You are not logged in Log in Join
You are here: Home » Members » cavnit » Apache+mod_ssl+PCGI Virtual Serving
Log in
Name

Password

 
Link icon Forgot your password?
Print

Apache+mod_ssl+PCGI Virtual Serving

Created by . Last modified on 2003/08/05.

The following How To is based on a system running on RH 6.1, but has been tested on FreeBSD 3.3 as well.
I will be describing how to set it up on RedHat 6.1, for the domains domain1.com and domain2.com that
will only be serving content using zope.

All the source files are placed under: /usr/local/src
Apache is installed under: /usr/local/apache
OpenSSL is installed under: /usr/local/openssl
Zope is installed under: /usr/local/zope
domain1.com is installed under /home/sites/domain1.com
domain2.com is installed under /home/sites/domain2.com

Requirements:
Zope-2.1.0
Apache-1.3.9
Mod SSL 2.4.9-1.3.9
Python-1.5.2
OpenSSL-0.9.4

Download the following files to /usr/local/src

Install python-1.5.2

rpm -Uvh python-1.5.2-7.i386.rpm
rpm -Uvh python-devel-1.5.2-7.i386.rpm
rpm -Uvh python-tools-1.5.2-7.i386.rpm
rpm -Uvh python-docs-1.5.2-7.i386.rpm

Install OpenSSL-0.9.4

tar zxpvf openssl_0.9.4.tar.gz
cd openssl_0.9.4
./configure
make
make install

Install Apache-1.3.9 & mod_ssl-2.4.9-1.3.9

tar zxpvf apache_1.3.9.tar.gz
cd apache_1.3.9
./configure

tar zxpvf mod_ssl-2.4.9-1.3.9.tar.gz
cd mod_ssl-2.4.9-1.3.9
./configure --with-apache=../apache_1.3.9

cd apache_1.3.9
SSL_BASE=/usr/local ./configure --enable-module=ssl --enable-module=rewrite
make
make certificate
make install

Install Zope

tar zxpvf zope-2.1.0-src.tar.gz
mv zope-2.1.0-src /usr/local/zope
cd /usr/local/zope
python w_pcgi.py

write down the superuser password

Create the following directories

cd /home
mkdir sites
mkdir sites/domain1.com
mkdir sites/domain1.com/cgi-bin
mkdir sites/domain1.com/zope
mkdir sites/domain2.com
mkdir sites/domain2.com/cgi-bin
mkdir sites/domain2.com/zope
chown -R nobody.nogroup *

Copy the following files from /usr/local/zope

cp -R /usr/local/zope/var /home/sites/domain1.com/zope
cp /usr/local/zope/access /home/sites/domain1.com/zope
cp /usr/local/zope/Zope.cgi /home/sites/domain1.com/cgi-bin

Edit the Zope.cgi files for each domain as follows

domain1.com

vi /sites/domain1.com/cgi-bin/Zope.cgi

#!/usr/local/zope/pcgi/pcgi-wrapper
PCGI_NAME=Main
PCGI_MODULE_PATH=/usr/local/zope/lib/python/lib/python/Main.py
PCGI_PUBLISHER=/usr/local/zope/pcgi/pcgi_publisher.py
PCGI_EXE=/usr/bin/python
PCGI_SOCKET_FILE=/home/sites/domain1.com/zope/var/pcgi.pid
PCGI_ERROR_LOG=/home/sites/domain1.com/zope/var/pcgi.log
PCGI_DISPLAY_ERRORS=1
BOBO_REALM=/usr/local/zope/Zope.cgi
BOBO_DEBUG_MODE=1
INSTANCE_HOME=/home/sites/domain1.com/zope

domain2.com

vi /sites/domain2.com/cgi-bin/Zope.cgi

#!/usr/local/zope/pcgi/pcgi-wrapper
PCGI_NAME=Main
PCGI_MODULE_PATH=/usr/local/zope/lib/python/lib/python/Main.py
PCGI_PUBLISHER=/usr/local/zope/pcgi/pcgi_publisher.py
PCGI_EXE=/usr/bin/python
PCGI_SOCKET_FILE=/home/sites/domain2.com/zope/var/pcgi.pid
PCGI_ERROR_LOG=/home/sites/domain2.com/zope/var/pcgi.log
PCGI_DISPLAY_ERRORS=1
BOBO_REALM=/usr/local/zope/Zope.cgi
BOBO_DEBUG_MODE=1
INSTANCE_HOME=/home/sites/domain2.com/zope

