I decided it was time to bite the bullet and set myself up with a subversion repository for a project I may start on in the near future. I couldn’t find find a quick guide to setting up a repository on CentOS, so this is how I did it. Based on Chapter 6 (Server Configuration) of the subversion book, and the config files.
First up we needed to get subversion installed. This is pretty easy, CentOS has subversion packages.
yum install subversion mod_dav_svn
Next up I created an entry in DNS for the domain I wanted to host subversion on. I then added the following to the httpd.conf to create a vhost for subversion.
<virtualhost *:80>
ServerAdmin [My Email]
DocumentRoot [Path]
ServerName [Host Name]
ErrorLog logs/svn-error_log
CustomLog logs/svn-access_log combined
<location />
DAV svn
SVNPath [Path - same as DocumentRoot]
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /etc/svn-auth-file
Require valid-user
</location>
</virtualhost>
Next up create the user file, the folloring command takes care of that, then we can restart apache so the config changes take effect:
htpasswd -c /etc/svn-auth-file jim
service httpd restart
Next up, we create the directory we specified as the DocumentRoot above. Finally, change into the directory we just created, and use svnadmin to create the repository and set the ownership to the apache user.
svnaddmin create .
chown -R apache:apache
After that I was able to check out a working copy of the (empty) repository, and we were off and running.
Serverwatch.com is running an excellent article on Apache Maintenance Basics.
Doing some regular checks and maintenance on your Apache installation helps identify any issues — usually before they even become issues — and helps you stay up date with the latest security and performance patches. This article covers some of the major steps and maintenance tasks that should be regularly undertaken while the Apache system is running.
It covers things such as monitoring logs, user management, and upgrades. Excellent reading.
I needed to set up an Apache virtual host with a password today (i.e. a password is required to view the site), and found this handy tutorial from yolinux.com called “Linux Tutorial - Apache Web Server Configuration: Adding password protection to a web site“.
This tutorial applies to Apache based web servers. It requires:
1. Editing the server configuration file (httpd.conf) to enable/allow a directory structure on the server to be password protected. Basically the default access permission statement need modification.
2. The creation and addition of two files specifying the actual logins and passwords. (.htaccess and .htpasswd)
Worked good as gold for me, the only minot hiccup was that I had to use “/usr/local/apache2/bin/htpasswd” instead of just “htpasswd” as it appears in the tutorial. All in all, very easy to do.
ONLamp finisheds off the creating your own SSL certificates article I linked to earlier, with an explanation of Distributing Your CA to Client Browsers.
In order for your client browsers to trust your new Certificate Authority, they must be configured to accept your CA’s public key. There are two possible formats that browsers will accept for new certificate authority certs: pem and der. You can generate a der from your existing pem with a single OpenSSL command:
ONLamp.com shows us how to create Custom Error Pages with PHP and Apache. Good stuff…
Building a custom error page with PHP and Apache requires two steps. You need to tell Apache to run a PHP program when it encounters a 404 (”Page Not Found”) error. And you need to write the corresponding program that takes the appropriate action.
ONLamp has an interesting article on using OpenSSL to create your own Certificate Authority (CA) for signing SSL certificates.
In this article, I’ll show how OpenSSL is perfectly capable of generating everything you need to run your own Certificate Authority. The CA.pl utility makes the process very simple.
Linux Journal has an article on Efficiently Updating Web Sites on Clusters, which makes interesting reading.
Using the page-flipping technique as inspiration for solving the problem of updating a web site on a cluster.
I notice that Jesse Lawrence is wondering how to get recent versions of Apache and PHP to play with an older MySQL… I’m no guru, but I’ve got Apache 2.0.42, and PHP 4.2.3 compiled and running, talking to both Microsoft SQL Server 7.0 and MySQL 3.23.49 (default with RedHat 7.3).
Firstly, a little organisation. I’ve untar’ed the sources for Apache, PHP, etc into /usr/src, which means I ended up with /usr/src/httpd-2.0.42, etc. I then created a symlink to remove the version number from the directory names (ie. ln -s httpd-2.0.42 httpd). This means that I can have serveral versions of Apache source on my system and have the symlink point to the one I’m currently using. This means my /usr/src looks a bit like this (edited)…
[root@snares src]# ll
drwxr-xr-x 6 jim jim 4096 Oct 30 11:17 freetds
lrwxrwxrwx 1 root root 12 Oct 30 09:08 httpd -> httpd-2.0.42
drwxr-xr-x 12 root root 4096 Oct 30 11:20 httpd-2.0.42
lrwxrwxrwx 1 root root 14 Oct 30 09:09 openssl -> openssl-0.9.6g
drwxr-xr-x 20 root root 4096 Oct 30 11:13 openssl-0.9.6g
lrwxrwxrwx 1 root root 9 Oct 30 09:08 php -> php-4.2.3
drwxr-xr-x 16 1002 games 4096 Oct 30 11:22 php-4.2.3
The other thing I did was to put all of the configure and make commands into a script so that I can build the same setup again, without remembering all of the command line parameters. The script uses the symlinked directory names, not the actual ones.
The advantage of the symlinks and the script is that for minor upgrades all I need to do is untar the new source, change the symlinks and run the script and we’re all done. If something goes wrong, change the symlink back, run the script again, and we’re back to our known working setup. Very simple upgrade and fall back.
Anyway, here’s a copy of the script I use to build Apache 2.0 and PHP 4.2 with MySQL and MS SQL Server support. This one has been edited to remove the SSL and FreeTDS (MS SQL Server) stuff, its untested, but is should be close to the mark.
An upgrade to PHP 4.3 scheduled in the next few days, so I’ll post any updates once its done.
Jeremy Zawodny has written a good article for Linux Magazine explaining how to write Apache logs to MySQL. Seems pretty simple, and would make analysis easier. Will try this on my new Linux box.
I’ve been having problems with Apache 2 segfaulting when the Red Hat Log Rotation job is run… /etc/logrotate.d/apache has been changed as follows to try and resolve this…
/var/log/httpd/*_log {
monthly
rotate 12
missingok
prerotate
/usr/local/apache2/bin/apachectl stop
endscript
postrotate
/usr/local/apache2/bin/apachectl start
endscript
}
I’ve added the prerotate and postrotate lines to shut down apache while the logs are being moved, so hopefully this will resolve the problem.
UPDATE (1/1/03): Had the path to apachectl wrong, now fixed in the above.
