Difference between revisions of "Talk:Server"

From ArchWiki
Jump to: navigation, search
(TO DO)
(Delete out of dated mysql info.)
(18 intermediate revisions by 5 users not shown)
Line 1: Line 1:
== Content ==
 
I suggest we keep out all specific configuration and simply try to inform the reader of server-usefull applications. There are numerous well maintained articles on ssh, ssl, LAMP, cups, samba and other services you'd like to have on your server, so I suggest to simply list these applications one may want to have on his / her server (along with a basic explenation of the program / service and the use of it on a server). We can then link to the atricles already available.
 
  
This will prevent having several wikis on installing / configuring LAMP / cups and other server choises while still maintaining a complete server guide.
 
 
Comments?--[[User:Stefanwilkens|stefanwilkens]] 19:50, 1 March 2009 (EST)
 
 
== Structure ==
 
 
Restructure suggestion, not structured towards the role of the server (web / database / file / router etc.) but structured towards specific parts of a server, explaining the role and use of the specific service.
 
 
== TO DO ==
 
* Minimal required set-up (core installation + SSH for headless server)
 
* Web Services
 
** Apache
 
** PHP
 
** MySQL
 
** SSL
 
** E-Mail
 
** FTP
 
* Network Services
 
** Cups
 
** DHCP
 
** Samba
 
* Protection
 
** iptables
 
** denyhosts
 
** SELinux
 
* Server Adimistration
 
** SSH
 
** webmin
 
** CUPS web interface
 
* External Links
 
 
Comments?--[[User:Stefanwilkens|stefanwilkens]] 19:50, 1 March 2009 (EST)
 
 
I would suggest a structure along the lines of this:
 
*Initial Server setup (ie core arch install with ssh attached)
 
*Standard LAMP setup (the current server wiki just does this bit but not much more imo) you may also want to add a bit about perl for this as some people will use perl rather than php and there are some useful tools that rely on perl for linux.
 
*Include phpmyadmin (note it relies on php)
 
From here you will have a good base to install other features and those can be pick and choose features.
 
*Recommend not using SELinux as tbh its a bitch, add a guide for it by all means tho.
 
*Add backup protocols
 
*Add monitoring
 
- Nmis
 
- possibly SNMP? [[User:adamking|adamking]]
 
 
Why should a basic setup include LAMP? --[[User:Stefanwilkens|stefanwilkens]] 11:58, 9 March 2009 (EDT)
 
 
== Original Document ==
 
 
{{Box Note|This document was the original and is kept here for reference during the rewrite}}
 
 
[[Category:Networking (English)]]
 
[[Category:HOWTOs (English)]]
 
 
 
 
==Preface==
 
 
=====What is a web server?=====
 
 
If you are reading this guide, there is a fair chance that you already know the answer to this question. However, there is also the possibility that you simply stumbled on this guide and don't know exactly what a server is. Hence, before we get into the actual construction of an Arch server, we will go over exactly what a server is.
 
 
Simply put, a server is a computer (or a specific program) that provides services to other computers or programs. In the specific confines of this guide, we are refering to the construction of a computer that provides web-based services to other computers.
 
 
'''Types of servers include:'''
 
* Web (HTTP) servers
 
* File (FTP, SAMBA, NFS, etc.) servers
 
* Email servers
 
* DNS servers
 
* DHCP Servers
 
* IRC Servers
 
* Time Servers
 
* Media servers
 
* and many more...
 
 
=====So do I need a server?=====
 
 
It depends, many users (even some who have comprehensive web sites) are quite happy with having basic web hosting. It tends to be cheaper than obtaining a dedicated server, and if something goes wrong it is the hosts responsibility to fix it rather than yours. On the other hand, some people would like more control than basic hosting allows, or may find that they require a feature or application that is not permitted by their provider. In cases such as this, a dedicated server becomes much more appealing. Regardless, before obtaining a dedicated server (or setting up your home computer as a web server), it is important that the user understand a few things.
 
 
* Setting up a server requires time and dedication, there is no one-click-and-it-works system.
 
* You will have issues at some point in time that make you question your decision.
 
* You will learn more than you ever wanted to know about servers (and quite possibly Linux in general).
 
 
If you haven't abandoned hope yet, than please read on and we'll see if we can assist you in successfully building your server!
 
 
==Part I: Install the base system==
 
 
===Setting up Arch Linux===
 
 
For the purposes of this guide, we will assume that you already have successfully built a basic Arch system. If you do not have Arch set up yet, please refer to the [[Beginners Guide | Beginners Guide]] or the [[Official Arch Linux Install Guide | Official Install Guide]] as that is outside the scope of this guide.
 
