# =========================================================
# Header details
# Copyright ........: Frank Schulte (fschulte\@hightek.com)
# Module/method ....: ./sourceforge.net/doc/pkg/apache/index.html
# Version ..........: 00001
# CVS ..............: $Id: index.html,v 2001/07/18 01:50:16 fschulte Exp $
# Analyst ..........: FS
# Developers .......: FS  - Frank Schulte (fschulte\@hightek.com)
# Description ......: Apache install documentation
#  LastAmended Name
#  ----------- -------------------------------------------------------------
# History ..........:
# Vers.     Date    SSR   By  Reason
# ----- ----------- ---- ---- ------------------------------
# 00001 01.03.2001  n/a  FS   Apache related documentation moved into seperate file.
# =========================================================

mod_ssl, mod_php4

0. Changelog: here

# Domain under wich we operate the sourceforge.net service internaly
export SF_DOMAIN

# Apache user/group infos

2. Download all needed Software sources:

# Get the Sources from the internet.

# We archive all binary packages in this path to seperate them from the path we configure and make the packages. As benefit we have them beside our feeds.
cd ${BASE_SOURCES}/sourceforge.net-binaries-archives/archive


3. Unpack all downloaded archive files

cd ${BASE_SOURCES}/sourceforge.net-binaries-archives/archive

cp -rf * ${BASE_SOURCES}/sourceforge.net-binaries-needed-software/.

cd ${BASE_SOURCES}/sourceforge.net-binaries-needed-software

gzip -d *.gz

find . -type f -print | grep "tar$" | xargs -n 1 tar -xf

ls -1 | grep "tar$" | xargs -n 1 rm -f

4. Installation:

6. WebSite relatet installations

6.1. Apache

# First create a seperate user the sourceforege.net Apache server will run as:

su -

groupadd ${APACHE_GROUP}
useradd -g ${APACHE_GROUP} -c "Sourceforge.net Apache Process Owner" -m -d ${PKG}/apache ${APACHE_USER}

passwd sf-apache


cd ${BASE_SOURCES}/sourceforge.net-binaries-needed-software

# Install the layout sourceforge.net from the conf directory:

$ cd apache-1.3.17
$ mv config.layout config.layout.orig
$ cp ${BASE_SOURCES}/sf-genericinst/conf/config.layout.apache.1.3.17 config.layout

# Or add this layout to the conf.layout file

##  config.layout -- APACI Pre-defined Installation Path Layouts
##  Hints:
##  - layouts can be loaded with APACI's --with-layout=ID option
##  - when no --with-layout option is given, the default layout is `Apache'
##  - a trailing plus character (`+') on paths is replaced with a 
##    `/' suffix where  is the the argument from 
##    option --target (defaults to `httpd').

#   Classical Apache path layout.
# F.S.: 21.02.2001, Installationlayout for sourceforge.net

    prefix:        ${PKG}/apache
    exec_prefix:   $prefix/1.3.17
    bindir:        $exec_prefix/bin
    sbindir:       $exec_prefix/sbin
    libexecdir:    $exec_prefix/libexec
    mandir:        $prefix/man
    sysconfdir:    $prefix/conf
    datadir:       $prefix/share
    iconsdir:      $datadir/icons
    htdocsdir:     $datadir/htdocs
    cgidir:        $datadir/cgi-bin
    includedir:    $prefix/include
    localstatedir: ${VAR}/apache
    runtimedir:    $localstatedir/run
    logfiledir:    $localstatedir/logs
    proxycachedir: $localstatedir/proxy
Now move to mod_ssl.

6.2. mod_ssl

cd ${BASE_SOURCES}/sourceforge.net-binaries-needed-software

cd mod_ssl-2.8.0-1.3.17

Führe alle in diesem Dokument aufgeführten Arbeiten aus !

Auf unserem System befanden sich folgende Versionen:

perl -V
Summary of my perl5 (5.0 patchlevel 5 subversion 3) configuration:

gzip --version
gzip 1.2.4 (18 Aug 93)
Compilation options:

# Applying the mod_ssl source patches to Apache
./configure --with-apache=${BASE_SOURCES}/system/sourceforge.net-binaries-needed-software/apache-1.3.17

# reconfigure Apache
cd ${BASE_SOURCES}/system/sourceforge.net-binaries-needed-software/apache-1.3.17

SSL_BASE=${PKG}/openssl/0.9.6 EAPI_MM=${PKG}/mm/1.1.3 ./configure --with-layout=sourceforge.net --enable-module=all --enable-shared=max --server-uid=sf-apache --server-gid=sf-apache --enable-module=ssl --enable-shared=ssl --enable-rule=SSL_SDBM --enable-rule=EAPI


We only create a test certificate. After we decide to go productive we will get a real certificate !

