Revision [3088]

This is an old revision of HiawathaServerMySQL made by Puppyite on 2009-10-26 07:18:54.

 

 (image: http://www.hiawatha-webserver.org/images/hiawatha_logo.png)

Hiawatha a secure and advanced web server.



Setting up a home server intranet with Hiawatha and Puppy 4.3.1 to serve a web page

You will need two computers connected to a network switch or router.

useful addresses
eg: http://192.168.0.1/ (your router)

http://192.168.0.2/ (computer 1)
http://192.168.0.5/ (computer 2)
these numbers may vary depending on how they are connected to the router

Setup Linux-Firewall Wizard and enable Http Web Server using the custom option

Run Hiawatha by typing hiawatha at the conole
To stop the server, type in killall hiawatha
In /root/Web-Server the file index.html can be a test web page

The file
/etc/hiawatha/hiawatha.conf

should have something like so:
insert-source-code-here
ServerId = webuser
ConnectionsTotal = 150
ConnectionsPerIP = 10
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log

Binding {
	Port = 80
	Interface = 192.168.0.2
}

Hostname = 127.0.0.1
WebsiteRoot = /root/Web-Server
StartFile = index.html
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log

#add this stuff to get a perl script working (pplog)...
#QUISP has a binary executable CGI named 'quisp.bin'...
MimetypeConfig = /etc/mime.types
CGIhandler = /usr/bin/perl:pl
CGIextension = pl,bin
ExecuteCGI = yes
#QUISP puts %0D, %0A (carriage-return, line-feed) chars in the url
#(v128), to allow chars below ascii 32 need this...
SecureURL = no


Interface = 192.168.0.2
}


Note these settings:
Hostname = 127.0.0.1 (this is your IP address)
WebsiteRoot = /root/Web-Server
StartFile = index.html (create this and put in some content)


PHP web-serving with MySQL


With Puppy version 4.1 our learned and wise leader Barry Kauler discovered a wonderful web-server Hiawatha Wikipedia Hiawatha-webserver - this web-server is small and fast in keeping with puppy philosophy.



The author of Hiawatha Hugo Leisink has written it with security at the front of mind. Barry's intentions were driven by the desire I believe to include the blogging software he uses PPLOG which is a small perl script. Consequently Hiawatha came configured by default to run perl as a CGI program to interpret .pl scripts (Hiawatha was left out of puppy 4.2.1) Investigation into Hiawatha shows it to be quite a performer in terms of throughput of pages served (purportedly twice as fast as Apache with static content) and appears to have much of the flexibility in its configuration as that available with Apache. Configuration options for virtual hosts, user and ip address based security and to run with ssl are easier to configure than Apache. It also has URL rewriting toolkit required to run many CMS applications. The problem with Apache is that is now quite large and it forks additional processes each requiring a large chunk of memory for additional connections. Performance in terms of memory utilisation is a snag particularly when many machines that run puppy may well be challenged in this department. We puppyofiles like to do more with less and Hiawatha with it's binary just 113k (as of version 6.16) running a multi-threaded rather than pre-fork model appears to be the perfect antidote to the Apache resource hog. (I have a 256Meg web-server on an old Athlon machine running our php/mysql/hiawatha squash court booking system, that has been running for months without a reboot and still has RAM to spare http://fraserparksquash.org.nz/Bookings/ - the apache squash file version had to have weekly reboots).

Pre-Fork or Multi-threaded web servers

Apache has the advantage that PHP can be run as a module - theoretically the fastest way to run PHP. However, the architecture of apache is based on a "pre-fork" model where new connections to an Apache web-server initiate new forks and each fork consumes RAM - so the machine can max out if a heavy load of web-serving comes it's way. Hiawatha uses a thread based model a similar architecture as that used by the fastest web-server (I understand this to be Roxen). This structure also has the advantage of being much leaner in terms of memory and ultimately faster to serve pages.

PHP as a Module or FastCGI

Running PHP as a module of Apache means that the PHP binary is already loaded when a request is fielded to run a PHP script and traditionally has been the favoured way of running PHP. However, development of Fast CGI also allows PHP daemons to be running ready to field requests thus reducing the overhead compared to running PHP as a CGI program - where it has to be loaded on each request - and holds a severe performance penalty. Hiawatha happily has the ability to run PHP as a FastCGI daemon. I have not done any bench-marking on performance of FastCGI Hiwatha PHP to Apache PHP moule - it would be interesting to see the results - it is my pick that Hiawatha/FastCGI PHP might well be faster.

Predictably Barry is, once again, on to something here.

A new .PET


Since Hiawatha is no longer included with puppy since 4.1.2 I made a new .pet including the whole bundle of software to turn puppy into a fully fledged web-server (hiawatha web-server, MySQL - RDBMS and the PHP interpreter that runs as Fast CGI daemons). It is available at:

http://dotpups.de/puppy4/dotpups/Internet/LAMP-6.16-5.1.35-5.2.9.pet

This version released August 2009 is tested with Puppy 4.2.1 - and includes:
The .pet file is 11 Meg - so it is chunky by puppy standards - but includes mysql is a fully featured RDBMS and required by many applications. I have consoled myself that other LAMP implementations are many times the size.

