# HOWTO: Apache with mpm-worker + PHP 5 + SSL + MySQL 4.1

## robbyjo

Hi. This is my first howto.

We can do Apache 2 with mpm-worker with PHP 5, along with SSL and MySQL 4.1. I tested my configuration with Apache 2.0.53, PHP 5.0.4, and MySQL 4.1.11.

IMPORTANT: Although my configuration has been stable for a few days, there will be no guarantee at all, expressed or implied. Do this at YOUR OWN RISK. Please DO NOT do this to production machines.

I tested this into PC and SPARC platform and it appears to be stable. I believe that this is a bit faster than before, although some of you may disagree. There are a few trivial hiccups that you may want to take note. (Scroll down to the appropriate section)

IMPORTANT: First of all, I would advise you to backup your index.html of your main webpage since updating Apache will overwrite it. I also advise you to backup your SSL certificates and keys and store it somewhere safe. This is because installing Apache may overwrite your certificates, if you put it in the default place.

As always, you may want to invoke emerge --sync before going on these steps to make sure you have the latest greatest update. You may also want to put ACCEPT_KEYWORDS="~your_arch" in the environment to make sure that it's unmasked. I will omit this notion and I hope you remember this. You also need proper access to portage in order to do the steps I outlined below.

-----------

1. Installing Apache 2.0.53

Before you install Apache 2.0.53, please stop the Apache first by invoking (as root):

```
/etc/init.d/apache2 stop
```

Then, type in:

```
USE="apache2 mpm-worker ssl threads" emerge -va apache
```

(You may want to add ldap USE flag if you want to).

-----------

2. Updating from Previous Apache versions prior to 2.0.53

There are configuration layout changes from Apache 2.0.52 to 2.0.53 that you must take note after installing Apache 2.0.53. This configuration changes make "/etc/init.d/apache2 stop" doesn't work cleanly and this is exactly why I ask you to stop the Apache before even installing it.

If you want, you can test the new Apache server with mpm-worker by invoking "/etc/init.d/apache2 start". However, don't forget to turn that back down once you verify it is fine.

First of all, the configuration is still placed inside /etc/apache2, but the subdirectory conf/ is no more. And then, the configuration file is in /etc/apache2/httpd.conf, which is the merging of two previous configuration files of /etc/apache2/conf/apache2.conf and /etc/apache2/conf/commonapache2.conf. This is great since the new approach is more standardized than before.

The thing is that, you MUST merge your old files (apache2.conf and commonapache2.conf) into httpd.conf, which could be a pain if you have a highly customized webpage settings.

You also may want to migrate or merge everything in your old /etc/apache2/conf/modules.d directory to the new /etc/apache2/modules.d. Take note that Apache overwrite your SSL certificates and the index.html of your main webpage. Now it's a good time to restore these.

If you have virtual hosts, migrate everything from /etc/apache2/conf/vhosts into /etc/apache2/vhosts.d and merge the files as necessary.

-----------

3. Making PHP 5.0.4 ebuild manually.

Since right now (April 15, 2005) we don't yet have PHP 5.0.4 ebuilds in portage, we must make our own for now. If we have one somewhere later, you can omit this step.

You should fetch the source code tar.bz2 file straight from PHP website. Put the file into /usr/portage/distfiles directory.

Then, you need to copy php-5.0.3-r1.ebuild as the basis:

```
cd /usr/portage/dev-php/php

cp php-5.0.3-r1.ebuild php-5.0.4-r1.ebuild
```

Now, edit php-5.0.4-r1.ebuild with your favorite editor (I use nano):

```
nano -w php-5.0.4-r1.ebuild
```

Comment out the following lines (because it's obsolete now):

```
#[ "${ARCH}" == "sparc" ] && epatch ${FILESDIR}/stdint.diff

#epatch ${FILESDIR}/${P}-missing-arches.patch

#epatch ${FILESDIR}/libmbfl-headers.patch
```

Then take note on the inherit clause near the top of the file:

```
inherit php5-sapi eutils
```

This means that we need to edit the /usr/portage/eclass/php5-sapi.eclass file. If you have "php5-sapi-r1" instead, replace php5-sapi with php5-sapi-r1 for the explanation below.

