View previous topic :: View next topic |
Author |
Message |
jamtat Apprentice
Joined: 09 Aug 2003 Posts: 162
|
Posted: Tue Apr 07, 2015 11:27 pm Post subject: Mythweb help/advice needed |
|
|
Now that I've gotten MythTV to recompile on my new Gentoo installation and thus have my DVB tuner working, I'm a step closer to configuring the system as I need it. The next step will be to get Mythweb installed and running. The only documentation I've thus far found that adresses setting up such a system as I'd like to have looks pretty outdated: it can be found in the "archives" at http://www.gentoo-wiki.info/HOWTO_Setup_MythWeb_with_Lighttpd . That write-up really appeals to me because it describes how to use Lighttp instead of Apache as the web server. I have a fairly underpowered system, so I'd like to use as many low-resource programs as possible on my installation.
Can anyone clue me in to whether that outdated write-up will still be valid for current versions of MythTV? Or maybe the process of installing Mythweb has been more automated now under Gentoo than when that was written? Advice will be appreciated. |
|
Back to top |
|
|
jamtat Apprentice
Joined: 09 Aug 2003 Posts: 162
|
Posted: Wed Apr 08, 2015 5:17 pm Post subject: |
|
|
Thinking now of maybe going with nginx. There's an installation write-up about it on the wiki--https://wiki.gentoo.org/wiki/Nginx. There is some MythTV documentation as well, though it's not Gentoo-specific and is a bit incomplete (https://www.mythtv.org/wiki/MythWeb_on_Nginx). Not real web-server savvy here so I'm hesitating to jump right in. Anyone here have experience serving Mythweb via nginx? Thanks. |
|
Back to top |
|
|
jamtat Apprentice
Joined: 09 Aug 2003 Posts: 162
|
Posted: Sat Apr 25, 2015 11:05 pm Post subject: |
|
|
This has become about the worst OS installation/configuration experience I've ever encountered. It's a little bit like the car-buyer's experience of "buying a lemon," where the owner ends up with a car that is plagued by an unending series of problems. Only the problem in my case is not mechanical/physical: none of my hardware seems to be malfunctioning in any way. It's the OS and its mis/configuration that seem to me to be the source of all the problems, likely augmented by my inexperience with this distro and my lack of more in-depth technical knowledge of computing in general.
I did install nginx and php-fpm but could not succeed in getting MythWeb to serve that way--either on localhost or through my LAN. I got some help from a mythtv-users list member with that, but despite his trouble-shooting recommendations, we could not get this to work. I could `curl http://localhost` but that was not a valid MythWeb page, always ending in an error. Trying to browse to that address using a graphical browser simply resulted in a blank page.
So I gave up on nginx/php-fpm and have now installed Apache. I'm having pretty much the same results trying to get MythWeb to serve via Apache, the only minor difference being that I get a "page moved error" when I `curl http://localhost/mythweb.` Needless to say, I'm a bit lost as to what I might try next. So I'll just ask in closing about the experiences of others who installed MythTV under Gentoo and who have MythWeb working.
Did you have to do much in the way of configuration? Can you offer any tips here, of either a general or specific nature? The whole vhosts aspect of this is confusing to me because MythWeb is the only site being served on this machine. Maybe I've not configured something incorrectly owing to my sketchy conception of vhosts?
