Compile and Install Apache, PHP, MySql Client, PHPAdmin Amazon AWS AMI for DrupalPosted: February 27, 2012
We are launching a Drupal web site and as per best practices require that the web server be built only with the relevant modules required. This mean compiling the Apache code from source, to achieve this there are a few steps to go through as you would expect.
This is also running on the Amazon AWS platform and therefore additional packages need to be installed as some of the base images are very vanilla. The install is based in the Centos based Amazon AMI.
Again as always apology for some of the basic nature of the syntax i.e. cd .. but these guides are meant for all levels of Linux user and I only class myself as intermediate at best.
Please note that some of the configuration has – – but Word Press displays — this affects the copying of the syntax. So please be aware that you will have to change these parts after you have copied and pasted
You need the following packages on the server to complete the installation
yum install gcc make libtool gcc-c++ pcre pcre-devel zlib-devel
If you plan on using PHP you will need
yum install libxml2 libxml2-devel
If you plan on using mysql with the installation (please note that this will just load the client as my mysql server in on another server)
Experimental at the moment, I started to install Drupal and found I needed mysqli, this appear to be bundled with mysql-server
yum install mysql mysql-devel mysql-server
The start of the installation
download the apr and apr-utility
wget http://mirrors.ukfast.co.uk/sites/ftp.apache.org//apr/apr-1.4.6.tar.gz wget http://mirrors.ukfast.co.uk/sites/ftp.apache.org//apr/apr-util-1.4.1.tar.gz tar xzvf apr-1.4.6.tar.gz tar xzvf apr-util-1.4.1.tar.gz
./configure make make install
cd apr-util-1.4.1 ./configure --with-apr=/usr/local/apr
To ensure that the server starts make sure you use this command, this creates all the links required for the shared libraries.
To install the Apache server
The is some notes here that you need to read
PHP 5.3.x does not work with Drupal 6.x and therefore we need to install PHP 5.2.x as will be seen below. The trouble is that 5.2.x will only run on Apache 2.2.x so be careful which way you are going.
Using PHP 5.2.x
tar zxvf httpd-2.2.22.tar.gz
./configure --enable-so \ --enable-authz_host=shared \ --enable-mod_dir=shared \ --enable-log_config=shared \ --enable-mime=shared \ --enable-rewrite=shared \ --enable-setenvif=shared \ --enable-alias=shared \ --enable-expires=shared \ --enable-headers=shared \ --enable-deflate=shared \ --enable-include=shared \ --with-included-apr=/usr/local/apr
Using PHP >= 5.3.x
tar zxvf httpd-2.4.2.tar.gz
./configure --prefix=/opt/httpd \
./configure --enable-so \ --enable-authz_host --enable-mod_dir --enable-log_config \ --enable-mime --enable-rewrite --enable-setenvif --enable-alias \ --enable-expires --enable-headers --enable-deflate --enable-include \ --with-included-apr=/usr/local/apr
Note the /opt/httpd (I can not find anywhere a best practice on where to compile the installation so I have chosen /opt as this is for none base packages and even though Apache is always linked with Linux it could be considered third party 🙂 ). If there is anyone who disagrees please let me know and I will change the instructions accordingly.
I found out that if you leave the prefix out you get the default install which is never a bad thing. It will install it in /usr/local/apache2
To test if the server starts
./apachectl -k start
Web browse to the server and a page displaying It Works! should appear
./apachectl -k stop
Now the PHP installation
PHP 5.3 or above does not work on Drupal 6 TAKE NOTE this was one that caught me
tar xzvf php-5.2.17.tar.gz
tar xzvf php-5.3.10.tar.gz
OK if you are using this for a Drupal installation opposed to just getting PHP and Apache on your server then you may need some of the following libraries and bits and pieces.
For mcrypt support
yum intall php-mycrypt
curl and soap are required for Drupal also
yum install libcurl libcurl-devel php-curl php-soap
Image processing via the GD libraries
yum install php-gd cd ~
cd software wget http://www.ijg.org/files/jpegsrc.v8d.tar.gz tar -xvzf jpegsrc.v8d.tar.gz
cd jpeg-8d ./configure --enable-shared make make install
cd ~ cd software wget http://prdownloads.sourceforge.net/libpng/libpng-1.5.11.tar.gz?download tar -xvzf libpng-1.5.11.tar.gz cd libpng-1.5.11 ./configure make make install
cd ~ cd software wget http://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/libmcrypt-2.5.8.tar.gz/download tar -xvzf libmcrypt-2.5.8.tar.gz cd libmcrypt-2.5.8 ./configure --disable-posix-threads make make install cd ~ cd software wget http://sourceforge.net/projects/mhash/files/mhash/0.9.9.9/mhash-0.9.9.9.tar.gz/download tar xzvf mhash-0.9.9.9.tar.gz cd mhash-0.9.9.9 ./configure make make install
cd ~ cd software wget http://sourceforge.net/projects/mcrypt/files/MCrypt/2.6.8/mcrypt-2.6.8.tar.gz/download tar xvzf mcrypt-2.6.8.tar.gz cd mcrypt-2.6.8 export LD_LIBRARY_PATH=/usr/local/lib ./configure make make install
There was an error when trying to use Drupal in that it needed mysqli connection. Ammened 1st May 2012, some of this was taken from the MySQL reference Enabling Both
mysqli in PHP the other bits were as before
Use this for no Drupal installs or if you do not require GD library, curl, SOAP etc..