Now, go check to that eclass file (/usr/portage/eclass/php5-sapi.eclass) and see whether we have any one of these lines:

```
#[ "${ARCH}" == "sparc" ] && epatch ${FILESDIR}/stdint.diff

#epatch ${FILESDIR}/${P}-missing-arches.patch

#epatch ${FILESDIR}/libmbfl-headers.patch
```

If so, then we need to comment it like above. If not, you can skip the following explanations until the information of making the digest out of the ebuild. The thing is that you don't want to overwrite these eclass files, so you may want to do backup and we edit the backup instead:

```
cd /usr/portage/eclass

cp php5-sapi.eclass php5-sapi-me.eclass

nano -w php5-sapi-me.eclass
```

Comment the obsolete epatches like above.

Since we opted to change the eclass backup instead, you will need to modify the ebuild. Type in

```
cd /usr/portage/dev-php/php

nano -w php-5.0.4-r1.ebuild
```

Change the inherit clause to:

```
inherit php5-sapi-me eutils
```

And you're set to making the digest. To build the digest, type:

```
cd /usr/portage/dev-php/php

ebuild php-5.0.4-r1.ebuild digest
```

That's for PHP e-build.

-----------

4. Making mod_php 5.0.4 ebuild manually.

Now, you do the same to mod_php ebuild just like you did in PHP.

Copy the existing ebuild from 5.0.3-r2 and build the digest out of it:

```
cd /usr/portage/dev-php/mod_php

cp mod_php-5.0.3-r2.ebuild mod_php-5.0.4-r1.ebuild

ebuild mod_php-5.0.4-r1.ebuild digest
```

See the inherit line:

```
inherit eutils php5-sapi-r1 apache-module
```

So, that means you need to modify /usr/portage/eclass/php5-sapi-r1.eclass file. Same drill. Just comment out the obsolete epatches.

```
cd /usr/portage/eclass

cp php5-sapi-r1.eclass php5-sapi-me2.eclass

nano -w php5-sapi-me2.eclass
```

The epatches you need to comment:

```
#[ "${ARCH}" == "sparc" ] && epatch ${FILESDIR}/stdint.diff

#epatch ${FILESDIR}/${P}-missing-arches.patch

#epatch ${FILESDIR}/libmbfl-headers.patch
```

And save it. Of course, you need to modify the ebuild:

```
cd /usr/portage/dev-php/mod_php

nano -w mod_php-5.0.4-r1.ebuild
```

Change the inherit clause to:

```
inherit eutils php5-sapi-me2 apache-module
```

You're set.

-----------

5. Installing PHP

You need to unmask PHP 5 first. If ACCEPT_KEYWORDS flag doesn't bring you anywhere to the newly created PHP 5.0.4 ebuild, you might want to edit /usr/portage/profiles/package.mask file. Comment out anything involved with masking the PHP.

Since I'm trying to build a "feature complete" PHP that is compatible with mpm-worker, I'm turning on as many flags as I could. But of course, you don't need to turn on all of them. For me, the most recommended flags to turn on are:

berkdb bzlib ctype crypt curl curlwrappers flatfile gd inifile jpeg memlimit mhash mime mysql ncurses pcre png posix readline sasl simplexml truetype sharedext sockets ssl tidy tokenizer xml2 xsl zlib

But in any case: DO NOT TURN ON sharedmem FLAG or else you will anguish in frustrations. Also, dbm, db2, libedit, ming, mnogosearch, mysqli, qdbm, and recode should not be turned on as well.

In my configuration, I enable the following flags:

bcmath berkdb bzlib calendar cpdflib crypt ctype curl curlwrappers dba dbase dbx dio exif fam flatfile ftp gd gdbm gmp iconv imap inifile jpeg kerberos ldap mcve memlimit mhash mime mssql mysql ncurses nls odbc pcntl pcre png posix postgres readline sasl session sharedext simplexml soap sockets spell spl ssl sysvipc tidy tiff tokenizer truetype xml2 xmlrpc xpm xsl zlib

So, you can either put these flags into the /etc/make.conf file or put it to the USE clause. This howto assumes you put these into the make.conf file.

To emerge PHP, type:

```
emerge -va php
```

-----------

6. Installing mod_php

Installing mod_php is similar. The USE flags are also similar, except that you need to add the USE flag "threads" or else it won't work.

