Compilation

Version actuelle datée du 19 juin 2020 à 10:22

Sommaire

1 Présentation
2 Téléchargement des sources
3 Décompression de l'archive
4 Compilation
- 4.1 Options de compilation disponibles
- 4.2 Configuration de la compilation
5 Service

Présentation

Cette page a pour objet de décrire comment compiler le serveur web Apache.

Plus d'informations sur le site de l'éditeur :

Apache 2.2 : http://httpd.apache.org/docs/2.2/fr/
Apache 2.4 : http://httpd.apache.org/docs/2.4/fr/

Téléchargement des sources

Se rendre sur la page de téléchargement d'Apache et aller à la section de téléchargement de la "Stable Release - Latest Version". Copier le lien de téléchargement de la version en cours (2.4.41 à la rédaction de ce document).

Se connecter au serveur, se rendre dans le dossier de téléchargement et télécharger les sources Apache :

wget http://apache.crihan.fr/dist//httpd/httpd-2.4.41.tar.gz

Console SSH

[root@myserver downloads]# wget http://apache.crihan.fr/dist//httpd/httpd-2.4.41.tar.gz
--2020-01-25 15:55:58--  http://apache.crihan.fr/dist//httpd/httpd-2.4.41.tar.gz
Résolution de apache.crihan.fr (apache.crihan.fr)… 195.221.21.36, 2001:660:7401:211::36
Connexion à apache.crihan.fr (apache.crihan.fr)|195.221.21.36|:80… connecté.
requête HTTP transmise, en attente de la réponse… 200 OK
Taille : 9267917 (8,8M) [application/x-gzip]
Sauvegarde en : « httpd-2.4.41.tar.gz »

httpd-2.4.41.tar.gz                       100%[=====================================================================================>]   8,84M  32,0MB/s    ds 0,3s

2020-01-25 15:55:58 (32,0 MB/s) — « httpd-2.4.41.tar.gz » sauvegardé [9267917/9267917]

Décompression de l'archive

Décompresser l'archive dans le dossier cible de compilation :

tar -zxvf httpd-2.4.41.tar.gz -C /local/builds/

Compilation

Options de compilation disponibles

Se rendre dans le dossier de compilation et taper la commande suivante pour afficher les options de compilation disponibles :

./configure --help

Console SSH

[root@myserver downloads]# cd /local/builds/httpd-2.4.41
[root@myserver httpd-2.4.41]# ./configure --help
`configure' configures this package to adapt to many kinds of systems.

Usage: ./configure [OPTION]... [VAR=VALUE]...

To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE.  See below for descriptions of some of the useful variables.

Defaults for the options are specified in brackets.

Configuration:
  -h, --help              display this help and exit
      --help=short        display options specific to this package
      --help=recursive    display the short help of all the included packages
  -V, --version           display version information and exit
  -q, --quiet, --silent   do not print `checking ...' messages
      --cache-file=FILE   cache test results in FILE [disabled]
  -C, --config-cache      alias for `--cache-file=config.cache'
  -n, --no-create         do not create output files
      --srcdir=DIR        find the sources in DIR [configure dir or `..']

Installation directories:
  --prefix=PREFIX         install architecture-independent files in PREFIX
                          [/usr/local/apache2]
  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
                          [PREFIX]

By default, `make install' will install all the files in
`/usr/local/apache2/bin', `/usr/local/apache2/lib' etc.  You can specify
an installation prefix other than `/usr/local/apache2' using `--prefix',
for instance `--prefix=$HOME'.

For better control, use the options below.

Fine tuning of the installation directories:
  --bindir=DIR            user executables [EPREFIX/bin]
  --sbindir=DIR           system admin executables [EPREFIX/sbin]
  --libexecdir=DIR        program executables [EPREFIX/libexec]
  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
  --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
  --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
  --runstatedir=DIR       modifiable per-process data [LOCALSTATEDIR/run]
  --libdir=DIR            object code libraries [EPREFIX/lib]
  --includedir=DIR        C header files [PREFIX/include]
  --oldincludedir=DIR     C header files for non-gcc [/usr/include]
  --datarootdir=DIR       read-only arch.-independent data root [PREFIX/share]
  --datadir=DIR           read-only architecture-independent data [DATAROOTDIR]
  --infodir=DIR           info documentation [DATAROOTDIR/info]
  --localedir=DIR         locale-dependent data [DATAROOTDIR/locale]
  --mandir=DIR            man documentation [DATAROOTDIR/man]
  --docdir=DIR            documentation root [DATAROOTDIR/doc/PACKAGE]
  --htmldir=DIR           html documentation [DOCDIR]
  --dvidir=DIR            dvi documentation [DOCDIR]
  --pdfdir=DIR            pdf documentation [DOCDIR]
  --psdir=DIR             ps documentation [DOCDIR]

