Greetings! This is the first of many guides I am going to post about that discuss how to do various tasks on NetBSD. A lot of guides out there aren't the best due to age or whatnot so I wanted to take a crack at some guides.
This guide uses Apache 2.4, PHP 7.4, mod_fcgid, on NetBSD 9.3 with KASLR enabled, but that latter shouldn't matter for this.
Installing all dependencies
Firstly, edit the mk.conf. Here are the relevant flags this guide was tested with
PKG_OPTIONS.apache=-apache-mpm-prefork -apache-mpm-worker suexec
Do not use MPM Prefork or Worker. This guid isn't using DSO/mod_php due to it being insecure, inefficient and dealing with process overhead. MPM event will automatically install.
Install the following pkgs:
www/apache24
www/ap2-fcgid
lang/php74
meta-pkgs/php74-extensions
Once installed, enable apache in rc.conf and cp /usr/pkg/share/examples/rc.d/apache to /etc/rc.d/.
Setting up Apache
All files for apache are in /usr/pkg/etc/httpd
Webroot can be anywhere, but this guide will use the structure /srv/www/domain.com/public_html
SSL setup won't be part of this guide, but if there's demand I may followup.
php.ini is in /usr/pkg/etc
Edit the httpd.conf, add the following line to the end of the modules:
LoadModule fcgid_module lib/httpd/mod_fcgid.so
Double check to ensure mod_ssl and mpm_event are enabled.
Now httpd-vhost.conf, same directory. This is where the vhost will be setup.
<VirtualHost *:80>
DocumentRoot "/srv/www/testdomain.net/public_html"
ServerName testdomain.net
<IfModule mod_fcgid.c>
<Directory /srv/www/testdomain.net/public_html>
Options +ExecCGI
AddHandler fcgid-script .php
FCGIWrapper /srv/www/testdomain.net/public_html/startfcgi
DirectoryIndex index.php
AllowOverride all
Require all granted
</Directory>
FcgidMaxRequestLen 20000000
</IfModule>
ServerSignature Off
</VirtualHost>
The Virtualhost will need to look something like this. AllowOverride is necessary if the site needs a .htaccess, but it can also be put in the vhost instead for faster performance, and AllowOverride turned off. Next, the startfcgi script:
#!/bin/sh
PHPRC=/usr/pkg/etc
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=8
exec /usr/pkg/libexec/cgi-bin/php
Using SuExec is very similar -- this guide didn't need it because one domain only being served by it.
Set the +x executable to startfcgi, and chown -R www:www /srv/www -- put any PHP files in there.
At this point serving a PHP file should work. It's a good idea to deny access to the script in htaccess or vhost config.
That's basically it. I have similar docs in the works for PostgreSQL, and many others (including things like varnish, NGINX, MariaDB etc. I will also be sharing hacks and tricks for NetBSD as I can. )