LunpaCMS Whipping your website into shape! Introducing Lunpa, our mascot.  Her mother was a hamster and her father was Chilean M00se.  Oddly, neither smelt of elderberries.


Installation Instructions and Tools

LunpaCMS Apache Configuration

SuExec

Using LunpaCMS and SuExec? You will need to patch your installation of Apache.

LunpaCMS has a significant feature where a single copy of the central code can reside on a server yet power all the sites on the server. This design allows us to patch servers which a very quick svn update and permissions change.

If you use suexec on your server, you may need to run a patched copy of suexec in order to accommodate a shared user having ownership of the files.

For example, this patch for Apache 2.2 and 2.4 will allow user ID 101 to be shared with suexec:

http://www.peregrinehw.com/downloads/apache/current/perlcms-suexec-apache2.patch

And for Apache 1.X (not recommended): http://www.peregrinehw.com/downloads/apache/current/old/perlcms-suexec.patch

Specifically, this allows one single copy of LunpaCMS to be executed by multiple suexec target users by changing rule 18 at http://httpd.apache.org/docs/2.2/suexec.html by modifying suexec to run programs where the user/group is the same as the target user OR the user/group ID is 101.

httpd.conf

Also, a good idea to block these files in your Apache httpd.conf:

In Apache 1.X: In Apache 2.2: In Apache 2.4:
# Block SVN Files From being Accessed
<directorymatch "^/.*/\.svn/">
Order deny,allow
Deny from all
</directorymatch>

# Block Library Files From being Accessed
<directorymatch "^.*/lib/.*">
Order deny,allow
Deny from all
</directorymatch>

# Block Lunpacms Conf Files from being Accessed
<Files ~ "^(lunpacms|local).cnf">
Order allow,deny
Deny from all
Satisfy all
</Files>

# Block VTI CNF files
<Location /_vti_cnf/*&rt;
Options None
AllowOverride None
order deny,allow
deny from all
</Location&rt;
# Block SVN Files From being Accessed
<directorymatch "^/.*/\.svn/">
Order allow,deny
Deny from all
Satisfy All
</directorymatch>

# Block Library Files From being Accessed
<directorymatch "^.*/lib/.*.pm">
Order allow,deny
Deny from all
Satisfy All
</directorymatch>

# Block Lunpacms Conf Files from being Accessed
<Files ~ "^(lunpacms|local).cnf">
Order allow,deny
Deny from all
Satisfy All
</Files>

# Block VTI CNF files
<Location /_vti_cnf/*>
Order allow,deny
Deny from all
Satisfy All
</Location>
# Block SVN Files From being Accessed
<directorymatch "^/.*/\.svn/">
Require all denied
</directorymatch>

# Block Library Files From being Accessed
<directorymatch "^.*/lib/.*.pm">
Require all denied
</directorymatch>

# Block Lunpacms Conf Files from being Accessed
<Files ~ "^(lunpacms|local).cnf">
Require all denied
</Files>

# Block VTI CNF files
<Location /_vti_cnf/*>
Require all denied
</Location>

Master Install

LunpaCMS has a master installation script that is used to install codebase as well as the essential managers in order to have a basic working installation of LunpaCMS for your website. Through the master installation script, the master admin account(described in detail below) is either used or created, as well as creating an administrative account for your webpage.

Use:
To run the installation script, run perl master_install.pl <sitename> <dbname> <dbuser> <dbpasswd> with the proper information and it will then ask you for a master administrator if there isn't already one as well as an administrative account for the website.

Example: perl master_install.pl lunpacms.org lunpacms lunpacms elderberries

LunpaCMS Validator

LunpaCMS comes with a handy script that can be used before or after LunpaCMS is installed to check any dependencies (e.g. perl modules or binaries) for LunpaCMS are installed on the server. When used after, it checks all those dependencies as well as LunpaCMS modules to check if they are installed

Use:
To run the validator, LunpaCMS_validator.pl, run perl LunpaCMS_validator.pl and it will tell you what modules are missing or whether they are under the required version.