System types:
  --build=BUILD     configure for building on BUILD [guessed]
  --host=HOST       cross-compile to build programs to run on HOST [BUILD]
  --target=TARGET   configure for building compilers for TARGET [HOST]

Optional Features:
  --disable-option-checking  ignore unrecognized --enable/--with options
  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
  --enable-layout=LAYOUT
  --enable-dtrace         Enable DTrace probes
  --enable-hook-probes    Enable APR hook probes
  --enable-exception-hook Enable fatal exception hook
  --enable-load-all-modules
                          Load all modules
  --enable-maintainer-mode
                          Turn on debugging and compile time warnings and load
                          all compiled modules
  --enable-debugger-mode  Turn on debugging and compile time warnings and turn
                          off optimization
  --enable-pie            Build httpd as a Position Independent Executable
  --enable-modules=MODULE-LIST
                          Space-separated list of modules to enable | "all" |
                          "most" | "few" | "none" | "reallyall"
  --enable-mods-shared=MODULE-LIST
                          Space-separated list of shared modules to enable |
                          "all" | "most" | "few" | "reallyall"
  --enable-mods-static=MODULE-LIST
                          Space-separated list of static modules to enable |
                          "all" | "most" | "few" | "reallyall"
  --disable-authn-file    file-based authentication control
  --enable-authn-dbm      DBM-based authentication control
  --enable-authn-anon     anonymous user authentication control
  --enable-authn-dbd      SQL-based authentication control
  --enable-authn-socache  Cached authentication control
  --disable-authn-core    core authentication module
  --disable-authz-host    host-based authorization control
  --disable-authz-groupfile
                          'require group' authorization control
  --disable-authz-user    'require user' authorization control
  --enable-authz-dbm      DBM-based authorization control
  --enable-authz-owner    'require file-owner' authorization control
  --enable-authz-dbd      SQL based authorization and Login/Session support
  --disable-authz-core    core authorization provider vector module
  --enable-authnz-ldap    LDAP based authentication
  --enable-authnz-fcgi    FastCGI authorizer-based authentication and
                          authorization
  --disable-access-compat mod_access compatibility
  --disable-auth-basic    basic authentication
  --enable-auth-form      form authentication
  --enable-auth-digest    RFC2617 Digest authentication
  --enable-allowmethods   restrict allowed HTTP methods
  --enable-isapi          isapi extension support
  --enable-file-cache     File cache
  --enable-cache          dynamic file caching. At least one storage
                          management module (e.g. mod_cache_disk) is also
                          necessary.
  --enable-cache-disk     disk caching module
  --enable-cache-socache  shared object caching module
  --enable-socache-shmcb  shmcb small object cache provider
  --enable-socache-dbm    dbm small object cache provider
  --enable-socache-memcache
                          memcache small object cache provider
  --enable-socache-redis  redis small object cache provider
  --enable-socache-dc     distcache small object cache provider
  --enable-so             DSO capability. This module will be automatically
                          enabled unless you build all modules statically.
  --enable-watchdog       Watchdog module
  --enable-macro          Define and use macros in configuration files
  --enable-dbd            Apache DBD Framework
  --enable-bucketeer      buckets manipulation filter. Useful only for
                          developers and testing purposes.
  --enable-dumpio         I/O dump filter
  --enable-echo           ECHO server
  --enable-example-hooks  Example hook callback handler module
  --enable-case-filter    Example uppercase conversion filter
  --enable-case-filter-in Example uppercase conversion input filter
  --enable-example-ipc    Example of shared memory and mutex usage
  --enable-buffer         Filter Buffering
  --enable-data           RFC2397 data encoder
  --enable-ratelimit      Output Bandwidth Limiting
  --disable-reqtimeout    Limit time waiting for request from client
  --enable-ext-filter     external filter module
  --enable-request        Request Body Filtering
  --enable-include        Server Side Includes
  --disable-filter        Smart Filtering
  --enable-reflector      Reflect request through the output filter stack
  --enable-substitute     response content rewrite-like filtering
  --enable-sed            filter request and/or response bodies through sed
  --disable-charset-lite  character set translation. Enabled by default only
                          on EBCDIC systems.
  --enable-charset-lite   character set translation. Enabled by default only
                          on EBCDIC systems.
  --enable-deflate        Deflate transfer encoding support
  --enable-xml2enc        i18n support for markup filters
  --enable-proxy-html     Fix HTML Links in a Reverse Proxy
  --enable-brotli         Brotli compression support
  --enable-http           HTTP protocol handling. The http module is a basic
                          one that enables the server to function as an HTTP
                          server. It is only useful to disable it if you want
                          to use another protocol module instead. Don't
                          disable this module unless you are really sure what
                          you are doing. Note: This module will always be
                          linked statically.
  --disable-mime          mapping of file-extension to MIME. Disabling this
                          module is normally not recommended.
  --enable-ldap           LDAP caching and connection pooling services
  --disable-log-config    logging configuration. You won't be able to log
                          requests to the server without this module.
  --enable-log-debug      configurable debug logging
  --enable-log-forensic   forensic logging
  --enable-logio          input and output logging
  --enable-lua            Apache Lua Framework
  --enable-luajit         Enable LuaJit Support
  --disable-env           clearing/setting of ENV vars
  --enable-mime-magic     automagically determining MIME type
  --enable-cern-meta      CERN-type meta files
  --enable-expires        Expires header control
  --disable-headers       HTTP header control
  --enable-ident          RFC 1413 identity check
  --enable-usertrack      user-session tracking
  --enable-unique-id      per-request unique ids
  --disable-setenvif      basing ENV vars on headers
  --disable-version       determining httpd version in config files
  --enable-remoteip       translate header contents to an apparent client
                          remote_ip
  --enable-proxy          Apache proxy module
