Apache2 is een webserver.
In augustus 2010 had apache een marktaandeel van 63% wereldwijd. Apache werd ontwikkeld in 1995 voor het toen nog prille world wide web, onder het al even prille Linux. De naam komt van 'a patchy server' toendertijd een gevolg van het bij mekaar gooien van heel wat patches van NCSA webserver en talloze daaropvolgende patches om tot een stabiele server te komen.
-
apache2 installeren
# apt-get install apache2
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
apache2-mpm-worker apache2-utils apache2.2-bin apache2.2-common
Suggested packages:
apache2-doc apache2-suexec apache2-suexec-custom
The following NEW packages will be installed:
apache2 apache2-mpm-worker apache2-utils apache2.2-common
The following packages will be upgraded:
apache2.2-bin
1 upgraded, 4 newly installed, 0 to remove and 301 not upgraded.
Need to get 1,819kB of archives.
After this operation, 2,675kB of additional disk space will be used.
Do you want to continue [Y/n]? y
WARNING: The following packages cannot be authenticated!
apache2.2-bin apache2-utils apache2.2-common apache2-mpm-worker apache2
Authentication warning overridden.
Get:1 http://ftp.debian.org testing/main apache2.2-bin 2.2.16-2 [1,344kB]
Get:2 http://ftp.debian.org testing/main apache2-utils 2.2.16-2 [164kB]
Get:3 http://ftp.debian.org testing/main apache2.2-common 2.2.16-2 [307kB]
Get:4 http://ftp.debian.org testing/main apache2-mpm-worker 2.2.16-2 [2,222B]
Get:5 http://ftp.debian.org testing/main apache2 2.2.16-2 [1,384B]
Fetched 1,819kB in 2s (615kB/s)
Reading changelogs... Done
(Reading database ... 105457 files and directories currently installed.)
Preparing to replace apache2.2-bin 2.2.16-1 (using .../apache2.2-bin_2.2.16-2_i386.deb) ...
Unpacking replacement apache2.2-bin ...
Selecting previously deselected package apache2-utils.
Unpacking apache2-utils (from .../apache2-utils_2.2.16-2_i386.deb) ...
Selecting previously deselected package apache2.2-common.
Unpacking apache2.2-common (from .../apache2.2-common_2.2.16-2_i386.deb) ...
Selecting previously deselected package apache2-mpm-worker.
Unpacking apache2-mpm-worker (from .../apache2-mpm-worker_2.2.16-2_i386.deb) ...
Selecting previously deselected package apache2.
Unpacking apache2 (from .../apache2_2.2.16-2_i386.deb) ...
Processing triggers for man-db ...
Setting up apache2.2-bin (2.2.16-2) ...
Setting up apache2-utils (2.2.16-2) ...
Setting up apache2.2-common (2.2.16-2) ...
Enabling site default.
Enabling module alias.
Enabling module autoindex.
Enabling module dir.
Enabling module env.
Enabling module mime.
Enabling module negotiation.
Enabling module setenvif.
Enabling module status.
Enabling module auth_basic.
Enabling module deflate.
Enabling module authz_default.
Enabling module authz_user.
Enabling module authz_groupfile.
Enabling module authn_file.
Enabling module authz_host.
Enabling module reqtimeout.
insserv: warning: script 'K01mintsystem' missing LSB tags and overrides
insserv: warning: script 'mintsystem' missing LSB tags and overrides
Setting up apache2-mpm-worker (2.2.16-2) ...
Starting web server: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
.
Setting up apache2 (2.2.16-2) ...
-
apache (re-)start
Dit hoeft normaal gezien niet te gebeuren. apt-get heeft dit reeds gedaan als alles goed is verlopen.