This pet contains the necessary /etc/hiawatha/hiawatha.conf settings to serve .php web-pages with PHP running as a fastCGI daemons. Hiawatha comes with a program to launch a series of PHP daemons and again the config of php-fcgi is included in the .pet. The .pet also has a scripts in /etc/init.d/

Both mysql and hiawatha httpd are started on each boot - if you do not want this to happen you should move one or both of these scripts out of the directory /etc/init.d

Both servers are started by the post installation script of the .pet so there is no need to reboot.

mysql is configured by a file in /etc/my.cnf and has been compiled to run as the user nobody - thus offering some protection from a rogue mysql problem damaging the system. Hiawatha also runs as nobody as do the php fastcgi daemons.

You can start mysql from rxvt:
#/etc/init.d/rc.mysqld start

and stop it with:
#/etc/init.d/rc.mysqld stop

Similarly you can start and stop hiawatha in the same way with the rc.httpd script.

Both php and mysql were compiled using devx_420.sfs as prepared by WhoDo for 4.2. Compliation options to exclude documentation (which is online) the mysql cluster code, the enormous mysql test-suite, the enormous PHP PEAR were used to minimise the size of the .pet but retain as much functionality as possible. PHP includes ftp, gettext, gd, xml, mysql and mysqli, sql-lite functionality. Mysql retains myisam, isam and innodb table types by default, together with all the usual mysql utilities including mysqldump, mysql client, mysqladmin etc.

The .pet also includes the phpMyAdmin php application for administering mysql databases - this is accessed simply from a browser pointing to:

http://localhost/phpMyAdmin/index.php

MySQL Configuration


The post installation script of the .pet runs the mysql_db_install script to set up the default database structure and mysql user database.

Normally with mysql installations out of the box, the default mysql user is root with no password. There are also 2 anonymous users that can access mysql without any permissions. However, the post install script now deletes both these anonymous users with the latest .pet and sets the root password for mysql as woofwoof

Important Note: Best practise is to alter the password for the mysql root user to prevent unathorised access to your databases see the mysql docs

http://dev.mysql.com/doc/refman/5.1/en/default-privileges.html

from an rxvt window:
# mysql -u root -p woofwoof

mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd');
mysql> SET PASSWORD FOR 'root'@'host_name' = PASSWORD('newpwd');


where newpwd is the new password you choose.

PHP configuration


Is handled by the file /etc/php.ini

Sending Email through PHP

The mail command of php allows sending of scripted email and is a useful function of php. However, it requires an sendmail compatible binary to be available or a local smtp server. The windows configuration just requires an smtp server but this option is not available in *nix.

After some research I discovered a neat work around using a small program called mini-sendmail - this is also bundled in the .pet
mini-sendmail allows you to specify a remote smtp server to use to forward your email from the php mail command. The configuration is straight forward and described inside the php.ini (see extract of php.ini below) that you should open with geany to modify for the smtp server you can access.

/etc/php.ini
	<snip>

	; mini_sendmail included with this distribution to prevent reliance on full send
	mail
	; mini_sendmail takes parameters:
	; -f the from email address
	; -s the smtp server to direct the email through - this allows a third party smt
	p server to be used
	; if the -s parameter is ommmitted then the localhost is assumed to be the smtp
	server
	; -t required for sendmail compatibility??
	sendmail_path = /usr/local/bin/mini_sendmail -fyouremail@youremaildomain.com -
	ssmtp.yourISP.com -t 

	</snip> 

Where youremail@youremaildomain.com is the email address you wish to be reported as the sender of email coming from your web-server. and smtp.yourISP.com is an smtp server that your web-server can access.

Change Log and Possible Issues


- LAMP-6.16-5.1.35-5.2.9.pet released August 2009 - Hiawatha to 6.16 mysql 5.1.35 php 5.2.9 and phpMyAdmin 3.1.5
- LAMP-6.14-5.1.34-5.2.9.pet released June 2009 - Hiawatha 6.14, mysql 5.1.35 php 5.2.9 and phpMyAdmin to 3.1.5
- LAMP-6.11-5.1.31-5.2.8.pet released March 2009 - Hiawatha 6.11 mysql 5.1.31 and php 5.2.8

The version before in December 2008 I added the libmcrypt.so library that created a problem in 4.1.1 and 4.1.2 - the fast cgi php daemons would not start because of this missing library and hiawatha would report service not available for php scripts.

Another issue that I experienced with gray's marvellous puppy-NOP pupplet was that the sticky bit was set on the /tmp directory - this prevented php running as the user nobody from creating session files in the /tmp directory. I had to run

#chmod -R 777 /tmp

before things would work as advertised

Notes on Compiling the Applications


PHP

Got the mcrypt library into /usr/lib then used the following to configure PHP
#./configure --prefix=/usr/local --without-pear --enable-fastcgi
--enable-ftp --with-bz2 --with-gd --with-gettext
--with-mysql=/usr/local --with-mysqli --enable-wddx --enable-mbstring
--with-mcrypt=/usr/lib

mysql

configured to run as the user nobody
#CFLAGS="-O3" CXX=gcc CXXFLAGS="-O3 -felide-constructors
-fno-exceptions -fno-rtti" ./configure --enable-assembler
--with-mysqld-ldflags=-all-static --without-docs --without-man
--with-mysqld-user=nobody --with-unix-socket-path=/tmp --without-debug
--without-ndb

Hiawatha - from Barry's blog

Here is how I compiled and installed it:
#export webrootdir=/root/httpd/hiawatha
# ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --build=i486-t2-linux-gnu --enable-xslt
# make
# new2dir make install




Categories
CategoryAdditionalSoftware
CategoryHowTo
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki