Fedora/LAMP

From Segfault
Jump to: navigation, search

Note: this is not strictly specific to Fedora any more, we're just covering some aspects and issues when setting up a LAMP server.

Quickly setup a LAMP server in Fedora, using mod_fcgid instead of mod_php:

Apache

 $ yum install httpd mod_fcgid mysql-server phpMyAdmin mediawiki 
 $ cd /etc/httpd
 $ mv conf.d/php.conf conf.d/php.conf.disabled
 $ grep ^[A-Z] conf.d/fcgid.conf
 LoadModule fcgid_module modules/mod_fcgid.so
 AddHandler fcgid-script fcg fcgi fpl php
 FCGIWrapper /usr/bin/php-cgi .php
 FcgidIPCDir /var/run/mod_fcgid
 FcgidProcessTableFile /var/run/mod_fcgid/fcgid_shm

Additionally, we might have to put in these into conf.d/fcgid.conf:

 ProcessLifeTime  7200
 IPCCommTimeout   7200
 IPCConnectTimeout 300

Add ExecCGI to the correct <Directory> (e.g. /var/www/html) in conf/httpd.conf, probably add index.php to DirectoryIndex. Also, adjust Allow/Deny rules in conf.d/phpMyAdmin.conf:

sed 's/from 127.0.0.1/& 10.10.0.0\/24/' -i conf.d/phpMyAdmin.conf
service httpd restart

Or, with systemd:

systemctl restart httpd.service

MySQL

As our MySQL server does not have a password yet, we better set one:

 $ mysql
 mysql> SET PASSWORD = PASSWORD('s3cr3t');

phpMyAdmin

Adjust phpMyAdmin

 $ egrep 'blowfish_secret|auth_type' /etc/phpMyAdmin/config.inc.php
 $cfg['blowfish_secret']           = 'some-string-up-to-42-characters';
 $cfg['Servers'][$i]['auth_type']  = 'cookie'; 

Also, instead of messing around with SELinux rules, we can just disable the Alias and create a symlink:

 $ grep Alias conf.d/phpMyAdmin.conf 
 # Alias /phpMyAdmin /usr/share/phpMyAdmin
 # Alias /phpmyadmin /usr/share/phpMyAdmin
 
 $ ln -s /usr/share/phpMyAdmin /var/www/html/phpmyadmin

Mediawiki

We actually have a MediaWiki database backup, let's use that:

 $ cd /var/www/wiki
 $ ln -s /usr/share/mediawiki/includes
 $ ln -s /usr/share/mediawiki/languages
 $ ln -s /usr/share/mediawiki/skins
 
 $ mysql
 mysql> CREATE DATABASE wikidb;
 mysql> CREATE USER 'wikiuser'@'localhost' IDENTIFIED BY 'wikidbpassword';
 mysql> GRANT ALL PRIVILEGES ON `wikidb`.* TO 'wikiuser'@'localhost';
 ^D
 $ mysql -D wikidb < ~/wikidb-backup.sql

Because Fedora comes with SELinux enabled, we have to allow network and database access to httpd:

 $ setsebool -P httpd_can_network_connect 1
 $ setsebool -P httpd_can_network_connect_db 1

s9y

Also, some applications require write access to certain directories:

 $ cd ../htdocs/s9y
 $ chcon -R -t httpd_sys_rw_content_t uploads templates_c
 $ chcon    -t httpd_sys_rw_content_t . serendipity_config_local.inc.php