# /etc/init.d/apache2 restart
Restarting web server: apache2apache2:
Could not reliably determine the server's fully qualified domain name,
using 127.0.1.1 for ServerName
... waiting apache2:
Could not reliably determine the server's fully qualified domain name,
using 127.0.1.1 for ServerName
Deze melding kan je vermijden door in
/etc/apache2/sites-available/default
hetvolgende te plaatsen:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName localhost
DocumentRoot /home/www
<Directory />
Options FollowSymLinks
...
Het gaat echter een gewone warning en geen error. Je kon die trouwens ook al zien gedurende de installatie van apache.
-
testen
Surf nu met FIREFOX naar http://localhost
Je zou een eenvoudige website moeten zien "It Works !"
In lynx ziet onze website er als volgt uit:
$ lynx localhost
It works!
This is the default web page for this server.
The web server software is running but no content has been added, yet.
Commands: Use arrow keys to move,'?' for help,'q' to quit,'<-' to go back.
Arrow keys: Up and Down to move. Right to follow a link; Left to go back.
H)elp O)ptions P)rint G)o M)ain screen Q)uit /=search [delete]=history list
|
-
versie
U kan de versie van apache2 op scherm brengen met
# dpkg -l | grep apache
rc apache-common 1.3.34-4.1+etch1 support files for all Apache webservers
ii apache2 2.2.16-2+etch6 scalable, extendable web server
ii apache2-doc 2.2.16-2+etch6 documentation for apache2
ii apache2-mpm-prefork 2.2.16-2+etch6 Traditional model for Apache HTTPD 2.1
ii apache2-utils 2.2.16-2+etch6 utility programs for webservers
ii apache2.2-common 2.2.16-2+etch6 scalable, extendable web server
-
root-directory
De default website "It works!" is terug te vinden in de directory /var/www
Je kan de website aanpassen als root met vim op de file /var/www/index.html
-
binary en opstartscripts
apache2 komt met een binary: /usr/sbin/apache2
en een managementscript: /usr/sbin/apache2ctl
Dit laatste is vergelijkbaar met het opstartscript /etc/init.d/apache2 maar biedt meer mogelijkheden. Een extract uit de man pagina:
$ man apache2ctl
...
start
Start the Apache httpd daemon. Gives an error if it is already
running. This is equivalent to apachectl -k start.
stop
Stops the Apache httpd daemon. This is equivalent to apachectl
-k stop.
restart
Restarts the Apache httpd daemon. If the daemon is not running,
it is started. This command automatically checks the configura‐
tion files as in configtest before initiating the restart to
make sure the daemon doesn’t die. This is equivalent to
apachectl -k restart.
fullstatus
Displays a full status report from mod_status. For this to work,
you need to have mod_status enabled on your server and a text-
based browser such as lynx available on your system. The URL
used to access the status report can be set by editing the STA‐
TUSURL variable in the script.
status
Displays a brief status report. Similar to the fullstatus
option, except that the list of requests currently being served
is omitted.
graceful
Gracefully restarts the Apache httpd daemon. If the daemon is
not running, it is started. This differs from a normal restart
in that currently open connections are not aborted. A side
effect is that old log files will not be closed immediately.
This means that if used in a log rotation script, a substantial
delay may be necessary to ensure that the old log files are
closed before processing them. This command automatically checks
the configuration files as in configtest before initiating the
restart to make sure Apache doesn’t die. This is equivalent to
apachectl -k graceful.
graceful-stop
Gracefully stops the Apache httpd daemon. This differs from a
normal stop in that currently open connections are not aborted.
A side effect is that old log files will not be closed immedi‐
ately. This is equivalent to apachectl -k graceful-stop.
configtest
Run a configuration file syntax test. It parses the configura‐
tion files and either reports Syntax Ok or detailed information
about the particular syntax error. This is equivalent to
apachectl -t.
...
