When developing your application, you should give write permission to you application directory (app/) as views are converted to plain PHP and locale files are updated automatically.
Once you stop modifying your code you remove write access to your web server.
If you want to use caching you should also make your cache/ folder writable.
Thanks, bermi, for your answer.
Another question, quite unrelated to akelos, but rather to my first question..
Do you (or someone else in this forum) know a way to make Apache running with current user permissions? This is the situation now. Apache runs under user/group www, and it creates a potential security risk.. I'd like to have the PHP scripts to be run under the user that owns the scripts so there wouldn't be need to change permissions. Is it possible?
-jyrki
The approach that Akelos has for bypassing this common situation in many PHP hots is to write files using an FTP/s account. Just create an FTP account for that user and it will write the files using its own uid. This will also work on the apps you code if you use the Ak::file_puts_contents method. Some people don't like this approach due FTP insecurity, but you can just use a firewall to allow access to port 21 to localhost.
Another approach is to use suexec, but then your scripts will run as cgi and that will not perform as well as mod_php.
A simpler solution is to add your user to the www group so you can modify the files it generates.
And the last one, which I haven't tried myself, is to tell Apache to setgid bit by default, so all files uploaded through apache will still have the group of the account.
Hi!
I went the cgi path and installed lighttpd with fcgi.. It seems to work pretty well. And the scripts are executed as the owner, at least according to the permissions of the compiled views.. One question, though. This way there's several (right now 7) instances of php-cgi. Does anyone have an idea wether these will be always present, or will they die after a certain period of time.
If someone wants to, I could make some kind of tutorial over this procedure for Mac.. Here is a good, common tutorial, though.
-jyrki
I'm not sure about this, but it is possible that lighttpd is pre-forking php cgi scripts to respond requests faster.
If you could write up a guide for the process you ran through I'll happily run the unit tests under your environment to ensure that everything works OK in advance as I've never tested Akelos under Lighttpd.
It should work OK, but some .htaccess directives might need to be adapted for lighttpd.
Hi,
I'll write the guide tomorrow, if it's ok. It's 23.23 now in Finland, so I'd like to go to sleep ;)
About those .htaccess problems. I ran into them right after I posted the last post, mostly because I didn't test short URIs before posting. There's certainly some magic that needs to be done..
-jyrki
I found this here
lighttpd doesn't support per-directory config files and it doesn't understand the Apache file format at all. Use something like
url.rewrite = ( "^[^/]+" => "/player/$0.php" )in your lighttpd config file.
So it seems quite problematic to do all that magic.
I found also these handling the subject:
Now I'll go to sleep - this time for real =)
-jyrki
Good morning everyone!
The tutorial is now written. Please correct every error (and misspelling) =)
-jyrki
Nice write up!
I'll follow the tutorial and will make Akelos work with nice URLs on lighthttpd
Can you tell me which lighttpd version does the ports collection install?
lighttpd -v
I've read that lighttpd-1.4.15 and up come with mod_magnet which can handle rewrite rules in a less hackish way than older versions.
Hello,
The version is lighttpd-1.4.15.
If you replace the sudo port install lighttpd with sudo port install lighttpd-devel you'll get lighttpd-1.5.0-r1691.
I wonder whether this this new version will support rewriting the URI even better..
-jyrki
I could install lighttpd but could not make URL rewrite work.
I don't have much time for this right now as I really want to get the new documentation site ready SOON, so if you have some time to play with it, let me know if you succeed.
