On 11/24/06, otrcomm <otrcomm isp-systems.net> wrote:
> i found a tutorial about setting up plone/zope to run
under apache 2,
http://plone.org/documentation/tutorial/plone-apache,
but i do
> not know enough about apache 2 to translate the
instructions to apache 1.3.34.
>
> could someone point me to a tutorial for apache 1.3.34,
or help me with the setup?
They're very similar. Here's my install notes (nb. these are
slightly
out of date, so an upgrade is required. This install has
since been
updated to Python 2.4.4, (PIL rebuilt), Zope 2.9.5, Plone
2.5.1 Those
notes are in my server diary which I won't be releasing, but
you can
probably use the newer versions straight up.
Make sure you set the server name in httpd.conf and
ssl.conf,
otherwise it should be all as is written here. These haven't
been
approved as secure yet, but this will get you to a working
installation.
Cheers,
Ben
---
Minimum CentOS 3 text install, all defaults, except remove
any optional packages
Plone 2.5
Zope 2.9.3
--------------------
1. Install GPG key
--------------------
# rpm --import
http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-3
you're meant to do it off the CD-ROM, but at least this will
work if
you don't have it.
-------------
2. Firewall
-------------
* Open ports for: SSH (probably safer on a non-standard
port - fix
this later), FTP, SMTP (may not be needed), WEB - may need
adjusting
for testing, Zope Web server (8080 - may need adjusting)
# yum install vim-enhanced
* Edit /etc/sysconfig/iptables and add the following lines
just
before the first line with REJECT on it:
-A RH-Firewall-1-INPUT state --state NEW -m tcp -p tcp
--dport 21 -h ACCEPT
-A RH-Firewall-1-INPUT state --state NEW -m tcp -p tcp
--dport 22 -h ACCEPT
-A RH-Firewall-1-INPUT state --state NEW -m tcp -p tcp
--dport 25 -h ACCEPT
-A RH-Firewall-1-INPUT state --state NEW -m tcp -p tcp
--dport 80 -h ACCEPT
-A RH-Firewall-1-INPUT state --state NEW -m tcp -p tcp
--dport 8080 -h ACCEPT
* Also need port 9080 open for second ZEO client's
webserver.
-----------
3. Update
-----------
# yum update
-------------------
4. Extra Packages
-------------------
Needed before setting up the latest Python and PIL.
# yum install gcc gcc-c++ zlib-devel libjeg-devel
freetype-devel
tcl-devel tk-devel
-----------
5. Python
-----------
* wget the latest Python (2.4.3 at time of writing) and
install with defaults:
./configure --prefix=/opt/python
make
make install
--------
6. PIL
--------
* wget and install the latest PIL (1.1.5 at the time of
writing)
/opt/python/bin/python setup.py build_ext -i
/opt/python/bin/python selftest.py
/opt/python/bin/python setup.py install
---------
7. Zope
---------
v 2.9.4 at the time of writing
Install Zope with ZEO, as per
http://plone.org/documentation/tutorial/robust-instal
lation - as
detailed below:
1.
# adduser zope
# mkdir /opt/zope
# cd /opt/zope
# mkdir pub0 sec0 products zeo
2.
$ ./configure --prefix=/opt/zope/z2.9.4-p2.4.3
--with-python=/opt/python/bin/python
$ make
# make install
3.
# cd /opt/zope
# ln -s z2.9.4-p2.4.3 zope
# /opt/python/bin/python zope/bin/mkzeoinstance.py zeo 8100
4.
# vim zeo/etc/zeo.conf
* change the socket directory from etc to var:
replace:
socket-name $INSTANCE/etc/zeo.zdsock
with:
socket-name $INSTANCE/var/zeo.zdsock
(otherwise you won't be able to start zeo using zeoctl)
* uncomment 'user zope'
5.
# /opt/python/bin/python zope/bin/mkzopeinstance.py
--dir=pub0
# /opt/python/bin/python zope/bin/mkzopeinstance.py
--dir=sec0
With the sites as:
pub0 #this will be used for the public site, possibly with a
secure
login to a members area
mem0 #optional - with a secure login for the members,
sec0 #this will be used as a totally secure site for the
administration
# chown -R dogsbody:dogsbody /opt/zope
6.
make changes to zope.conf for each instance, as per
tutorial.
when changing the zope.conf for the second site, uncomment
portbase,
instead of changing the ports. (UNTESTED: If using more than
two
clients, increase portbase by 1000 for each additional
client)
each successive Zope instance will overwrite the primary ZMI
user and
password data.
The exact configuration w.r.t. number of instances will
depend on how
RAM usage can best be reduced.
7.
chgrp zope zeo/var zeo/log pub0/var pub0/log sec0/var
sec0/log
chmod g+w zeo/var zeo/log pub0/var pub0/log sec0/var
sec0/log
----------
8. Plone
----------
As per ht
tp://plone.org/documentation/how-to/closing-site
NB. This blocks all sites in the ZODB, possibly better to
implement on
a per-site basis.
* Site Setup > Portal Settings:
Set 'Allow Anonymous Users To View About Information' to
'No'
* Stop anonymous users from viewing content in the visible
(public
draft) state. Make the same changes to restrictions for the
'Access
contents information' permission and the make both changes
to the
'Pending' state as well, see:
http://plone.org/documentation/how-to/displaying-only-201
cpublished201d-items-in-folder-listings-to-anonymous-users
------------
10. Apache
------------
#yum install httpd mod_ssl
Setup a Virtalhost (!!!NB: This needs to be checked to
ensure it isn't
an open proxy)
Use the RewriteRule structure specified here:
http://plone.org/documentation/tutorial/plone-ap
ache/virtualhost
In particular:
* Enable virtual hosting:
NameVirtualHost *:80
* Configure the VirtualHost,
* NB: replace 'plone-site-folder' wit whatever your plone
site is called.
* NB. Change the rewrite log level or comment it out when
it's working.
<VirtualHost *:80>
RewriteEngine On
RewriteLog "/var/log/httpd/rewrite_log"
RewriteLogLevel 1
RewriteRule ^/(.*)
http://l
ocalhost:8080/VirtualHostBase/http/%:80/plo
ne-site-folder/VirtualHostRoot/$1
[P]
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
---------
11. SSL
---------
In /etc/httpd/conf.d/ssl.conf make sure the Virtual host is
setup with
Rewrite rules:
RewriteEngine On
RewriteRule ^/(.*)
http://
localhost:9080/VirtualHostBase/https/%:443/
plone-site-folder/$1
[P]
NB: set 'plone-site-folder' to whatever your plone site
folder name
is, or omit it entirely if you want to give access to the
whole ZMI.
You will also need to configure the Servername variable. eg.
Severname: domainname.tld:443
http
://plone.org/documentation/how-to/apache-ssl
http://plone.org/documentation/tutorial/plone-ap
ache/virtualhost
http://plone.org/documentation/ho
w-to/secure-login-without-plain-text-passwords
_______________________________________________
Setup mailing list
Setuplists.plone.org
http://
lists.plone.org/mailman/listinfo/setup
|