Answer the questions with RETURN to get the defaults. On STEP 2, 6. Common Name please fill the domainname in under which the sourceforge system will run. It is not harmfull to leave the default, but you will see an Waring in the mod_ssl engine logs that the domainname does not match the certificate name.

# Enter as PEM Pathphrase: TEST

make cretificate TYPE=test ALGO=RSA

make install

Configure the Apache httpd.conf

Comment: DO NOT use different ports than 80 (http) and 443 (https) because this is today hardcoded in the code of sourceforge !!!

Copy our httpd.conf to apache installation:

cp ${BASE_SOURCES}/sf-genericinst/conf/httpd.conf.ssl.apache.1.3.17 ${PKG}/apache/conf/httpd.conf

6.3. PHP 4

We use a target subdirectorys to build the PHP apache module and the standalone PHP binary. This will work with GNU make, which all Linux systems have. Please install GNU make on other systems if you don't have it.

# Change to root because as normaluser we can not read the apache directorys
su -

cd ${BASE_SOURCES}/sourceforge.net-binaries-needed-software
cd php-4.0.4pl1

# create the target directorys for apache module and standalone binary:
mkdir _apxs
mkdir _cgi

6.3.1. make/install Apache module version of PHP

Please note: DO NOT USE   --with-openssl=${PKG}/openssl/0.9.6

If I used this for PHP the apache webserver craches when accessing by ssl. The browse gives an Error message about security problems or network problems. In the mod_ssl logfiles is an entry about the browser uses an old pice of an encrypted certificate or uses an false en/decryption algorithm. Only after I recompile and install PHP without this option all is fine !!!

cd _apxs

../configure --prefix=${PKG}/php/4.0.4pl1 --with-apxs=${PKG}/apache/1.3.17/sbin/apxs --with-pgsql=${PKG}/postgres/7.1beta1 --enable-track-vars --enable-discard-path --with-config-file-path=${PKG}/apache/conf --with-ldap=${PKG}/openldap/2.0.7 --enable-rule=EAPI

make install

# Add lib pathes of openssl and openldap to system /etc/ld.so.conf
echo "${PKG}/openssl/0.9.6/lib" >> /etc/ld.so.conf
echo "${PKG}/openldap/2.0.7/lib" >> /etc/ld.so.conf


7.2. Install php.ini file:

cd ${BASE_SOURCE}/sf-genericinst/conf
cp php.ini.php.4.0.3pl1 ${PKG}/apache/conf/php.ini

# Add PHP4 Parsing to httpd.conf
# Outcomment PHP Parsing or add lines below:
# AddType application/x-httpd-php .php
# AddType application/x-httpd-php-source .phps
vi ${PKG}/apache/conf/httpd.conf

# Restart Apache Servef
${PKG}/apache/1.3.17/sbin/apachectl stop
${PKG}/apache/1.3.17/sbin/apachectl start

# Add test PHP4 Script for testing
echo "<? phpinfo(); ?>" >> ${PKG}/apache/share/htdocs/test_php4.php

# Browse to this url and you should see PHP4 informations !

6.3.2. make/install standalone PHP binary

From Paul D. Smith and a little bit modified:

All the cron jobs in the sourceforge cronjobs directory are written in
php, so you need to build a standalone PHP to use them. As far as
we know at least some of them do important things (for example,
cronjobs/db_project_sums.php is the thing which updates the
counts of bugs, mailing lists, etc. that are displayed on the project
homepages; without running this these will always be 0).

cd _cgi

../configure --prefix=${PKG}/php/4.0.4pl1 --with-pgsql=${PKG}/postgres/7.1beta1 --enable-track-vars --enable-discard-path --with-config-file-path=${PKG}/apache/conf --with-ldap=${PKG}/openldap/2.0.7 --enable-rule=EAPI


cp php ${PKG}/php/4.0.4pl1/bin

That should do it.

6.3.3. Test PHP script:

echo "#!${PKG}/php/4.0.4pl1/bin/php" > test.php
echo "<?php> phpinfo(); <php?>" >> test.php


Now you should get the PHP info output.

6.4. Apache SSL config and test:

The httpd.conf file should be copied over in the obove steps. If not then do this:

cp ${BASE_SOURCES}/sf-genericinst/conf/httpd.conf.ssl.apache.1.3.14 ${PKG}/apache/conf/httpd.conf
and now you can stop apache and restart it in ssl mode:

${PKG}/apache/1.3.14/sbin/apachectl stop
${PKG}/apache/1.3.14/sbin/apachectl startssl


Type "TEST"


Answer all questions with yes.