Build Your Own Apache Server with mod_perl and mod_ssl
Pages: 1, 2, 3, 4
Apache Startup Bundle Redux
In part one of this article, I provided instructions for creating a
startup bundle so that your custom Apache could be started when Mac OS
X starts. My approach to creating the bundle involved copying Apple's
Apache startup bundle from /System/Library/StartupItems,
altering it, and then putting it into
/Library/StartupItems.
However, attentive reader Milo Polten noticed a flaw in my approach --
at least from the point of view of good Mac OS X system administration. I
had suggested that all of the if statements be removed from
our copy of the Mac OS X Apache startup script, since they tested the
value of the $WEBSERVER variable, which is set via the
"Personal Web Sharing" check box in the "Sharing"
system preference. It turns out, however, that the check box is just a
convenient way for users to actually change the value of the
$WEBSERVER entry in the /etc/hostconfig file,
and it is actually this file that offers a Darwin-like method for enabling
and disabling startup scripts.
The general idea is that all Mac OS X system startup scripts are
controlled by the presence of variables in the
/etc/hostconfig file, and the scripts themselves are
supposed to check for the proper variable setting in that
file. Thus startup services can be enabled or disabled merely by editing
/etc/hostconfig, rather than by moving startup bundles in and
out of /System/Library/StartupItems or
/Library/StartupItems.
As a result of my newly-gained knowledge, I'd like to suggest a new approach to creating an Apache startup bundle. First, copy Apple's startup bundle to a temporary location:
% cp -rf /System/Library/StartupItems/Apache \
~/Desktop/Now, using your favorite editor (TextEdit will work fine), open up the
~/Desktop/Apache/Apache file. Again, change all instances of
apachectl to point to our new Apache server controller,
/usr/local/apache/bin/apachectl. However, do not
delete the if statements. Instead, change the name of the
variable to be checked from WEBSERVER to
APACHESERVER. The resulting file should look like this:
#!/bin/sh
##
# Apache HTTP Server
##
. /etc/rc.common
StartService ()
{
if [ "${APACHESERVER:=-NO-}" = "-YES-" ]; then
ConsoleMessage "Starting Apache web server"
/usr/local/apache/bin/apachectl start
fi
}
StopService ()
{
ConsoleMessage "Stopping Apache web server"
/usr/local/apache/bin/apachectl stop
}
RestartService ()
{
if [ "${APACHESERVER:=-NO-}" = "-YES-" ]; then
ConsoleMessage "Restarting Apache web server"
/usr/local/apache/bin/apachectl restart
else
StopService
fi
}
RunService "$1"If you'd like Apache to start up with ssl support, change /usr/local/apache/bin/apachectl start to /usr/local/apache/bin/apachectl startssl.
Next, add the $APACHESERVER variable to
/etc/hostconfig. The simplest way to do this is to use the
echo command on the command-line to append it to the the
file:
% sudo echo APACHESERVER=-YES- >> /etc/hostconfigYou can also edit the file directly using TextEdit, but you must open
TextEdit as the root user in order to be able to edit the file. You can
use the sudo utility on the command-line to accomplish
this:
% sudo /Applications/TextEdit.app/Contents/MacOS/TextEdit \
/etc/hostconfigOnce you've added the line "APACHESERVER=-YES-",
save your changes and quit TextEdit. Now move the entire startup bundle to
its new home in /Library/StartupItems and test it:
% sudo mv ~/Desktop/Apache /Library/StartupItems
% sudo /Library/StartupItems/Apache/Apache start
Starting Apache web server
/usr/local/apache/bin/apachectl start: httpd startedPoint your browser to your local computer again and make sure the test page loads. If it does, you're in business, and the Apache server will be started whenever you boot into Mac OS X.
Good to Go
There you have it, everything you need to know about how to compile your own Apache Web server with mod_perl and mod_ssl. The instructions I've provided in the two parts of this article should give you the knowledge you need to compile Apache with just about any module you're likely to need in your Internet development work. Other modules you may wish to consider include mod_php for PHP language support; mod_tcl for TCL language support; and mod_dav for WebDAV (distributed authoring and versioning) support. See the Apache Module Registry for a comprehensive list of modules. And enjoy your total Internet development environment: Mac OS X.
