Fork me on GitHub

 

Operating System

The CHAMELEON framework has been successfully tested on Linux, MacOS X, FreeBSD and other Unix based OS as well as on Windows servers (for Windows versions supporting symlinks).
 

Web Server

CHAMELEON has been successfully tested with Apache 2.x and nginx using both mod_php5 (apache) and php5-fpm.
 

PHP

PHP version must be 5.3.3 or higher.

CHAMELEON needs the following PHP extensions: (some are only needed by certain extensions)
bcmath, ctype, curl, date, dom, gd (2.0.x), hash, iconv, json, libxml, mbstring, mcrypt, mhash, mysql, mysqli, openssl, pcre, posix, session, shmop, SimpleXML, sockets, xml, xmlrpc, zip, zlib, imagick.
 

Optional
tidy - for HTML clearing (recommended)

memcached (3.0.x) - if memcache is used as cache and session storage (recommended)

Please check the following settings of your php.ini or the web server's vhost configuration, depending on your PHP version:

  • zend.ze1_compatibility_mode = off
  • short_open_tag = on
  • register_globals = off
  • file_uploads = on
  • allow_url_fopen = on
  • magic_quotes_gpc = off
  • session.use_cookies = on
  • session.use_trans_sid = off
  • session.serialize_handler = php
  • memory_limit = 128M (minimum requirement; may be higher depending on the project and modules)
  • max_execution_time = 300
  • post_max_size = 100M
  • upload_max_filesize  = 100M (If you want to manage bigger files with Chameleon, you should increase these values corresponding to the maximum expected file size.)
     

Session
When using memcached or MySQL as session handler, you must enable the PHP garbage collection for various Linux distributions (e.g. Ubuntu/Debian). It might be disabled by default in these systems and uses a cronjob instead, which deletes the session files.

  • session.gc_probability = 1
  • session.gc_divisor = 100

Thus, the corresponding cronjob in /etc/cron.d/php5 can be commented, if not used by other systems.
 
Performance
Since the system works with a lot of files and generates db table interaction classes automatically, you might want to increase the PHP file cache:

  • realpath_cache_size = 64K (default is 16K)


Security
When using the PHP security extension suhosin (which is strongly recommend instead of using safe_mode and which is enabled by default in most distributions these days) make the following settings:

  • suhosin.executor.allow_symlink = On
  • suhosin.session.cryptua = Off
  • suhosin.stealth = 1
  • suhosin.session.encrypt = Off

 

HHVM


Please note that the use of HHVM is possible with Chameleon Version 6 or higher, but is classified as experimental. The following parameters must be set in the php.ini of the HHVM interpreter:

  • hhvm.libxml.ext_entity_whitelist = file,http
  • add to your /app/config/config.yml :

chameleon_system_core:
  redirectstrategy: "throwexception"

  • be sure to use a doctrine/dbal Version > 2.4 that's confirmed to be HHVM compatible (2.4 is not)

 

MySQL Database

MySQL as of version 5 (UTF-8 support is mandatory)
 
Chameleon uses the advantages of different storage engines. The MySQL installation must therefore support at least the MyISAM, InnoDB and MEMORY engines.
 
The database user must have the following rights:

  • data: SELECT, INSERT, UPDATE, DELETE (for all tables)
  • structure: CREATE TABLE, CREATE TEMPORARY TABLES, ALTER, INDEX, DROP,
  • admin: SHOW TABLES, LOCK TABLES

 
Optional
Chameleon Shop may use the function LOAD DATA INFILE for a faster indexing of the catalogue (for this purpose CMS_SEARCH_INDEX_USE_LOAD_FILE must be enabled in the config).
 
Read-only system
For safety reasons it is possible to operate Chameleon without writing permissions, e.g. frontend and backend server on separate systems with a shared database. The backend system has a mySQL user with full permissions and the frontend delivery system has only reading permissions.
 
This is only possible if your website does not have user interaction which needs writing permissions. Here the following permissions are necessary:

  • data: SELECT (for all tables), INSERT, UPDATE, DELETE (tables: _cms_sessions, _cms_cache, _cms_cache_info, _cms_lockmanager)
  • structure: CREATE TEMPORARY TABLES (if you use an enterprise version with workflow)
  • admin: SHOW TABLES

 
Important
Please note that the required permissions for the mySQL user only apply for a system in the state as delivered. Depending on the features you are going to implement, further permissions may be necessary.