I have a docker based apache httpd server. I need to install mod_pagespeed into that.
The flavour I am using is debian based not alpine based for now - for some reasons.
Following is the list of commands required to install the module in debian/ubuntu dist - from the official site
wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb
sudo dpkg -i mod-pagespeed-*.deb
sudo apt-get -f install
This is giving error
dpkg: dependency problems prevent configuration of mod-pagespeed-stable:
mod-pagespeed-stable depends on apache2; however:
Package apache2 is not installed.
This is obvious because there is no apache2 service installed, only httpd command works.
Even the folder structure is different then regular debian/ubuntu installation.
I don't find any .so file anywhere, otherwise I can put it in some directory and do a LoadModule.
I guess I need to do a custom build from source, is there any easy way?
You may use the following Dockerfile as a base:
FROM debian:stretch
ENV APACHE_RUN_USER www-data
ENV APACHE_RUN_GROUP www-data
ENV APACHE_PID_FILE /var/run/apache2/apache2.pid
ENV APACHE_RUN_DIR /var/run/apache2
ENV APACHE_LOCK_DIR /var/lock/apache2
ENV APACHE_LOG_DIR /var/log/apache2
ENV LANG C
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 wget \
&& wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb -O /tmp/modpagespeed.deb \
&& dpkg -i /tmp/modpagespeed.deb
RUN mkdir -p /var/log/apache2 /var/run/apache2 /var/lock/apache2 \
&& chown www-data:www-data /var/log/apache2 /var/run/apache2 /var/lock/apache2
CMD ["apache2", "-DFOREGROUND"]
EXPOSE 80
Build the image and launch a container, you'll get a response header similar to X-Mod-Pagespeed: 1.13.35.2-0.
Hope this helps!
Mostly #Michael's answer is correct, however for those who uses default docker's apache module (like me) following answer would suffice.
Because debian's apache installation is different than docker apache's installation. (And if you already have setup/customised all the configuration and cannot re-customise to be debian's structure)
I have built the pagespeed module from that answer and then copied the module to my installation.
Dockerfile
FROM debian:stretch as pagespeed
ENV APACHE_RUN_USER www-data
ENV APACHE_RUN_GROUP www-data
ENV APACHE_PID_FILE /var/run/apache2/apache2.pid
ENV APACHE_RUN_DIR /var/run/apache2
ENV APACHE_LOCK_DIR /var/lock/apache2
ENV APACHE_LOG_DIR /var/log/apache2
ENV LANG C
RUN apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 wget \
&& wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb -O /tmp/modpagespeed.deb \
&& dpkg -i /tmp/modpagespeed.deb
FROM httpd:2.4.43
# all these things are my custom configuration. You probably don't need these
COPY --chown=root:www-data ./docker-assets/httpd-custom.conf $HTTPD_PREFIX/conf/httpd.conf
COPY --chown=root:www-data ./docker-assets/httpd-default.conf $HTTPD_PREFIX/conf/extra/httpd-default.conf
COPY --chown=root:www-data ./docker-assets/httpd-vhosts-custom.conf $HTTPD_PREFIX/conf/extra/httpd-vhosts.conf
COPY --chown=root:www-data ./docker-assets/httpd-ssl.conf $HTTPD_PREFIX/conf/extra/httpd-ssl.conf
COPY --chown=root:www-data ./docker-assets/httpd-mpm.conf $HTTPD_PREFIX/conf/extra/httpd-mpm.conf
# pagespeed module adding as custom build here. You may need to change some paths in .load file
COPY --chown=root:www-data ./docker-assets/pagespeed.load $HTTPD_PREFIX/conf/extra/
COPY --chown=root:www-data ./docker-assets/pagespeed.conf $HTTPD_PREFIX/conf/extra/
COPY --chown=root:www-data ./docker-assets/pagespeed_libraries.conf $HTTPD_PREFIX/conf/extra/
# Or directly copy from build stage
# COPY --from=pagespeed --chown=root:www-data /etc/apache2/mods-available/pagespeed.conf $HTTPD_PREFIX/conf/extra/
# COPY --from=pagespeed --chown=root:www-data /etc/apache2/conf-available/pagespeed_libraries.conf $HTTPD_PREFIX/conf/extra/
COPY --from=pagespeed --chown=root:www-data /usr/lib/apache2/modules/mod_pagespeed.so $HTTPD_PREFIX/modules/
COPY --from=pagespeed --chown=root:www-data /usr/lib/apache2/modules/mod_pagespeed_ap24.so $HTTPD_PREFIX/modules/
# pagespeed end
Related
I have hosted one docker with PHP in a shared server of our office environments. Previously it was working fine without any issue. All the users were able to access the site via port forwarding to 8080. Here is my docker file details -
# Choose Repo from Docker Hub
FROM centos:latest
# Provide details of maintainer
MAINTAINER ritu
#Install necessary software
RUN yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
RUN yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
RUN yum -y install yum-utils
RUN yum-config-manager --enable remi-php56
RUN yum -y install php php-mcrypt php-cli php-gd php-curl php-mysql php-ldap php-zip php-fileinfo php-devel php-pear make gcc systemtap-sdt-devel httpd unzip postfix
RUN export PHP_DTRACE=yes
RUN curl -sS https://getcomposer.org/installer | php