David E. Wheeler is a developer at Portland, Oregon-based Values of n, where he writes the code that makes Stikkit's little yellow notes think.
Return to the Mac DevCenter.
You must be logged in to the O'Reilly Network to post a talkback.
Showing messages 1 through 16 of 16.
-
SSL will not load!
2003-06-14 08:26:38 goldenmean [Reply | View]
I have spent the last week messing around with a few of your articles and getting mysql, apache, mod_perl, and mod_ssl up and running on my Mac OS X machine. I have a had a slew of problems not the least of which is that CPAN really tends to screw with perl and cause all kinds of undefined problems. But now I think that I am at the very last hurdle. Everything is installed and checks out fine but when I go to start Apache with the startssl command, it says that it ..."cannot load libssl.so into server: (reason unknown)" Any suggestions?
-
Pass phrase.
2003-04-24 04:27:24 anonymous2 [Reply | View]
If I have Apache booting up to support SSL at system startup, how do I pass my passphrase to the Apache startup through the OS X boot process. I have read that the process can/will hang due to this problem.....? -
Pass phrase.
2003-04-24 11:34:34 Theory [Reply | View]
AFAIK, putting the passphrase in the startup sequence would defeat the purpose of having one in the first place. It's unlikely that you'll be able to do this. You'll either have to start Apache manually, or build a new certificate without a passphrase. I tend to do the latter, since there's no one else who can log in to my system and muck with the server, anyway.
HTH,
David
-
Get the Sharing Tab to recognize your new Apache install
2003-01-30 12:07:37 anonymous2 [Reply | View]
here are the steps
edit httpd.conf
1. change Users and Groups to www
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# . On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group nobody on these systems!
#
User www
Group www
2. Change Pidfile to /private/var/run/httpd.pid
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
#
PidFile /private/var/run/httpd.pid
3. edit apachectl and change path to pid file
# the path to your PID file
PIDFILE=/private/var/run/httpd.pid
4. make sure /System/Library/StartupItems/Apache/Apache looks something like this ($WEBSERVER vars must be used)
#!/bin/sh
##
# Apache HTTP Server
##
. /etc/rc.common
StartService ()
{
if [ "${WEBSERVER:=-NO-}" = "-YES-" ]; then
ConsoleMessage "Starting Apache"
/usr/local/apache/bin/apachectl start
fi
}
StopService ()
{
ConsoleMessage "Stopping Apache"
/usr/local/apache/bin/apachectl stop
}
RestartService ()
{
if [ "${WEBSERVER:=-NO-}" = "-YES-" ]; then
ConsoleMessage "Restarting Apache"
/usr/local/apache/bin/apachectl restart
else
StopService
fi
}
RunService "$1"
-
No go with Apache2/Panther
2004-03-05 06:01:16 gavin@refinery.com [Reply | View]
In step #3 above, the apachectl for Apache2 does not seem to have any such setting. Following the directions (with the exception of that step) failed to allow the Sharing tab to control my Apache2 install under MacOS X 10.3.2
-
DSO modules missing and reading wrong conf file
2003-01-22 00:51:00 anonymous2 [Reply | View]
Whcn I check my httpd.conf file in /usr/local/apache/conf/httpd.conf file all of the DSO modules that I am accustomed to seeing are not there. Not just commented out, simply not there. Same goes for AddModule. In addition it seems that apachectl is reading the /etc/httpd/httpd.conf file instaed of the one in it's directory. Any ideas?
Thanks,
Kevin
-
integration with Personal Web Sharing
2003-01-06 09:24:40 bripakes [Reply | View]
I installed ServerLogistics Apache2 package and I am trying to set it up so that Personal Web Sharing starts Apache2 instead of Apple's Apache.
The instructions in this article were very helpful, but do not explain the modifications needed to make it work with PWS.
Anyone done this?
