|phtml|php)$">
					SSLOptions +StdEnvVars
				</FilesMatch>

				<Directory "/var/www/localhost/cgi-bin">
					SSLOptions +StdEnvVars
				</Directory>

				<IfModule setenvif_module>
					BrowserMatch ".*MSIE.*" \
					nokeepalive ssl-unclean-shutdown \
					downgrade-1.0 force-response-1.0
				</IfModule>


				<IfModule log_config_module>
					CustomLog /var/log/apache2/ssl_request_log \
					"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
					</IfModule>
			</VirtualHost>
		</IfModule>
	</IfDefine>
</IfDefine>
#---------------------------------------------------------------------------------^^
#from 00_default_vhost.conf-------------------------------------------------------vv
<IfDefine DEFAULT_VHOST>
	Listen 80
	NameVirtualHost *:80

	<VirtualHost *:80>
		ServerName localhost

		#---------------------------------------------------------------v
		# this part is included via Include /etc/apache2/vhosts.d/default_vhost.include
		ServerAdmin root@localhost
		DocumentRoot "/var/www/localhost/htdocs"

	
		<Directory "/var/www/localhost/htdocs">
	   		Options Indexes FollowSymLinks
	   		AllowOverride All
	   		Order allow,deny
	   		Allow from all
		</Directory>

		<IfModule alias_module>
	   		ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
		</IfModule>

		<Directory "/var/www/localhost/cgi-bin">
	   		AllowOverride None
	   		Options None
	   		Order allow,deny
	   		Allow from all
		</Directory>
        	#end of Include -----------------------------------------------^

		<IfModule mpm_peruser_module>
			ServerEnvironment apache apache
		</IfModule>
	</VirtualHost>
</IfDefine>
#-----------------------------------------------------------------------------------^^
# end of include ****************************************************************************************^^^


First sign of life

As you can see in the initial configuration above, the pre-installed virtual host's DocumentRoot directory is /var/www/localhost/htdocs, its server name is localhost. In addition an index.htlm file is provided in the DocumentRoot directory, thus to ckeck whether all is correctly installed or not, point your browser on http://www.localhost. You should see an " It works !" message on the page.

Enabling PHP support

Install PHP with the apache2 USE flag and enable the module:

FILE /etc/conf.d/apache2
APACHE2_OPTS="... -D PHP5"


To test if the PHP module works, create a test page:

FILE /var/www/localhost/htdocs/index.php
<html>
 <body>
  <?php phpinfo(); ?>
 </body>
</html>

Now open the test page: http://localhost/. You should see a table describing the PHP settings

Adding your own virtual hosts

For each virtual host, provide a DocumentRoot directory that is made accessible to the apache server, add a myVirtualHost.conf file in /etc/apache2/vhosts.d directory and don't forget to add an entry for your domain name in /etc/hosts.

Warning
Don't forget to restart apache server each time you make a change into the configuration files (see above).

Troubleshooting

See also

  • Lighttpd - a fast, lightweight web server.
  • Nginx - a small, robust and high-performance http server

External resources