Apache

Revision as of 00:19, April 23, 2015 by Threesixes (Talk | contribs) (add a bit of stuff)

www-servers/apache


Current Maintainer(s):polynomial-c@gentoo.org
Source Repository:Repository:Gentoo Portage Tree

http://httpd.apache.org/

Summary: The Apache Web Server

Use Flags

alpn
Enable support for Application-Layer Protocol Negotiation (ALPN) in TLS. Needed by HTTP/2.0.
suexec
Install suexec with apache
static
Link in apache2 modules statically rather then plugins
apache2_modules_access_compat
Group authorizations based on host (name or IP address). Available as a compatibility module with previous versions.
apache2_modules_authn_core
Provides core authentication capabilities common to all authentication providers (functionality provided by authn_alias in previous versions).
apache2_modules_authz_core
Provides core authorization capabilities to various authorization/authorization modules, such as authn_file and authz_user.
apache2_modules_authz_dbd
Provides authorization capabilities via SQL database so that authenticated users can be allowed or denied access to portions of the web site by group membership.
apache2_modules_cache_disk
Disk based storage module for the HTTP caching filter (similar to mem_cache in previous versions).
apache2_modules_lbmethod_byrequests
Request counting load balancer scheduler algorithm for proxy_balancer.
apache2_modules_lbmethod_bytraffic
Weighted traffic counting load balancer scheduler algorithm for proxy_balancer.
apache2_modules_lbmethod_bybusyness
Pending request counting load balancer scheduler algorithm for proxy_balancer.
apache2_modules_lbmethod_heartbeat
Heartbeat traffic counting load balancer scheduler algorithm for proxy_balancer.
apache2_modules_macro
Macros for the Apache config file.
apache2_modules_slotmem_shm
Slot-based shared memory provider.
apache2_modules_socache_shmcb
A shared object cache provider using a high-performance cyclic buffer inside a shared memory segment.
apache2_modules_unixd
Basic (required) security for Unix-family platforms.
apache2_modules_proxy_fcgi
FCGI support module for mod_proxy.
apache2_modules_proxy_wstunnel
Provides support for the tunnelling of web socket connections to a backend websockets server.
apache2_modules_ratelimit
Ratelimit module for transfer rate management
apache2_modules_remoteip
Remotip module for logging

News

Drobbins

IP Space Migration Continues

All Funtoo user containers in the 8.28 IP space will be moving into our new IP space (172.97) over the next few days. If you have DNS set up -- be sure to watch your container and update to the new IP! container.host.funtoo.org DNS will be updated after the move.
2015-08-27 by Drobbins
Drobbins

Funtoo Hosting IP Move

Funtoo user containers with IPs in the 72.18.x.x range will be gradually migrating to new IP addresses this week. If you have DNS entries for your containers, please be aware that your DNS will need to be updated.
2015-08-11 by Drobbins
Drobbins

New ARM Stages

New ARM Stages, built with a new toolchain, are now hitting mirrors. Existing ARM users should re-install using these stages (dated Aug 3, 2015 or later,) rather than upgrade using emerge.
2015-08-06 by Drobbins
More...

Apache

Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

Apache is a powerful web server which serves html/css/cgi/pl out of the box, and can serve other languages/frameworks via extensions.

The Apache Homepage says this of Apache:

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Install

Configure USE Flags

Depending upon one's personal preferences, flag changes are sometimes necessary. To extend default USE flags in an Apache ebuild, compile a custom flavor. This can be achieved by Portage's package.use. Create a directory /etc/portage/package.use and file called /etc/portage/package.use/apache, and add the USE flags you want. For example:

# install -d /etc/portage/package.use
/etc/portage/package.use/apache
www-servers/apache ssl threads

Alternatively, if one prefers a /etc/portage/package.use flat file:

# echo 'www-servers/apache ssl threads' >> /etc/portage/package.use

Emerge

After configuring your preferred USE flags, emerge Apache:

# emerge apache

Configuration

System

Many packages have Apache2 USE flags. These USE flags are often required for an application to be supported by Apache. Setting a system wide Apache2 USE flag is a good idea.

/etc/portage/make.conf - set system wide apache2 useflag
USE="...,apache2,..."

Package

Apache's configuration files are broken up and located in several spots.

  • /etc/conf.d/apache2
  • /etc/apache2/httpd.conf
  • /etc/apache2/modules.d/*
  • /etc/apache2/vhosts.d/*

conf.d controls the init script, adding things to it such as -D SECURITY & -D PHP5 will enable web application fire-walling & the php scripting language.

httpd.conf controls how the server behaves, at the bottom of the file it has directives to include configuration files ending in .conf in /etc/apache2/modules.d and /etc/apache2/vhosts.d

Package:PHP

DSO / mod_php

To show which PHP versions are available for Apache on your system:

# eselect php list apache2
  [1]   php5.5
  [2]   php5.6 *

To select PHP 5.5:

# eselect php set apache2 php5.5
/etc/conf.d/apache2 - enable php dso module
"... -D PHP5"

Restart Apache:

# rc-service apache2 restart

If php code is showing instead of processing server side, ensure you have emerged app-eselect/eselect-php with the apache2 useflag.

Php-fpm

Warning

php-fpm is untested.

Apache supports php-fpm also, this is the preferred method to serve php.

/etc/portage/make.conf - enable php dso module
...
APACHE2_MODULES="proxy proxy_fcgi"
...
/etc/conf.d/apache2 - enable php dso module
"... -D PROXY"
/etc/apache2/httpd.conf - enable php dso module
...
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
...
/etc/apache2/vhosts.d/00_default_vhost.conf - enable php dso module
...
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/path/to/your/documentroot/$1
DirectoryIndex /index.php
...

Enabling Security Module

# emerge mod_security
/etc/conf.d/apache2 - enable mod_security
APACHE2_OPTS="... -D SECURITY"

Control this module by editing these files, and restarting Apache.

/etc/apache2/modules.d/79_modsecurity.conf & /etc/apache2/modules.d/80_modsecurity-crs.conf

Service

To start Apache immediately:

# rc-service apache2 start

To start Apache upon boot:

# rc-update add apache2

mod_rewrite

What is mod_rewrite?

The Apache documentation describes mod_rewrite as:

The mod_rewrite module uses a rule-based rewriting engine, based on a PCRE regular-expression parser, to rewrite requested URLs on the fly. By default, mod_rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL, or to invoke an internal proxy fetch.

Setting it up

mod_rewrite has a reputation of being difficult to set up. mod_rewrite requires following symlinks & Order allow,deny (apache 2.2) or Require all granted (apache 2.4) is set. To test functionality of mod_rewrite we will need to make a few files.

Note

If you want to test this for web applications such as mediawiki adjust the path to /var/www/localhost/htdocs/mediawiki/.htaccess

/var/www/localhost/htdocs/.htaccess - enable the rewrite engine
RewriteEngine on 
RewriteRule ^test.html$ rewrite.html
/var/www/localhost/htdocs/test.html - set system wide apache2 useflag
rewrite is not working
/var/www/localhost/htdocs/rewrite.html - set system wide apache2 useflag
rewrite is working

Then point your browser to http://127.0.0.1/test.html. You should see that the text from rewrite.html has been loaded.