Changes between Version 15 and Version 16 of howto/Apache2


Ignore:
Timestamp:
Oct 21, 2017, 9:45:24 PM (7 years ago)
Author:
Schamschula (Marius Schamschula)
Comment:

Update to apache2 (2.4.x)

Legend:

Unmodified
Added
Removed
Modified

  • howto/Apache2

    v15 v16  
    1313MacPorts includes the following versions of Apache:
    1414
    15 * '''apache2''': Apache HTTP Server v2.2.x. This is the recommended port to use.
    16 * '''apache24-devel''': Apache HTTP Server v2.4.x. This is intended for testing, and cannot be used to replace apache2 at this time. It has a different directory layout from apache2, so none of the other ports that use apache2 can use apache24-devel. it is expected that the contents of the apache24-devel port will eventually replace the contents of the apache2 port at which time the apache24-devel port will be retired.
    17 * '''apache''': Apache HTTP Server v1.3.x. This version reached [http://mail-archives.apache.org/mod_mbox/httpd-announce/201002.mbox/%3c20100203000334.GA19021@infiltrator.stdlib.net%3e end of life] in 2010 and is therefore not recommended.
     15* '''apache2''': Apache HTTP Server v2.4.x. This is the recommended port to use.
     16* '''apache20''': Apache HTTP Server v2.0.x. This is port is soon to be retired.
     17* '''apache22''': Apache HTTP Server v2.2.x. This is the former '''apache2''' port. It will be maintained as long as as it is supported by Apache.org.
     18* '''apache24-devel''': Apache HTTP Server v2.4.x. The apache24-devel port has been retired.
     19* '''apache''': Apache HTTP Server v1.3.x. The apache port has been retired.
    1820
    1921This page shows how to install and use the apache2 port. The instructions cannot be easily adapted to the other ports.
    2022
    2123== October 2017 - Apache 2.4.x ==
    22 In October of 2017 Apache 2.2.x  was upgrade to Apache 2.4.x. This involved a significant set of changes as listed in the Notes of the portfile:
     24In October of 2017 Apache 2.2.x  was upgraded to Apache 2.4.x. This involved a significant set of changes as listed in the Notes of the portfile:
    2325
    2426Apache2 has been migrated from the 2.2.x to the 2.4.x branch.
     
    7577}}}
    7678
    77 A sample configuration file is provided in `/opt/local/apache2/conf/original/httpd.conf`. Don't edit this file; leave it as is so you can refer to the defaults later. The first time you install apache2, the sample configuration file will be copied to `/opt/local/apache2/conf/httpd.conf` for you. You can edit this file as desired. When you later upgrade apache2 to a newer version, MacPorts will upgrade the sample configuration file but will not modify your `httpd.conf`, so be sure to manually compare your `httpd.conf` with the new sample configuration file and bring over any relevant changes. You should also keep backup copies of your `httpd.conf` in a safe place.
     79A sample configuration file is provided in `/opt/local/etc/apache2/original/httpd.conf`. Don't edit this file; leave it as is so you can refer to the defaults later. The first time you install apache2, the sample configuration file will be copied to `/opt/local/etc/apache2/httpd.conf` for you. You can edit this file as desired. When you later upgrade apache2 to a newer version, MacPorts will upgrade the sample configuration file but will not modify your `httpd.conf`, so be sure to manually compare your `httpd.conf` with the new sample configuration file and bring over any relevant changes. You should also keep backup copies of your `httpd.conf` in a safe place.
    7880
    7981=  Step 3:  Verify your config file =
    80 Verify any changes you have made to the config file: /opt/local/apache2/conf/httpd.conf
    81 {{{
    82 $ /opt/local/apache2/bin/apachectl -t
     82Verify any changes you have made to the config file: /opt/local/etc/apache2/httpd.conf
     83{{{
     84$ /opt/local/sbin/apachectl -t
    8385}}}
    8486This will return either "Syntax OK" or a specific line by line error listing.
     
