Apache

From DUNE
Jump to navigation Jump to search

Installation

On Ubuntu:

sudo apt-get install apache2 # Apache
sudo apt-get install libapache2-mod-wsgi-py3 # mod_wsgi for Python3

Start-Stop-Restart

Ubuntu

To start/stop/restart Apache 2 web server, enter one of the commands in each category:

### START
/etc/init.d/apache2 start
sudo /etc/init.d/apache2 start
sudo service apache2 start
### STOP
/etc/init.d/apache2 stop
sudo /etc/init.d/apache2 stop
sudo service apache2 stop
### RESTART
/etc/init.d/apache2 restart
sudo /etc/init.d/apache2 restart
sudo service apache2 restart

System status:

systemctl status apache2.service


CentOS/RH

On RedHat Linux, the name of the daemon is httpd. Also, "service" command may be aliased to systemctl.

systemctl status -l httpd.service # or:
sudo systemctl start httpd.service

Apache Configuration

General Items

KeepAlive sets the tradeoff between memory and CPU usage by Apache.

Serving static files: https://docs.djangoproject.com/en/1.10/howto/deployment/wsgi/modwsgi/#serving-files

Official Layout of the Config Files: https://wiki.apache.org/httpd/DistrosDefaultLayout This, however, is not written in stone. Some details are given below.

Ubuntu

See /etc/apache2/apache2.conf

Snippet from 000-default.conf on Ubuntu:

        ServerName promptproc
        ServerAlias promptproc


        WSGIScriptAlias / /home/maxim/projects/p3s/promptproc/promptproc/wsgi.py

        Alias /static/ /var/www/static/
        <Directory /var/www/static>
        Require all granted
        </Directory>

        <Directory /home/maxim/projects/p3s/promptproc/promptproc>
        <Files wsgi.py>
        Require all granted
        </Files>
        </Directory>

The "static directory must contain static content such as themes for the tables2 package. Keep in mind that while this is served automatically by the Django development server, it's not the case under Apache.


The file wsgi.conf needs to contain a reference to Python runtime like:

WSGIPythonPath /home/maxim/.local/lib/python3.5/site-packages

CentOS

See /etc/httpd/. Examples:

[mxp@neutdqm p3s]$ ls /etc/httpd/
conf  conf.d  conf.modules.d  logs  modules  run
[mxp@neutdqm p3s]$ ls /etc/httpd/conf.d/
autoindex.conf  django.conf  php.conf  README  userdir.conf  welcome.conf
[mxp@neutdqm p3s]$ ls /etc/httpd/conf/
httpd.conf  magic

Permissions

In addition to granting permissions in the Apache configuration file (an example is given below), correct permissions need to be set for the directory tree containing wsgi.py and other crucial files. If for example the tree is contained in your home directory and it's not readable to others, it won't work. One example (perhaps not the best) of how to make it work is to set 755 to your home dir.

On top of that, SELinux will impose it's own restriction. See:

getenforce

If it shows "Enforcing", try

sudo setenforce 0

mod_wsgi

  • When using mod_wsgi one has to make sure the version matches the Python version, this needs to be specified when mod_wsgi is installed (see "Installation" above). You can use "ldd" on mod_wsgi.so to check dependencies including python version required. There is a possibility that mod_wsgi you installed has a long library name containing various metadata, and there is also still an older mod_wsgi file that get loaded instead. This needs to be taken care of.
  • https://www.sitepoint.com/deploying-a-django-app-with-mod_wsgi-on-ubuntu-14-04/
  • Methods of setting up the environment for wsgi described in the current Django documentation may or may not work on a particular installation/release/distro affiliation of Apache due to a few subtle bugs and relative complexity of *.conf and related files
  • If you decide to build mod_wsgi from source, make sure your Python was also built from source with "./config -enable-shared" option
  • It's easy to miss the fact that one segment of the path leading to wsgi.py doesn't have the right permissions, while httpd is run by user apache (or similar)

If you are willing to brave building mod_wsgi from source, here is a template:

wget -q "https://github.com/GrahamDumpleton/mod_wsgi/archive/4.4.21.tar.gz"
tar -xzf '4.4.21.tar.gz'
cd ./mod_wsgi-4.4.21
./configure --with-python=/usr/local/bin/python3.5
make
make install

Ports and Firewalls

SELinux may prevent you from configuring Apache with a non-standard port. Useful commands:

semanage port -l # list ports
semanage port -a -t http_port_t -p tcp 81 # add a rule

List ports

sudo nmap -sT -O localhost
# or
sudo lsof -i

In addition to that, CentOS "may" have firewall settings which are beyond and above what you can learn with the tools listed above. See http://ask.xmodulo.com/open-port-firewall-centos-rhel.html. To check the firewall rules:

$ sudo iptables -L 

To open port 80 permanently:

$ sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
$ sudo firewall-cmd --reload

Deploying DB for Django

sqlite permissions

Assuming you are using sqlite, the file permissions on the DB file do matter if when you deploy under Apache. So you either need to set wide permissions (may not be a good idea depending on the security situation) or change the owner to "www-data" (on Ubuntu) or "apache" (on CentOS). Other OS may require similar tweaks.

PostgreSQL

An example of the "settings.py" clause:

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': 'foo',
        'USER': 'bar',
        'PASSWORD': '***',
        'HOST': '',
        'PORT': '',
    }
}