  --enable-proxy-connect  Apache proxy CONNECT module. Requires
                          --enable-proxy.
  --enable-proxy-ftp      Apache proxy FTP module. Requires --enable-proxy.
  --enable-proxy-http     Apache proxy HTTP module. Requires --enable-proxy.
  --enable-proxy-fcgi     Apache proxy FastCGI module. Requires
                          --enable-proxy.
  --enable-proxy-scgi     Apache proxy SCGI module. Requires --enable-proxy.
  --enable-proxy-uwsgi    Apache proxy UWSGI module. Requires --enable-proxy.
  --enable-proxy-fdpass   Apache proxy to Unix Daemon Socket module. Requires
                          --enable-proxy.
  --enable-proxy-wstunnel Apache proxy Websocket Tunnel module. Requires
                          --enable-proxy.
  --enable-proxy-ajp      Apache proxy AJP module. Requires --enable-proxy.
  --enable-proxy-balancer Apache proxy BALANCER module. Requires
                          --enable-proxy.
  --enable-proxy-express  mass reverse-proxy module. Requires --enable-proxy.
  --enable-proxy-hcheck   reverse-proxy health-check module. Requires
                          --enable-proxy and --enable-watchdog.
  --enable-session        session module
  --enable-session-cookie session cookie module
  --enable-session-crypto session crypto module
  --enable-session-dbd    session dbd module
  --enable-slotmem-shm    slotmem provider that uses shared memory
  --enable-slotmem-plain  slotmem provider that uses plain memory
  --enable-ssl            SSL/TLS support (mod_ssl)
  --enable-ssl-staticlib-deps
                          link mod_ssl with dependencies of OpenSSL's static
                          libraries (as indicated by "pkg-config --static").
                          Must be specified in addition to --enable-ssl.
  --enable-optional-hook-export
                          example optional hook exporter
  --enable-optional-hook-import
                          example optional hook importer
  --enable-optional-fn-import
                          example optional function importer
  --enable-optional-fn-export
                          example optional function exporter
  --enable-dialup         rate limits static files to dialup modem speeds
  --enable-static-support Build a statically linked version of the support
                          binaries
  --enable-static-htpasswd
                          Build a statically linked version of htpasswd
  --enable-static-htdigest
                          Build a statically linked version of htdigest
  --enable-static-rotatelogs
                          Build a statically linked version of rotatelogs
  --enable-static-logresolve
                          Build a statically linked version of logresolve
  --enable-static-htdbm   Build a statically linked version of htdbm
  --enable-static-ab      Build a statically linked version of ab
  --enable-static-checkgid
                          Build a statically linked version of checkgid
  --enable-static-htcacheclean
                          Build a statically linked version of htcacheclean
  --enable-static-httxt2dbm
                          Build a statically linked version of httxt2dbm
  --enable-static-fcgistarter
                          Build a statically linked version of fcgistarter
  --enable-http2          HTTP/2 protocol handling in addition to HTTP
                          protocol handling. Implemented by mod_http2. This
                          module requires a libnghttp2 installation. See
                          --with-nghttp2 on how to manage non-standard
                          locations. This module is usually linked shared and
                          requires loading.
  --enable-nghttp2-staticlib-deps
                          link mod_http2 with dependencies of libnghttp2's
                          static libraries (as indicated by "pkg-config
                          --static"). Must be specified in addition to
                          --enable-http2.
  --enable-proxy-http2    HTTP/2 proxy module. This module requires a
                          libnghttp2 installation. See --with-nghttp2 on how
                          to manage non-standard locations. Also requires
                          --enable-proxy.
  --enable-md             Managed Domain handling
  --enable-jansson-staticlib-deps
                          link mod_md with dependencies of libjansson's static
                          libraries (as indicated by "pkg-config --static").
                          Must be specified in addition to --enable-md.
  --enable-curl-staticlib-deps
                          link mod_md with dependencies of libcurl's static
                          libraries (as indicated by "pkg-config --static").
                          Must be specified in addition to --enable-md.
  --enable-lbmethod-byrequests
                          Apache proxy Load balancing by request counting
  --enable-lbmethod-bytraffic
                          Apache proxy Load balancing by traffic counting
  --enable-lbmethod-bybusyness
                          Apache proxy Load balancing by busyness
  --enable-lbmethod-heartbeat
                          Apache proxy Load balancing from Heartbeats
  --enable-mpms-shared=MPM-LIST
                          Space-separated list of MPM modules to enable for
                          dynamic loading. MPM-LIST=list | "all"
  --enable-unixd          unix specific support
  --enable-privileges     Per-virtualhost Unix UserIDs and enhanced security
                          for Solaris
  --enable-heartbeat      Generates Heartbeats
  --enable-heartmonitor   Collects Heartbeats
  --enable-dav            WebDAV protocol handling. --enable-dav also enables
                          mod_dav_fs
  --disable-status        process/thread monitoring
  --disable-autoindex     directory listing
  --enable-asis           as-is filetypes
  --enable-info           server information
  --enable-suexec         set uid and gid for spawned processes
  --enable-cgid           CGI scripts. Enabled by default with threaded MPMs
  --enable-cgi            CGI scripts. Enabled by default with non-threaded
                          MPMs
  --enable-dav-fs         DAV provider for the filesystem. --enable-dav also
                          enables mod_dav_fs.
  --enable-dav-lock       DAV provider for generic locking
  --enable-vhost-alias    mass virtual hosting module
  --enable-negotiation    content negotiation
  --disable-dir           directory request handling
  --enable-imagemap       server-side imagemaps
  --enable-actions        Action triggering on requests
  --enable-speling        correct common URL misspellings
  --enable-userdir        mapping of requests to user-specific directories
  --disable-alias         mapping of requests to different filesystem parts
  --enable-rewrite        rule based URL manipulation
  --enable-suexec-capabilities
                          Use Linux capability bits not setuid root suexec
  --enable-v4-mapped      Allow IPv6 sockets to handle IPv4 connections