Edit the apache httpd.conf file: /usr/local/apache/conf/httpd.conf

Add the following under the Virtual Host sections

# domain1.com virtual host directives
<VirtualHost 192.168.100.1>
ServerName www.domain1.com
ErrorLog /home/sites/domain1.com/zope/var/apache_error_log
TransferLog /home/sites/domain1.com/zope/var/apache_access_log combined
ScriptAlias /cgi-bin/ /home/sites/domain1.com/cgi-bin/
<Directory "/home/sites/domain1.com/cgi-bin">
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) /home/sites/domain1.com/cgi-bin/Zope.cgi$1 \
[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]
</VirtualHost>

# domain2.com virtual host directives
<VirtualHost 192.168.100.2>
ServerName www.domain2.com
ErrorLog /home/sites/domain2.com/zope/var/apache_error_log
TransferLog /home/sites/domain2.com/zope/var/apache_access_log combined
ScriptAlias /cgi-bin/ /home/sites/domain2.com/cgi-bin/
<Directory "/home/sites/domain2.com/cgi-bin">
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) /home/sites/domain2.com/cgi-bin/Zope.cgi$1 \
[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]
</VirtualHost>

Add the folowing under the SSL Virtual Host section

# domain1.com SSL Virtual Host
<VirtualHost 192.168.100.1:443>
ServerName www.domain1.com
ErrorLog /home/sites/domain1.com/zope/var/apache_error_log
TransferLog /home/sites/domain1.com/zope/var/apache_access_log combined
ScriptAlias /cgi-bin/ /home/sites/domain1.com/cgi-bin/
<Directory "/home/sites/domain1.com/cgi-bin">
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) /home/sites/domain1.com/cgi-bin/Zope.cgi$1 \
[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]
SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/domain1.com.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/domain1.com.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /home/sites/domain1.com/zope/var/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

# domain1.com SSL Virtual Host
<VirtualHost 192.168.100.2:443>
ServerName www.domain2.com
ErrorLog /home/sites/domain2.com/zope/var/apache_error_log
TransferLog /home/sites/domain2.com/zope/var/apache_access_log combined
ScriptAlias /cgi-bin/ /home/sites/domain2.com/cgi-bin/
<Directory "/home/sites/domain2.com/cgi-bin">
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) /home/sites/domain2.com/cgi-bin/Zope.cgi$1 \
[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]
SSLEngine on
SSLCertificateFile /usr/local/apache/conf/ssl.crt/domain2.com.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/domain2.com.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /home/sites/domain2.com/zope/var/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

Add the following to your /etc/rc.d/rc.local file

# Zope Start Up
echo "Starting domain1.com Zope..."
/usr/bin/python /usr/local/zope/z2.py -p /home/sites/domain1.com/cgi-bin/Zope.cgi -w "" -f "" -m "" \
-Z /home/sites/domain1.com/zope/manager.pid INSTANCE_HOME/home/sites/domain1.com/zope >> \
/home/sites/domain1.com/zope/z2.log 2>&1 &

echo "Starting domain2.com Zope..."
/usr/bin/python /usr/local/zope/z2.py -p /home/sites/domain2.com/cgi-bin/Zope.cgi -w "" -f "" -m "" \
-Z /home/sites/domain2.com/zope/manager.pid INSTANCE_HOME/home/sites/domain2.com/zope >> \
/home/sites/domain2.com/zope/z2.log 2>&1 &

#Start Apache SSL
/usr/local/apache/bin/apachectl startssl


You should now be able to reboot your server, and once it is up again be able to acces your web sites normally.
If you experience any problems let me know so that I can update this howto.

Thanks
Thanks to Digital Creations for a wonderful product.
Thanks to Jim Cain for his "Zope/Apache Virtual Host HOWTO" which got me started on the right road to begin with.

TODO
Basic clean up and intergrate the zope startup into SYSv style scripts
Any other bugs you guys find.
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)