-
configuratiefiles
De apache2 configuratiebestanden zijn te vinden in de directory /etc/apache2
We bekijken ze even allemaal:
# ls -R /etc/apache2/
/etc/apache2/:
apache2.conf envvars mods-available ports.conf sites-enabled
conf.d httpd.conf mods-enabled sites-available
/etc/apache2/conf.d:
-rw-r--r-- 1 root root 269 2009-11-14 22:01 charset
-rw-r--r-- 1 root root 1464 2009-11-14 22:01 security
/etc/apache2/mods-available:
actions.load dav.load mime_magic.conf
alias.load dav_lock.load mime_magic.load
asis.load dav_svn.conf negotiation.load
auth_basic.load dav_svn.load php5.conf
auth_digest.load dbd.load php5.load
authn_alias.load deflate.conf proxy_ajp.load
authn_anon.load deflate.load proxy_balancer.load
authn_dbd.load dir.conf proxy.conf
authn_dbm.load dir.load proxy_connect.load
authn_default.load disk_cache.conf proxy_ftp.load
authn_file.load disk_cache.load proxy_http.load
authnz_ldap.load dump_io.load proxy.load
authz_dbm.load env.load rewrite.load
authz_default.load expires.load setenvif.load
authz_groupfile.load ext_filter.load sick-hack-to-update-modules
authz_host.load file_cache.load speling.load
authz_owner.load filter.load ssl.conf
authz_user.load headers.load ssl.load
autoindex.load ident.load status.load
cache.load imagemap.load suexec.load
cern_meta.load include.load unique_id.load
cgid.conf info.load userdir.conf
cgid.load ldap.load userdir.load
cgi.load log_forensic.load usertrack.load
charset_lite.load mem_cache.conf version.load
dav_fs.conf mem_cache.load vhost_alias.load
dav_fs.load mime.load
/etc/apache2/mods-enabled:
lrwxrwxrwx 1 root root 28 2010-05-25 21:09 alias.load -> ../mods-available/alias.load
lrwxrwxrwx 1 root root 33 2010-05-25 21:09 auth_basic.load -> ../mods-available/auth_basic.load
lrwxrwxrwx 1 root root 33 2010-05-25 21:09 authn_file.load -> ../mods-available/authn_file.load
lrwxrwxrwx 1 root root 36 2010-05-25 21:09 authz_default.load -> ../mods-available/authz_default.load
lrwxrwxrwx 1 root root 38 2010-05-25 21:09 authz_groupfile.load
-> ../mods-available/authz_groupfile.load
lrwxrwxrwx 1 root root 33 2010-05-25 21:09 authz_host.load -> ../mods-available/authz_host.load
lrwxrwxrwx 1 root root 33 2010-05-25 21:09 authz_user.load -> ../mods-available/authz_user.load
lrwxrwxrwx 1 root root 32 2010-05-25 21:09 autoindex.load -> ../mods-available/autoindex.load
lrwxrwxrwx 1 root root 26 2010-05-25 21:09 cgi.load -> ../mods-available/cgi.load
lrwxrwxrwx 1 root root 30 2010-05-25 21:09 deflate.conf -> ../mods-available/deflate.conf
lrwxrwxrwx 1 root root 30 2010-05-25 21:09 deflate.load -> ../mods-available/deflate.load
lrwxrwxrwx 1 root root 26 2010-05-25 21:09 dir.conf -> ../mods-available/dir.conf
lrwxrwxrwx 1 root root 26 2010-05-25 21:09 dir.load -> ../mods-available/dir.load
lrwxrwxrwx 1 root root 26 2010-05-25 21:09 env.load -> ../mods-available/env.load
lrwxrwxrwx 1 root root 27 2010-05-25 21:09 mime.load -> ../mods-available/mime.load
lrwxrwxrwx 1 root root 34 2010-05-25 21:09 negotiation.load -> ../mods-available/negotiation.load
lrwxrwxrwx 1 root root 27 2010-05-25 21:09 php5.conf -> ../mods-available/php5.conf
lrwxrwxrwx 1 root root 27 2010-05-25 21:09 php5.load -> ../mods-available/php5.load
