FreeBSD v8.0 + Apache + Mysql + PHP “FAMP”

Primeiramente vamos instalar o mysql, para não ficarmos com dependências… para os amigos de primeira viagem no freebsd usamos os ports para instalação de pacotes, vamos suporte que eu esteja querendo instalar algum pacote e não sei seu diretório, entre em http://www.freshports.org/ e em search faça sua busca, não vou entrar em detalhes. Vamos à instalação:

ATUALIZANDO PORTS

# portsnap fetch
# portsnap extract
# portsnap update

MYSQL

# cd /usr/ports/databases/mysql51-server/
# make install clean

Options for libiconv (padrão)

O processo de compilação pode demorar vários minutos…

Agora vamos ativa-lo, após starta-lo e reiniciar nosso server para verificar se tudo esta ok.

# echo ‘mysql_enable=”YES”‘ >> /etc/rc.conf
# /usr/local/etc/rc.d/mysql-server start
# reboot
Adicionando uma senha a seu usuário root
# mysqladmin -u root password SUA_SENHA
# history -c

APACHE

# cd /usr/ports/www/apache22/
# make config

Quando for solicitado marque apenas as opções a baixo:

Apache2 Options

[X] THREADS               Enable threads support in APR
[X] MYSQL                 Enable MySQL support for apr-dbd
[X] IPV6                  Enable IPv6 support
[X] BDB                   Enable BerkeleyDB dbm
[X] AUTH_BASIC            Enable mod_auth_basic
[X] AUTH_DIGEST           Enable mod_auth_digest
[X] AUTHN_FILE            Enable mod_authn_file
[X] AUTHN_DBD             Enable mod_authn_dbd
[X] AUTHN_DBM             Enable mod_authn_dbm
[X] AUTHN_ANON            Enable mod_authn_anon
[X] AUTHN_DEFAULT         Enable mod_authn_default
[X] AUTHN_ALIAS           Enable mod_authn_alias
[X] AUTHZ_HOST            Enable mod_authz_host
[X] AUTHZ_GROUPFILE       Enable mod_authz_groupfile
[X] AUTHZ_USER            Enable mod_authz_user
[X] AUTHZ_DBM             Enable mod_authz_dbm
[X] AUTHZ_OWNER           Enable mod_authz_owner
[X] AUTHZ_DEFAULT         Enable mod_authz_default
[X] CACHE                 Enable mod_cache
[X] DISK_CACHE            Enable mod_disk_cache
[X] FILE_CACHE            Enable mod_file_cache
[X] DAV                   Enable mod_dav
[X] DAV_FS                Enable mod_dav_fs
[X] ACTIONS               Enable mod_actions
[X] ALIAS                 Enable mod_alias
[X] ASIS                  Enable mod_asis
[X] AUTOINDEX             Enable mod_autoindex
[X] CERN_META             Enable mod_cern_meta
[X] CHARSET_LITE          Enable mod_charset_lite
[Y] DBD                   Enable mod_dbd
[X] DEFLATE               Enable mod_deflate
[X] DIR                   Enable mod_dir
[X] DUMPIO                Enable mod_dumpio
[X] ENV                   Enable mod_env
[X] EXPIRES               Enable mod_expires
[X] HEADERS               Enable mod_headers
[X] IMAGEMAP              Enable mod_imagemap
[X] INCLUDE               Enable mod_include
[X] INFO                  Enable mod_info
[X] LOG_CONFIG            Enable mod_log_config
[X] LOGIO                 Enable mod_logio
[X] MIME                  Enable mod_mime
[X] MIME_MAGIC            Enable mod_mime_magic
[X] NEGOTIATION           Enable mod_negotiation
[X] REWRITE               Enable mod_rewrite
[X] SETENVIF              Enable mod_setenvif
[X] SPELING               Enable mod_speling
[X] STATUS                Enable mod_status
[X] UNIQUE_ID             Enable mod_unique_id
[X] USERDIR               Enable mod_userdir
[X] USERTRACK             Enable mod_usertrack
[X] VHOST_ALIAS           Enable mod_vhost_alias
[X] FILTER                Enable mod_filter
[X] VERSION               Enable mod_version
[X] PROXY                 Enable mod_proxy
[X] SSL                   Enable mod_ssl
[X] SUEXEC                Enable mod_suexec

Options for perl 5.8

[X] PERL_MALLOC    Use Perl malloc
[X] PERL_64BITINT  Use 64 bit integers (on i386)
[X] USE_PERL       Rewrite links in /usr/bin

Options for m4 (não marque nada)
[ ] LIBSIGSEGV  Use libsigsegv for better diagnostics

# make install clean clean-depends

Uma vez que o Apache está instalado corretamente, você deve configurar seu servidor. Primeiro, ativar o suporte a SSL e criar o certificado e arquivos fundamentais.