cd ~ cd software/php-5.2.17 ./configure --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/include/mysql --with-mysqli=/usr/bin/mysql_config
If you need all the modules then.
This has been after multiple attempts to get this correct
cd ~ cd software/php-5.2.17 ./configure --with-apxs2=/usr/local/apache2/bin/apxs --with-mysql=/usr/include/mysql \ --with-mysqli=/usr/bin/mysql_config --with-curl --with-gd --with-jpeg-dir=/usr/local/lib \ --with-png-dir=/usr/local/lib --with-zlib-dir=/root/software/php-5.2.17/ext \ --with-mcrypt=/usr/local/lib --enable-mbstring --enable-soap
Straight from the reference
THIS PART IS VERY IMPORTANT
I had some issue with the make file as I had done the configuration many time and also the make command. I got an error. This turned out to be an issue with the –with-mcrypt line in the configure command, there is no other reference that I could find on the internet.
This I found out later was due to yum install mycrypt etc.. being run. if you compile from source this error is not seen. But for those of you that already have this issue, here is what it is and how to get around it.
The error is
/usr/bin/ld: cannot find -lltdl
collect2: ld returned 1 exit status
make: *** [sapi/cli/php] Error 1
When you configure the PHP it adds the following entry to the the EXTRA_LIBS line, -lltdl
This entry needs removing as it you will not be able to make the PHP installation. You just need to delete the -lltdl element, everything else can stay.
Makefile and search for a line that starts with
EXTRA_LIBS. It might look like this (all on one line):
EXTRA_LIBS = -lcrypt -lcrypt -lmysqlclient -lz -lresolv -lm -ldl -lnsl -lxml2 -lz -lm -lxml2 -lz -lm -lmysqlclient -lz -lcrypt -lnsl -lm -lxml2 -lz -lm -lcrypt -lxml2 -lz -lm -lcrypt
Remove all duplicates, so that the line looks like this (all on one line):
EXTRA_LIBS = -lcrypt -lcrypt -lmysqlclient -lz -lresolv -lm -ldl -lnsl -lxml2
Find the line that needs changing
Copy the line and paste it
Put a # against the old line, this will comment it out
My file now looks like this
#EXTRA_LIBS = -lcrypt -lcrypt -lrt -lmysqlclient -lmcrypt -lgd -lpng -lz -ljpeg -lcurl -lz -lresolv -lm -ldl -lnsl -lxml2 -lz -lm -lcurl -lxml2 -lz -lm -lmysqlclient -lz -lm -lrt -lssl -lcrypto -ldl -lxml2 -lz -lm -lxml2 -lz -lm -lcrypt -lxml2 -lz -lm -lxml2 -lz -lm -lxml2 -lz -lm -lcrypt
EXTRA_LIBS = -lcrypt -lrt -lmysqlclient -lmcrypt -lgd -lpng -lz -ljpeg -lcurl -lresolv -lm -ldl -lnsl -lxml2 -lrt -lssl -lcrypto
NOTE that even though the first lins is shown on 2 lines it is one line in the file
NOTE about the make and build of PHP, this is an error you mat get and some good practice as well.
It maybe a good idea to always do a make clean if you have used multiple configure and make command to get something working.
I then continued as you would a normal build.
make make test (this take about 30 minutes as at the time of writing there were 7900 tests) make install
cp php.ini-recommended /usr/local/lib/php.ini
cp php.ini-production /usr/local/lib/php.ini
Now Apache needs to understand what to do with a php file, this involves editing the httpd.conf file
cd /usr/local/apache2/conf vi httpd.conf
Make sure that the following line is included
LoadModule php5_module modules/libphp5.so
You must then add the following lines
Whilst in this file, if you are using php the chance are that your fist page will be index.php you need to ammend the following for index.php to be called
Find the following (hint /DirectoryIndex)
And change it to
Another little issue I came across is that Drupal uses .htaccess files and so that your server does not ignore the .htaccess file you must change the configuration in httpd.conf file also
Find the entry
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be “All”, “None”, or any combination of the keywords:
# Options FileInfo AuthConfig Limit
and change the line to
Apache will now use the .htaccess file rules.
