[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Web applications

sean finney <seanius@debian.org> writes:

> i totally agree, and have had an inkling to bring this up for some
> time. web apps are totally un-standardized in how they install
> themselves, bad enough in some cases to actually do damage (to
> themselves, at least).

Yeah. Setting up most web applications is non-trivial, to say the

> in my eyes, the following should be dictated by a "web apps policy",
> or at least "reference".
> - whether/how to prompt for database usernames/passwords via debconf
>   (if necessary), and how not to store the root password.
> - whether/how to prompt for whether to leave the database after purge
> - default settings, disallowing default username/passwords for
>   web-accessible services.
> - how to get a list of different installed web servers, and how to
>   select which ones to target for installation.

IMO, asking about the different apache flavours (apache1, -ssl, -perl,
apache2) should be enough.

> - whether/how to include one's configuration with apache.  ideally there'd be
>   a conf.d style directory, though if the apache folks could settle
>   on a name for their config script calling that in postinst would work
>   too :) 

IMO, the package should provide an Apache config file snippet in
/etc/${PACKAGE}/apache.conf and symlink this into

> - php ought to have a php.d directory

What do you mean by that?

> - whether/how to restart the web server

wwwconfig-common provides a way to do this. Perhaps it needs some more

> - fhs-compliant layout for sites, examples of how to seperate the config
>   from the rest of the site.  what constitutes something that ought to
>   be in /var/cache, /var/lib, et c.
> - debhelper macros for as much as possible

Asking for database credentials and configuring/restarting Apache
could well be automated, perhaps using debhelper.

One thing that has bothered me is that the suexec mechanism (for
Apache1 at least) is very limited. Perhaps, there should be
alternatives for suexec that are configured differently.

Reply to: