Sunlightphp is a project mainly written in PHP, based on the MIT license.
A small and fast PHP framework with integrated support for CouchDB.
Hello there,
thanks for downloading SunlightPHP. I put many months of work into this small and fast PHP framework. I created it specifically for my needs, it is not an all-rounder and might not be suited for your purposes. Try it and find out.
To run SunlightPHP you need:
You can install them in one go with this command:
sudo apt-get install apache2 couchdb php5 php5-cli php5-curl php5-intlIf you want to execute unit tests, you also need PHPUnit:
sudo apt-get install phpunitSunlightPHP needs some Apache modules to be enabled. Issue this command:
sudo a2enmod deflate dir expires headers rewriteCopy SunlightPHP to the location of your choice. Make sure it is within the document root so Apache can access it. Now check if the server is set up correctly by browsing to:
http://example.com/sunlightphp/maintenance/maintenance.phpReplace "example.com" with your server's address. If you try out SunlightPHP locally, it is probably "localhost". If you changed the folder name or nested SunlightPHP differently, adjust the path accordingly.
Open app/config/core.php and adjust the settings to suit your needs. You should be good to go with the default values though. You can tweak them later.
If you enable CSS and/or JS compression, you need to download the YUICompressor from http://developer.yahoo.com/yui/compressor/ and place it in app/vendors/yuicompressor/yuicompressor-2.4.2.jar
You will also need Java for this:
sudo apt-get install default-jreIf you enable caching with APC, you need to have the APC module for PHP installed:
sudo apt-get install php-apcIf you enable caching with Memcached, you need to have memcached and the memcache module for PHP installed:
sudo apt-get install memcached php5-memcacheIt is not a magic solution that makes PHP completely bomb-proof but it makes it at least harder for attackers:
sudo apt-get install php5-suhosinIn the default configuration, Apache tries to appeal to everyone. This means lax settings and performance penalties.
Apache looks in each directory for an .htaccess file. Disable this behavior by editing your VirtualHost configuration file and change "AllowOverride All" to "AllowOverride None".
Make sure to create a VirtualHost configuration file. I created an example config that I use as a template for my projects. You can find it in app/documentation/apache_example_config.
High traffic websites are choked to death by Apache's default handling of connections. Remove this bottleneck by setting the KeepAliveTimeout to "KeepAliveTimeout 2". This means that if a client is not sending a new request within two seconds after a previous request, the connection is closed. Apache can then use the freed connection to communicate with another client.
This setting can be found in /etc/apache2/apache2.conf.
Give attackers as little information as possible about your system. Turn off Apache's detailed response about its version and installed modules by changing "ServerTokens Full" to "ServerTokens Prod".
This setting can be found in /etc/apache2/conf.d/security.conf.
Not configured correctly, APC will slow your server down horribly. For a huge big performance boost, change the APC settings to this:
; Size of the cache in MB. Give APC as much RAM as you can spare but not
; too much or else you cause swapping. Swapping means hard-disk access
; which is very slow and defies the purpose of using a RAM-based cache.
apc.shm_size = 1200
; Check on each request if script files have been updated. Possible
; values:
; 0 (disable, recommended for production environment)
; 1 (enable, recommended for development environment)
apc.stat = 0
; If cache is full, only remove entries that have been stored longer in
; it than the values given. Values are in seconds.
;
; Clearing the complete cache is better or else you will continue with a
; heavily fragmented cache.
;
; apc.ttl affects the system cache which contains cached script files.
; apc.user_ttl affects the user cache which contains user-stored values.
apc.ttl = 0
apc.user_ttl = 0The APC configuration file is located at /etc/php5/conf.d/apc.ini.
If you want to access CouchDB on a remote server, e.g. for administration with the pretty front-end Futon, you can make it accessible with:
ssh -L {1}:localhost:{2} {3}@{4}
{1} The port on your localhost you want to bind the CouchDB from the
remote server to.
{2} The port CouchDB occupies on your remote server. CouchDB listens by
default to port 5984.
{3} Your username for the remote server.
{4} The IP address of your remote server.With all the placeholders replaced, it can look something like this:
ssh -L 5985:localhost:5984 [email protected]Congratulations, you can now access your remote server's CouchDB simply by browsing to http://localhost:5985/.
If you want to access SunlightPHP's maintenance panel on a remote server, follow these steps:
Add "127.0.0.1 {name}" to the /etc/hosts file on your localhost. Replace {name} with a unique name you made up, e.g. an abbreviation of your domain name, so you can remember it well.
For projects hosted on example.com you could use "ex" as name, i.e. your localhost /etc/hosts file would contain "127.0.0.1 ex".
Add the name as a server alias in your remote server's VirtualHost configuration file. This file is usually located at /etc/apache2/sites-available. Look for a line starting with "ServerAlias" and append the name there.
Continuing with the example from above, you would edit /etc/apache2/sites-available/example.com and update the list of server aliases to "ServerAlias www.example.com ex".
You can now access the SunlightPHP maintenance panel on your remote server from your localhost with something like:
ssh -L 8080:example.com:80 [email protected]Browse to http://{name}:8080/sunlightphp/maintenance/maintenance.php on
your localhost to see it.