Optional Packages:
  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
  --with-included-apr     Use bundled copies of APR/APR-Util
  --with-apr=PATH         prefix for installed APR or the full path to
                             apr-config
  --with-apr-util=PATH    prefix for installed APU or the full path to
                             apu-config
  --with-pcre=PATH        Use external PCRE library
  --with-port=PORT        Port on which to listen (default is 80)
  --with-sslport=SSLPORT  Port on which to securelisten (default is 443)
  --with-distcache=PATH   Distcache installation directory
  --with-z=PATH           use a specific zlib library
  --with-libxml2=PATH     location for libxml2
  --with-brotli=PATH      Brotli installation directory
  --with-lua=PATH         Path to the Lua 5.3/5.2/5.1 prefix
  --with-ssl=PATH         OpenSSL installation directory
  --with-nghttp2=PATH     nghttp2 installation directory
  --with-jansson=PATH     jansson installation directory
  --with-curl=PATH        curl installation directory
  --with-mpm=MPM          Choose the process model for Apache to use by
                          default. MPM={event|worker|prefork|winnt} This will
                          be statically linked as the only available MPM
                          unless --enable-mpms-shared is also specified.
  --with-module=module-type:module-file
                          Enable module-file in the modules/<module-type>
                          directory.
  --with-program-name     alternate executable name
  --with-suexec-bin       Path to suexec binary
  --with-suexec-caller    User allowed to call SuExec
  --with-suexec-userdir   User subdirectory
  --with-suexec-docroot   SuExec root directory
  --with-suexec-uidmin    Minimal allowed UID
  --with-suexec-gidmin    Minimal allowed GID
  --with-suexec-logfile   Set the logfile
  --with-suexec-syslog    Use syslog for suexec logging
  --with-suexec-safepath  Set the safepath
  --with-suexec-umask     umask for suexec'd process