This is what I've got so far:
./lighttpd.conf
# Default configuration file for the lighttpd web server
# Start using ./script/server lighttpd
server.bind = "0.0.0.0"
server.port = 3000
static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc" )
index-file.names = ( "index.php" )
server.modules = ( "mod_accesslog", "mod_fastcgi", "mod_compress", "mod_expire" )
server.document-root = CWD + "/public/"
server.errorlog = CWD + "/log/lighttpd.error.log"
accesslog.filename = CWD + "/log/lighttpd.access.log"
$HTTP["url"] =~ "^/" {
index-file.names = ( "index.php" )
magnet.attract-physical-path-to = ( CWD + "/lib/AkActionController/lighttpd/akelos.lua" )
}
compress.filetype = ( "text/plain", "text/html", "text/css", "text/javascript" )
compress.cache-dir = CWD + "/tmp/cache"
expire.url = ( "/favicon.ico" => "access 3 days",
"/images/" => "access 3 days",
"/stylesheets/" => "access 3 days",
"/javascripts/" => "access 3 days" )
mimetype.assign = (
".pdf" => "application/pdf",
".sig" => "application/pgp-signature",
".spl" => "application/futuresplash",
".class" => "application/octet-stream",
".ps" => "application/postscript",
".torrent" => "application/x-bittorrent",
".dvi" => "application/x-dvi",
".gz" => "application/x-gzip",
".pac" => "application/x-ns-proxy-autoconfig",
".swf" => "application/x-shockwave-flash",
".tar.gz" => "application/x-tgz",
".tgz" => "application/x-tgz",
".tar" => "application/x-tar",
".zip" => "application/zip",
".mp3" => "audio/mpeg",
".m3u" => "audio/x-mpegurl",
".wma" => "audio/x-ms-wma",
".wax" => "audio/x-ms-wax",
".ogg" => "application/ogg",
".wav" => "audio/x-wav",
".gif" => "image/gif",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".png" => "image/png",
".xbm" => "image/x-xbitmap",
".xpm" => "image/x-xpixmap",
".xwd" => "image/x-xwindowdump",
".css" => "text/css",
".html" => "text/html",
".htm" => "text/html",
".js" => "text/javascript",
".asc" => "text/plain",
".c" => "text/plain",
".cpp" => "text/plain",
".log" => "text/plain",
".conf" => "text/plain",
".text" => "text/plain",
".txt" => "text/plain",
".dtd" => "text/xml",
".xml" => "text/xml",
".mpeg" => "video/mpeg",
".mpg" => "video/mpeg",
".mov" => "video/quicktime",
".qt" => "video/quicktime",
".avi" => "video/x-msvideo",
".asf" => "video/x-ms-asf",
".asx" => "video/x-ms-asf",
".wmv" => "video/x-ms-wmv",
".bz2" => "application/x-bzip",
".tbz" => "application/x-bzip-compressed-tar",
".tar.bz2" => "application/x-bzip-compressed-tar"
)
# Making sure file uploads above 64k always work when using IE or Safari
# For more information, see http://trac.lighttpd.net/trac/ticket/360
$HTTP["useragent"] =~ "^(.*MSIE.*)|(.*AppleWebKit.*)$" {
server.max-keep-alive-requests = 0
}
./lib/AkActionController/lighttpd/akelos.lua
function file_exists(path)
local attr = lighty.stat(path)
if (attr) then
return true
else
return false
end
end
function removePrefix(str, prefix)
return str:sub(1,#prefix+1) == prefix.."/" and str:sub(#prefix+2)
end
-- local prefix = '/akelos'
local prefix = ''
if (not file_exists(lighty.env["physical.path"])) then
request_uri = removePrefix(lighty.env["uri.path"], prefix)
if request_uri then
lighty.env["uri.path"] = prefix .. "/index.php"
local uriquery = lighty.env["uri.query"] or ""
lighty.env["uri.query"] = uriquery .. (uriquery ~= "" and "&" or "") .. "ak=" .. request_uri
lighty.env["physical.rel-path"] = lighty.env["uri.path"]
lighty.env["request.orig-uri"] = lighty.env["request.uri"]
lighty.env["physical.path"] = lighty.env["physical.doc-root"] .. lighty.env["physical.rel-path"]
end
end
When I run
lighttpd -f lighttpd.conf
I get the error "(server.c.849) Configuration of plugins failed. Going down."
Hi,
I'll try to find some time.. I'd really like to find the way to use lighttpd with Akelos. One question, though. Where should these files live? In akelos framework directory, or in my application directory?
-jyrki
lighttpd.conf in your Application directory, besides .htaccess
./lib/AkActionController/lighttpd/akelos.lua in the Akelos directory
Erm, I understand the path to the akelos.lua file, but still have problems understanding where should the lighttpd.conf file live. You said it should be besides .htaccess - so in ./public/. Did I misunderstand you?
-jyrki
No, you are right.