So, in my configuration, I use the following flags (exactly the same thing, with threads added to the flock):

bcmath berkdb bzlib calendar cpdflib crypt ctype curl curlwrappers dba dbase dbx dio exif fam flatfile ftp gd gdbm gmp iconv imap inifile jpeg kerberos ldap mcve memlimit mhash mime mssql mysql ncurses nls odbc pcntl pcre png posix postgres readline sasl session sharedext simplexml soap sockets spell spl ssl sysvipc threads tidy tiff tokenizer truetype xml2 xmlrpc xpm xsl zlib

```
emerge -va mod_php
```

-----------

7. Editing /etc/conf.d/apache

Edit APACHE2_OPTS to:

```
APACHE2_OPTS="-D PHP5 -D SSL"
```

OR, if you have user directory of your webpage (i.e. your webpage allows www.somewebpage.org/~username), you MUST put -D USERDIR flag. This is another new convention of Gentoo's Apache 2.0.53.

```
APACHE2_OPTS="-D USERDIR -D PHP5 -D SSL"
```

Of course, if you have other modules such as mod_auth_pam, you will need to append the flags as well.

-----------

8. Putting a few tweaks on PHP

The configuration of mod_php has been moved to /etc/php/apache2-php5 directory. As you see that php.ini file resides there.

If you want to put a few tweaks, change:

```
zlib.output_compression = On
```

But don't forget to set "output_handler = " line blank if you do this. That output_handler line is a few lines above zlib.output_compression.

-----------

9. Starting Apache

Now I hope that you heed my words on stopping Apache before all of these started. Otherwise, you might end up with ugly situation where you wouldn't be able to stop apache.

After all of these done, start Apache as follows:

```
/etc/init.d/apache2 start
```

It should run fine. Congratulations!

If you did a fresh install of Apache, you may want to add Apache into the running services:

```
rc-update add apache2 default
```

-----------

10. Installing MySQL 4.1.11

Again, as for now, we don't have MySQL 4.1.11 ebuild yet. So, we base it from mysql-4.1.8-r1.ebuild. Fortunately, this is a lot easier than PHP or mod_php. You don't need to edit anything.

Download MySQL off the web. Certainly, pick the source distribution (scroll down to the bottom of the page) and put the tar.gz file into /usr/portage/distfiles.

Make the digest:

```
cd /usr/portage/dev-db/mysql

cp mysql-4.1.8-r1.ebuild mysql-4.1.11-r1.ebuild

ebuild mysql-4.1.11-r1.ebuild digest
```

There you go. Then, emerge it:

```
USE="berkdb innodb perl readline ssl tcpd" emerge -va mysql
```

Make sure it reads correctly that you're emerging MySQL 4.1.11. If not, edit the file /usr/portage/profiles/package.mask and comment out anything that masks MySQL.

Then, as root, type the following:

```
/usr/bin/mysql_install_db

/etc/init.d/mysql start

/usr/bin/mysql -u root

mysql>SET PASSWORD FOR ''@'localhost' = PASSWORD('your_new_password_here');

mysql>SET PASSWORD FOR ''@'hostname_or_dnsDomainName' = PASSWORD('its_new_password_here');

```

(The above paragraph is taken from this howto).

If you did a fresh install of MySQL, you also may want to add MySQL as a running service:

```
rc-update add mysql default
```

(Optional) You may want to install PHPMyAdmin package to ease your MySQL administration:

```
emerge -va phpmyadmin
```

-----------

11. Known Problems

1. You cannot restart the Apache server directly using "/etc/init.d/apache2 restart". Instead, you need to invoke stop and start:

```
/etc/init.d/apache2 stop

/etc/init.d/apache2 start
```

2. Extension sharedmem doesn't work yet.

------------

Okay, this is the end of a lengthy howto. Please give me feedback. Thank you.

----------

## Red Sparrow

This is working pretty good so far.  I'm in the middle of emerging mod_php.

I would consider placing the new ebuilds in your PORTDIR_OVERLAY (typically /usr/local/portage).  That way, you won't lose them the next time you do an "emerge sync".  Also, you don't need to manually download the source.  When you run "ebuild foo digest", it automatically downloads it.  Other than that, good job.

(- Steve -)

----------

## robbyjo

Thanks Steve.

On a side note, it seems that the MySQL 4.1.11 isn't very stable. It crashes once in a while. Maybe I should downgrade a bit.

----------

## webmosher

This was a nice guide, but now that php 5.0.4 is out, how do I revert this so that I don't get errors as follows:

```
>>> Auto-cleaning packages ...

 dev-php/mod_php

    selected: 5.0.4-r1

   protected: 5.0.4

     omitted: none

>>> 'Selected' packages are slated for removal.

>>> 'Protected' and 'omitted' packages will not be removed.

>>> Waiting 5 seconds before starting...

>>> (Control-C to abort)...

>>> Unmerging in: 5 4 3 2 1 

>>> Unmerging dev-php/mod_php-5.0.4-r1...

No package files given... Grabbing a set.

/usr/lib/portage/bin/ebuild.sh: line 1458: /usr/portage/eclass/php5-sapi-me2.eclass: No such file or directory

!!! ERROR: dev-php/mod_php-5.0.4-r1 failed.

!!! Function inherit, Line 1459, Exitcode 1

!!! died sourcing /usr/portage/eclass/php5-sapi-me2.eclass in inherit()

!!! If you need support, post the topmost build error, NOT this status message.

!!! FAILED prerm: 1
```

For now, I am just copying one of the existing eclasses to the me2 eclass to try and get rid of it.