# echo ‘apache22_enable=”YES”‘ >> /etc/rc.conf

# echo ‘apache22ssl_enable=”YES”‘ >> /etc/rc.conf
# echo ‘accf_http_ready=”YES”‘ >> /etc/rc.conf
# kldload accf_http

# /usr/local/etc/rc.d/apache22 start

# cd /usr/local/etc/apache22/
# openssl genrsa -des3 -out server.key 1024
Generating RSA private key, 1024 bit long modulus
.++++++
……………++++++
e is 65537 (0x10001)
Enter pass phrase for server.key: SUA_SENHA
Verifying – Enter pass phrase for server.key: SUA_SENHA

# openssl req -new -key server.key -out server.csr
Enter pass phrase for server.key: SUA_SENHA
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [AU]:BR
State or Province Name (full name) [Some-State]:Rio Grande do Sul
Locality Name (eg, city) []:Fred. West.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:remontti
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=BR/ST=Rio Grande do Sul/L=Fred. West./O=remontti
Getting Private key
Enter pass phrase for server.key: SUA_SENHA

# chmod 0400 server.key server.crt
# cd /usr/local/www/apache22/
# mkdir ssl
# cd /usr/local/etc/apache22/
# vi httpd.conf

Comente as seguintes linhas:
#LoadModule authz_owner_module libexec/apache22/mod_authz_owner.so
#LoadModule file_cache_module libexec/apache22/mod_file_cache.so
#LoadModule cache_module libexec/apache22/mod_cache.so
#LoadModule disk_cache_module libexec/apache22/mod_disk_cache.so
#ScriptAlias /cgi-bin/ “/usr/local/www/apache22/cgi-bin/”

Descomente:
Include etc/apache22/extra/httpd-ssl.conf #(Fazendo isso quando vc reiniciar o serviço ou o Server será solicitado senha)
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
MIMEMagicFile etc/apache22/magic

Altere:
ServerAdmin seu@email.com
DirectoryIndex index.html index.htm

Adicione:
ServerSignature Off

# vi /usr/local/etc/apache22/extra/httpd-ssl.conf
Se vc desejar trocar o diretório do DocumentRoot para o seu diretório entre outras de acordo com suas necessidades.
DocumentRoot “/usr/local/www/apache22/XXXX”

# /usr/local/etc/rc.d/apache22 restart
Enter pass phrase: SUA_SENHA do ssl

PHP5

# cd /usr/ports/lang/php5
# make config

Options for php5 5.2.12   

[X] CLI        Build CLI version
[X] CGI        Build CGI version
[X] APACHE     Build Apache module
[X] DEBUG      Enable debug
[X] SUHOSIN    Enable Suhosin protection system (not for jails)
[X] MULTIBYTE  Enable zend multibyte support
[X] IPV6       Enable ipv6 support
[X] MAILHEAD   Enable mail header patch
[X] REDIRECT   Enable force-cgi-redirect support (CGI only)
[X] DISCARD    Enable discard-path support (CGI only)
[X] FASTCGI    Enable fastcgi support (CGI only)
[X] PATHINFO   Enable path-info-check support (CGI only)

# make install clean
# cp /usr/local/etc/php.ini-recommended /usr/local/etc/php.ini
# echo ‘#CONFIGURACAO PHP5’ >> /usr/local/etc/apache22/httpd.conf
# echo ‘AddType application/x-httpd-php .php’ >> /usr/local/etc/apache22/httpd.conf
# echo ‘AddType application/x-httpd-php-source .phps’ >> /usr/local/etc/apache22/httpd.conf
# vi /usr/local/etc/apache22/httpd.conf

Adicione ao DirectoryIndex deixando assim:
DirectoryIndex index.html index.htm index.php

# vi /usr/local/etc/php.ini
Altere: short_open_tag = On

PHP5-Extensions

# cd /usr/ports/lang/php5-extensions
# make install clean

PHP5-Extensions Options
[X] BZ2         bzip2 library support
[X] CTYPE       ctype functions
[X] CURL        CURL support
[X] DBA         dba support
[X] DOM         DOM support
[X] FILEINFO    fileinfo support
[X] FILTER      input filter support
[X] FTP         FTP support
[X] GD          GD library support
[X] HASH        HASH Message Digest Framework
[X] ICONV       iconv support
[X] IMAP        IMAP support
[X] JSON        JavaScript Object Serialization support
[X] MCRYPT      Encryption support
[X] MHASH       Crypto-hashing support
[X] MYSQL       MySQL database support
[X] PDO         PHP Data Objects Interface (PDO)
[X] PDO_SQLITE  PDO sqlite driver
[X] POSIX       POSIX-like functions
[X] SESSION     session support
[X] SHMOP       shmop support
[X] SIMPLEXML   simplexml support
[X] SOAP        SOAP support
[X] SOCKETS     sockets support
[X] SPL         Standard PHP Library
[X] SQLITE      sqlite support
[X] TOKENIZER   tokenizer support
[X] XML         XML support
[X] XMLREADER   XMLReader support
[X] XMLRPC      XMLRPC-EPI support
[X] XMLWRITER   XMLWriter support
[X] ZIP         ZIP support

Deixe marcado o que esta por padrão para todas as próximas opções

# /usr/local/etc/rc.d/apache22 restart

PhpMyAdmin

# cd /usr/ports/databases/phpmyadmin211/

# make install clean

Options for phpMyAdmin211 2.11.9.6

[ ] SUPHP     suPHP support
[X] BZ2       bzip2 library support
[X] GDGD 	  library support
[X] OPENSSL   OpenSSL support
[X] PDF       PDFlib support (implies GD)
[X] ZLIB      ZLIB support
[X] MCRYPT    MCrypt library support
[X] MBSTRING  Multi-byte character-set string support

# cp /usr/local/www/phpMyAdmin211/libraries/config.default.php /usr/local/www/phpMyAdmin211/config.inc.php

# vim /usr/local/www/phpMyAdmin211/config.inc.php
Altere: $cfg[‘Servers’][$i][‘auth_type’] = ‘config’;
para: $cfg[‘Servers’][$i][‘auth_type’] = ‘http‘;

Adicione no httpd.conf
# /usr/local/etc/apache22/httpd.conf

Alias /phpmyadmin "/usr/local/www/phpMyAdmin211/"

<Directory "/usr/local/www/phpMyAdmin211/">
    Options none
    AllowOverride Limit

    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1 ip_da_sua_rede

Isso ai galera, abraço!