Re: Removing web server dependencies from web apps

[Arno Töll <debian@toell.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

On 06.01.2012 10:12, Tanguy Ortolo wrote:
> The database server used by a given piece of software can be installed
> on another system. The Web server cannot.

Actually it can. Many modern webservers, including one I am maintaining
support CGI offloading and load balancing [1].

However I'd yet disagree with Thomas. Yes, his scenario is feasible and
a perfect use case for equivs, but I do not think, we should generally
drop dependencies to web servers because of that.

I personally do not get, why we do need packages of web applications at
all, but apparently other people do. Yet I do think, users of such
packages expect us to setup a working instance, just like we do for
almost every other package. We just can't provide a scenario which fits
all and generally I think, people using advanced setups like chroots and
CGI offloading are expected to know how to workaround such problems then.


>> But since I would install these packages in the chroot template, I *do
>> not* want to install apache there. The result is that I can't install
>> popuplar packages like wordpress, gallery, phpbb3 and so on, unless I
>> rebuild them and remove the "apache2 | httpd" dependency. I suspect that
>> I wouldn't be the only one with the issue.

It has been said before: Provide a httpd-cgi and a httpd package in your
chroot, and all is good.

>> Remember that a strong dependency is *forcing* users to install things,
>> and when, like here, it's going the wrong way for what one would do,
>> it's just *bad* (tm).
> 
> No it is not. Using a package-based distribution that could take care of
> dependencies and not using that feature is, however.

Agreed. My bottom line is, the overall benefit of depending on a web
server for a web apllication is higher than working in special case
scenarios we - as a distribution - do not support just because we can't.
That has already been said before, so this argument is a bit redundant.

>> So, my suggestion would be to actually *remove* the dependency to the
>> web server (and move it as a Recommends: if you see fit...). I would
>> strongly advocate for this as being written in our beloved policy.

Why would web applications be the only exception of the rule? I'm sure
there are many more special case scenarios where a weaker dependency
would be better, but the overall benefit is more valuable. In fact, we
do have "Depends" at all then? I'm sure there is a special use case for
almost every dependency where it would be better not to have it at all.


[1] http://redmine.lighttpd.net/wiki/lighttpd/Docs%3AModFastCGI

- -- 
with kind regards,
Arno Töll
IRC: daemonkeeper on Freenode/OFTC
GnuPG Key-ID: 0x9D80F36D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPBtBCAAoJEMcrUe6dgPNt0DwQAMCeqP8dnYO+etDDhTDadln2
GwS55LsRhvL9J3oyQ4/adVPdEwTqJTqtkOibe9OknWymBVW30+bEZApT93XGnBhT
0mJga486QXRKHM2xiS1W5M8a7SegMKjU83gtSaetgs8hccWwjnnsZV7D/1XGYxam
qmwfg3H/Qk9gROdBjpnKNSO3YJK9CZzb4ZFZ9kF+VJDsh8T3k4ajX0mwlf2fws19
D495jrCZhNmDG0+F+k+3UvQfDO48xOw7aD6QJs2taHxGrD8zg6/J10/8m15aKjLV
u6GXfbXA3WVIxrSnvWyNWupGGjaF3dm7IaUncI0NpCRrFocFCu553PHBud5tofYB
wZYOC6fr5ZtfomX7jcD+LNWUBjcTAgTl6MHwHtIwCwsoxxC/duARqzdJBh1lBJUE
KX6SQQ/vVT5NO5wbwuNYb+4R77YxYwpxps0mzfuckJJZfzmn9Lm48B5uFjfqJA5u
inJL1+NVCdIjqlODSmQQPFJacAQ5mI0K7r8IaxckOnFm6V1fhJtyh50muTHnMcdT
B96MRDJi00tnd0iJMGxIrTwB2+ibWPnFy1ig9nLE69EVex/PrmJkvY9/h66NY1dO
Ht37Th5idbrFgBouCtGXVO+oyHzZUmqkvYguJ7ni3V2L/mII9yA5EUXDL5Tt5A/Q
ilIisPkeSRKsQVr/7PKb
=IL3m
-----END PGP SIGNATURE-----