js#vista.png msort nsort
js#vista.png msort nsort
How to install Community-ID under Linux¶
v1.0.1, March 2009 Reiner Jung, Alejandro Pedraza (Keyboard Monkeys)
1. Introduction
Community-ID is an advanced OpenID server written in PHP. The software itself is platform-independent and should run on every platform where PHP is supported.
Community-ID is a project from the Keyboard Monkeys, a Community company. The source code from Community-ID is released as Open Source software and can be downloaded and used free of charge.
Important: Possibly, some information in this document is not related to your Community-ID version. Please read also the release announcements for your version!
2. Requirements
To install Community-ID, you need a couple of things
Web Server Apache Server version 1.3 or greater is recommended. You can also use alternative HTTP servers like Microsoft IIS registered trademark, lighttpd, Cherokee HTTP server, nginx or any other HTTP server which you are familiar with.
PHP PHP version 5.2.4 or greater is required, with the MySQLi extension installed
MySQL MySQL database version 4.1 or greater is required
3. Database
Community-ID requires a database. At the moment only MySQL is supported. There are several ways to create a database and several tools which you can use.
Tip:
MySQL Administration
phpMyAdmin: Web based administration tool for MySQL
http://www.phpmyadmin.net/
MySQL Administrator
http://www.mysql.com/products/tools/administrator/
If you are running Linux or *BSD, please check, maybe there are already MySQL tools available as a package.
4. Install Community-ID from scratch
If you install Community-ID for the first time, please read the following instructions:
4.1 Install and configure PHP for Community-ID
You need to install as a minimum the follow PHP modules. It's possible that for your distribution the PHP modules have a different name:
php5-core php5-mysql php5-pdo_mysql php5-gd php5-gmp
If you want to run PHP as fastcgi, for example under lighttpd or cherokee, then you also need the php5-fastcgi package.
Also, make sure safe mode is not enabled (you need to have safe_mode = Off in your php.ini, which is the default anyways).
Tip
Test the PHP and Apache functionality.
To check that your web server and PHP is installed properly and is working, run the following test:
Create the file server:~# vi /var/www/info.php
and add to this file the following line
<? phpinfo(); ?>
Now start your Apache web server from the command line with the command
server:~# /etc/init.d/apache2 restart
and point your browser to the following address
http://your-server-ip-address/info.php
If you see the PHP information, your web server and the PHP installation are working and you can continue with the next step. Please delete the info.php file before you continue.
server:~# rm /var/www/info.php
4.2 Base settings for your web server
4.2.1 Apache web server
Community-ID uses rewrite rules. You must load in your web server the rewrite module. In the Apache HTTP server, you can load the module in the httpd.conf or whatever your Apache configuration file is called. After you enable the module, you need to restart the Apache web server.
The rewriting rules are read from an .htaccess file located under Community-ID's “webdir” directory. For Apache to be able to process such file, the AllowOverride All rule must be set to All. For example if your installation is under /var/www/communityid, you need the following instructions in your Apache configuration file:
<Directory /var/www/communityid> Options FollowSymLinks AllowOverride All </Directory>
4.2.2 Lighttpd web server
If you use Lighttpd please take a look at /utilities/lighttpd_mod_rewrite.txt for instructions on how to set the rewrite rules.
4.2.3 Cherokee web server You need to create a new virtual server pointing to your community-id webdir files, using the Zend-platform wizard of Cherokees admin facility:
Under the admin interface, go to virtual servers Click on wizards Click on the Platforms category Run the Zend wizard In "host name", enter the host for your community-id installation, such as "localhost". This hostname should resolve to your machine, so you can't just put anything here. In "source directory" enter the full path of the "webdir" directory of your community-id installation (see next section), for example /var/www/communityid/webdir Click on submit and then restart Cherokee
4.3. Install Community-ID sources on your web server
You need to download the Community-ID sources from the Keyboard Monkeys Project download area. The sources are offered in different packaging formats. If you want use Community-ID for production, please download and install only the latest stable release. If you want to have a preview of the upcoming versions of Community-ID, then you can download the test releases or checkout directly from the SVN tree at svn svn:source.keyboard-monkeys.org/communityid. Tip Community-ID available packages are: community-id-x.x.x.tar.gz community-id-x.x.x.zip When you have downloaded the Sources from SourceForge, you must unpack the sources OUTSIDE YOUR WEB ROOT DIRECTORY - THIS MEANS THEY WON'T BE DIRECTLY ACCESSIBLE BY THE WEB SERVER Then create a symlink under the web directory, which will be the directory under which you wish to access Community-ID. The symlink can even be the web root directory if you want. It has to point to the “webdir” subdirectory under the Community-ID distribution tree, that you unpacked elsewhere outside the web root. Note that Apache has to be set to follow symlinks by the “AllowOverride All” directive as shown in the example above (although that's usually the default). If for example your web root is /var/www/public_html and you have uncompressed the Community-ID files under /var/www/communityid then you should do this: cd /var/www/public_html ln -s /var/www/communityid/webdir ./openid Which will result in Community-ID being accessible under a URL like this: http://www.mydomain.com/openid If you want to avoid having to deal with symlinks, you can instead just set a virtual server in Apache whose web root dir would point to the “webdir” subdirectory of where you unpacked Community-Id. After the sources from Community-ID are installed on your server. You must change the permissions so that your web server can read the files. Tip: Under which user your Apache is running? If you don't know which user your Apache HTTP server is running please run the follow command. Your Apache HTTP configuration file should be located in /etc/apache or something similar. server:/etc/apache2# cat apache2.conf | grep ^User User www-data The web server user here is www-data Change the access rights to your web server user server~# cd /var/www server:/var/www# chown -R root:webserveruser communityid server:/var/www# find communityid -type d -exec chmod 550 {} \; server:/var/www# find communityid -type f -exec chmod 440 {} \; 4.4. Login to Community-ID the first time After you have finished your installation, you can login to Community-ID for the first time. The installer will help you to create your database. Please follow the instructions. 4.5. Remove write access to the config file After having successfully installed Community-ID, you can remove the write access to the config.php file from your web server user. Change the access rights from the config.php to server:/var/www# chmod 440 config.php 5. Fine tuning of your Community-ID installation After the base installation of Community-ID is done, you should make do some additional tweaking. This is not required if you only want to test community-ID, but when you want run it in production you should take care of this. 5.1.Clean the history logs Every openid authentication gets logged into the “history” table, so it can get pretty large with time. Run the script /scripts/clear_logs.php to erase the entries older than the number of days set in the config.ini setting “keep_history_days”. You might wanna “cronify” this script to run it automatically. TODO: *Development mode settings *How to enable logging