 
== Deciding on the Arch installation ==
 
Tip: If you aren't sure which guide to follow the beginners guide includes building a desktop (necessary if you are using services that require a GUI) the official install guide just explains how to install a 'text version' of arch, i.e. you will need to run everything from command line; this is fine if you are just running an ftp server for example or are an expert user with no GUI requirements.
 
 
==Part II: Deciding what you need==
 
 
===Basic web server===
 
 
If all you are looking for is a simple web server, than your best bet is probably what is known as a [[#LAMP | LAMP]] stack. A LAMP stack is a bundle of software that provides the basic necessities for running a simple webserver (LAMP stands for Linux Apache MySQL and PHP).
 
 
===Full web server===
 
 
If you require a more inclusive solution, than your best bet is probably to start with a LAMP stack, and build from there. You may also require servers to handle [[#email server | email]] or [[#ftp server | ftp]] access. These will be discussed in depth later in the guide.
 
 
==LAMP==
 
 
===Introduction===
 
 
This section describes how to set up a simple web server on an Arch Linux system. The combination of applications we will be installing is commonly referred to as LAMP (Linux Apache MySQL PHP).
 
 
=== Installation ===
 
 
# pacman -S apache php mysql
 
 
This document assumes you will install Apache, PHP and MySQL together. If desired however, you may install Apache, PHP, and MySQL separately and simply refer to the relevant sections below.
 
{{Box Note | New default user and group: Instead of group "nobody" apache now runs as user/group "http" by default. You might want to adjust your httpd.conf according to this change, though you may still run httpd as nobody.}}
 
 
=== Configuration ===
 
 
==== Apache ====
 
 
* Create the user http (this account may already exist):
 
# useradd http
 
* Add this line to <code>/etc/hosts</code> (if the file doesn't exist, create it):
 
127.0.0.1  localhost.localdomain  localhost
 
'''Note:''' If you want a different hostname, append it to the end:
 
127.0.0.1  localhost.localdomain  localhost myhostname
 
 
* Edit <code>/etc/rc.conf</code>: If you set a hostname, the HOSTNAME variable should be the same; otherwise, use "localhost":
 
#
 
# Networking
 
#
 
HOSTNAME="localhost"
 
 
* Edit <code>/etc/httpd/conf/httpd.conf</code> as root and comment the following module:
 
LoadModule unique_id_module        modules/mod_unique_id.so
 
It should now appear as:
 
#LoadModule unique_id_module        modules/mod_unique_id.so
 
 
* Run the following in a terminal as root to start the http server:
 
# /etc/rc.d/httpd start
 
 
* Apache should now be running. Test by visiting http://localhost/ in a web browser. It should display a simple Apache test page.
 
 
* To start Apache automatically at boot, edit <code>/etc/rc.conf</code> as root and add the '''httpd''' daemon:
 
DAEMONS=(... '''httpd''' ...)
 
'''Or''' add this line to <code>/etc/rc.local</code>:
 
/etc/rc.d/httpd start
 
 
* If you want to use user directories (i.e. <code>~/public_html</code> on the machine is accessed as <code>http://localhost/~user/</code>) to be available on the web, uncomment the following lines in <code>/etc/httpd/conf/extra/httpd-userdir.conf</code>:
 
UserDir public_html
 
and
 
<Directory /home/*/public_html>
 
  AllowOverride FileInfo AuthConfig Limit Indexes
 
  Options MultiViews Indexes SymLinksIfOwnerMatch ExecCGI
 
  <Limit GET POST OPTIONS PROPFIND>
 
    Order allow,deny
 
    Allow from all
 
  </Limit>
 
  <LimitExcept GET POST OPTIONS PROPFIND>
 
    Order deny,allow
 
    Deny from all
 
  </LimitExcept>
 
</Directory>
 
 
You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and <code>~/public_html/</code> must be executable for others ("rest of the world"). This seems to be enough:
 
$ chmod o+x ~
 
$ chmod o+x ~/public_html
 
 
There may be some other, more-secure ways of setting the permissions by creating a special group and allowing only Apache and you to enter there... You know how paranoid you are.
 
 
===== Advanced Options=====
 
 
These options in /etc/httpd/conf/httpd.conf might be interesting for you:
 
 
  # Listen 80
 
This is the port Apache will listen to. For Internet-access with router, you have to forward the port.
 
 
  # ServerAdmin sample@sample.com
 
This is the admin's email-address which can be found on error-pages e.g.
 
 
  # DocumentRoot "/srv/http"
 
This is the directory where you should put your web pages. Change it, if you want to, but don't forget to change the
 
 
<Directory "/srv/http">
 
to whatever you changed your DocumentRoot to.
 
 
==== PHP ====
 
PHP is practically available out of the box now.
 
 
* Add these line in <code>/etc/httpd/conf/httpd.conf</code>
 
LoadModule php5_module modules/libphp5.so
 
Include conf/extra/php5_module.conf
 
NOTE: The "Include" can not be directly after the "LoadModule" line in the configuration file, it need to be down with the other "Includes".
 
