Tuesday, May 24, 2011

Iphone web server with php

I have an old iphone 3G that I upgraded to a 4G. Now I use it as my lowpower server. To do this you first need to jailbreak it and of course you need to have a home wifi setup. Serving private web pages is one of its uses. Here is the basic setup

Here is how to install lighttpd and php
  1. Jail break the iPhone using whatever setup you like
  2. Find the iPhones IP address in the wifi config area
    1. set your network IP to static.. and choose an IP at the end or out of your DHCP allocation range. (so that the DHCP doesnt keep moving your server around, nothing is worst for NAT setup..)
  3. Change the default passwords
    1. SSH into the iPhone using the username "root" and password "alpine"
    2. "root"s original password is "alpine"
    3. "mobile"s original password is also "alpine"
    4. double check for other accounts in /etc/passwd
      passwd 
      #enter old/new passwords for root
      su mobile
      passwd 
      #enter old/new passwords for mobile
      
  4. Remove password based ssh (makes it harder to hack in)
    1. copy/generate a ssh key from the entry machine.
    2. install the ssh key into the iPhone
    3. ssh into the phone (as mobile) and execute
      mkdir -p ~/.ssh
      chmod 0700 ~/.ssh
      touch ~/.ssh/authorized_keys
      chmod 600 ~/.ssh/authorized_keys
      cat >> ~/.ssh/authorized_keys
      #now paste in ssh key and hit crtl-D
      cat ~/.ssh/authorized_keys
      ls -al ~/.ssh/authorized_keys
      #confirm u see: -rw------- 1 mobile mobile ... /var/mobile/.ssh/authorized_keys
      
    4. Confirm login by ssh'ing in a diffrenet window
    5. BACKUP SSH KEY BEFORE CONTINUING. Its your way in from here on...
    6. Remove the password login.
      su
      #enter root password
      nano  /etc/ssh/sshd_config
      
    7. Now edit/add the following lines
      PasswordAuthentication no
      AllowTcpForwarding no
      X11Forwarding no
      AllowUsers mobile
      
    8. Restart iPhone (maybe /usr/sbin/sshd is sufficent to restart the sshd)
    9. Check the setting by ssh'ing with the key/username. You will be prompted for login as: but it should reject before it asks a password.
  5. Installing web server software
    1. run apt-get and install packages
      su
      #enter root password
      apt-get install php
      apt-get install lighttpd
      
    2. if you are missing apt get you will need to open Cydia and install the "AptBackup" package
  6. setup web software
    1. create the directory/files erc needed
      mkdir -p /htdocs/site/
      mkdir -p /htdocs/log/
      chmod 777 /htdocs/log/
      mkdir /etc/lighttpd/
      
    2. Configure the site.
      nano /etc/lighttpd/lighttpd.conf
      
    3. Copy this into the file:
      include "mod_fastcgi.conf"
      server.document-root = "/htdocs/site/"
      #server.port = 8080
      
      server.username = "_sshd"
      server.groupname = "_sshd"
      
      server.bind = "localhost"
      server.tag ="lighttpd"
      server.errorlog = "/htdocs/log/error.log"
      accesslog.filename = "/htdocs/log/access.log"
      
      server.modules = (
      "mod_access",
      "mod_accesslog",
      "mod_fastcgi",
      "mod_rewrite",
      "mod_auth",
      "mod_fastcgi"
      )
      index-file.names = ( "index.html", "index.php" )
      
    4. Configure the php module.
      nano /etc/lighttpd/mod_fastcgi.conf
      
    5. Copy this into the file:
      fastcgi.server = ( ".php" =>
       ( "localhost" => 
        ( "bin-path" => "/usr/bin/php-cgi", "socket" => "/tmp/php.socket")))
      

    6. Setup a trial page
      nano /htdocs/index.php
      
    7. Copy this into the file:
      <?
          echo "Welcome:", $_SERVER['REMOTE_ADDR'];
      
          echo "< br >< br >Heres some uptime data:< br >";
          passthru("uptime");
          echo "< br >< br >Heres whats running:< br >";
          passthru("ps | sed 's/$/< br >/'");
      ?>
      

    8. Boot the server manually and check it all
      lighttpd -f /etc/lighttpd/lighttpd.conf
      

    9. Open a browser and enter http://your_iphones_static_ip and you should see the trial page
  7. Right now lighttpd has to be manually started, it wont do it automatically.
    1. Set it to autoboot via a launchd control file at /Library/LaunchDaemons/com.lighttpd.plist the launchd process will start it and keep it running if it should crash or be killed.

    2. touch /Library/LaunchDaemons/com.lighttpd.plist
      chmod go-wrx /Library/LaunchDaemons/com.lighttpd.plist
      nano /Library/LaunchDaemons/com.lighttpd.plist
      

    3. Paste in the contents
      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
      "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
      <plist version="1.0">
      <dict>
          <key>Label</key>
          <string>com.lighttpd</string>
          <key>ProgramArguments</key>
          <array>
              <string>/usr/sbin/lighttpd</string>
              <string>-f</string>
              <string>/etc/lighttpd/lighttpd.conf</string>
          </array>
          <key>RunAtLoad</key>
          <true/>
          <key>KeepAlive</key>
          <true/>
          <key>UserName</key>
          <string>root</string>
          <key>WorkingDirectory</key>
          <string>/htdocs</string>
      </dict>
      </plist>
      

    4. load it with(and check)
      launchctl load -w /Library/LaunchDaemons/com.lighttpd.plist
      ps aux | grep light  
      

    5. You can shut it down again with:
      sudo launchctl unload -w /Library/LaunchDaemons/com.lighttpd.plist
      

I note that you need to keep the iPhone plugged into its charger to keep it connected to the wifi and alive. Otherwise it goes into a low power mode and shut off the wifi link, there by disconnecting your server.

I also iphones php package is rather limited in some aspects. For example create_socket doesn't work.

I also note that the user who is running the server seems bad.

Refer
http://www.esrun.co.uk/blog/lighttpd-php-on-the-iphone/
http://www.cyberciti.biz/tips/lighttpd-restrict-or-deny-access-by-ip-address.html
http://stackoverflow.com/questions/1181751/send-iphone-http-request-to-apache-php-webserver
http://arcoleo.org/dsawiki/Wiki.jsp?page=Autostart%20MySQL%20on%20Mac

No comments:

Post a Comment