Archives for posts with tag: apache

While many speak of web servers like Apache or NginX, I wanted to try out lighttpd, I disliked the way NginX Inc is releasing its product, which is Open Core. I prefer something which is completely Libre.

The aim is to deploy Zerobin with whatever PHP version was available on FreeBSD 11. The installation of zerobin itself is simple, we just have to extract the package in the document root of the web server.

Install the required packages:

# pkg install php70 lighttpd

You might want to install php7-gd package in case you are using the gd module.

Once installed, configure lighttpd, there are a few quirks of lighttpd to make it work.

In file /usr/local/etc/lighttpd/lighttpd.conf

Disable IPv6.

server.use-ipv6 = “disable”

If you don’t disable IPv6 when your node is not using it, you will get error messages like “protocol not supported”.

Next, bind the webserver to listen on server IP address and change the server root value if you want to change the default.

server.bind = “192.168.1.18”

We will be using fastcgi module of lighttpd, enable that by un-commenting the entry from /usr/local/etc/lighttpd/modules.conf:

include “conf.d/fastcgi.conf”

Next, enable the lighttpd FastCGI module to point to php-cgi binary, edit the file /usr/local/etc/lighttpd/conf.d/fastcgi.conf, uncomment the block starting from “fastcgi.server =”, also change the value of “bin-path” directive as we will be making changes related to the value here.

fastcgi.server = ( “.php” =>
( “php-local” =>
(
“socket” => socket_dir + “/php-fastcgi-1.socket”,
“bin-path” => server_root + “/bin/php-cgi”,
“max-procs” => 1,
“broken-scriptfilename” => “enable”,
)
),
( “php-tcp” =>
(
“host” => “127.0.0.1”,
“port” => 9999,
“check-local” => “disable”,
“broken-scriptfilename” => “enable”,
)
),

( “php-num-procs” =>
(
“socket” => socket_dir + “/php-fastcgi-2.socket”,
“bin-path” => server_root + “/bin/php-cgi”,
“bin-environment” => (
“PHP_FCGI_CHILDREN” => “16”,
“PHP_FCGI_MAX_REQUESTS” => “10000”,
),
“max-procs” => 5,
“broken-scriptfilename” => “enable”,
)
),
)

If you have not changed the value of “bin-path”  like above or according to the value of “var.server_root” (in /usr/local/etc/lighttpd/lighttpd.conf)  , you will see following errors during lighttpd startup in the file /var/log/lighttpd/error.log:

2016-10-20 19:35:13: (log.c.216) server started
2016-10-20 19:35:13: (mod_fastcgi.c.1133) the fastcgi-backend /usr/local/www/data/us
r/local/bin/php-cgi failed to start:
2016-10-20 19:35:13: (mod_fastcgi.c.1137) child exited with status 2 /usr/local/www/
data/usr/local/bin/php-cgi
2016-10-20 19:35:13: (mod_fastcgi.c.1140) If you’re trying to run your app as a Fast
CGI backend, make sure you’re using the FastCGI-enabled version.\nIf this is PHP on
Gentoo, add ‘fastcgi’ to the USE flags.

You see that the path the configuration takes is by appending the value to server_root value, which is wrong.

For my configuration to work I had to have set ‘var.server_root = “/usr/local” ‘.

Once the above config changes are done, untar the zerobin package in the document root, which is by default set to ‘/usr/local/www/data’, and change the owner and group to ‘www’.

chown -R www:www /usr/local/www/data

References:

https://box.matto.nl/freebsd10lighttpd.html

Advertisements

 

Install Redmine, Apache, MySQL, and the passenger module(rubygem-passenger).

# pkg install redmine apache24 mysql56-server mysql56-client rubygem-passenger

Things to note about locations where we will place files and edit them:

Installation directory of Redmine:

/usr/local/www/redmine

Redmine Config directory:

/usr/local/www/redmine/config

Apache virtualhost directory:

/usr/local/etc/apache24/Includes

Next start MySQL :

# service mysql-server onestart

Create the necessary DB, user for Redmine and grant privileges:

CREATE DATABASE redmine CHARACTER SET utf8;
CREATE USER 'redmine'@'localhost' IDENTIFIED BY 'my_password';
GRANT ALL PRIVILEGES ON redmine.* TO 'redmine'@'localhost';

In the above commands change the password, database name, and user name for your setup.

DB Data load:

Load DB dump data from taken from old Redmine instance to the new as root user:

# mysql -u REDMINE_USER -p < DB_DUMP_FILENAME_here.sql

You might need to add the line “USE REDMINE_DB_NAME;” to the .sql file, like for the above one “USE redmine;” to the top of the .sql dump file as the script might not have statement to select what DB to populate.

Redmine configuration:

Copy old database.yaml file and change adapter type to ‘mysql2’ from ‘mysql’, under config directory of Redmine.
Copy the old configuration.yaml file under config directory of Redmine.
Copy the attachments directory(named files) from old installation to new installation directory.

After above ran follow below guide to upgrade the DB schema, generate new session token, etc.
https://www.redmine.org/projects/redmine/wiki/RedmineUpgrade

Apache virtual hosts configuration:

I followed the message posted when the passenger module got installed.