Some influential environment variables:
  CC          C compiler command
  CFLAGS      C compiler flags
  LDFLAGS     linker flags, e.g. -L<lib dir> if you have libraries in a
              nonstandard directory <lib dir>
  LIBS        libraries to pass to the linker, e.g. -l<library>
  CPPFLAGS    (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
              you have headers in a nonstandard directory <include dir>
  CPP         C preprocessor

Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.

Report bugs to the package provider.

Configuration de la compilation

La commande ./configure lance la configuration de la compilation avec certaines options par défaut. Les valeurs par défaut de certaines de ces options sont indiquées dans la section --help de la commande.

Configuration par défaut

Pour lancer la configuration de la compilation avec les options par défaut, il faut simplement lancer la commande suivante :

./configure

Cette configuration de compilation simple, sans ajout d'option, fournit les modules suivants :

Console SSH

[root@myserver 2.4.41]# bin/httpd -M
Loaded Modules:
 core_module (static)
 so_module (static)
 http_module (static)
 mpm_event_module (static)
 authn_file_module (shared)
 authn_core_module (shared)
 authz_host_module (shared)
 authz_groupfile_module (shared)
 authz_user_module (shared)
 authz_core_module (shared)
 access_compat_module (shared)
 auth_basic_module (shared)
 reqtimeout_module (shared)
 filter_module (shared)
 mime_module (shared)
 log_config_module (shared)
 env_module (shared)
 headers_module (shared)
 setenvif_module (shared)
 version_module (shared)
 unixd_module (shared)
 status_module (shared)
 autoindex_module (shared)
 dir_module (shared)
 alias_module (shared)

On peut constater que les modules suivants sont "statiques", c'est-à-dire qu'ils sont intégrés dans le binaire httpd et seront, par conséquent, toujours chargés au démarrage d'Apache :

core_module
- Fonctionnalités de base du serveur HTTP Apache toujours disponibles
- La liste des fonctionnalités de base est accessible ici : http://httpd.apache.org/docs/current/mod/core.html
so_module
- Module permettant de charger dynamiquement des modules non-statiques (partagés). Les modules partagés, à l'inverse de modules statiques, ne nécessitent pas de recompilation et peuvent être chargés lorsqu'Apache est en cours d'exécution. Les performances d'Apache sont meilleures avec des modules statiques qu'avec des modules partagés.
http_module
- Comme indiqué dans l'option --help de la commande ./configure :

"Le module http est un module de base qui permet au serveur de fonctionner comme un serveur HTTP. Il n'est utile de le désactiver que si vous souhaitez utiliser un autre module de protocole à la place. Ne désactivez ce module que si vous êtes vraiment sûr de ce que vous faites. Remarque: Ce module sera toujours lié statiquement."

mpm_event_module
- Selon la documentation Apache, les Modules Multi-Processus, ou MPMs, constituent le coeur du serveur. Un seul MPM doit être actif pour que le serveur puisse fonctionner. Le MPM par défaut dépend du système d'exploitation. Pour savoir quel type de MPM est utilisé par défaut, se référer à la documentation Apache sur les MPMs.