lrwxrwxrwx 1 root root 31 2010-05-25 21:09 setenvif.load -> ../mods-available/setenvif.load
lrwxrwxrwx 1 root root 29 2010-05-25 21:09 status.load -> ../mods-available/status.load
/etc/apache2/sites-available:
-rw-r--r-- 1 root root 99 2010-05-03 14:19 cc1.cc.com
-rw-r--r-- 1 root root 79 2010-05-07 13:58 cmr
-rw-r--r-- 1 root root 99 2010-05-03 14:29 cmr.cc.com
-rw-r--r-- 1 root root 950 2009-11-14 22:01 default
-rw-r--r-- 1 root root 7366 2009-11-14 22:01 default-ssl
-rw-r--r-- 1 root root 187 2010-05-28 11:46 supernas
-rw-r--r-- 1 root root 82 2010-05-19 11:22 tcmr
-rw-r--r-- 1 root root 102 2010-05-19 11:24 tcmr.cc.com
/etc/apache2/sites-enabled:
lrwxrwxrwx 1 root root 26 2009-11-25 09:46 000-default -> ../sites-available/default
lrwxrwxrwx 1 root root 42 2010-05-03 14:24 cc1.cc.com -> ../sites-available/cc1.cc.com
lrwxrwxrwx 1 root root 22 2010-05-07 13:59 cmr -> ../sites-available/cmr
lrwxrwxrwx 1 root root 42 2010-05-03 14:30 cmr.cc.com -> ../sites-available/cmr.cc.com
lrwxrwxrwx 1 root root 27 2010-05-28 11:47 supernas -> ../sites-available/supernas
lrwxrwxrwx 1 root root 23 2010-05-19 11:25 tcmr -> ../sites-available/tcmr
lrwxrwxrwx 1 root root 43 2010-05-19 11:25 tcmr.cc.com -> ../sites-available/tcmr.cc.com
-
Een beknopte wegwijzer naar de configuratie
De file /etc/apache2/apache2.conf is de masterconfiguratiefile die andere configuratie files binnensmokkelt met de Include directive
# Include module configuration:
Include /etc/apache2/mods-enabled/*.load
Include /etc/apache2/mods-enabled/*.conf
Modules moeten zo nodig geladen worden, en sommige hebben ook een configuratie.
In principe komen alle geïnstalleerde modules met hun load/conf files terecht in
/etc/apache2/mods-available
Maar, niet alle geïnstalleerde modules worden geladen, alleen de 'enabled' modules. Die vinden we terug in
/etc/apache2/mods-enabled
In mods-enabled vinden we symbolic links naar geselecteerde modules van mods-available. In de vorige paragraaf hebben we de gelinkte modules in vetjes weergegeven.
# Include all the user configurations:
Include /etc/apache2/httpd.conf
In sommige linuxdistributies vinden we een httpd.conf ipv. een apache2.conf. Hier vinden we een include van een lege file terug.
# Include ports listing
Include /etc/apache2/ports.conf
De configuratie file van de TCP-poorten waarop http actief is
# Include generic snippets of statements
Include /etc/apache2/conf.d/
Een directory waarin je 'stukken' configuratie kwijt kan, in ons geval security en charset
# Include the virtual host configurations:
Include /etc/apache2/sites-enabled/
Apache2 werkt standaard met virtual hosts: een manier om verschillende websites met telkens een andere FQDN te draaien op dezelfde machine met slechts één IP-adres.
De directory sites-enabled bevat symbolic links naar sites-available. In sites-available vinden we files met telkens één configuratie van één virtual host. Er is er altijd minstens één: default.
Indien een beheerder een site tijdelijk uit de lucht wil halen, hoeft hij niet de configuratie te parkeren op een tijdelijke directory, maar kan hij gewoon de link naar die site verwijderen. Bij een heractivering moet alleen de link terug worden aangemaakt.
Bij elke wijziging van de configuratie moet apache2 herstart worden.
