Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.
Launchpad Entry: improved-web-application-framework
Created: 2007-10-22 by MathiasGug
We need an improved framework for delivering web applications. This framework must allow apps to be migrated between servers, be easily upgraded, preserving configurations, allow users to easily add custom apps.
The new web application framework streamlines web application packaging for Ubuntu.
The default LAMP installation improved the performance of the web servers and increases the security environment around web applications.
Ubuntu Server is used to develop and host known web applications. This type of software faces the same needs. A common policy and framework should be provided in order to maintain quality and have a standard way for system administrator to manage web application.
- Bob installs an ubuntu server with a LAMP task to power his new blog. He wants to test different blog engines to see which one suits him.
Improve apache configuration
There are multiple apache configuration that can be used to run php web application:
apache2-mpm-prefork with mod_php5
This is the default when installing a LAMP server task.
apache2-mpm-worker with libapache2-mod-fcgid
This setup is faster and more secure.
However using .htaccess to configure php flags doesn't work.
Improve the packaging experience
Web Apps team in Debian.
Put libapache2-mod-fcgid into main (http://fastcgi.coremail.cn/). Modify libapache2-mod-fcgid to recommend apache2-mpm-worker. Include libapache2-mod-fcgid on the server cd.
There are packages that implement the Debian policy:
dbconfig-common: presents a policy and implementation for managing various databases used by applications included in debian packages.
wwwconfig-common: provides common setup scripts for some packages that need apache, php and a database. https://wiki.ubuntu.com/MainInclusionReportWwwConfigCommon
Need to investigate why it has been rejected.
Evaluate if the debian tools can be used. If so, write a MIR to get it included in main.
Require webapps included into main to follow this policy.
Documentation about best practices should be written.
Add it to the PackagingGuide wiki namespace.
- Document the usage of fcgid.
Review packages in main and update them to follow the policy
Review and adapt packages in universe as examples
- moin (already in main)
- moodle: cooperation with edubuntu, already in main.
Only new installations of LAMP should provide fcgid by default. There are some web applications that use php flags in .htaccess files, so users should be forwarded to documentation how to get php flags working on a system with fcgid or/and install apache2-mpm-prefork with mod_php5.
MathiasGug: I don't think that the dedault task should be modified. Not supporting php flags in .htaccess would break a lot of web applications and tutorials. As the task is aimed at novice users, we should try to keep things working out of the box. Since libapache2-mod-fcgid would be included on the server cd, more experienced users can always install it afterwards.
mod_fcgid vs mod_fastcgi
Why choose mod_fcgid over mod_fastcgi ?
mod_fcgid is licensed under the GPL, mod_fastcgi is licensed under a custom license (non-free).
What about performance ?
AnteKaramatic: We can do tests, but I don't think that's relevant. It's non-free, so we can't use it.
BoF agenda and discussion
Impact of mod_fcgid on memory:
lighttpd and other web servers
I run a web server with Lighttpd on Ubuntu Server, and I find that a lot of the webapps that are packaged depend on Apache when in reality they work fine with lighttpd (or any webserver). Everything on this page assumes Apache and doesn't seem to even acknowledge the existence of other webservers - is there a reason for this other than there being more work involved in packaging the webapps so they work independently of one specific webserver?
AnteKaramatic: Everything on this page is about making Ubuntu LAMP stack better. That stack at the moment includes Apache. If there are packages that depend on apache binary, you should report bug against those packages. Those packages should depend on httpd, which is provided by apache, lighttpd, yaws, cherokee etc..