You will need to revisit this file again to setup virtual directories but we will leave this until later
Save the file and then start the web server
cd /usr/local/apache2/bin ./apachectl -k start
To test to see if php is working
echo "<?php" > /usr/local/apache2/htdocs/phpinfo.php echo "// Show all information, defaults to INFO_ALL" >> /usr/local/apache2/htdocs/phpinfo.php echo "phpinfo();" >> /usr/local/apache2/htdocs/phpinfo.php echo "// Show just the module information." >> /usr/local/apache2/htdocs/phpinfo.php echo "// phpinfo(8) yields identical results." >> /usr/local/apache2/htdocs/phpinfo.php echo "phpinfo(INFO_MODULES);" >> /usr/local/apache2/htdocs/phpinfo.php echo "?>" >> /usr/local/apache2/htdocs/phpinfo.php
chmod 755 phpinfo.php
This should lost all the modules that are active, make sure that GD library, mcrypt and all the components that should be loaded from your configure command are active.
Open the address of the server in web browser remembering to end in phpinfo.php. You should see a web page of information regarding the installation. If you are successful then DELETE the phpinfo.php file.
Now we want to change the user who runs the web server to apache.
groupadd apache useradd -g apache apache
chown -R apache:apache apache2/
I have noticed some things referrer to apache opposed to apache2, link the directories to fix this
ln -s /usr/local/apache2 apache
Change the user that will run the server in the conf file
Amend the following lines
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
Change these lines to read
Restart the web server
To install phpadmin
tar xzvf phpMyAdmin-220.127.116.11-english.tar.gz
mv phpMyAdmin-18.104.22.168-english phpMyAdmin
cp -R phpMyAdmin /usr/local/apache2/
ln -s /usr/local/apache2/phpMyAdmin xxxxxxxxxxxxx
Where xxxxxxxxxx is a more secured named folder
chown -R apache:apache phpMyAdmin
chown -R apache:apache config
chmod o+rw config
cp config.sample.inc.php config/config.inc.php
chmod o+rw config/config.inc.php
Navigate to the address http:/xxxxxxxx/yyyy/setup/index.php
where xxxxxxxxxx is the ip of host name and yyyy is the symbolic link created in the steps above. This will display the phpAdmin screen
You will get an error regarding not having the GZIP, BZIP and ZIP enabled, this is because we compiled PHP without these requirements. If you want the functionality you will need to recompile PHP and install it again.
Use the ./configure line that you used above but add these too it as well
--with-bz2 --with-zlib --enable-zip
Click New Server and fill in the areas that are required. This post does not go into these areas as my knowledge of phpAdmin is limited. Once the configuration file has been created, follow the instructions below
mv config.inc.php ../
chmod 400 config.inc.php
chown apache:apache config.inc.php
Navigate to http:/xxxxxxxx/yyyy/index.php
The login details are the credentials that you created for the mysql server. There are bits and pieces that need further installation to make phpAdmin work 100% but that is for another post 🙂
To install webmin
tar xzvf webmin-1.580.tar.gz
If you are using Drupal then you will also need the phpMailer scripts. You must have first installed Drupal before you do this. This is just a little tag on as I need this functionality and for completeness have added it.
tar -xvzf phpmailer-0.9.tar.gz
chown -R apache:apache phpmailer
mv phpmailer /usr/local/apache2/xxxxx/sites/all/libraries/
You may want to install a PHP cache engine, there are a few out there xcache, eaccelerator, APC. I chose xcache as it is supposed to be the best at the moment. For the installation of xcache
One final note regarding the installation from hell pertaining to the Drupal install is, once installed go to your web address:
Login with your password and this will indicate if you have everything installed correctly.
I may write about how you should install Drupal in another instalment, we were give the code and site from our developers and so I have no knowledge yet of how you configure the software.
For info I will post the two config files, http.conf and .htaccess as examples of what this stuff should look like.
Now that you have a working server you just need to at the files to the htdocs directory /usr/local/apacge2/htdocs.
Remember to chown -R apache:apache the directory name, this is if you have followed the instructions above and created the apache user.
Now that we have a working web server etc.. we need to lock the server down to a degreee. This is done with the creation of virtualhost in the httpd.conf file. More about how to configure VirtualHosts
The final part of the puzzle is to install and configure iptable to only allow 80,443,22,20,21 into the server and not allow any ports outbound except 22,80,443 again this is outside the scope of this post.
Hope that this helps and as always drop me a line if you spot and error or have some better suggestions.
Good luck and as I find new things out then you will be the first to know (well the second after me 🙂 )