Little T in the Cog Xserve G5 OS X Howto

Installing OS X on an Xserve G5 and updating it for the modern world

This is what I've had to do to get OS X Leopard installed onto my Xserve G5 and what I've done since to make it a bit more internet worthy in the modern world now that Apple has stopped pushing out updates. I'm mostly documenting this here so I'll know what to do again if I ever need to reinstall :-)

Why OS X and not Linux? Basically because I had problems getting Debian installed on this box due to the lack of graphics card - there is a method of doing the install through the serial port but I couldn't get it working (I think due to having the incorrect serial cable - I needed a null modem one). Anyway, I had a 10 client license copy of OS X Server 10.5 sitting on a shelf so I thought I'd give it a whirl. I was pleasantly surprised to find it actually a pretty capable server built on the usual Open Source offerings - Apache, PHP, Postfix, OpenLDAP etc.

The Install

My Xserve is headless, that is doesn't have a graphics card, so firstly I needed to work out how to install OS X onto it without a monitor. Luckily this is actually pretty easy to do as long as you have access to a DHCP server and know how to read the logs (as you'll need to know what address the server gets allocated when it boots). Firstly, make sure the server is connected to the network using the first ethernet port and then power on the server and insert the OS X Server DVD. Make a note of the serial number and the MAC address written on the back of the server and log into your DHCP server and look for which IP address that MAC has been given. Once you know the IP address you can open up Screen Sharing on your client (assuming it's a Mac, you can probably use any VNC client on Windows/Linux) by going to Finder -> Go -> Connect to Server and typing VNC://<IP address> into the box. Leave the username blank and put the serial number in as the password. You should now be looking at the install screen for OS X server! The install should be pretty straight forward from this point (I ended up setting up a mirror RAID using two 2TB disks as I want bulk offsite storage).

After Install Tweaks

Congratulations! You now have OS X installed on you Xserve. Once you've set up a user and the machine reboots you no longer need to connect using the serial number as a password (in fact if I recall correctly it stops working once you have a user set up), rather you now use your user. What to set up next really depends on what you want to do with your new server - in my case I wanted to host an ownCloud install so I could use my own Dropbox like client but know that the files were sitting on a machine of my own that the NSA weren't rifling through and also act as a general rsync target for my home NAS and my brother's NAS at work for offsite backups.

SNMP

I set up SNMP monitoring so that I can use nagios to check on things such as load, disk usage and the status of the RAID array (it's no good having redundant disks if you don't know when one has failed!) and also cacti graphs. I edited /etc/snmp/snmpd.conf with the correct community string and than started it by running
sudo launchctl load -w /System/Library/LaunchDaemons/org.net-snmp.snmpd.plist

Updating System Software

Apple has long since stopped pushing out updates to Leopard but that doesn't mean we can't still use it for productive work. The aim is to update all world facing features so that they are safe to put in front of the unwashed masses on the internet. To compile and install most of the software listed here you'll need to install the developer tools, either from the OS X install DVD or downloaded from Apple.

Apache Web Server

Apple uses the famous Apache web server on OS X Server when you enable the "Web" service inside Server Admin. Unfortunately the version that ships with Leopard is a bit out of date now and so a fresh install of the latest version is needed. Firstly get the latest version of the Apache source code for 2.2 from apache.org. The latest as of this writing is 2.2.24 (obviously change the mirror and version depending on where you are and what the latest 2.2.x version is):
mkdir ~/Downloads/src
cd ~/Downloads/src
curl -O http://apache.insync.za.net/httpd/httpd-2.2.24.tar.bz2
tar -jxvf httpd-2.2.24.tar.bz2
cd httpd-2.2.24
./configure --enable-layout=Darwin --enable-mods-shared=all --enable-ssl
make
sudo make install
The --enable-layout=Darwin will install apache into the correct location for OS X so you can still use the Server Admin graphical configuration tool. Once installed you need to restart it to get it to use the new binaries - you can either stop then start the web service using the graphical admin tool or run "sudo apachectl restart" from the terminal. Note that unless you also compile a newer version of OpenSSL you won't have TLS 1.1 or 1.2 support in mod_ssl.

PHP 5.3

OS X Leopard Server ships with php version 5.2 which is a bit long in the tooth now. Some webapps (like ownCloud) require at least version 5.3 so this needs to be upgraded. You will also most probably need to install a bunch of dependencies if you want to compile in some php modules. In my case I needed support for GD, International and mcrypt for ownCloud, and some of these muodules have their own dependencies as well (for example GD needs libjpeg). I haven't tested 5.4 but will need to soon as 5.3 is only supported for another year or so too... (EDIT: I've now upgraded to php 5.4 so follow that guide if you need 5.4). In my case I needed the following dependencies for ownCloud:

ICU (international):

curl -O http://download.icu-project.org/files/icu4c/51.2/icu4c-51_2-src.tgz
tar -zxvf icu4c-51_2-src.tgz
cd icu/source
./configure
make
sudo make install
libjpeg (needed for GD):
curl -O http://www.ijg.org/files/jpegsrc.v9.tar.gz
tar -zxvf jpegsrc.v9.tar.gz
cd jpeg-9
./configure
make
sudo make install
mcrypt Go to http://sourceforge.net/projects/mcrypt/files/Libmcrypt/2.5.8/ and download libmcrypt, then
tar -jxvf libmcrypt-2.5.8.tar.bz2
cd libmcrypt-2.5.8
./configure
make
sudo make install
MySQL headers and includes (php won't compile with MySQL support without these) download the tarball from http://www.opensource.apple.com/darwinsource/other/MySQL-45.binaries.tar.gz, then extract and copy the headers and client libraries:
tar -zxvf MySQL-45.binaries.tar.gz
cd MySQL-45.binaries
tar -zxvf MySQL-45.root.tar.gz
sudo rsync -av usr/include/ /usr/include/
sudo rsync -av usr/lib/ /usr/lib/
Finally you're ready to compile php 5.3. The way I do it is to install the new version into /usr/local/php5/ so that you can always roll back to the original if needed. If you don't think you'll roll back then you can drop the '--prefix=/usr/local/php5' statement from the configure line below and replace it with '--enable-layout=Darwin'. Be sure to make a copy of /usr/libexec/apache/libphp5.so if you think you might need to roll back to php 5.2 as the install will overwrite that apache module.

Go to http://php.net and grab the latest 5.3 tarball, then

tar -jxvf php-5.3.26.tar.bz2
cd php-5.3.26
./configure '--prefix=/usr/local/php5' \
	    '--disable-dependency-tracking' \
	    '--with-apxs2=/usr/sbin/apxs' \
	    '--with-ldap=/usr' \
	    '--with-kerberos=/usr' \
	    '--enable-cli' \
	    '--with-zlib-dir=/usr' \
	    '--enable-trans-sid' \
	    '--with-xml' \
	    '--enable-exif' \
	    '--enable-ftp' \
	    '--enable-mbstring' \
	    '--enable-mbregex' \
	    '--enable-dbx' \
	    '--enable-sockets' \
	    '--with-iodbc=/usr' \
	    '--with-curl=/usr' \
	    '--with-config-file-path=/etc/php5' \
	    '--sysconfdir=/private/etc' \
	    '--with-mysql-sock=/var/mysql' \
	    '--with-mysqli=/usr/bin/mysql_config' \
	    '--with-mysql=/usr' \
	    '--with-openssl' \
	    '--with-xmlrpc' \
	    '--with-xsl=/usr' \
	    '--without-pear' \
	    '--with-gd' \
	    '--with-mcrypt' \
	    '--with-jpeg-dir=/usr/local/lib' \
	    '--with-png-dir=/usr/X11R6' \
	    '--with-freetype-dir=/usr/X11R6' \
	    '--with-xpm-dir=/usr/X11R6' \
	    '--enable-intl' \
	    '--with-icu-dir=/usr/local' \
	    '--enable-zip' \
	    '--with-config-file-scan-dir=/etc/php5/conf'
There is a problem with one of the dependencies (ICU) which contains some c++ code which the standard c compiler doesn't know how to deal with, so you need to add "-lstdc++" to the end of the EXTRA_LIBS line in Makefile (without the quotes!), then it will compile correctly:
make
sudo make install
Be warned that the "make" stage can take a very long time to complete. Once make is complete the "sudo make install" will install php5 in /usr/local/php5/ so if you need command line programs to also use php5 you can move /usr/bin/php out of the way and symlink the new version there:
sudo mv /usr/bin/php /usr/bin/php52
sudo ln -s /usr/local/php5/bin/php /usr/bin/php
Once all is compiled and in place you need to create the directory /etc/php5 to put you php.ini file in and also create a directory for any addons needed in /etc/php5/conf. This is all that's needed to run ownCloud - the version of MySQL included with Leopard server is pretty old now (5.0) but is still sufficient for most purposes so I didn't see the need to upgrade.

Optional Extra: APC

ownCloud (and a lot of php code) is a lot happier with some form of PHP caching so we install APC for this purpose. I chose the latest stable version, but feel free to go for a newer version if you feel like it as it is pretty stable.
curl -O http://pecl.php.net/get/APC-3.1.9.tgz
tar -zxvf APC-3.1.9.tgz
cd APC-3.1.9
/usr/local/php5/bin/phpize
./configure --with-php-config=/usr/local/php5/bin/php-config --enable-apc-sem
make
sudo make install 
Once installed you need to create a config file for it - a basic one using defaults would be to add "extension=apc.so" (without quotes) to /etc/php5/conf/apc.ini then reload apache to start using caching.

Checking Apache and PHP versions

An easy way to see if this whole exercise has worked is to put a simple info.php file into your web site root - assuming you've still got the default site set up on OS X Server you can achieve this by editing /Library/WebServer/Documents/info.php and removing the comment line from in front of phpinfo(); so the file looks like:
<?php
// You can use Server Admin to enable the Apache PHP module; it's disabled by default.
// You can uncomment the phpinfo() directive below to provide a default PHP info page
// but note that this displays information about your host's configuration.
phpinfo();
?>
Then load it by going to http://<server IP>/info.php - if all is working you will get a complete list of all the option enabled in PHP along with some apache information.