Support #385
Updated by Daniel Curtis over 10 years ago
Here is a procedure to install a FAMP, FreeBSD with Apache, MariaDB and PHP, server. The following setup runs Apache 2.2, MariaDB 5.5, and PHP 5 on FreeBSD 9.2. If any version of the packages needs to be changed, replace the versions in the commands accordingly. h2. Pre-Installation Tasks * Before installation of the components, make sure the ports tree and packages are is up to date using the following command: <pre> pkg update && pkg upgrade && portsnap fetch extract </pre> h2. Apache 2.2 & PHP – Installation and Configuration * Install Apache 2.2 with mod_php5 <pre> pkg cd /usr/ports/www/apache22-worker-mpm make install apache22 php5 mod_php5 php5-xml php5-dom libgpg-error php5-xmlreader php5-simplexml php5-ctype php5-fileinfo php5-openssl php5-hash php5-filter openldap-client xproto xextproto libXau libXdmcp libpthread-stubs kbproto libICE freetype2 png jpeg printproto php5-exif curl php5-json php5-sqlite3 php5-pdo php5-mysql php5-mysqli php5-pdo_mysql oniguruma4 php5-iconv mp3info php5-zlib php5-zip php5-bz2 php5-session libgcrypt php5-wddx php5-ldap libxcb libSM php5-curl php5-pdo_sqlite php5-mbstring libxslt libX11 libXt php5-xsl libXext libXp libXmu libXpm libXaw t1lib php5-gd </pre> NOTE: *NOTE*: While running @make install@ the installer asks to check the boxes to install various libraries and support packages. Check the appropriate boxes as per requirements. This installs a few PHP extensions, add or remove as needed. is where SuExec and LDAP will be enabled, make sure to enable it. *NOTE*: I use puppet to manage apache configurations and modules, so the above command is used to compile in the above modules. * Clean up the source packages: <pre> make clean </pre> * Edit the apache configuration file, i.e. @/usr/local/etc/apache22/httpd.conf@, and make the following changes: <pre> ServerRoot "/usr/local" ServerAdmin you@your.address ServerName www.example.com:80 DocumentRoot "/usr/local/www" "/usr/local/www/apache22/data" Listen :80 NameVirtualHost *:80 ... ## Modified for multi user access <Directory "/usr/local/www"> /> Options Indexes FollowSymLinks Includes ExecCGI AllowOverride None All Order allow,deny deny,allow Allow from all </Directory> ... <IfModule dir_module> DirectoryIndex index.php index.html # Server-pool management (MPM specific) </IfModule> <FilesMatch "\.php$"> SetHandler application/x-httpd-php Include etc/apache22/extra/httpd-mpm.conf </FilesMatch> <FilesMatch "\.phps$"> SetHandler application/x-httpd-php-source </FilesMatch> ... Include etc/apache22/Includes/*.conf </pre> Now create a vhost website in /usr/local/etc/apache22/Includes/www.example.com.conf: Include etc/apache22/Vhosts/*.conf <pre> <VirtualHost *:80> ServerAdmin root@example.com DocumentRoot "/usr/local/www/www.example.com" ServerName www.example.com ErrorLog "/var/log/www.example.com-error_log" CustomLog "/var/log/www.example.com-access_log" common </VirtualHost> </pre> * Edit the @/etc/hosts@ file and add the following line: > <ip-address> <hostname>.<domain> #* eg: > 192.168.1.1 www.example.com hostname.example.org * (Optional) Create a file named /boot/loader.conf or edit it if it is already present and add the following line: > accf_http_load="YES" * Add the following line to @/etc/rc.conf@: > echo 'apache22_enable="YES"' >> /etc/rc.conf * Test the apache server installation using the following command: <pre> /usr/local/sbin/apachectl start </pre> h2. MariaDB – Installation and Configuration Install MariaDB 5.5 <pre> cd /usr/ports/databases/mariadb55-server/ make install make clean </pre> * Add the following line to the file @/etc/rc.conf@: <pre> echo 'mysql_enable="YES"' >> /etc/rc.conf </pre> * Start MariaDB <pre> service mysql-server start </pre> * Set password for mysql using the following command <pre> rehash mysqladmin -uroot password </pre> h3. Configure MariaDB * Use the following command: <pre> cp /usr/local/share/mysql/my-small.cnf /etc/my.cnf </pre> Restart mysql using the following commands: <pre> service mysql-server restart </pre> h2. PHP – Installation and Configuration * Install PHP5 and other supporting packages: <pre> cd /usr/ports/lang/php5 make config make install clean </pre> NOTE: I decided compile the FPM module into PHP to replace the old FastCGI method. Make sure to do the same while running @make config@. * Copy the PHP configuration file using the following command <pre> cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini </pre> * Configure the mysql module for PHP: <pre> cd /usr/ports/databases/php5-mysql make config </pre> *NOTE*: Make sure to enable the *mysql* extension * Install the mysql module for PHP: <pre> make install make clean </pre> * Install the php5-session package <pre> cd /usr/ports/www/php5-session make install clean </pre> * Configure the php5-extensions package <pre> cd /usr/ports/lang/php5-extensions make config </pre> *NOTE*: Enable all the modules that will apply to your PHP needs. * Install the php5-extensions package <pre> make install clean </pre> * Install and configuring apache module for PHP: <pre> cd /usr/ports/www/mod_php5 make install make clean </pre> * Edit @/usr/local/etc/apache22/httpd.conf@ file and add the following lines: <pre> LoadModule php5_module libexec/apache22/libphp5.so AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps </pre> * You should also search for the line that reads: > DirectoryIndex index.html *# and change it to read: > DirectoryIndex index.php index.html * Once completed, a simple call to the apachectl command for a graceful restart is needed to load the PHP module: <pre> apachectl graceful </pre> For future upgrades of PHP, the make config command will not be required; the selected OPTIONS are saved automatically by the FreeBSD Ports framework. The PHP support in FreeBSD is extremely modular so the base install is very limited. It is very easy to add support using the _lang/php5-extensions_ port. This port provides a menu driven interface to PHP extension installation. Alternatively, individual extensions can be installed using the appropriate port. * Now restart the apache server by using the following command: <pre> /usr/local/sbin/apachectl restart </pre> h2. Apache 2.2 Modules – Installation and Configuration There are many modules that apache can use, the following are just a few that I use in my web server baseline. For more modules, consult the FreeBSD handbook. * *Install & configure PHP-FPM and FastCGI with SuExec* *# Start by enabling the php-fpm service <pre> echo 'php_fpm_enable="YES"' >> /etc/rc.conf service php-fpm start </pre> *# Then install FastCGI <pre> pkg install ap22-mod_fastcgi </pre> *# And add the module to @/usr/local/etc/httpd.conf@, or module includes directory: <pre> LoadModule fastcgi_module libexec/apache22/mod_fastcgi.so LoadModule suexec_module libexec/apache22/mod_suexec.so </pre> *# Next add the FastCGI global configuration to either the apache configuration like above, or in the includes directory, ie. @/usr/loca/etc/apache22/Includes/php-fpm.conf@: <pre> FastCgiIpcDir /tmp/ FastCgiConfig -autoUpdate -singleThreshold 100 -killInterval 300 -idle-timeout 240 -maxClassProcesses 1 -pass-header HTTP_AUTHORIZATION FastCgiWrapper /usr/local/sbin/suexec <FilesMatch \.php$> SetHandler php5-fcgi </FilesMatch> Action php5-fcgi /fcgi-bin <Directory /usr/local/sbin> Options ExecCGI FollowSymLinks SetHandler fastcgi-script Order allow,deny Allow from all </Directory> </pre> *# *Configure FPM* *#* Now FPM needs some configuration. Create a directory to store per-vhost fpm configs: <pre> mkdir /usr/local/etc/fpm.d </pre> *#* Then edit the global @php-fpm.conf@, uncommenting: <pre> include=/usr/local/etc/fpm.d/*.conf </pre> *#* Switching the listen statement from a tcp port to: <pre> listen = /tmp/php-fpm.sock </pre> *#* and changing the pm to: <pre> pm = ondemand </pre> There are a couple different types of process manager (pm). On demand will prefork zero (0) processes. They will only forked when needed. I chose this for lots of small sites. You may want a model that suits your setup better. *# Now lets create a vhost. Given a site named “example.com” owned by user “luser”, here’s my template: <pre> <VirtualHost *:80> ServerName www.example.com DocumentRoot /var/www/luser/example.com/htdocs SuexecUserGroup wwwuser1 wwwclient1 ServerAlias example.com ErrorLog /var/www/luser/example.com/logs/example.com.error_log CustomLog /var/www/luser/example.com/logs/example.com.access_log combined <Directory /var/www/example.com/htdocs"> Order allow,deny Allow from all Options +Indexes +FollowSymLinks +ExecCGI +Includes +MultiViews AllowOverride All </Directory> FastCgiExternalServer /tmp/fpm-example.com -socket /tmp/php-fpm-example.com.sock -user luser -group luser Alias /fcgi-bin /tmp/fpm-example.com <Location /fcgi-bin> Options +ExecCGI Order allow,deny Allow from all </Location> <LocationMatch "/(ping|fpm-status)"> SetHandler php5-fcgi-virt Action php5-fcgi-virt /fcgi-bin virtual </LocationMatch> </VirtualHost> </pre> *# And create a complimentary the FPM pool config in @/usr/local/etc/fpm.d/example.com.conf@: <pre> [example.com] user = luser group = luser listen = /tmp/php-fpm-example.com.sock chroot = /home/luser pm = ondemand pm.max_children = 50 pm.status_path = /fpm-status php_admin_value[doc_root] = /example.com/htdocs php_admin_value[cgi.fix_pathinfo] = 0 php_admin_value[sendmail_path] = /bin/mini_sendmail -t </pre> * *-(Optional) Install PHP FastCGI as a PHP replacement-* -Install @www/mod_fcgid@ from ports. In httpd.conf use:- <pre> cd /usr/ports/www/mod_fcgid make install clean </pre> *# -Now replace the PHP module used by Apache with the FastCGI module:- <pre> LoadModule fcgid_module libexec/apache22/mod_fcgid.so <IfModule mod_fcgid.c> AddHandler fcgid-script .fcgi </IfModule> </pre> -If all went well you should be able to restart Apache and be in business. A @phpinfo();@ should execute and provide details. Any problems the quickest way to check PHP is to just execute @php -v@ at a shell prompt. If it doesn't segfault it will print out a short descriptive output text.- -I believe this is better than the usual script based approach you will locate on the web. It starts/spawns PHP as a long running process when Apache starts instead of starting a new CGI each time PHP script is executed. The mod_fcgid is configurable.- # *Install the Phusion Passenger module* <pre> cd /usr/ports/www/rubygem-passenger make install clean passenger-install-apache2-module </pre> #* Then add the module in @/usr/local/etc/apache22/httpd.conf@: <pre> LoadModule passenger_module /usr/ports/www/rubygem-passenger/work/passenger-4.0.41/buildout/apache2/mod_passenger.so <IfModule mod_passenger.c> PassengerRoot /usr/ports/www/rubygem-passenger/work/passenger-4.0.41 PassengerDefaultRuby /usr/local/bin/ruby19 </IfModule> </pre> #* And now ruby web applications can be used by using the following template: <pre> <VirtualHost *:80> ServerName www.yourhost.com # !!! Be sure to point DocumentRoot to 'public'! DocumentRoot /somewhere/public <Directory /somewhere/public> # This relaxes Apache security settings. AllowOverride all # MultiViews must be turned off. Options -MultiViews </Directory> </VirtualHost> </pre> # *Install the Perl module* <pre> cd /usr/ports/www/mod_perl2 make install clean </pre> #* Add the following to @/usr/local/apache22/httpd.conf@: <pre> LoadModule perl_module /usr/local/libexec/apache22/mod_perl.so </pre> h2. Resources * http://harold.internal.org/tag/freebsd/ * http://fosskb.wordpress.com/2014/04/12/famp-installing-apache2-4-mariadb-php-on-freebsd-10/ * http://www5.us.freebsd.org/doc/handbook/network-apache.html * http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html * http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html