Configuration minimaliste

A des fins de tests uniquement, il est possible de configurer la compilation pour qu'il n'y ait que les modules statiques obligatoires de présents. Pour ce faire, il faut désactiver tous les modules activés par défaut avec la commande suivante :

./configure \
--disable-access_compat \
--disable-alias \
--disable-auth_basic \
--disable-authn_core \
--disable-authn_file \
--disable-authz_core \
--disable-authz_groupfile \
--disable-authz_host \
--disable-authz_user \
--disable-autoindex \
--disable-dir \
--disable-env \
--disable-filter \
--disable-headers \
--disable-log_config \
--disable-mime \
--disable-reqtimeout \
--disable-setenvif \
--disable-status \
--disable-unixd \
--disable-version

Cela aura pour effet, à la fin de la compilation, de ne disposer que des modules suivants :

Console SSH

[root@myserver httpd-2.4.41]# bin/httpd -M
Loaded Modules:
 core_module (static)
 so_module (static)
 http_module (static)
 mpm_event_module (static)

Configuration personnalisée

C'est ici tout l'intérêt de compiler soi-même Apache (ou tout autre programme) : pouvoir construire un binaire Apache optimisé à son besoin.

Voici un exemple de configuration personnalisée de compilation :

./configure --prefix=/local/httpd/current \
--enable-ssl \
--enable-ssl-staticlib-deps \
--enable-socache-shmcb \
--enable-proxy \
--enable-proxy-http \
--enable-proxy-wstunnel \
--enable-proxy-fcgi \
--disable-proxy-connect \
--disable-proxy-ftp \
--disable-proxy-scgi \
--disable-proxy-uwsgi \
--disable-proxy-fdpass \
--disable-proxy-ajp \
--disable-proxy-balancer \
--disable-proxy-express \
--disable-proxy-hcheck \
--enable-rewrite \
--enable-mods-static="ssl socache-shmcb proxy rewrite authz_core log_config alias dir unixd" \
--enable-static-rotatelogs \
--disable-access_compat \
--disable-auth_basic \
--disable-authn_core \
--disable-authn_file \
--disable-authz_groupfile \
--disable-authz_host \
--disable-authz_user \
--disable-autoindex \
--disable-env \
--disable-filter \
--disable-headers \
--disable-mime \
--disable-reqtimeout \
--disable-setenvif \
--disable-status \
--disable-version

Configuration performances optimisées

Afin d'obtenir les meilleures performances possibles, il est conseillé d'avoir le minimum de modules activés, et qu'ils soient lié statiquement à Apache (c'est-à-dire qu'il ne sera pas possible d'en ajouter/retirer dynamiquement. Pour ce faire, il faudra re-compiler). Voici un modèle de configuration de compilation :

./configure \
--prefix=/local/httpd/current \
--sysconfdir=/local/httpd/conf \
--enable-proxy \
--enable-proxy-http \
--enable-proxy-wstunnel \
--enable-proxy-fcgi \
--enable-rewrite \
--enable-authz-host \
--enable-mime \
--enable-static-support \
--enable-remoteip \
--enable-status \
--enable-systemd \
--enable-mods-static="proxy rewrite authz-core authz-host log-config alias dir unixd mime remoteip status systemd" \
--disable-so \
--disable-proxy-connect \
--disable-proxy-ftp \
--disable-proxy-scgi \
--disable-proxy-uwsgi \
--disable-proxy-fdpass \
--disable-proxy-ajp \
--disable-proxy-balancer \
--disable-proxy-express \
--disable-proxy-hcheck \
--disable-access-compat \
--disable-auth \
--disable-auth-basic \
--disable-authn-core \
--disable-authn-file \
--disable-authz-groupfile \
--disable-authz-user \
--disable-autoindex \
--disable-env \
--disable-filter \
--disable-reqtimeout \
--disable-setenvif \
--disable-version \
--disable-authn-dbm \
--disable-authn-anon \
--disable-authn-dbd \
--disable-authn-socache \
--disable-authz-dbm \
--disable-authz-owner \
--disable-authz-dbd \
--disable-auth-form \
--disable-auth-digest \
--disable-allowmethods \
--disable-cache \
--disable-file-cache \
--disable-headers \
--disable-cache-disk \
--disable-cache-socache \
--disable-socache-dbm \
--disable-socache-memcache \
--disable-socache-redis \
--disable-socache-shmcb

Voici l'explication des options :

--prefix=/local/httpd/current:

Localisation principale des fichiers Apache à installer

--sysconfdir=/local/httpd/conf

Localisation des fichiers de configuration Apache à installer. En cas de recompilation, si les fichiers existent déjà, ils seront conservés.

