Difference between revisions of "Installing a webserver on AXIOM Beta"

From apertus wiki
Jump to: navigation, search
Line 112: Line 112:
  http ALL=(ALL) NOPASSWD: ALL
  http ALL=(ALL) NOPASSWD: ALL


This allows the http user to do anything with the system so it can be considered a security vulerbility - but for development this should not be an issue, later on we will define the http priviledges more securely.
This allows the http user to do anything with the system so it can be considered a security vulnerability - but for development this should not be an issue, later on we will define the http priviledges more securely.


For testing sudoers:
For testing sudoers:

Revision as of 14:28, 14 August 2016

1 Installing required packages

Make sure the AXIOM Beta is connected to the internet and then on the commandline run:

Update mirrors database:

pacman -Syy

Install webserver:

pacman -S lighttpd php php-cgi

start the webservice:

systemctl start lighttpd

write any pending changes to the file system:

sync

2 Configure Webserver

This is following the guide from the lighttpd archlinux wiki page: https://wiki.archlinux.org/index.php/lighttpd

mkdir /etc/lighttpd/conf.d/
nano /etc/lighttpd/conf.d/cgi.conf

and place the following content in the file:

server.modules += ( "mod_cgi" )

 cgi.assign                 = ( ".pl"  => "/usr/bin/perl",
                               ".cgi" => "/usr/bin/perl",
                               ".rb"  => "/usr/bin/ruby",
                               ".erb" => "/usr/bin/eruby",
                               ".py"  => "/usr/bin/python",
                               ".php" => "/usr/bin/php-cgi" )

 index-file.names           += ( "index.pl",   "default.pl",
                               "index.rb",   "default.rb",
                               "index.erb",  "default.erb",
                               "index.py",   "default.py",
                               "index.php",  "default.php" )

For PHP scripts you will need to make sure the following is set in /etc/php/php.ini

cgi.fix_pathinfo = 1

In your Lighttpd configuration file, /etc/lighttpd/lighttpd.conf add:

include "conf.d/cgi.conf"

Create a new configuration file /etc/lighttpd/conf.d/fastcgi.conf

# Make sure to install php and php-cgi. See:                                                             
# https://wiki.archlinux.org/index.php/Fastcgi_and_lighttpd#PHP

server.modules += ("mod_fastcgi")

# FCGI server
# ===========
#
# Configure a FastCGI server which handles PHP requests.
#
index-file.names += ("index.php")
fastcgi.server = ( 
    # Load-balance requests for this path...
    ".php" => (
        # ... among the following FastCGI servers. The string naming each
        # server is just a label used in the logs to identify the server.
        "localhost" => ( 
            "bin-path" => "/usr/bin/php-cgi",
            "socket" => "/tmp/php-fastcgi.sock",
            # breaks SCRIPT_FILENAME in a way that PHP can extract PATH_INFO
            # from it 
            "broken-scriptfilename" => "enable",
            # Launch (max-procs + (max-procs * PHP_FCGI_CHILDREN)) procs, where
            # max-procs are "watchers" and the rest are "workers". See:
            # https://redmine.lighttpd.net/projects/1/wiki/frequentlyaskedquestions#How-many-php-CGI-processes-will-lighttpd-spawn 
            "max-procs" => 4, # default value
            "bin-environment" => (
                "PHP_FCGI_CHILDREN" => "1" # default value
            )
        )
    )   
)

Make lighttpd use the new configuration file /etc/lighttpd/lighttpd.conf

include "conf.d/fastcgi.conf"


restart lighttpd:

systemctl restart lighttpd

To test php create a file: /src/http/index.php with content:

<?php
phpinfo();
?>

and open this IP address of your AXIOM Beta in a browser, if you see the php info status page everything worked successfully.

3 Install AXIOM Beta web GUI software

Download this repository:

https://github.com/apertus-open-source-cinema/beta-software
  1. copy all files from the http directory of the repository to your AXIOM Beta /srv/http/ directory.
  2. copy all files from the beta-scripts directory of the repository to your AXIOM Beta /root/ directory.

Edit /etc/sudoers files:

under the line:

root ALL=(ALL) ALL

add:

http ALL=(ALL) NOPASSWD: ALL

This allows the http user to do anything with the system so it can be considered a security vulnerability - but for development this should not be an issue, later on we will define the http priviledges more securely.

For testing sudoers:

sudo -u http sudo whoami

if it returns "root" then you are all set

This should provide you with a working webbased GUI.

Note that lighttpd does not start automatically when the AXIOM Beta boots, this still needs to be configured:

systemctl enable lighttpd