I have a server which maintains multiple domains using VirtualHost and I'm trying to setup GitWeb according to Gitweb - ArchWiki.
According to the wiki, I have to append the lines below to an Apache config file.
Alias /gitweb "/usr/share/gitweb"
<Directory "/usr/share/gitweb">
DirectoryIndex gitweb.cgi
Options ExecCGI
Require all granted
<Files gitweb.cgi>
SetHandler cgi-script
</Files>
SetEnv GITWEB_CONFIG /etc/gitweb.conf
</Directory>
After this, Alias works and I can access the service by accessing one of
192.168.10.102/gitweb/ (local IP)
https://my_domain_1.com/gitweb/
https://my_domain_2.com/gitweb/
...
So far, everything's okay.
Now I'd like to limit the effect of the Alias to one domain: my_domain_1.com. So I moved the lines above inside its existing VirtualHost settings.
<VirtualHost *:80>
DocumentRoot "/var/www/html1"
ServerName my_domain_1.com
# The lines are pasted here.
RewriteEngine on
RewriteCond %{SERVER_NAME} =my_domain_1.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} END,NE,R=permanent]
</VirtualHost>
However, when I access https://my_domain_1.com/gitweb/, 404 error occurs. The error log says nothing and I have no .htaccess for the domain.
How can I make it work?
I found the solution.
Since I requested that all of http requests should be redirected to the https versions, I should have written the gitweb settings not in <VirtualHost *:80> (http) but in <VirtualHost *:443> (https). The result should be
<VirtualHost *:443>
DocumentRoot "/var/www/html1"
ServerName my_domain_1.com
# The lines are pasted here.
SSLCertificateFile /etc/letsencrypt/live/my_domain_1.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/my_domain_1.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Now it works perfectly.
Related
I'm have a an Apache HTTP server that has a reverse proxy to a tomcat server. However, I only want the reverse proxy to happen when the client uses the subdomain www. This is because I want to use other subdomains to point to other applications, such as email.
e.g. www.example.com will go display the apache tomcat webapp.
The way to do this, I presume, is to configure my DNS so that every subdomain I use will point to my server. Right now, in addition to www, that is server.example.com and posfixadmin.example.com. However, the issue is that all my subdomains end up pointing to tomcat.
So when I try to visit postfixadmin.example.com/setup.php to set up postfixadmin through its web setup, it ends up taking me to my tomcat webapp's 404.
Here is my virtualhost configuration:
<VirtualHost www.example.com:80>
ServerName http://www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost server.example.com:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost postfixadmin.example.com:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
EDIT
It looks like the proxy conf file doesn't do anything (??). I decided to experiment around and change the first virtualhost servername to the following:
<VirtualHost *:80>
ServerName abcd.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Then, I restarted and reloaded Apache...But for some reason, going to www.example.com STILL took me to the tomcat webapp! Does anyone know what drives this?
As to the DNS: I have set specific CNAME entries for each subdomain including www; all of them point back to the public IP of my server that houses my example.com domain (using # in my case - possible with most DNS, I think). There may be some different strategies on this, but I believe you're on the correct path based on what you've suggested in the question.
As to Apache configuration:
I believe that the http protocol does not need to be specified in the ServerName directive and that, generally, the domain need not appear inside the <VirtualHost>...</VirtualHost> tags.
I should mention that I am relatively unfamiliar with Tomcat but am assuming it is listening at 8080 on the localhost, in which case this should help.
I'm not 100% certain that that is all that is snarling you, but try trimming that ServerName back and doing like so, including the change to the VirtualHost open tag:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
Your second <VirtualHost> probably requires similar changes, though it also seems that you are directing it to serve requests from the web/network which are coming in on port 8080 -- which I don't believe is your intent.
I think what you want is to also listen on port 80 from the web/network, but to follow these directives if addressed to server.example.com like so:
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
And finally, similar change to the opening <VirtualHost> tag on the final one:
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
Altogether, this seems more like what you're looking for:
<VirtualHost *:80>
ServerName www.example.com
ProxyPass / http://localhost:8080
ProxyPassReverse / http://localhost:8080
</Virtualhost>
<VirtualHost *:80>
ServerName server.example.com
DocumentRoot /var/www/html/
RewriteEngine on
RewriteCond %{SERVER_NAME} =server.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} {END,NE,R=permanent}
</VirtualHost>
<VirtualHost *:80>
ServerName postfixadmin.example.com
DocumentRoot /var/www/postfixadmin/public
ErrorLog /var/log/httpd/postfixadmin_error.log
CustomLog /var/log/httpd/postfixadmin_access.log combined
<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/postfixadmin/public>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
I got it!
It turns out that the problem was in the ssl configuration file - the :443 ports were overlapping.
Thanks for the help!
I'm looking for solution for my issue, because I've tried everything that comes to my head and I'm still not able to solve it.
So, I have backend written with nestjs and on my local machine everything works as expected.
But when I run it on server and type just host name ex. https://example.com it shows empty page.
It is confusing because every other route works well except main one.
So I'm assuming there's something wrong on my apache virtual host configuration but I'm quite new to it and I don't know where the problem is.
My apache2 conf looks like this:
<VirtualHost *:80>
ServerName example.com
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
SSLEngine on
SSLCertificateFile /etc/ssl/example.com.crt
SSLCertificateKeyFile /etc/ssl/example.com.key
SSLCertificateChainFile /etc/ssl/example.com.ca-bundle.crt
ServerAdmin admin#example.com
ServerName example.com
DocumentRoot /var/www/example.com/public_html/
ProxyRequests Off
ProxyPreserveHost On
ProxyVia full
<Proxy *>
Require all granted
</Proxy>
<Location "/">
ProxyPass http://127.0.0.1:50000/
ProxyPassReverse http://127.0.0.1:50000/
</Location>
<Directory /var/www/example.com/public_html/>
Allowoverride all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
My nestjs app starts on port 50000.
