Web Servers
From SeedWiki
Following pathnames, commands etc are for current biospike configuration (Centos 5 on x86). This list is bound to be incomplete. A handy command to search for files is "locate" along with updatedb. This is much faster than find.
Contents |
Biospike Restart
- SELinux Don't know what it is or why it is. But to enable softlinks in apache, you need to set SELinux to permissive. Do this using "Security Level and Firewall". This needs to be after every reboot.
- Port Forwarding To make openid work, I need to host web page on port 80. But running Tomcat on port 80 is not a good idea in general and while developing tomcat applications it is particularly tricky. Tomcat can be run without root privilege using port forwarding. Here all the packets coming in at port 80 are forwarded to port 8080. One way is to use mod_jk in Apache, but it would mean running Apache. The other way is to use iptables and is the way recommended on the web. It took me some time to get it work for our configuration, but here are the commands.
* /sbin/iptables -D RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited * /sbin/iptables -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT * /sbin/iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited * With these 3 commands we have opened the port 8080 in the firewall. * /sbin/iptables -t nat -A PREROUTING -j REDIRECT -p tcp --destination-port 80 --to-ports 8080 * /sbin/iptables -t nat -A OUTPUT -j REDIRECT -p tcp --destination-port 80 --to-ports 8080 -d 127.0.0.1 * /sbin/iptables -t nat -A OUTPUT -j REDIRECT -p tcp --destination-port 80 --to-ports 8080 -d 132.239.95.201 * Forwards packets arriving port 80 to 8080. * /sbin/iptables-save
I think these commands have to be executed after every reboot.
Apache
- Configuration file /etc/http/conf/httpd.conf
- start/stop: /etc/init.d/httpd restart|stop|start or /sbin/services httpd restart|stop|start
- module location /usr/lib64/httpd/modules
- log files: /var/log/httpd/
- Installation: Comes by default with CentOS
Tomcat 5
- Installation: Install jdk 5/6. I think I installed java using the default yum repository.
- Installation location: If installed using yum, this location is different from what people say on web. It's in /usr/lib/tomcat5.
- Configuration files are in /etc/tomcat5/
- start/stop: /etc/init.d/tomcat5 restart|stop|start or /sbin/services tomcat5 restart|stop|start
Tomcat 6
- To install it, you need to add a repository. A good description is available here.
- After installation, I had some trouble getting it started. I got an error in /var/log/tomcat6/catalina.out saying
Apr 19, 2010 10:42:17 AM org.apache.catalina.core.StandardServer awaitSEVERE: StandardServer.await: create[8005]:java.net.BindException: Address already in use
This is because some other process was listening on port 8005. Don't know what. People suggested that I kill the process thats using that port. To find the process that's using the port use netstat -lpn | grep 8005. But if you kill this process it gets respawned. So I killed it's parent. Hopefully I haven't messed up anything like seLinux. But after killing, restarting tomcat6 works fine.
- Paths are similar to tomcat5.
mod_jk
This is a module to run tomcat behind Apache. Why do we need both? I don't know. Right now, we are planning to just use tomcat6 because that way it's easier to maintain and more secure.
- Download a 64 bit compiled mod_jk.so file. Search to find out how to get it. To install it simply put the .so file into apache modules folder. Find instructions online on how to make it work. They are pretty involved but still they worked in the first try.
mod_auth_openid
Apache module for openID. Instructions on the [website http://trac.butterfat.net/public/mod_auth_openid] and the mailing list should be sufficient to get it work. But I could not get the part where you can access the email id of the user to work.
--Mayank Kabra 18:19, 19 April 2010 (UTC)
