Web Server (apache) and DNS (bind) setup on a MacMini using Homebrew
- Online references
- Common pitfalls, problems
- XCODE - command line tools
- BREW
- APACHE
- PHP
- CERTBOT - Let's Encrypt
- HTTP2
- BIND
- Network Performance tools
- MacMini Setup (for SC/webcam/demo)
- How this page is made
Online references |
||
The previous Apple server software needs to be completely uninstalled and out of the window! |
||
Common pitfalls, problems |
||
|
||
XCODE - command line tools |
||
| S | install Xcode |
|
| S | xcode-select --install | Apple's command line tools need to be installed |
BREW |
||
| S | ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" | |
| T | brew --version | https://docs.brew.sh/FAQ |
| O | brew update | |
| O | brew upgrade | to upgrade all installed programs to newest version. |
| O | brew doctor | |
| O | sudo chown -R "$USER":admin /usr/local sudo chown -R "$USER":admin /Library/Caches/Homebrew |
to correct prmissions |
| S | brew install openldap libiconv | |
APACHE |
||
| S | sudo apachectl stop | |
| S | sudo launchctl unload -w /System/Library/LaunchDaemons/org.apache.httpd.plist | |
| S | brew install httpd |
|
| O | sudo brew services start httpd |
|
| T | ps -aef | grep httpd |
|
| O | sudo brew services restart httpd |
|
| T | tail -f /usr/local/var/log/httpd/error_log |
|
| O | sudo apachectl stop | |
| O | sudo apachectl -k restart | |
| T | sudo apachectl -S | to get setup paths |
| T | apachectl configtest | test |
| S | bbedit /usr/local/etc/httpd/httpd.conf |
|
| S | HTTPD edits including vhosts:
|
|
| S | vhosts, Include catch directory and for vhosts:
edit: /usr/local/etc/httpd/extra/httpd-vhosts.conf <VirtualHost *:80> DocumentRoot "/usr/local/var/www" ServerName catch.delaat.net </VirtualHost> <Directory "/usr/local/var/www"> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> <VirtualHost *:80> DocumentRoot "/Users/delaat/Sites" ServerName delaat.net ServerAlias alias.delaat.net </VirtualHost> <Directory "/Users/delaat/Sites"> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> DocumentRoot "/usr/local/var/www" ==> DocumentRoot "/Users/delaat/Sites" Directory "/usr/local/var/www" ==> Directory "/Users/delaat/Sites" |
|
PHP |
||
| S | brew install php | DOES NOT WORK BECAUSE OF mod_mpm_event.so incompatible caching regimes! |
| S | To enable PHP in Apache add the following to httpd.conf and restart Apache: LoadModule php7_module /usr/local/opt/php/lib/httpd/modules/libphp7.so <FilesMatch \.php$> SetHandler application/x-httpd-php </FilesMatch> Finally, check DirectoryIndex includes index.php DirectoryIndex index.php index.html The php.ini and php-fpm.ini file can be found in: /usr/local/etc/php/7.3/ To have launchd start php now and restart at login: brew services start php Or, if you don't want/need a background service you can just run: php-fpm |
|
CERTBOT - Let's Encrypt |
||
| S | sudo install -d -o $(whoami) -g admin /usr/local/Frameworks | |
| S | brew install certbot | |
| S | HTTPD edits: Uncomment:
add at the end: <IfModule mod_ssl.c> create if needed httpd-vhosts-le-ssl.conf <VirtualHost *:443> and in httpd-vhosts.conf e.g.: <VirtualHost *:80> |
|
| S | sudo certbot --apache or sudo certbot --apache --staging and after successful testing: sudo certbot --apache --force-renewal |
|
| O | sudo certbot renew --dry-run | |
| O | sudo certbot renew | for production |
| O | sudo certbot certificates | |
| S | /Library/LaunchDaemons/com.letsencrypt.renew.plist sudo vi /Library/LaunchDaemons/com.letsencrypt.renew.plist put in that file the xml below here: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>GroupName</key> <string>staff</string> <key>InitGroups</key> <true/> <key>Label</key> <string>com.letsencrypt.renew</string> <key>ProgramArguments</key> <array> <string>/usr/local/bin/certbot</string> <string>renew</string> </array> <key>StandardErrorPath</key> <string>/tmp/com.letsencrypt.renew.stderr</string> <key>StandardOutPath</key> <string>/tmp/com.letsencrypt.renew.stdout</string> <key>StartCalendarInterval</key> <dict> <key>Hour</key> <integer>4</integer> <key>Minute</key> <integer>1</integer> </dict> <key>UserName</key> <string>root</string> </dict> </plist> |
https://gist.github.com/jgillman/8b29c5d75f9fbcf30d55f1a0de535c5d |
| S | sudo chmod 644 /Library/LaunchDaemons/com.letsencrypt.renew.plist sudo chown root:wheel /Library/LaunchDaemons/com.letsencrypt.renew.plist sudo launchctl load /Library/LaunchDaemons/com.letsencrypt.renew.plist sudo launchctl start com.letsencrypt.renew sudo launchctl list | grep -i letsencrypt |
|
| O | tail -f /tmp/com.letsencrypt.renew.stderr tail -f tmp/com.letsencrypt.renew.stdout |
|
HTTP2 |
||
| S | HTTPD edits to enable http2
|
|
BIND |
||
| S | brew install bind | |
| O | sudo brew services start bind | |
| O | sudo brew services restart bind | |
| O | sudo brew services stop bind | |
| S | /usr/local/etc/named.conf | |
| S | /usr/local/var/named/ | |
| T | host -t ns delaat.net | |
Network Performance tools |
||
| S |
brew install iperf iperf3 nuttcp bwctl owamp | https://fasterdata.es.net/performance-testing/network-troubleshooting-tools/ |
| iperf Server: iperf -s -i 4 -w 5m -N Client: iperf -i 4 -t 1000 -N -w 5M -l 1M -c servername |
||
| iperf3 Server: iperf3 -s -i 5 -N Client: iperf3 -i 4 -t 1000 -N -w 5M -l 1M -c servername |
||
| nuttcp Server: nuttcp -S Client: nuttcp servername |
runs a 10 second test, only on ipv4 |
|
MacMini Setup (for SC/webcam/demo) |
||
|
||
How this page is made |
||
|
||
