[HOWTO] Spotweb inside a Jail
Posted: 26 Nov 2013 20:44
Create and login into a Jail
Modify the /usr/local/etc/lighttpd/lighttpd.conf file by adding the following anywhere:
Other modifications to the config file will be done to protect from directory listing. Add the following to lighttpd.conf, anywhere (I used the bottom of the file):
Now we need to personalize the lighttpd config, by supplying the appropriate values for the following variables:
The next thing is to enable the fast-cgi module. Do this by editing /usr/local/etc/lighttpd/modules.conf, and uncommenting the following line by removing the '#':
Edit the /usr/local/etc/lighttpd/conf.d/fastcgi.conf file by adding the following code:
Edit the lighttpd mime configuration /usr/local/etc/lighttpd/conf.d/mime.conf, and add the following to the list someplace:
We are now done editing conf files (THANK GOODNESS). If you have made a mistake, you can check the config file's syntax with:
Create database:
Create user spotweb:
Set permissions for user spotweb:
Configure PHP
Configure PHP timezone (list of timezones http://php.net/manual/en/timezones.php )
Edit /usr/local/etc/php.ini-development
Find this line:
and change it to:
save it as php.ini or rename /usr/local/etc/php.ini-development to /usr/local/etc/php.ini
Don't forget to uncomment the line by removing the semicolon ;
Start Lighttpd
Spotweb installation
https://ip.to.your.server:port/install.php
Optional: configure a cronjob to auto-update Spotweb database /etc/crontab
Add this line somewhere at the bottom, to retrieve new spots hourly:
Code: Select all
pkg_add -r php5-extensions
pkg_add -r php5-xmlrpc
pkg_add -r php5-gettext
pkg_add -r php5-mcrypt
pkg_add -r php5-mbstring
pkg_add -r php5-zip
pkg_add -r php5-gd
pkg_add -r php5-zlib
pkg_add -r php5-curl
pkg_add -r php5-mysql
pkg_add -r php5-openssl
pkg_add -r php5-pdo_mysql
pkg_add -r php5-mysqli
pkg_add -r php5-pgsql
pkg_add -r php5-pdo_pgsql
pkg_add -r php5-ftp
pkg_add -r mysql55-server
pkg_add -r lighttpd
pkg_add -r git
echo 'lighttpd_enable="YES"' >> /etc/rc.conf
echo 'mysql_enable="YES"' >> /etc/rc.conf
echo '[mysqld]' >> /var/db/mysql/my.cnf
echo 'skip-networking' >> /var/db/mysql/my.cnf
/usr/local/etc/rc.d/mysql-server start
mysql_secure_installation
cd ~
openssl genrsa -des3 -out server.key 1024
openssl rsa -in server.key -out no.pwd.server.key
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in /root/server.csr -signkey /root/server.key -out /root/server.crt
cat server.key server.crt > server.pem
cat no.pwd.server.key server.crt > server.pem
mkdir /usr/local/etc/lighttpd/ssl
cp server.crt /usr/local/etc/lighttpd/ssl
chown -R www:www /usr/local/etc/lighttpd/ssl/
chmod 0600 server.pem Code: Select all
ssl.engine = "enable"
ssl.pemfile = "/root/server.pem"
ssl.ca-file = "/usr/local/etc/lighttpd/ssl/server.crt"
ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
ssl.honor-cipher-order = "enable"
ssl.disable-client-renegotiation = "enable" Code: Select all
$HTTP["url"] =~ "^/data/" {
url.access-deny = ("")
}
$HTTP["url"] =~ "^($|/)" {
dir-listing.activate = "disable"
}
cgi.assign = ( ".php" => "/usr/local/bin/php-cgi" ) Code: Select all
server.port = 81 #example, you can use other
server.bind = "192.168.1.17"
server.use-ipv6 = "disable" #mandatory, unless you enable ipv6 for all jails
server.document-root = "/usr/local/www/spotweb"
var.server_root = "/usr/local/www/spotweb"
$SERVER["socket"] == "192.168.1.17:81" Code: Select all
#include "conf.d/fastcgi.conf" Code: Select all
fastcgi.server = ( ".php" =>
((
"socket" => "/tmp/php.socket",
"bin-path" => "/usr/local/bin/php-cgi",
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "16",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"min-procs" => 1,
"max-procs" => 1,
"idle-timeout" => 20
))
) Code: Select all
".svg" => "image/svg+xml",
".xht" => "application/xhtml+xml",
".xhtml" => "application/xhtml+xml",
".woff" => "application/x-font-woff",
".svgz" => "image/svg+xml", Code: Select all
lighttpd -t -f /usr/local/etc/lighttpd/lighttpd.conf Code: Select all
mysql -u root --password="YOURPASSWORD" -e "CREATE DATABASE spotweb;" Code: Select all
mysql -u root --password="YOURPASSWORD" -e "CREATE USER 'spotweb'@'localhost' IDENTIFIED BY 'spotweb';" Code: Select all
mysql -u root --password="YOURPASSWORD" -e "GRANT ALL PRIVILEGES ON spotweb.* TO spotweb @'localhost' IDENTIFIED BY 'spotweb';" Configure PHP timezone (list of timezones http://php.net/manual/en/timezones.php )
Edit /usr/local/etc/php.ini-development
Find this line:
Code: Select all
;date.timezone =Code: Select all
date.timezone = "Europe/Amsterdam"Don't forget to uncomment the line by removing the semicolon ;
Start Lighttpd
Code: Select all
/usr/local/etc/rc.d/lighttpd start Code: Select all
cd /usr/local/www
git clone https://github.com/spotweb/spotweb.git
chown -R www:www spotwebOptional: configure a cronjob to auto-update Spotweb database /etc/crontab
Add this line somewhere at the bottom, to retrieve new spots hourly:
Code: Select all
@hourly www cd /usr/local/www/spotweb && /usr/local/bin/php retrieve.php > /dev/null