RUN mv -f composer.phar /usr/local/bin/composer
RUN chmod +x /usr/local/bin/composer
RUN composer require phpmailer/phpmailer
COPY phpinfo.php /var/www/html/
COPY php.ini /var/www/
COPY httpd.conf /var/www/
RUN cp -f /var/www/httpd.conf /etc/httpd/conf/
COPY *.rpm /var/www/
#Install & Configure OCI for PHP
COPY oci8-2.0.12.tgz /
RUN tar -xvf oci8-2.0.12.tgz
RUN yum -y localinstall /var/www/*.rpm --nogpgcheck
COPY client.sh /etc/profile.d/
RUN chmod +x /etc/profile.d/client.sh
RUN cp -f /var/www/php.ini /etc/
COPY php_oci8_int.h oci8-2.0.12/
COPY Log_Check.zip /
RUN unzip Log_Check.zip
RUN cp -a -R /Log_Check/* /var/www/html/
WORKDIR /oci8-2.0.12
RUN phpize
RUN ./configure --with-oci8=/usr/lib/oracle/12.2/client64
RUN cp -f /usr/include/oracle/12.2/client64/*.h /oci8-2.0.12/include/
RUN make
RUN make install
RUN ls /var/www/html/
RUN rm -rf /var/run/apache2/apache2.pid
#Expose necessary ports
EXPOSE 80
EXPOSE 1521
EXPOSE 25
#Provide Entrypoint
CMD ["-D", "FOREGROUND"]
ENTRYPOINT ["/usr/sbin/httpd"]
Suddenly one of my friend added another docker with same port 8080 in the same server. After that my docker got stopped. with below error -
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.18.0.3. Set the 'ServerName' directive globally to suppress this message
httpd (pid 1) already running
After several hours of googling and after trying lots of commands, I found that its easy to remove the entire container as well as images from the server. Hence I removed all containers with docker rm followed by image deletion with docker rmi. Again i have recreated the docker image on my local system (its working here) and transferred to server. Again I tried to run the docker. But faced same issue again.
Unable to find out the cause & solution. Need some help.
first remove ENTRYPOINT from your Dockerfile and just use:
CMD [ "/usr/sbin/httpd", "-X" ]
the warning regarding AH00558 is comming from your configuration and it i complaining about you do not use www.test.com you can ignore that for now and apache will still working. if you want to read more see this
I have the following docker file:
FROM wodby/apache:2.4
MAINTAINER NAME EMAIL
ENV http_proxy 'http://xxx.xxx.xxx.de:80'
ENV https_proxy 'http://xxx.xxx.xxx.xxx:80'
ENV APP_ROOT="/var/www/html" \
APACHE_DIR="/usr/local/apache2"
WORKDIR /usr/local/apache2
USER root
RUN ls
RUN set -x \
&& apk add apache-mod-auth-kerb
CMD ["tail", "-f", "/dev/null"]
My intention is to add the apache-mod-auth-kerb module to my container.
Base Image is alpine but wodby/apache inherits from wodby/http which is Debian.
Somehow the module is installed under /usr/lib/apache2 but the apache in wodby/apache seems to load its modules from /usr/local/apache2/modules.
I don't think the solution is to move the module per cp or symlink?
Here are the links to the base dockerfiles:
https://github.com/wodby/httpd
https://github.com/wodby/apache
How can I make sure that the module and config are put in the correct location? I think the problem might be the difference between the used Linux distros.
Any hints?
The docker-library/httpd (Maintained by Docker) supports alpine and Debian based images.
Since wodby/httpd is forked from docker-library/httpd, you can see files Debian related Dockerfile but they only support alpine based images as per the README.md file.
Even images woby/apache are alpine based.
For modules, you can create a conf file as shown below
mod_auth_kerb.conf
LoadModule auth_kerb_module /usr/lib/apache2/mod_auth_kerb.so
Dockerfile
FROM wodby/apache:2.4
MAINTAINER NAME EMAIL
ENV http_proxy 'http://xxx.xxx.xxx.de:80'
ENV https_proxy 'http://xxx.xxx.xxx.xxx:80'
ENV APP_ROOT="/var/www/html" \
APACHE_DIR="/usr/local/apache2"
WORKDIR /usr/local/apache2
USER root
RUN ls
RUN set -x \
&& apk add apache-mod-auth-kerb
COPY mod_auth_kerb.conf /usr/local/apache2/conf/conf.d/mod_auth_kerb.conf
You can check them
bash-4.4# httpd -M | grep auth_kerb_module
auth_kerb_module (shared)
My Dockerfile as follow:
FROM php:7.2-apache
#install some basic tools
RUN apt-get -dd clean && apt-get -dd update && apt-get install -y \
git \
tree \
vim \
wget \
iputils-ping \
mysql-client \
subversion
#install some base extensions
RUN apt-get install -y \
libzip-dev \
libicu-dev \
zip \
&& docker-php-ext-configure zip --with-libzip \
&& docker-php-ext-configure intl \
&& docker-php-ext-install zip intl opcache pdo_mysql mysqli
#setup composer
RUN curl -sS https://getcomposer.org/installer | php \
&& mv composer.phar /usr/local/bin/ \
&& ln -s /usr/local/bin/composer.phar /usr/local/bin/composer
WORKDIR /var/www/app
EXPOSE 80
RUN a2enmod rewrite
After I compose above image with mysql I start server e.g
docker-compose up -d
And access the container by:
docker exec -it php_web_1 bash
Then I check the apache2 service status:
service apache2 status
[FAIL] apache2 is not running ... failed!