 
Apache2:
 
LoadModule php5_module  /usr/lib/httpd/modules/libphp5.so
 
AddHandler php5-script php
 
http://dan.drydog.com/apache2php.html
 
 
* Remember to add a file handler for .phtml if you need it in /etc/httpd/conf/extra/php5_module.conf:
 
DirectoryIndex index.php index.phtml index.html
 
 
* If you want the libGD module, uncomment in <code>/etc/php/php.ini</code>:
 
;extension=gd.so
 
to
 
extension=gd.so
 
Pay attention to which extension you uncomment, as this extension is sometimes mentioned in an explanatory comment before the actual line you want to uncomment.
 
 
* If your <code>DocumentRoot</code> is outside of <code>/home/</code>, add it to <code>open_basedir</code> in <code>/etc/php/php.ini</code> as such:
 
open_basedir = /home/:/tmp/:/usr/share/pear/:/path/to/documentroot
 
 
suggestion - Add your document root as follows:
 
open_basedir = /home/:/tmp/:/usr/share/pear/:/srv/http
 
 
* Restart the Apache service to make changes take effect (as root):
 
# /etc/rc.d/httpd restart
 
 
* Test PHP with a simple, but very informative script:
 
<html>
 
<head>
 
<title>PHP Test Page</title>
 
</head>
 
<body>
 
This is Arch Linux, running PHP.
 
<?php
 
  phpinfo();
 
?>
 
</body>
 
</html>
 
 
Save this file as <code>test.php</code> and copy to <code>/srv/http/</code> or to <code>~/public_html</code> if you permitted such a configuration.<!-- Also, remember to make it executable (<code>chmod o+x test.php</code>).-->
 
 
* Test PHP: http://localhost/test.php or http://localhost/~myname/test.php
 
 
'''If you continue to have problems''', edit your /etc/httpd/conf/httpd.conf file with the following information
 
 
* Edit your httpd.conf file
 
# nano /etc/httpd/conf/httpd.conf
 
 
* Under <code><IfModule mime_module></code>
 
AddType application/x-httpd-php .php
 
AddType application/x-httpd-php-source .phps
 
 
* Restart Apache
 
# /etc/rc.d/httpd restart
 
 
Be sure to test the page again to verify it's working properly (as stated above).
 
 
==== MySQL ====
 
* Configure MySQL as described at the [[MySQL]] wiki.
 
 
* Edit <code>/etc/php/php.ini</code> (this is in <code>/usr/etc</code> on older systems) to uncomment the following line (''By removing <code>;</code>''):
 
;extension=mysql.so
 
 
* You can add minor privileged users for your web scripts by editing the tables found in the <code>mysql</code> database. You have to restart MySQL for changes to take effect. Don't forget to check the <code>mysql/users</code> table. If there's a second entry for root and your hostname is left with no password set, everybody from your host probably could gain full access. Perhaps see next section for these jobs.
 
 
* Run in terminal (as root):
 
# /etc/rc.d/mysqld start
 
 
* MySQL should now be running. Test by visiting <code>http://localhost/phpMyAdmin</code> in a web browser - for testing by phpMyAdmin, you should have installed phpMyAdmin (<code>pacman -S phpmyadmin</code>). It should display phpMyAdmin main page.
 
 
* Edit <code>/etc/rc.conf</code> (to start MySQL at boot):
 
DAEMONS=(... '''mysqld''' ...)
 
'''Or''' add this line to <code>rc.local</code>:
 
/etc/rc.d/mysqld start
 
 
* You can get the "<code>error no. 2013: Lost Connection to mysql server during query</code>" message instantly whenever you try to connect to the MySQL daemon by TCP/IP. This is the TCP wrappers system (tcpd), which uses the <code>hosts_access(5)</code> system to allow or disallow connections.
 
 
* If you're running into this problem, be sure to add this to your /etc/hosts.allow file:
 
  # mysqld : ALL : ALLOW
 
  # mysqld-max : ALL : ALLOW
 
  # and similar for the other MySQL daemons.
 
 
* Notes: The examples above are the simplest case, telling tcpd to allow connections from anywhere. You may wish to use a more-appropriate choice of permissible sources instead of ALL. Just make sure that localhost and the IP address (numeric or DNS) of the interface by which you connect are specified.
 
 
* You might also need to edit <code>/etc/my.cnf</code> and comment out the <code>skip-networking</code> line as such:
 
skip-networking
 
to
 
#skip-networking
 
 
=== More Resources ===
 
* [[MySQL]] - Arch wiki article for MySQL
 
* http://www.apache.org/
 
* http://www.php.net/
 
* http://www.mysql.com/
 

Revision as of 13:01, 17 December 2012