With the rack where UY1 lived going dark the call was made for to stand up an interim server "anywhere online" and so the interim host 'anyserver' was stood up. The server was sourced from a Kansas City based operation calling itself "Wholesale Internet" where I in the past have stoop up a box to run a trb node. Before getting to the recipe I want to collect a few general points about the host 'anyserver':
Notes On And Terms For Using 'anyserver'
- As 'anyserver' was Fast and Cheap, I have reservations about its potential to be good or great. This is intended as a strictly interim solution to bring blogs out of the dark until the space is sufficiently explored and plumbed for better solutions.
- As 'anyserver' is materially different from the currently dark UY1 shared server, especially for fact I can't take a leisurely walk over to see it, touch it, and grab backups... Folks who had blogs on Pizarro shared hosting need to explicitly request interim hosting on 'anyserver'.
- I am extending the offer to host on 'anyserver' as a courtesy, it is not a continuation of Pizarro shared hosting. For this reason and to give 'anyserver' the best chance to keep blogs online, accounts granted on 'anyserver' are to be used for blogs only. NO IRC BOUNCERS ON 'anyserver'! Especially no uncloaked irc bouncers. Anyone caught running an IRC bouncer from 'anyserver' without being able to cite a line in a logged channel where I offer permission for them to do by name so will be invoiced 2 BTC1 and find their account on 'anyserver' terminated.
- As this is an interim hosting solution, I am not inclined to put any blog on 'anyserver' that has already found another interim hosting solution. At least not without a compelling case being made, in a logged channel.
- I plan to keep anyserver running in its present role for 3 months. During this time I will issue no invoices for 'anyserver' hosting. If no in WoT alternative emerges in 3 months I may extend the courtesy of hosting on anyserver longer. If there is an in WoT alternative or alternatives at that time I expect folks to make arrangements to move their www sites.
- As I can't simply walk over and take a backup, folks need to take their own backups. If you publish a post grab a database dump, etc.
On To LAMP Building
One nice thing about CentOS is that it sticks to older versions of software. The downside is these are the wrong old versions. To set up 'anyserver' apache 2.2.34,2 php 5.6.40,3 and Mysql 5.5 were selected. The apache and php versions were selected for being 'end of life' releases, the mysql version was selected because going older than 5.5 means some blogs would need their character set encoding flags changed. Instructions for building an apache and php that work together were cribbed from the php.net instructions (archived).
The tarballs used and sha256 hashes offered with the downloads from where they were taken in the wild.
Apache 2.2.34 sha256 a89196d2f8c1ec2b213180dba2b534153b87dbb51d5cd2c90cd3feff7700d07b (sha256 page archived)
PHP 5.6.40 sha256 56fb9878d12fdd921f6a0897e919f4e980d930160e154cbde2cc6d9206a27cac (download page archived)
Once you have the tarballs in your working directory
them and start with apache because php will need to build against the apache.
cd httpd-2.2.34 ./configure --prefix=/usr/local/apache2 --enable-mods-shared="all" make make install
Might as well build all of the mods up front whether the plan is to actually have apache load them or not. On to php:
cd php-src-php-5.6.40 ./buildconf --force ./configure --prefix=/usr/local/php --enable-fpm --disable-short-tags --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql --with-pcre-regex --with-zlib --enable-bcmath --with-bz2 --enable-calendar --with-curl --enable-exif --with-gd --enable-intl --enable-mbstring --enable-pcntl --with-pdo-mysql --enable-soap --enable-sockets --with-xmlrpc --enable-zip --with-jpeg-dir --with-png-dir make clean make make install libtool --finish /[workingdirpath]/php-src-php-5.6.40/libs cp php.ini-production /usr/local/lib/php.ini
Along the way here php will prompt you with a strong suggestion to run some tests. It takes time, but I recommend doing the tests. At this point you should have a php that's linked into apache2 and ready for MySQL. Less flags can be used as long as --with-apxs2=/usr/local/apache2/bin/apxs and --with-mysql are present. How many other configure flags can be stripped out while enabling a pleasant MP-WP environment is a question open for exploration. It's time to check php.ini for insanity, set your max file upload size, and get all that out of the way.
Find or write and init script so the init system can manage apache. I lack confidence in this area to specify a particular one at this time. Use it to manage apache.
Play with the your apache.conf file. Important thing include enabling modules:
LoadModule authz_host_module modules/mod_authz_host.so LoadModule log_config_module modules/mod_log_config.so LoadModule alias_module modules/mod_alias.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule php5_module modules/libphp5.so
These are going to need to be loaded at a minimum. Depending on what you are trying to do more are likely to be beneficial depending on your use case. Other things to have:
User apache Group apache
Making sure apache has its own user and group.
Order allow,deny Deny from all Satisfy All
This keeps apache from serving .htaccess files.
# # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs/2.2/mod/core.html#options # for more information. # Options Indexes FollowSymLinks # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride all # # Controls who can get stuff from this server. # Order allow,deny Allow from all
Reasonable defaults for a directory serving files. Allows more specific .htaccess rules to be used for MP-WP. There's other options to explore. Now you can throw up a test index.php file in your web root. Apache and php should be singing together. If they aren't leave a comment.
Now you install MySQL. Some 5.5.x where x>3 should be fine. Going older can be fine. Just get a MySQL going and note where my.conf is. Go into my.conf and add the following two lines.
# Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0 default-storage-engine = MyISAM bind-address=127.0.0.1
Unless you are intentionally doing a clustered setup, only the localhost should be talking to MySQL. If you are using MySQL for MP-WP MyISAM is a good storage engine that realsonably balances caching and RAM use. Depending on your version of MySQL MyISAM may already be the default, still best practice is to declare these things explicitly. Then take MySQL through its setup script setting a root password, doing the initial hardening, etc.
Now add a MySQL user and database.
create database name; create user 'username'@'localhost' identified by 'longpasswordstring'; grant all privileges on name.* to 'username'@'localhost';
If you have a MySQL dump to populate the database follow up with:
mysql -uusername -p name < your.sql
Now setup your apache vhost, if you will be managing your site that way instead of straight out of httpd.conf with a stanza like:
ServerName site.net ServerAlias www.site.net DocumentRoot "/path/www" LogFormat "%h %l %u %t \"%r\" %>s %b" common CustomLog /path/wwwlogs/access.log common ErrorLog /path/wwwlogs/error.log KeepAlive Off LogLevel info AllowOverride All Options FollowSymlinks Order allow,deny Allow from all DirectoryIndex index.php index.htmlLogLevel warn
and start up your apache.
service httpd start
Things should click and the blog should sing. If not check the error log. If the error log is empty make sure apache can write it, and repeat.
- As access to 'anyserver' is being extended as a courtesy to bring blogs online, abusing this courtesy and undermining the cause by running an entirely different kind of target known to draw aggro is indeed an abuse. I will extend a grace period of up to 48 hours after the publication of this piece where I will merely kill running IRC processes. After that the options are pay up, maybe negotiate a settlement, or eat a -10 rating. Failure to read is not a defense. This is not an "I don't like irc bouncers" thing. This is a "Fuck you for making a target rich environment still more target rich along a line actively drawing aggro" penalty. [↩]
- This is the last version that supports .htaccess allow/deny statements to be used out of the box. [↩]
- Selected since the MP-WP V tree produces an MP-WP that lives on php 5.6 already [↩]