Thanks for any ideas.
Finally I figured it out.
Error was caused by useStaticAssets() function. When I removed it, everything starts working properly.
To be able to still serve static files I changed it to nest's ServeStaticModule.
Cheers.
Currently working on a project on my local xampp setup. I am using a test domain like so: testsite.devs. Now, I want to create an admin interface using the subdomain admin.testsite.devs. I have it working, but Im currently using vhost like so:
<VirtualHost testsite.devs:443>
DocumentRoot "D:/websites/testsite"
ServerName testsite.devs
ServerAlias testsite.devs
ErrorLog "logs/testsite.devs-error.log"
CustomLog "logs/testsite.devs-access.log" combined
<Directory "D:/websites/testsite">
Require all granted
</Directory>
SetEnv ENVTYPE "dev"
SSLEngine on
SSLCertificateFile "crt/testsite.devs/server.crt"
SSLCertificateKeyFile "crt/testsite.devs/server.key"
</VirtualHost>
<VirtualHost admin.testsite.devs:443>
DocumentRoot "D:/websites/testsite/admin"
ServerName admin.testsite.devs
ServerAlias admin.testsite.devs
ErrorLog "logs/admin.testsite.devs-error.log"
CustomLog "logs/admin.testsite.devs-access.log" combined
<Directory "D:/websites/testsite/admin">
Require all granted
</Directory>
SetEnv ENVTYPE "dev"
SSLEngine on
SSLCertificateFile "crt/testsite.devs/server.crt"
SSLCertificateKeyFile "crt/testsite.devs/server.key"
</VirtualHost>
It appears to work, but Im thinking if I dont have access to a vhost file, is there a easier way to just do this via the htaccess file? I tried examples found online like so:
RewriteEngine on
RewriteCond %{HTTP_HOST} ^admin.testsite.devs
RewriteRule ^(.*)$ testsite.devs/admin/$1 [L,NC,QSA]
But if I go to:
admin.testsite.devs/index.html
The URL changes to:
testsite.devs/admin/index.html
So using htaccess, how do I create the sub domain where the URL stays the same? So if I go to admin.testsite.devs/index.html, it stays that way in the URL bar?
I have a site I currently run that works well, but both to learn and to make it more portable, I've been trying to dockerize it. I'm using the offical apache and php images, and setup my virtual hosts identical to how I have on the running site, just with different domains. Unfortunately, while I can get one to work, the second does not.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName api.gamersplane.local
DocumentRoot /var/www/api
ErrorLog "/var/log/gamersplane.api"
CustomLog "/var/log/gamersplane.api" common
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://api:9000/var/www/$1
ProxyPassReverse ^/(.*\.php(/.*)?)$ fcgi://api:9000/var/www/$1
RewriteEngine On
RewriteBase /
RewriteRule !\.(css|jpg|js|gif|png|ico|eot|woff|ttff|svg|psd)$ dispatch.php
<Directory /var/www/api/>
Options FollowSymLinks
Require all granted
</Directory>
LogLevel notice
</VirtualHost>
<VirtualHost *:80>
ErrorLog "/var/log/gamersplane"
CustomLog "/var/log/gamersplane" common
ProxyPreserveHost On
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://api:9000/var/www/$1
ProxyPassReverse ^/(.*\.php(/.*)?)$ fcgi://api:9000/var/www/$1
ServerName gamersplane.local
ServerAlias *.gamersplane.local
DocumentRoot /var/www
RewriteEngine On
RewriteBase /
RewriteRule !\.(css|jpg|js|gif|png|ico|eot|woff|ttff|svg|psd)$ dispatch.php
<Directory /var/www/>
Options FollowSymLinks
Require all granted
</Directory>
LogLevel notice
</VirtualHost>
Originally, I had the first vhost (api.gamersplane) second, but thought maybe it was the server alias that was the problem. Then I switched positions, and even commented out the base (gamersplane.local), but had no luck. This works on the running site, so I can't figure out what's wrong with it.
Checking the headers returned by Postman, I do see it has the Apache and PHP headers, so it seems to be hitting SOMETHING, I just don't know what.
I have a rails 3 app running with following stack:
ubuntu lucid lynx, apache2, passenger hosted on Amazon EC2
When accessed over http, the pages load and the site has no problems at all.
Then i installed a valid SSL cert on the webserver. When i try to access the same url over https, and it looks like passenger is not being activated. instead, in the browser, the folder structure of the rails application is rendered.
What configuration changes or modifications do I need to make to Apache and/or Passenger so that the https URL returns the same thing as the corresponding http url?
You need something like this:
<VirtualHost *:80>
ServerName orders.xxx.com
DocumentRoot "/var/www/html/ps-main/current/public"
CustomLog /var/log/apache2/orders common
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://orders.xxx.com%{REQUEST_URI}
NameVirtualHost *:443
RailsEnv production
<Directory /var/www/html/ps-main>
AllowOverride all
Options -MultiViews
</Directory>
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
CustomLog /var/log/apache2/orders common
ServerAdmin webmaster#xxx.com.com
ServerName orders.xxx.com
SSLCertificateFile /etc/ssl/cert.crt
SSLCertificateKeyFile /etc/ssl/server.key
SSLCertificateChainFile /etc/ssl/intermediate.pem
# SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
DocumentRoot /var/www/html/ps-main/current/public
<Directory /var/www/html/ps-main/current/public>
Options -MultiViews
AllowOverride all
</Directory>
</VirtualHost>
This will redirect all http traffic to https. If that's not what you need, remove the redirects.