Thanks much,

Fred

----------

## robbyjo

Hmm... yes, you need to preserve the old eclass file in order to remove it. If it still fails, let me know.

----------

## kevev

worked!  :Very Happy: 

----------

## fog

Sorry to bring an old topic back up (though it's only about a week old)...

This guide worked great, but I have a coupe weird things going on now. (This isn't a production server or anything, so it's not a huge deal, but it's annoying nonetheless.)

After doing all of this (I didn't opt for all of the USE flags that you had -- I don't really do a lot. I did go back a second time and redo it all adding "session" in the USE flags, as I thought I'd found the problem), I'm having a few weird problems:

* Directories with an index.php file show a directory listing. The PHP executes fine, though.

* Gallery2 ("Nice Commits" -- possibly not the latest) has ceased to work normally. Going to just /gallery2 which normally loads index.php) shows me a directory listing, and then a welcome page. (I'm not exactly what file it's serving me here?) Clicking on index.php brings up the main Gallery page normally, but clicking on any link doesn't take me anywhere at all. (This might have to do with mod_rewrite, but I don't recall ever installing it.) For example, a link to:

http://localhost/gallery2/main.php/view/thanksgiving/

Doesn't show my browser sitting there "waiting" -- it's done, but my URL is still /gallery2/main.php

The latter might just be a Gallery2 bug, but it didn't start when I was running normal PHP4, so I'm wondering what happened. The first problem is the more annoying.

----------

## robbyjo

I believe that has something to do with apache's httpd.conf rather than with this installation. Have you modified your httpd.conf's DirectoryIndex entry to something look like this:

```
DirectoryIndex index.html index.html.var index.shtml index.php index.php3 index.phtml
```

I also prohibit directory index listing by removing "Indexes" on "Options" of the <Directory> entry.

----------

## c0ns0le

 *webmosher wrote:*   

> This was a nice guide, but now that php 5.0.4 is out, how do I revert this so that I don't get errors as follows:
> 
> ```
> >>> Auto-cleaning packages ...
> 
> ...

 

you really should consider using the portage overlay. i have created /usr/local/portage/eclass /usr/local/portage/dev-php and had no issues w/ it.

----------

## robbyjo

Thanks for the suggestions.  :Smile:  People ought to do it in the overlay. When I did it, I had a problem with the overlay and so I did it directly "on-site". I'll rewrite the guide when I have time (and to reflect updates too).

----------

## stuherbert

Please be aware that using mod_php with a threaded MPM (such as mpm_worker) isn't supported either by Gentoo or by the upstream PHP project.  PHP isn't considered thread-safe, and should only be used with non-threaded MPMs such as mpm_prefork.

If it works for you - great.  But if it doesn't, please don't waste our time and yours by filing bugs about it.

Best regards,

Stu

----------

## mphilips

```
 * The module you are trying to install (mod_php)

 * will only work with one of the following MPMs:

 *    event metuxmpm peruser worker threadpool

 * You do not currently have any of these MPMs installed.

 * Please re-install apache with the correct mpm-* USE flag set.

!!! ERROR: dev-php/mod_php-5.1.0_beta failed.

!!! Function apache2_pkg_setup, Line 250, Exitcode 0

!!! No safe MPM installed.

!!! If you need support, post the topmost build error, NOT this status message.
```

I have mpm_prefork set.

----------

## mphilips

Found answer in https://forums.gentoo.org/viewtopic-t-337524.html, added "-threads" to both php and mod_php in /etc/portage/package.use

----------

## Gentree

 *Quote:*   

> ACCEPT_KEYWORDS="~your_arch" in the environment to make sure that it's unmasked.

 

Oh God , here's another one. Will you guys please find out what stuff means before posting advice that will screw up a Gentoo system.

DO NOT put that in make.conf unless you want to migrate YOUR WHOLE SYSTEM to the unstable profile.

If you want ~arch apache unmask THAT package not the whole system and all installed software  :Rolling Eyes: 

----------

## seemant

To clear up what gentree said, use /etc/portage/package.keywords.

----------

