-
Notifications
You must be signed in to change notification settings - Fork 0
apache
Install:
# apt-get install apache2 apache2-utils
Test default http site:
# wget -O - http://tcblsso.ilabt.iminds.be
Activate ssl, disable default http site, enable default https site:
# a2enmod ssl
# a2dissite 000-default.conf
# a2ensite default-ssl.conf
# systemctl restart apache2
Test default https site (with self-signed certificate):
# wget --no-check-certificate -O - https://tcblsso.ilabt.iminds.be
Disable default https site:
# a2dissite default-ssl.conf
# systemctl reload apache2
Make sure apache2 restarts after a system reboot (what at trap!)
# systemctl enable apache2
Tunings:
- Https over port 8443, with certificate (which is open to the external world)
Backup existing file that will be overwritten below:
# cp /etc/apache2/ports.conf /etc/apache2/ports.conf.dist
Overwrite existing file (see above) and add site configurations:
- this is supported in the
tcblsso-apachedirectory of https://github.com/TCBL/internal-server-docs.
Enable the new site:
# a2ensite test-ssl
# systemctl reload apache2
Test locally:
# wget -O - https://tcblsso.ilabt.iminds.be:8443
Test remotely:
- surf to
https://tcblsso.ilabt.iminds.be:8443: should show the "It works" page.
Finally disable the test site:
# a2dissite test-ssl
# systemctl reload apache2
We'll only serve web content over https.
Therefore, the site configuration /etc/apache2/sites-available/web-ssl.conf is available.
Let's activate the site at once:
# a2ensite web-ssl.conf
# systemctl reload apache2
The web content is divided over different directories /srv/web/xxx.
Each xxx has its own configuration file /etc/apache2/conf-available/web-xxx.conf, so that it can be put on or off line individually.
Once the content has been put in place:
- To put content
xxxon line:
# a2enconf web-xxx
# systemctl reload apache2
-
To access a content file, surf to
https://tcblsso.ilabt.iminds.be:8443/xxx/<etc> -
To put content
xxxoff line:
# a2disconf web-xxx
# systemctl reload apache2
A first example is /srv/web/demo, only served on the development server.
The content can be put in place from the tcblsso2-web-demo-xxx directories of https://github.com/TCBL/internal-server-docs.
We'll put this content on line:
# a2enconf web-demos
# systemctl reload apache2
Do the same for other content as required...
In order to let people use old links that were communicated ever, this snipped can be added in
/etc/apache2/sites-available/web-ssl.conf, right above the line </VirtualHost>.
This example is valid for the old resources and usermanager links.
# --- IDLab start
# Forward people with an old link
Redirect "/resources" "https://tcblsso.ilabt.iminds.be/resources"
Redirect "/usermanager" "https://tcblsso.ilabt.iminds.be/usermanager"
# --- IDLab end
Reload apache to let the changes take effect:
# systemctl reload apache2