Anyhow, the path doesn't really matter as we need to supply it manually to the lighttpd command.
Once we have it working we will need to make it work using something like
./script/server lighttpd
Which will do all the dirty guessing work for us.
BTW check out CWD + "/tmp/cache" directives as they relate to the akelos AK_BASE_DIR, which is the framework dir as it is checked out from the trunk.
Hello,
Running this
lighttpd -f config/lighttpd/lighttpd.conf
results in
2007-07-17 21:51:54: (server.c.872) WARNING: unknown config-key: magnet.attract-physical-path-to (ignored)
CWD + "/tmp/cache" (and others) seems to be relative to Application directory (e.g. /Users/jyrkililja/Development/akelos/cms/)
-jyrki
The problem seems to be with mod_magnet and OS X. Mod_magnet needs Lua in order to work and installing it via MacPorts doesn't work, I read.
-jyrki
EDIT: Now it works - partially. I get error 500...
sudo port install lighttpd +cml
should be something of help
Too bad :(
We might follow the mod_rewrite path adding something like this to lighttpd.conf
server.modules = (
"mod_rewrite",
)
server.error-handler-404 = "/lighttpd_index.php"
And then creating a file at public/lighttpd_index.php with this snippet from http://drupal.org/node/20766#comment-35510
<?php
if (empty($_GET['ak'])) {
$query = strpos(request_uri(), '?');
$request= $query ? substr(request_uri(), 0, $query) : request_uri();
$path = substr($request, strlen(trim(dirname($_SERVER['SCRIPT_NAME']), '/'))+1);
if ($path != '/' && $path != '/lighttpd_index.php') {
$_GET['ak'] = $path;
}
}
include_once('index.php');
?>
Now I do get error 403 in root and 404 when trying to access /stylesheets/, /images/ or /javascripts/ following the mod_magnet path. :/
-jyrki
Yay, it works!!
The only drawback is I need to run the lighttpd process as root or otherwise it says the following:
2007-07-17 22:58:22: (mod_fastcgi.c.1333) [ERROR]: spawning fcgi failed.
2007-07-17 22:58:22: (server.c.849) Configuration of plugins failed. Going down.
The new lighttpd.conf file looks like this:
# Default configuration file for the lighttpd web server
# Start using ./script/server lighttpd
server.bind = "0.0.0.0"
server.port = 3000
static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc" )
index-file.names = ( "index.php" )
server.modules = ( "mod_accesslog", "mod_fastcgi", "mod_compress", "mod_expire", "mod_magnet" )
server.document-root = CWD + "/public/"
server.errorlog = CWD + "/log/lighttpd.error.log"
accesslog.filename = CWD + "/log/lighttpd.access.log"
fastcgi.server = (
".php" => ((
"bin-path" => "/opt/local/bin/php-cgi",
"socket" => "/opt/local/var/run/php5/php.socket"
))
)
$HTTP["url"] =~ "^/" {
index-file.names = ( "index.php" )
magnet.attract-physical-path-to = ( CWD + "/../akelos/lib/AkActionController/lighttpd/akelos.lua" )
}
compress.filetype = ( "text/plain", "text/html", "text/css", "text/javascript" )
compress.cache-dir = CWD + "/tmp/cache"
expire.url = ( "/favicon.ico" => "access 3 days",
"/images/" => "access 3 days",
"/stylesheets/" => "access 3 days",
"/javascripts/" => "access 3 days" )
mimetype.assign = (
".pdf" => "application/pdf",
".sig" => "application/pgp-signature",
".spl" => "application/futuresplash",
".class" => "application/octet-stream",
".ps" => "application/postscript",
".torrent" => "application/x-bittorrent",
".dvi" => "application/x-dvi",
".gz" => "application/x-gzip",
".pac" => "application/x-ns-proxy-autoconfig",
".swf" => "application/x-shockwave-flash",
".tar.gz" => "application/x-tgz",
".tgz" => "application/x-tgz",
".tar" => "application/x-tar",
".zip" => "application/zip",
".mp3" => "audio/mpeg",
".m3u" => "audio/x-mpegurl",
".wma" => "audio/x-ms-wma",
".wax" => "audio/x-ms-wax",
".ogg" => "application/ogg",
".wav" => "audio/x-wav",
".gif" => "image/gif",
".jpg" => "image/jpeg",
".jpeg" => "image/jpeg",
".png" => "image/png",
".xbm" => "image/x-xbitmap",