If I create a symlink called "apachectl" and place it in /usr/sbin, Apache2 will start up, but the GUI (PWS) never acknowledges it has started. In fact, quitting SysPrefs and then going back to PWS shows PWS is OFF (when in fact Apache2 is running!!)
Any help would be greatly appreciated.
Brian -
integration with Personal Web Sharing
2003-01-07 05:44:32 joeateb [Reply | View]
If you follow the instructions in this article, you end up running your web server "internally". I think if you follow the instructions on the last page of this article it will allow you to start the server with the PWS switch. You also need to edit the httpd.conf file to point to the directory normally used for the PWS. "/Library/WebServer/Documents"
-
configure???
2002-12-27 21:17:00 joeateb [Reply | View]
I got through the first article and have set up my own Apache server with mod_perl. In fact I am using it to serve a site I am developing for my son. http://www.jimmysstickershack.com I was able to get the new server running and displaying pages but I have got a couple of things I need to resolve.
First; how do I get the server to serve a page from a subdirectory?
Second; I was trying to follow the mod_ssl development and ran into a problem at the section (pg2) where you type:
% ./configure \
--with-layout=Apache \
--enable-module=so \
--enable-module=ssl \
--enable-shared=ssl \
--activate-module=src/modules/perl/libperl.a \
--disable-shared=perl \
--without-execstrip
% make
terminal reports: no command ./configure
I'm now lost....
-
configure???
2003-01-02 11:52:49 Theory [Reply | View]
<blockquote>First; how do I get the server to serve a page from a subdirectory?</blockquote>
What do you mean by "a subdirectory?" If you put documents into a subdirectory of your document root (which by default should be
/usr/local/apache/htdocs), it should work provided that the permissions on the directory and its contents are such that the user "nobody" can read them.
<blockquote>terminal reports:no command ./configure
</blockquote>
Really? Are you in the Apache source code directory? The
configurescript should just be there and work. If somehow its executable bit was unset, you could trysh configure ..., instead.
HTH,
David
-
configure???
2003-01-06 07:42:37 joeateb [Reply | View]
Actually, I was in the wrong directory and when I got in the correct one, the server configured. But I am concerned about Perl messages now.
I don't know if it's because of my mod_perl installation or because I installed Carbon Copy Cloner which uses PSYNC. But I now get perl warnings about locale settings LC_ALL. And I don't know how to correct it to eliminate them. Unix and Apache and Perl are fun, but they are starting tp make my hair hurt. -
configure???
2003-01-03 11:29:53 joeateb [Reply | View]
BTW do I need to do mod_dav to get back my Adobe Work Group Server capabilities? I seem to have lost them turning on the new server.
Joe -
configure???
2003-01-03 11:18:19 joeateb [Reply | View]
<blockquote>What do you mean by "a subdirectory?" If you put documents into a subdirectory of your document root (which by default should be /usr/local/apache/htdocs), it should work provided that the permissions on the directory and its contents are such that the user "nobody" can read them.</blockquote>
Actually I went into the Apache config file and changed where it serves from to the directory that was used for the original server /Library/WebServer/Documents because I had already set up a site there. And actually after doing a little more with the config file, I think I cured the problem.
<blockquote>
Really? Are you in the Apache source code directory? The configure script should just be there and work. If somehow its executable bit was unset, you could try sh configure ..., instead.
</blockquote>
I'll give this a shot this weekend if I get a chance.
Thanks for your response.
Joe
-
configure???
2003-01-07 06:08:30 joeateb [Reply | View]
Over the last weekend I went back and redid the whole thing and everything appeared to work as far as the builds were concerned. I went to Verisign and got a 14 day trial certificate and when I did the "Make Certificate" command it said I was successful and when I ran the make and install commands for the server the new httpd.conf file appears to have the certificate information integrated into it. I can get it to start in ssl but when I try to use https:// I get an encryption failure message.
The config file points to a "server.crt" file and a "server.key" which are not the original names I used in the "make certificate" process. In an attempt to get it to work I moved the original .crt and .key files to the directories and changed the config file to point to them instead but that lead to the same encryption failure message.
2 steps forward, 1 step back.
suggestions please.