LunpaCMS Verifier

LunpaCMS comes with a script that verifies various things on all LunpaCMS sites installed on the server. For instance, it can check to make sure that there are no null values in newsmanager or check versions for LunpaCMS modules to make sure they are current. It can easily be extended by writing more functions to make other verifications.

Use:
To run the verifier, just change to the directory that contains the verifier file, master_verify.pl, and run perl master_verify.pl and it will output the results of the verification

LunpaCMS Directory Changer

LunpaCMS comes with its base directory hard coded in many places throughout the code. In order to change this, lunpacms_directory_change.pl was written in order to change this to another directory in order to make the CMS more flexible. Note that it will display errors as it encounters concerning inability to edit are normal.

Use:
To use the directory changer, have your svn checkout or copy of lunpacms saved in the directory you plan on it staying in and run perl lunpacms_directory_change.pl where is the current hard coded directory(it comes as "/htdocs/local") and is the directory that it will stay in.

Example:
Changing from "/htdocs/local" to "/htdocs/new_directory/lunpacms" perl lunpacms_directory_change.pl /htdocs/local /htdocs/new_directory/lunpacms

Master Admin Account

LunpaCMS has a master admin account that is set during installation, either using master_install.pl or installing usermanager seperately. The account is stored as a user named "lunpacms" in the database for each site under the users table, and will be hidden in the list of users in usermanager. The admin account is stored in an sql file in the main directory for the LunpaCMS managers (with a hashed password). It will be created by one of the install procedures if it does not exist already, and will then be used on every site that is installed on the server from there on out. The master admin can also be created by running the master_admin.sql file in mySQL. Likewise, it can be removed through mySQL by simply deleting the lunpacms user from the users table in the database.

KAM Authen::Captcha Module

The LunpaCMS Validator will check for the module Authen::Captcha to see if it is installed and is an appropriate version. While LunpaCMS will run on Authen::Captcha of version 1.023 or higher, it is highly recommended that you use 1.023-KAM, which is a fork that includes patches for many known bugs which currently aren't included in other versions of the module. In order to download the module, follow the link below:

Download Authen-Captcha-1.023-KAM.tar.gz

Email Account Configuration

In order to send and receive emails as a part of a default website configuration, you must configure sendmail with the following email addresses for your domain:

Non-default managers may require additional email addresses. You must check the documentation of each manager for a list of email addresses that are required.

Accounts like do-not-reply are recommended to be configured with an automatic response like the following .procmailrc example:

SHELL=/bin/sh

:0 Whc: vacation.lock
* !^X-Spam-Status: Yes
# Don't reply to daemons and mailinglists
* !^FROM_DAEMON
# Mail loops are evil
* !^X-Loop: do-not-reply@your-website.com
| formail -rD 1024 vacation.cache

:0 ehc         # if the name was not in the cache
| (formail -rI"Precedence: junk" -A"X-Loop: do-not-reply@your-website.com" ; \
echo "This is an automated system and replies are not monitored.  If you need a response from a human, please email support@your-website.com" ; \
echo "" ; \
echo "Thank You!" ; \
) | $SENDMAIL -oi -t -f do-not-reply@your-website.com

Other Configuration

After installing LunpaCMS, it is recommended to remove "sess" from the map LOCAL_CARRYOVER_VAR_LIST. It is included by default to assist administrators in accessing websites by IP address before a domain is registered, but can be a security issue.


Add Your Comment


(Only a limited set of HTML tags such as <b>, <i>, <u> are allowed. Embedded flash video from Youtube or Vimeo are also supported.)


Copyright © 2018 Peregrine Computer Consultants Corp. All rights reserved.

About Lunpa, our mascot. Her mother was a hamster and her father was an ill-tempered Chilean M00se. Oddly, neither smelt of elderberries.
The artist is Jennifer Lomax.