Difference between revisions of "WebServer - Name-based Virtual Host Support"
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | + | The Apache web server Can easily be configured to serve up different content based on the '''name''' it was called as. | |
− | + | This allows fun stuff like giving your machine multiple names via DNS and making it look like a whole server farm. | |
− | |||
− | + | This also makes life easier if you're using it to proxy for other machines internal to your network. | |
− | |||
− | + | In these notes, we'll be setting up 4 names for the server. '''foo.bar''' & '''www.foo.bar''' which will be the default web site. '''Wiki.foo.bar''' which will be served up by the same install of Apache, but still independant of the default web site. '''Proxy.foo.bar''' which is on another machine completely & wouldn't otherwise be reachable. | |
− | <big>'''NOTE:''' It is probably | + | You will need to set up external DNS for '''Wiki.foo.bar''' & '''Proxy.foo.bar''' (which are NOT the same as your normal webserver name as far as the outside world is concerned) |
− | + | ||
− | + | <big>'''NOTE:''' It is probably smartest to put the <code>VirtualHost</code> sections in separate files in the <code>/etc/apache2/sites-available/</code> folder, then make symbolic links to them in <code>/etc/apache2/sites-enabled</code> This will simplify maintenance down the road...</big> | |
− | + | ||
− | + | (But, if you really want to, they can simply be added to <code>/etc/apache2/apache2.conf)</code> | |
− | + | ||
− | + | A sample set of files for <code>/etc/apache2/sites-available</code>: | |
− | + | ||
− | + | *'''www.foo.bar.conf''' | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | ########################## | |
− | ######################### | + | # WWW.foo.bar # |
− | # WWW.foo.bar | + | # our default web server # |
− | ######################### | + | ########################## |
<VirtualHost *:80> | <VirtualHost *:80> | ||
ServerName foo.bar | ServerName foo.bar | ||
− | Redirect permanent / https://www.foo.bar/ | + | Redirect permanent / <nowiki>https://www.foo.bar/</nowiki> |
</VirtualHost> | </VirtualHost> | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ServerName www.foo.bar | ServerName www.foo.bar | ||
− | Redirect permanent / https://www.foo.bar/ | + | Redirect permanent / <nowiki>https://www.foo.bar/</nowiki> |
</VirtualHost> | </VirtualHost> | ||
Line 75: | Line 40: | ||
</VirtualHost> | </VirtualHost> | ||
− | * wiki.foo.bar.conf | + | *'''wiki.foo.bar.conf''' |
+ | |||
######################### | ######################### | ||
# Wiki.foo.bar # | # Wiki.foo.bar # | ||
+ | # our Wiki server # | ||
######################### | ######################### | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ServerName wiki.foo.bar | ServerName wiki.foo.bar | ||
− | Redirect permanent / https://wiki.foo.bar/ | + | Redirect permanent / <nowiki>https://wiki.foo.bar/</nowiki> |
</VirtualHost> | </VirtualHost> | ||
Line 93: | Line 60: | ||
</VirtualHost> | </VirtualHost> | ||
− | * proxy.foo.bar.conf | + | *'''proxy.foo.bar.conf''' |
− | ################################## | + | |
− | # Proxy for | + | ################################################ |
− | ################################## | + | # Proxy for proxy.foo.bar # |
+ | # an ESXi-based server on our internal network # | ||
+ | ################################################ | ||
<VirtualHost *:80> | <VirtualHost *:80> | ||
ServerName proxy.foo.bar | ServerName proxy.foo.bar | ||
− | Redirect permanent / https://proxy.foo.bar/ | + | Redirect permanent / <nowiki>https://proxy.foo.bar/</nowiki> |
</VirtualHost> | </VirtualHost> | ||
Line 115: | Line 84: | ||
# Redirect HTTPS traffic | # Redirect HTTPS traffic | ||
− | ProxyPass / https://proxy.foo.bar/ | + | ProxyPass / <nowiki>https://proxy.foo.bar/</nowiki> |
− | ProxyPassReverse / https://proxy.foo.bar/ | + | ProxyPassReverse / <nowiki>https://proxy.foo.bar/</nowiki> |
SSLCertificateFile /etc/letsencrypt/live/proxy.foo.bar/fullchain.pem | SSLCertificateFile /etc/letsencrypt/live/proxy.foo.bar/fullchain.pem | ||
Line 128: | Line 97: | ||
</VirtualHost> | </VirtualHost> | ||
+ | |||
+ | '''<big>NOTE:</big>''' Whichever '''VirtualHost''' gets configured '''FIRST''' becomes the default host. Any name that successfully resolves to the server but is not among the names explicitly handled will be served this '''VirtualHost'''. (It may help to start the filename with a '0'. eg: '''0-www.foo.bar.conf''') | ||
+ | |||
+ | create the links | ||
+ | |||
+ | *<code>cd /etc/apache2/sites-enabled</code> | ||
+ | *<code>sudo ln -s ../sites-available/www.foo.bar.conf .</code> | ||
+ | *<code>sudo ln -s ../sites-available/wiki.foo.bar.conf .</code> | ||
+ | *<code>sudo ln -s ../sites-available/proxy.foo.bar.conf .</code> | ||
and restart Apache: | and restart Apache: | ||
*<code>sudo service apache2 restart</code> | *<code>sudo service apache2 restart</code> |
Latest revision as of 13:40, 3 July 2020
The Apache web server Can easily be configured to serve up different content based on the name it was called as.