Copy the following under a any file ending with extension .conf, like redmine.conf under Apache Includes directory:

#Redirect all http requests to https

<VirtualHost *:80>
        Redirect / https://52.70.124.168:443/   <= Replace with FQDN or the IP address of your server/service.
</VirtualHost>

#Enable server to listen on TCP port 443
Listen 443

<VirtualHost *:443>

        #Load SSL module and enable SSL using certificates
        LoadModule ssl_module libexec/apache24/mod_ssl.so
        SSLEngine on
        SSLCertificateFile "/usr/local/etc/apache24/FQDN_NAME.crt"
        SSLCertificateKeyFile "/usr/local/etc/apache24/FQDN_NAME.key"

        #Load Passenger module and point to Ruby and Gems
        LoadModule passenger_module /usr/local/lib/ruby/gems/2.2/gems/passenger-5.0.28/buildout/apache2/mod_passenger.s
o
        PassengerRoot /usr/local/lib/ruby/gems/2.2/gems/passenger-5.0.28
        PassengerRuby /usr/local/bin/ruby22

    # This is the passenger config
    RailsEnv production
    PassengerDefaultUser www
    DocumentRoot /usr/local/www/redmine/public/
    <Directory "/usr/local/www/redmine/public/">
        Allow from all
        Options -MultiViews
        Require all granted
    </Directory>
</VirtualHost>

Finally run the mysql_secure_installation script to disable remote root user login.
Start Apache process and add it and MySQL services in /etc/rc.conf file to start at boot time:

service apache24 onestart

sysrc mysql_enable="YES"
sysrc apache24_enable="YES

This will ensure that Redmine starts up during boot, when Apache and MySQL are running.

I faced an issue where the email notifications were not working, for this check the configuration.yaml file for issues with the Redmine wiki, in my case the file from previous installation had incorrect settings.

https://www.redmine.org/projects/redmine/wiki/EmailConfiguration

I prefer using the binary packages included in the repository. The task was to install Redmine and migrate data from an old Redmine(1.4.0) installation running on Debian 6. In this post I will detail the hurdles I faced and solutions.

Installation is easy using Debian’s apt. Follow the official documentation:
https://wiki.debian.org/redmine

After installing Redmine, get configuration files(configuration.yaml, database.yaml) and DB dump from the the older installation.

In my case we were not using plugins and so the configuration summary was:

Copy old database.yaml file and change adapter type to ‘mysql2’ from ‘mysql’, under config directory.
Copy the old configuration.yaml file under config directory.
Copy the attachments directory(named files) under installation directory.
Follow this Redmine guide to upgrade:
https://www.redmine.org/projects/redmine/wiki/RedmineUpgrade

After following above instructions, that is, after loading the DB with data from the dump, run the mysql_secure_installation command on the host. This is necessary as we may not want to set root password and allow remote root login.

Start Apache process and Redmine should work with the passenger module. If it fails for any reason, first check for any visible error messages in Apache’s error log, then check the Redmine configuration files, the .yaml ones that you copied. I spent a whole day believing they were right and the issue lay there.  🙂

The other day(some months ago!) I had a task to store old Apache logs instead of discarding them.

Logrotate is a utility to rotate logs in a manageable size.  Depending upon the options logs can be rotated at a fixed interval on size, age of log, etc

There were two options:

  1. Either increase the old log retention period in logrotate
  2. Copy the logs to a separate location and archive them, with the default log retention period which removes old log files

In the first option the default log directory will get cluttered because of old logs, in the second option, however, the directory stays neat and you have a different location where you would be dumping old logs.

In this post I will be editing file under /etc/logrotate.d/httpd, I won’t be modifying the default settings in /etc/logrotate.conf, which is recommended.

Contents of /etc/logrotate.conf:

###START-of-config###

# see "man logrotate" for details
 # rotate log files weekly
 weekly

# keep 4 weeks worth of backlogs
 rotate 4

# create new (empty) log files after rotating old ones
 create

# use date as a suffix of the rotated file
 dateext

# uncomment this if you want your log files compressed
 #compress

# RPM packages drop log rotation information into this directory
 include /etc/logrotate.d

# no packages own wtmp and btmp -- we'll rotate them here
 /var/log/wtmp {
 monthly
 create 0664 root utmp
 minsize 1M
 rotate 1
 }

/var/log/btmp {
 missingok
 monthly
 create 0600 root utmp
 rotate 1
 }

 

###END-of-config###

And the default contents of /etc/logrotate.d/httpd:

###START-of-httpd###

/var/log/httpd/*log {
 missingok
 notifempty
 sharedscripts
 delaycompress
 postrotate
 /sbin/service httpd reload > /dev/null 2>/dev/null || true
 endscript
 }

###END-of-httpd###

After modification the file will be:

###START-of-NEW-httpd###

/var/log/httpd/*log {
 missingok
 notifempty
 sharedscripts
 delaycompress
 postrotate
 /sbin/service httpd reload > /dev/null 2>/dev/null || true
 /usr/bin/rsync -a /var/log/httpd/* /srv/backup/
  /usr/bin/rsync -a /var/log/httpd/* /srv/backup/
 endscript
 }

###END-of-NEW-httpd###

As you can see, I have used rsync to move the files, using rsync is necessary as this will skip overwriting the files which were already copied.