If I just run command : apache2
httpd (pid 1) already running
service apache2 start/stop does not have any effect on apache2 status.
What is the difference b/w both ways and why service apache2 start/stop is not working ?
If you look at the Dockerfile for the php:7.2-apache base image, you would see the CMD ["apache2-foreground"] which runs a script located in /usr/local/bin/ directory to run the Apache server upon the container startup. If you set an interactive session with the base image and run the SysVInit commands like service apache2 start, this will start the Apache service within the container which was stopped when you made the session.
In your case, try running the script in the Dockerfile located in the /usr/local/bin/ directory as the CMD command and re-run docker-compose up -d to see if the Apache is started or not.
I'm developing a website on a totally offline environment. also, I use gitlab runner for CI and the host is CentOS 7.
the problem is that gitlab runner uses gitlab-runner user on centos for deploying laravel application and apache uses apache user for running laravel.
I got Permission denied error on apache til I changed ownership of files. after that I get this error on apache log:
Uncaught UnexpectedValueException: The stream or file "storage/logs/laravel.log" could not be opened: failed to open stream: Permission denied
it seems that some vendor libraries like monolog want to write error or debug logs onto storage/logs/laravel.log but it gets permission denied. :(
.gitlab-ci.yml
stages:
- build
- test
- deploy
buildBash:
stage: build
script:
- bash build.sh
testBash:
stage: test
script:
- bash test.sh
deployBash:
stage: deploy
script:
- sudo bash deploy.sh
build.sh
#!/bin/bash
set -xe
# creating env file from production file
cp .env.production .env
# initializing laravel
php artisan key:generate
php artisan config:cache
# database migration
php artisan migrate --force
deploy.sh
#!/bin/bash
PWD=$(pwd)'/public'
STG=$(pwd)'/storage'
ln -s $PWD /var/www/html/public
chown apache.apache -R /var/www/html/public
chmod -R 755 /var/www/html/public
chmod -R 775 $STG
Am I using gitlab runner correct? how can I fix the permission denied error?
SELinux
I found the problem and it was selinux, like always it was selinux and I ignored it at the begining
What's the problem:
you can see selinux context on files with ls -lZ command, by default all files on www are httpd_sys_content_t, the problem is that selinux just allow apache to read these files. you should change storage and bootstrap/cache context so it can be writable.
there are 4 apache context type:
httpd_sys_content_t: read-only directories and files
httpd_sys_rw_content_t: readable and writable directories and files used by Apache
httpd_log_t: used by Apache for log files and directories
httpd_cache_t: used by Apache for cache files and directories
What to do:
first of all install policycoreutils-python for better commands
yum install -y policycoreutils-python
after installing policycoreutils-python the semanage command is available, so you can change file context like this:
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/laravel/storage(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/laravel/bootstrap/cache(/.*)?"
don't forget to commit the changes by this command:
restorecon -Rv /var/www/html/laravel/storage
restorecon -Rv /var/www/html/laravel/bootstrap/cache
the problem is solved :)
ref: http://www.serverlab.ca/tutorials/linux/web-servers-linux/configuring-selinux-policies-for-apache-web-servers/
I have tried to install and set up rfc5766-turn-server in AWS EC2 but unable to do it as I do not see a proper flow of work or command line for that, can someone help me about this ? I need to set it up in Ubuntu 14.04
do an ssh login to your ec2 instance, then run the below commands for installing and starting the turn server.
commands for installing turnserver:
sudo apt-get update
sudo apt-get install make gcc libssl-dev libevent-dev wget -y # for installing modules required by turn server
mkdir ~/turn && cd ~/turn # creating temp directory
wget turnserver.open-sys.org/downloads/v3.2.5.9/turnserver-3.2.5.9.tar.gz # downloading the TURN source code
tar -zxvf *.gz # extract
cd turn*
make
sudo make install # installing the rfc5766
cd ../.. && rm -rf turn # cleaning up
command for starting the TURN server:
turnserver -a -o -v -n -u user:root -p 3478 -L INT_IP -r someRealm -X EXT_IP/INT_IP
assumptions:
your ip, internal ip = EXT_IP, INT_IP
desired port for listening: 3478
single credential username:password = user:root
realm: someRealm
in your WebRTC app, you can use trun server like:
{
url: 'turn:user#EXT_IP:3478',
credential: 'root'
}