If that's not the case, the only other thing I can think of is that I'm being plagued by no-multilib issues. You see, I switched my machine to no-multilib fairly early on, since I mistakenly decided I'd made an error in doing my initial installation as a desktop one. I've had at least one major unresolvable issue since I did that: I can no longer compile MythTV with vaapi support. And from my reading about no-mulitlib, I get the impression that no one is very clear on why this variant exists, which causes me to wonder whether it might not be poorly maintained and is, therefore, the source of some major issues that are plaguing this installation. Anyone have thoughts on that? |
|
Back to top |
|
|
jamtat Apprentice
Joined: 09 Aug 2003 Posts: 162
|
Posted: Sun Apr 26, 2015 8:25 pm Post subject: |
|
|
I have some progress to report. I had another look at my webapp-config settings, which I'd forgotten to revise once I'd switched over to Apache. I've just now edited that file and, on restarting Apache, I was almost able to access MythWeb from localhost: it gave me the MythWeb page with a message about the data directory not being writeable by Apache. So, I went in and changed the ownership and group for the mythweb directory (they'd been set to nginx:nginx), and now I can finally view program listings and schedule recordings. The only needed feature that seems to be non-operational is that I cannot browse to MythWeb from other machines on my LAN: there is apparently some setting I need to tweak, either in Apache or in the OS, for this to be enabled. |
|
Back to top |
|
|
jamtat Apprentice
Joined: 09 Aug 2003 Posts: 162
|
Posted: Wed Apr 29, 2015 1:38 am Post subject: |
|
|
I discovered what was the problem with being unable to access MythWeb from other machines on my LAN. I'd followed this guide https://wiki.gentoo.org/wiki/Home_Router in initial set-up of this machine because I wanted one of the machine's network interfaces to act as its gateway to my LAN, and the other to set up and serve a separate subnet. In order to get that operational, I'd--following instructions found at that link--installed iptables and implemented some rules. Well, it turns out those rules were blocking outside hosts from connectiong to port 80 on the gateway interface on this machine. To make it work, I had introduce a new rule that would open port 80 on the relevant interface--a rule found at this forum thread https://forums.gentoo.org/viewtopic-t-411732-start-0.html which also stipulated the proper point at which to insert it.
I'll list below the steps I used, since I actually had to first flush the inital rules, then introduce them again, inserting the port 80 rule at a certain point (it's roughly in the middle). Thus, the following, copied from the two referenced URLs: Code: | root #iptables -F
root #iptables -t nat -F
root #iptables -P INPUT ACCEPT
root #iptables -P OUTPUT ACCEPT
root #iptables -P FORWARD DROP
root #export LAN=eth0
root #export WAN=eth1
root #iptables -I INPUT 1 -i ${LAN} -j ACCEPT
root #iptables -I INPUT 1 -i lo -j ACCEPT
root #iptables -A INPUT -p UDP --dport bootps ! -i ${LAN} -j REJECT
root #iptables -A INPUT -p UDP --dport domain ! -i ${LAN} -j REJECT
root #iptables -A INPUT -p TCP --dport ssh -i ${WAN} -j ACCEPT
root #iptables -A INPUT -p TCP --dport 80 -i eth1 -j ACCEPT
root #iptables -A INPUT -p TCP ! -i ${LAN} -d 0/0 --dport 0:1023 -j DROP
root #iptables -A INPUT -p UDP ! -i ${LAN} -d 0/0 --dport 0:1023 -j DROP
root #iptables -I FORWARD -i ${LAN} -d 192.168.0.0/255.255.0.0 -j DROP
root #iptables -A FORWARD -i ${LAN} -s 192.168.0.0/255.255.0.0 -j ACCEPT
root #iptables -A FORWARD -i ${WAN} -d 192.168.0.0/255.255.0.0 -j ACCEPT
root #iptables -t nat -A POSTROUTING -o ${WAN} -j MASQUERADE
root #echo 1 > /proc/sys/net/ipv4/ip_forward
root #for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done
root #/etc/init.d/iptables save |
This is all actually a bit of a kludge so far as my purposes are concerned. Interface eth1 on my scenario is actually not a WAN port and does not need any special firewalling rules: it already sits behind a firewall (the LAN's router). So, although this machine does need to do NAT between the subnet that runs on eth0 and the gateway interface, eth1, that gets it IP from my router, no sort of port blocking needs to be done on eth1 since it already sits behind a firewall. But the recipe offered something close to what I needed and, with a slight tweak to allow access to port 80 on eth1, it's working suitably for me.
If anyone can suggest further modifications to the iptables rules that would obviate the need for explicitly opening port 80 on eth1--like maybe by unblocking all ports on that interface--I'm all ears. Thanks
LATER EDIT: I wonder, specifically, whether directions from this web site http://www.revsys.com/writings/quicktips/nat.html might do what I need (allow NAT'ing from eth0 to eth1, but without blocking any ports). For example: Code: | echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done
/etc/init.d/iptables save |
|
|
Back to top |
|
|
jamtat Apprentice
Joined: 09 Aug 2003 Posts: 162
|
Posted: Fri Dec 18, 2015 12:06 am Post subject: |
|
|
Here's the new set of iptables rules I've--with some helpful input--come up with: Code: | iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done
/etc/init.d/iptables save |
The intention is to allow traffic from eth0 to be routed freely to and from eth1, with no sort of port blocking or packet dropping (both interfaces are on an internal network and not facing the internet). Seems so far to be working as expected. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|