Difference between revisions of "Mars.tekkom.dk/installation"

From Teknologisk videncenter
Jump to: navigation, search
m (Apache)
m (FAMP)
 
(8 intermediate revisions by the same user not shown)
Line 20: Line 20:
 
*Enable in rc.conf
 
*Enable in rc.conf
 
=FAMP=
 
=FAMP=
FreeBSD Apache MySQL PHP
+
FreeBSD Apache MySQL PHP<ref>[http://www.linux.com/archive/feed/142718 article from Linux.com]</ref><ref>http://caffetine.org/freebsd-amp.php Caffetine</ref>
*See [http://www.linux.com/archive/feed/142718 article from Linux.com]
 
 
==Apache==
 
==Apache==
 
<source lang=cli>
 
<source lang=cli>
Line 38: Line 37:
 
chmod 0400 server.key server.crt
 
chmod 0400 server.key server.crt
 
</source>
 
</source>
Opening server.key or apache mod.ssl will prompt for password at startup<reference>http://tldp.org/HOWTO/Apache-WebDAV-LDAP-HOWTO/ssl.html</reference>
+
Opening server.key or apache mod.ssl will prompt for password at startup<ref>http://tldp.org/HOWTO/Apache-WebDAV-LDAP-HOWTO/ssl.html</ref>
 
<source lang=cli>
 
<source lang=cli>
 
cd /usr/local/etc/apache22/
 
cd /usr/local/etc/apache22/
Line 72: Line 71:
 
</source>
 
</source>
 
Restart Apache and point your browser at server/phpinfo.php
 
Restart Apache and point your browser at server/phpinfo.php
 +
==PHP Security==
 +
Basic recomended security=
 +
<source lang=cli>
 +
cp /usr/local/etc/php-ini-recommended /usr/local/etc/php.ini
 +
</source>
 +
 +
=MySQL=
 +
<source lang=cli>
 +
[root@mars ~]# <input>mysql -V</input>
 +
mysql  Ver 14.14 Distrib <notice>5.1</notice>.54, for portbld-freebsd8.1 (amd64) using  5.2
 +
[root@mars ~]# <input>/usr/ports/databases/mysql<notice>51</notice>-server</input>
 +
[root@mars /usr/ports/databases/mysql51-server]# <input>make install WITH_OPENSSL=yes</input>
 +
[root@mars /usr/ports/databases/mysql51-server]# <input>make distclean</input>
 +
[root@mars /usr/ports/databases/mysql51-server]# <input>echo 'mysql_enable="YES"' >> /etc/rc.conf</input>
 +
[root@mars /usr/ports/databases/mysql51-server]# <input>/usr/local/etc/rc.d/mysql-server start</input>
 +
[root@mars /usr/ports/databases/mysql51-server]# <input>mysqladmin -u root password SECRET</input>
 +
[root@mars /usr/ports/databases/mysql51-server]# <input>msql -u root -pSECRET</input>
 +
Welcome to the MySQL monitor.  Commands end with ; or \g.
 +
Your MySQL connection id is 3
 +
Server version: 5.1.54 FreeBSD port: mysql-server-5.1.54_1
 +
 +
mysql> <input>show databases;</input>
 +
+--------------------+
 +
| Database          |
 +
+--------------------+
 +
| information_schema |
 +
| mysql              |
 +
| test              |
 +
+--------------------+
 +
3 rows in set (0.00 sec)
 +
 +
mysql> <input>quit</input>
 +
Bye
 +
</source>
 
{{Source cli}}
 
{{Source cli}}
 +
<references/>
 
[[Category:FreeBSD]][[Category:Mediawiki]]
 
[[Category:FreeBSD]][[Category:Mediawiki]]

Latest revision as of 08:13, 6 January 2011

FreeBSD

FreeBSD installed standard on RaidLevel 5EE

[root@mars /usr/local/www]# <input>df -h</input>
Filesystem       Size    Used   Avail Capacity  Mounted on
/dev/ipsd0s1a    1.9G    266M    1.5G    15%    /
devfs            1.0K    1.0K      0B   100%    /dev
/dev/ipsd0s1f     29G    4.0K     27G     0%    /home
/dev/ipsd0s1e    7.7G     12K    7.1G     0%    /tmp
/dev/ipsd0s1g    144G    1.7G    131G     1%    /usr
/dev/ipsd0s1d    7.7G     95M    7.0G     1%    /var

Generel setup

Follow FreeBSD installation

Additional packages

  • lynx

Services

ntp

  • ntp.conf to 172.16.4.16
  • Enable in rc.conf

FAMP

FreeBSD Apache MySQL PHP[1][2]

Apache

cd /usr/ports/www/apache22/
make config install distclean
echo 'apache2_enable="YES"' >> /etc/rc.conf
echo 'apache2ssl_enable="YES"' >> /etc/rc.conf
echo 'accf_http_ready="YES"' >> /etc/rc.conf && kldload accf_http

Making keys

cd /usr/local/etc/apache22/
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
chmod 0400 server.key server.crt

Opening server.key or apache mod.ssl will prompt for password at startup[3]

cd /usr/local/etc/apache22/
chmod 600 server.key
cp server.key server.key.cryp
/usr/local/ssl/bin/openssl rsa -in server.key.cryp -out server.key
chmod 400 server.key

Uncomment httpd.conf to include

Include etc/apache22/extra/httpd-ssl.conf

PHP

cd /usr/ports/lang/php52
make config install distclean
cd /usr/ports/lang/php52-extensions/
make config install distclean

Make phpinfo.php for test

echo "<?php

phpinfo ();

?>" > /usr/local/www/apache22/data/phpinfo.php

Add to /usr/local/apache22/httpd.conf directly after the LoadModule lines.

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

Restart Apache and point your browser at server/phpinfo.php

PHP Security

Basic recomended security=

cp /usr/local/etc/php-ini-recommended /usr/local/etc/php.ini

MySQL

[root@mars ~]# <input>mysql -V</input>
mysql  Ver 14.14 Distrib <notice>5.1</notice>.54, for portbld-freebsd8.1 (amd64) using  5.2
[root@mars ~]# <input>/usr/ports/databases/mysql<notice>51</notice>-server</input>
[root@mars /usr/ports/databases/mysql51-server]# <input>make install WITH_OPENSSL=yes</input>
[root@mars /usr/ports/databases/mysql51-server]# <input>make distclean</input>
[root@mars /usr/ports/databases/mysql51-server]# <input>echo 'mysql_enable="YES"' >> /etc/rc.conf</input>
[root@mars /usr/ports/databases/mysql51-server]# <input>/usr/local/etc/rc.d/mysql-server start</input>
[root@mars /usr/ports/databases/mysql51-server]# <input>mysqladmin -u root password SECRET</input>
[root@mars /usr/ports/databases/mysql51-server]# <input>msql -u root -pSECRET</input>
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.1.54 FreeBSD port: mysql-server-5.1.54_1

mysql> <input>show databases;</input>
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| test               |
+--------------------+
3 rows in set (0.00 sec)

mysql> <input>quit</input>
Bye