Fun With LAMP

Posted by Carson       Trackback

I’ve been building out some servers at work to power various open source applictions such as SugarCRM, Eventum, Drupal, and WordPress. I’ve always been very meticulous when it comes to building out IT services and I still prefer to compile and install everything myself rather than use yum or apt-get. Most of the stuff I use is pretty standard, however I do use a few configure switches since I like to have everything properly placed in it’s own location on the server. Also, Eventum and SugarCRM need IMAP support built into PHP so there are some extra switches needed. My distribution of choice is CentOS, installed using LVM and no options other than the base server install with development tools.

I tend to build most of my source in /usr/local/src and I like to install stuff to /usr/local/[nameofpackage].

So I usually start of by getting the latest stable source tarballs (btw, the links below may go stale over time)-
cd /usr/local/src

wget http://us.php.net/get/php-5.2.4.tar.gz/from/us2.php.net/mirror
wget http://dev.mysql.com/get/Downloads/MySQL-5.0/mysql-5.0.45.tar.gz/from/http://mysql.he.net/
wget http://download.nextag.com/apache/httpd/httpd-2.2.6.tar.gz

tar zxf all the downloads

Installing MySQL:
groupadd mysql
useradd -g mysql -c “MySQL Server” mysql

cd /usr/local/src/mysql###

chown -R root.root *

make clean

./configure \
–prefix=/usr/local/mysql \
–localstatedir=/usr/local/mysql/data \
–disable-maintainer-mode \
–with-mysqld-user=mysql \
–with-unix-socket-path=/tmp/mysql.sock \
–without-comment \
–without-debug \

make && make install

MySQL Configuration:
Create internal db-

Directories and ownership-
chown -R root:mysql /usr/local/mysql
chown -R mysql:mysql /usr/local/mysql/data

Default config file (medium)-
cp support-files/my-large.cnf /etc/my.cnf
chown root:sys /etc/my.cnf
chmod 644 /etc/my.cnf

Configure & check libraries-
echo “/usr/local/mysql/lib/mysql” >> /etc/ld.so.conf
I usually double check with ldconfig

Startup script-
cp ./support-files/mysql.server /etc/rc.d/init.d/mysql
chmod +x /etc/rc.d/init.d/mysql
/sbin/chkconfig –level 3 mysql on

Create symlinks-
cd /usr/local/mysql/bin
for file in *; do ln -s /usr/local/mysql/bin/$file /usr/bin/$file; done

Update config for security (unless other hosts will access the DB)-
vi /etc/my.cnf
uncomment “skip-networking”

service mysql start

Setup root user-
mysqladmin -u root password new-password

mysqladmin version
mysql -u root -p

Lock down default DB and users-
drop database test;
use mysql;
delete from db;
delete from user where not (host=”localhost” and user=”root”);
flush privileges;

Change root user-
update user set user=”sqladmin” where user=”root”;
flush privileges;

A few more tests…
create database ilikerobots;
drop database ilikerobots;

Apache Install:
cd /usr/local/src/httpd###
make clean

Configure with pretty standard switches…
./configure –prefix=/usr/local/httpd \
–enable-so \
–enable-info \
–enable-rewrite \
–enable-speling \
–enable-usertrack \
–enable-deflate \

make && make install

Create symlink for config-
ln -s /usr/local/httpd/conf/httpd.conf /etc/httpd.conf

Configure for automatic startup-
ln -s /usr/local/httpd/bin/apachectl /etc/rc.d/init.d/httpd

Update /etc/init.d/httpd script to work with chkconfig
# chkconfig: – 85 15
# description: Apache is a Web server used to serve HTML files and CGI.

Completion or automatic startup-
chkconfig –add httpd
chkconfig –level 3 httpd

PHP Installation:
Get c-client (required for PHP imap support):
cd /usr/local/src
wget ftp://ftp.cac.washington.edu/imap/old/imap-2006f.tar.Z

Install prerequisites via yum
yum install pam-devel openssl-devel

tar -xzf imap-2006f.tar.Z
cd imap-2006f
make lrh

mkdir /usr/include/imap-2006f
mkdir /usr/include/imap-2006f/lib
mkdir /usr/include/imap-2006f/include
cd c-client
cp c-client.a /usr/include/imap-2006f/lib/libc-client.a
cp *.h /usr/include/imap-2006f/include/

Install libpng-devel via yum if not installed already

Configure PHP with some special configure switches:
cd /usr/local/src/php####

./configure –prefix=/usr/local/php \
–with-apxs2=/usr/local/httpd/bin/apxs \
–with-mysql=/usr/local/mysql \
–with-imap=/usr/include/imap-2006f \
–disable-debug \
–enable-ftp \
–enable-inline-optimization \
–enable-magic-quotes \
–enable-mbstring \
–enable-safe-mode \
–enable-wddx \
–enable-xml \
–with-gd \
–with-gettext \
–with-regex=system \
–with-curl \
–with-openssl \

Compile and install-
make && make install

Copy over default config to working config-
cp php.ini-dist /usr/local/php/lib/php.ini

Setup symlink for config
ln -s /usr/local/php/lib/php.ini /etc/php.ini

Apache2 config:
Update /etc/httpd.conf with the following lines (first one is in place usually)-
LoadModule php5_module modules/libphp5.so
AddHandler php5-script php

Add index.php to DirectoryIndex
DirectoryIndex index.html index.php

Start apache-
service httpd start

Additional Stuff:
I usually have to update the iptables config to allow traffic on port 80-
vi /etc/sysconfig/iptables, add the following-
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

Additionally, I typically run SELinux in enforcing mode so I need to update the security context for the Apache PHP module-
chcon -t texrel_shlib_t /usr/local/httpd/modules/*.so

Final Steps:
I usually test the stack by creating a simple index.php page that calls phpinfo(); – If my php info page comes up in a browser, then I create some mysql databases and get my applications runnning.

I prefer to create my own databases and database users using the mysql cli rather than let the applications create them, so…
create database dbname;
grant all privileges on dbname.* TO “dbuser”@”hostname”
-> identified by “password”;
flush privileges;


No Comments

Make A Comment

No comments yet.

Comments RSS Feed   

Leave a comment