    107109to start it again.
    108110
    109 The default log file location is: '''/opt/local/apache2/logs/'''. The startup will be logged in "'''error_log'''"
     111The default log file location is: '''/opt/local/var/log/apache2/'''. The startup will be logged in "'''error_log'''"
    110112
    111113= Step 5: Initial changes to the config file =
     
    115117
    116118{{{
    117 $ /opt/local/apache2/bin/apachectl -t
     119$ /opt/local/sbin/apachectl -t
    118120$ sudo port unload apache2
    119121$ sudo port load apache2
     
    123125However under OSX, the purpose of ''launchd'' is to notice processes that stop without its knowledge, and to restart them. So if you use ''apachectl -k restart'', launchd may notice apache "crashing" and restart it itself, confusing apachectl. Instead, you shoulduse "port" to tell launchctl to unload apache2, then load it again. This will result in a short interruption of service.
    124126
    125 If the sever name is not set properly in the configuration file, `/opt/local/apache2/conf/httpd.conf`, you will encounter the warning below.
     127If the sever name is not set properly in the configuration file, `/opt/local/etc/apache2/httpd.conf`, you will encounter the warning below.
    126128
    127129{{{
     
    145147=== User directories === #userdir
    146148
    147 If you would like to be able to access web pages in the Sites directory of your home directory, edit `/opt/local/apache2/conf/httpd.conf` and locate the following line:
    148 
    149 {{{
    150 #Include conf/extra/httpd-userdir.conf
     149If you would like to be able to access web pages in the Sites directory of your home directory, edit `/opt/local/etc/apache2/httpd.conf` and locate the following line:
     150
     151{{{
     152#Include etc/apache2/extra/httpd-userdir.conf
    151153}}}
    152154
     
    154156
    155157{{{
    156 Include conf/extra/httpd-userdir.conf
    157 }}}
    158 This file:   ''"/opt/local/apache2/conf/extra/httpd-userdir.conf"'' will activate the "Sites" sub-directory for all ~users on your system. (''"/Users/*/Sites"'') and contains initial, basic restrictions for access to the contents of that directory.
    159 
    160 After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
    161 
    162 {{{
    163 $ /opt/local/apache2/bin/apachectl -t
     158Include etc/apache2/extra/httpd-userdir.conf
     159}}}
     160This file:   ''"/opt/local/etc/apache2/extra/httpd-userdir.conf"'' will activate the "Sites" sub-directory for all ~users on your system. (''"/Users/*/Sites"'') and contains initial, basic restrictions for access to the contents of that directory.
     161
     162After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
     163
     164{{{
     165$ /opt/local/sbin/apachectl -t
    164166$ sudo port unload apache2
    165167$ sudo port load apache2
     
    170172=== Local Apache manual === #manual
    171173
    172 The [http://httpd.apache.org/docs/2.2/ Apache manual] is available on the Apache web site. If you would like to be able to access a copy of this manual on your web server, edit `/opt/local/apache2/conf/httpd.conf` and uncomment the following line:
    173 
    174 {{{
    175 #Include conf/extra/httpd-manual.conf
     174The [http://httpd.apache.org/docs/2.4/ Apache manual] is available on the Apache web site. If you would like to be able to access a copy of this manual on your web server, edit `/opt/local/etc/apache2/httpd.conf` and uncomment the following line:
     175
     176{{{
     177#Include etc/apache2/extra/httpd-manual.conf
    176178}}}
    177179
     
    179181
    180182{{{
    181 Include conf/extra/httpd-manual.conf
    182 }}}
    183 
    184 After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
    185 
    186 {{{
    187 $ /opt/local/apache2/bin/apachectl -t
     183Include etc/apache2/extra/httpd-manual.conf
     184}}}
     185
     186After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
     187
     188{{{
     189$ /opt/local/sbin/apachectl -t
    188190$ sudo port unload apache2
    189191$ sudo port load apache2
     
    192194You can then view the manual by accessing http://localhost/manual/.
    193195
    194 NOTE: This option expects ''"/opt/local/apache2/manual"'' to be accessible under "<Document Root>." This can be accomplished by
     196NOTE: This option expects ''"/opt/local/www/apache2/manual"'' to be accessible under "<Document Root>." This can be accomplished by
    195197{{{
    196198$ cd <Document Root>
    197 $ ln -s /opt/local/apache2/manual
     199$ ln -s /opt/local/www/apache2/manual
    198200}}}
    199201and then accessing: ''http://<servername>/manual/''
     
    202204'''Note:''' Establishing Secure Sockets is a fairly extensive process. One should first read the current Apache2 documentation found in the Apache2 manual:
    203205{{{
    204 http://httpd.apache.org/docs/2.2/ssl/
     206http://httpd.apache.org/docs/2.4/ssl/
    205207}}}
    206208==== Generate a self-signed certificate ====
     
    262264writing RSA key
    263265
    264 $ sudo cp server.crt /opt/local/apache2/conf/
    265 $ sudo cp server.key /opt/local/apache2/conf/
    266 }}}
    267 '''Note:''' Certificate generation can be accomplished in any directory. If you did so in ''"/opt/local/apache2/conf"'' the last two copy commands are redundant, and will generate the following  errors respectively:
    268 {{{
    269 cp: /opt/local/apache2/conf/server.crt and server.crt are identical (not copied).
    270 cp: /opt/local/apache2/conf/server.key and server.key are identical (not copied).
    271 }}}
    272 
    273 Then enable the following in {{{/opt/local/apache2/conf/httpd.conf}}}
     266$ sudo cp server.crt /opt/local/etc/apache2/
     267$ sudo cp server.key /opt/local/etc/apache2/
     268}}}
     269'''Note:''' Certificate generation can be accomplished in any directory. If you did so in ''"/opt/local/etc/apache2"'' the last two copy commands are redundant, and will generate the following  errors respectively:
     270{{{
     271cp: /opt/local/etc/apache2/server.crt and server.crt are identical (not copied).
     272cp: /opt/local/etc/apache2/server.key and server.key are identical (not copied).
     273}}}
     274
     275Then enable the following in {{{/opt/local/etc/apache2/httpd.conf}}}
    274276
    275277{{{
     
    277279
    278280# Secure (SSL/TLS) connections
    279 Include conf/extra/httpd-ssl.conf
    280 }}}
    281 After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
    282 {{{
    283 $ /opt/local/apache2/bin/apachectl -t
     281Include etc/apache2/extra/httpd-ssl.conf
     282}}}
     283After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
     284{{{
     285$ /opt/local/sbin/apachectl -t
    284286$ sudo port unload apache2
    285287$ sudo port load apache2
     
    288290The most likely error you will receive is:
    289291{{{
    290 Syntax error on line 120 of /opt/local/apache2/conf/extra/httpd-ssl.conf:
    291 SSLCertificateFile: file '/opt/local/apache2/conf/server.crt' does not exist or is empty
     292Syntax error on line 120 of /opt/local/etc/apache2/extra/httpd-ssl.conf:
     293SSLCertificateFile: file '/opt/local/etc/apache2/server.crt' does not exist or is empty
    292294}}}
    293295If so, simply revisit the instructions above to create a self-signed certificate.
     
    301303==== Configure your "Virtual Host" ====
    302304While you have verified your certificate, you will discover that you have no access to your server - ''"You don't have permission to access.... on this server."''\\
    303 This is because the SSL Virtual Host has not been configured in ''"/opt/local/apache2/conf/extra/httpd-ssl.conf"''
    304 
    305 Edit ''"/opt/local/apache2/conf/conf/extra/httpd-ssl.conf"'' and moved down to the section:
     305This is because the SSL Virtual Host has not been configured in ''"/opt/local/etc/apache2/extra/httpd-ssl.conf"''
     306
     307Edit ''"/opt/local/etc/apache2/extra/httpd-ssl.conf"'' and moved down to the section:
    306308{{{
    307309#   General setup for the virtual host
    308 DocumentRoot "/opt/local/apache2/htdocs"
     310DocumentRoot "/opt/local/www/apache2/html"
    309311ServerName www.example.com:443
    310312ServerAdmin you@example.com
    311 ErrorLog "/opt/local/apache2/logs/error_log"
    312 TransferLog "/opt/local/apache2/logs/access_log"
     313ErrorLog "/opt/local/var/log/apache2/error_log"
     314TransferLog "/opt/local/var/log/apache2/access_log"
    313315}}}
    314316Configure this section appropriately. \\
     
    316318As there are many optional ways of configuring security on your web server, consult the Apache2 manual for details.
    317319{{{
    318 http://httpd.apache.org/docs/2.2/ssl/
    319 }}}
    320 
    321 After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
    322 {{{
    323 $ /opt/local/apache2/bin/apachectl -t
     320http://httpd.apache.org/docs/2.4/ssl/
     321}}}
     322
     323After each change to the config file, you should again verify the file syntax, and then you need to stop and restart Apache for the changes to take effect.
     324{{{
     325$ /opt/local/sbin/apachectl -t
    324326$ sudo port unload apache2
    325327$ sudo port load apache2