This allows fun stuff like giving your machine multiple names via DNS and making it look like a whole server farm.
This also makes life easier if you're using it to proxy for other machines internal to your network.
In these notes, we'll be setting up 4 names for the server. foo.bar & www.foo.bar which will be the default web site. Wiki.foo.bar which will be served up by the same install of Apache, but still independant of the default web site. Proxy.foo.bar which is on another machine completely & wouldn't otherwise be reachable.
You will need to set up external DNS for Wiki.foo.bar & Proxy.foo.bar (which are NOT the same as your normal webserver name as far as the outside world is concerned)
NOTE: It is probably smartest to put the VirtualHost
sections in separate files in the /etc/apache2/sites-available/
folder, then make symbolic links to them in /etc/apache2/sites-enabled
This will simplify maintenance down the road...
(But, if you really want to, they can simply be added to /etc/apache2/apache2.conf)
A sample set of files for /etc/apache2/sites-available
:
- www.foo.bar.conf
########################## # WWW.foo.bar # # our default web server # ########################## <VirtualHost *:80> ServerName foo.bar Redirect permanent / https://www.foo.bar/ </VirtualHost> <VirtualHost *:80> ServerName www.foo.bar Redirect permanent / https://www.foo.bar/ </VirtualHost> <VirtualHost _default_:443> ServerName www.foo.bar DocumentRoot "/var/www/html" SSLCertificateFile /etc/letsencrypt/live/www.foo.bar/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/www.foo.bar/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost>
- wiki.foo.bar.conf
######################### # Wiki.foo.bar # # our Wiki server # ######################### <VirtualHost *:80> ServerName wiki.foo.bar Redirect permanent / https://wiki.foo.bar/ </VirtualHost> <VirtualHost _default_:443> ServerName wiki.foo.bar DocumentRoot "/var/www/wiki" SSLCertificateFile /etc/letsencrypt/live/wiki.foo.bar/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/wiki.foo.bar/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost>
- proxy.foo.bar.conf
################################################ # Proxy for proxy.foo.bar # # an ESXi-based server on our internal network # ################################################ <VirtualHost *:80> ServerName proxy.foo.bar Redirect permanent / https://proxy.foo.bar/ </VirtualHost> <VirtualHost _default_:443> ServerName proxy.foo.bar ProxyRequests on SSLEngine On SSLProxyEngine On ProxyPreserveHost On # Redirect WSS traffic (Needed if this is a proxy for ESXi) ProxyPass /ticket/ wss://proxy.foo.bar/ticket/ ProxyPassReverse /ticket/ wss://proxy.foo.bar/ticket/ # Redirect HTTPS traffic ProxyPass / https://proxy.foo.bar/ ProxyPassReverse / https://proxy.foo.bar/ SSLCertificateFile /etc/letsencrypt/live/proxy.foo.bar/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/proxy.foo.bar/privkey.pem <Proxy "*"> Order allow,deny Allow from all </Proxy> ErrorLog /var/log/apache2/Proxy/proxy_log CustomLog /var/log/apache2/Proxy/proxy-access_log combined </VirtualHost>
NOTE: Whichever VirtualHost gets configured FIRST becomes the default host. Any name that successfully resolves to the server but is not among the names explicitly handled will be served this VirtualHost. (It may help to start the filename with a '0'. eg: 0-www.foo.bar.conf)
create the links
cd /etc/apache2/sites-enabled
sudo ln -s ../sites-available/www.foo.bar.conf .
sudo ln -s ../sites-available/wiki.foo.bar.conf .
sudo ln -s ../sites-available/proxy.foo.bar.conf .
and restart Apache:
sudo service apache2 restart