--enable-proxy

Activation des fonctions de base pour faire du proxying

--enable-proxy-http

Active la prise en charge du protocole HTTP par le proxy

--enable-proxy-wstunnel

Active la prise en charge des webservices par le proxy

--enable-proxy-fcgi

Active la prise en charge du FCGI par le proxy. Utile pour PHP-FPM

--enable-rewrite

Active le module pour la ré-écriture d’URL

--enable-authz-host

Active le filtrage par adresse IP (Require IP …)

--enable-mime

Active la reconnaissance des types de fichier

--enable-static-support

Compile une version statique des binaires tels que « ab », « rotatelogs », … Cela permet à ces binaires de ne pas dépendre des librairies du serveur.

--enable-remoteip

Active la reconnaissance de l’adresse IP publique distante du client derrière les différents proxys

--enable-status

Active la mise à disposition des informations en temps réel relatives à Apache

--enable-systemd

Active l’intégration avec systemd de Linux

--enable-mods-static="proxy rewrite authz-core authz-host log-config alias dir unixd mime remoteip status systemd"

Force la compilation statique des modules mentionnés. Ces modules sont liés statiquement à Apache et seront toujours diponibles.

--disable-so

Désactive le module permettant de charger dynamiquement les autres modules. En effet, la présente configuration cherchant à compiler Apache de façon totalement statique, cette option prend tout son sens.

--disable-<module>

Désactive le module qui n’est pas nécessaire.

Ce qui donne le résultat suivant :

Console SSH

[root@myserver httpd-2.4.43]# httpd -M
[root@myserver httpd-2.4.43]# httpd -V
Server version: Apache/2.4.43 (Unix)
Server built:   Jun 19 2020 10:24:36
Server's Module Magic Number: 20120211:92
Server loaded:  APR 1.7.0, APR-UTIL 1.6.1
Compiled using: APR 1.7.0, APR-UTIL 1.6.1
Architecture:   64-bit
Server MPM:     event
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_PROC_PTHREAD_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/local/httpd/current"
 -D SUEXEC_BIN="/local/httpd/current/bin/suexec"
 -D DEFAULT_PIDLOG="logs/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="/local/httpd/conf/mime.types"
 -D SERVER_CONFIG_FILE="/local/httpd/conf/httpd.conf"
[root@myserver httpd-2.4.43]# httpd -l
Compiled in modules:
  core.c
  mod_authz_host.c
  mod_authz_core.c
  http_core.c
  mod_mime.c
  mod_log_config.c
  mod_remoteip.c
  mod_proxy.c
  mod_proxy_http.c
  mod_proxy_fcgi.c
  mod_proxy_wstunnel.c
  event.c
  mod_unixd.c
  mod_systemd.c
  mod_status.c
  mod_dir.c
  mod_alias.c
  mod_rewrite.c

Service

Créer le fichier /usr/lib/systemd/system/http.service dont le contenu est le suivant :

[Unit]
Description=The Apache HTTP Server
After=network.target

[Service]
Type=notify
ExecStart=/local/httpd/current/bin/httpd -D FOREGROUND -k start
ExecReload=/local/httpd/current/bin/httpd -k graceful
ExecStop=/local/httpd/current/bin/httpd -k stop
KillMode=mixed
TimeoutStopSec=60

[Install]
WantedBy=multi-user.target

Recharger ensuite les services pour prendre en compte la modification :

systemctl daemon-reload

Activer le démarrage du service au démarrage du serveur :

systemctl enable http

Compilation

Version actuelle datée du 19 juin 2020 à 10:22

Sommaire

Présentation

Téléchargement des sources

Décompression de l'archive

Compilation

Options de compilation disponibles

Configuration de la compilation

Configuration par défaut

Configuration minimaliste

Configuration personnalisée

Configuration performances optimisées

Service

Menu de navigation

Outils personnels

Espaces de noms

Variantes

Affichages

Plus

Rechercher

Navigation

Outils