".xpm" => "image/x-xpixmap",
".xwd" => "image/x-xwindowdump",
".css" => "text/css",
".html" => "text/html",
".htm" => "text/html",
".js" => "text/javascript",
".asc" => "text/plain",
".c" => "text/plain",
".cpp" => "text/plain",
".log" => "text/plain",
".conf" => "text/plain",
".text" => "text/plain",
".txt" => "text/plain",
".dtd" => "text/xml",
".xml" => "text/xml",
".mpeg" => "video/mpeg",
".mpg" => "video/mpeg",
".mov" => "video/quicktime",
".qt" => "video/quicktime",
".avi" => "video/x-msvideo",
".asf" => "video/x-ms-asf",
".asx" => "video/x-ms-asf",
".wmv" => "video/x-ms-wmv",
".bz2" => "application/x-bzip",
".tbz" => "application/x-bzip-compressed-tar",
".tar.bz2" => "application/x-bzip-compressed-tar"
)
# Making sure file uploads above 64k always work when using IE or Safari
# For more information, see http://trac.lighttpd.net/trac/ticket/360
$HTTP["useragent"] =~ "^(.*MSIE.*)|(.*AppleWebKit.*)$" {
server.max-keep-alive-requests = 0
}
I'll update the wiki page tomorrow.
-jyrki
And again an notification error :(
Good morning!
What a wonderful morning: the Sun is behind clouds, it's raining etc. But - akelos works with ligghtpd now with the pretty URIs and everything! =)
Hopefully I updated the wiki page correctly because I've been doing so much tweeking around this subject I can't remember everything anymore... If you, bermi, would like to check it, I'd be glad. Thanks for your help!
http://wiki.akelos.org/setting-up-akelos-on-lighttpd-in-a-mac
-jyrki
Good morning Jyrki,
Those are great news. I've added a new task into the development site for integrating it in with Akelos so there is no need to go over steps 4.1 and 5.
It would be nice to integrate it using a "script/server lighttpd" command like in Rails. If you are interested in doing this (no obligation here) let me know so I can guide you through the process of creating a core testing environment.
Anyhow, thanks for the Job. Feel free to add a link from the Wiki home to your guide so it can be reached easily.
I'd like to help as much as I can. My skills are still in its infancy but I will develop them (is it right word, just wondering...) How should I add the link to the Wiki home? Is there any "rules" for links there? Sidebar or such?
Questions, questions and questions ;)
-jyrki
There are no rules on the Wiki yet, although I would like it to have similar content and Layout than wiki.rubyonrails.com
Just use the playgroung to try stuff, and have a look into the syntax page
I'll continue in this topic, because this has changed into lighttpd topic :)
Now I have a problem that every URL Akelos generates contains port specification twice, e.g. http://ijyrki.local:3000:3000/user/login. Any ideas how to solve this?
-jyrki
There's nothing else than:
function index()
{
$this->redirectToAction('login');
}
That creates the error as does:
<h2>_{Log In}</h2>
<?php $f = $form_helper->form_for('User', $User, array('url' => array('controller' => 'user', 'action' => 'login'))); ?>
<label for="User[Username]">_{Username: }</label><?= $f->text_field('Username'); ?><br />
<label for="User[Password]">_{Password: }</label><?= $f->password_field('Password'); ?><br />
<input name="commit" type="submit" value="_{Log In}" />
</form>
-jyrki
Oh, the server is lighttpd with the same configuration find in the tutorial..
Good morning!
Workaround is to set the AK_SERVER_PORT to empty string.
define('AK_SERVER_PORT', '');
-jyrki
Jyrki, have you tried to use the config/boot.php from the svn repository?. I did some changes to the way ports are handled some days ago.
That might be the problem.
I should have rev 292. Do I need to create the program again after I have updated the source?
-jyrki
Ok. I updated the framework, copied the config/boot.php to my application and the problem still stays. I'll just use the workaround I introduced in my last message until there's a "real" solution.
-jyrki
1 to 34 of 34