trent/trents_blog
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
ef457a60e9
trents_blog/docs/posts/apache-virtual-hosts.md

105 lines
2.9 KiB
Markdown
Raw Normal View History

add Apache Virtual Hosts
2020-12-19 21:16:22 -08:00
---
title: "Apache Virtual Hosts"
date: 2020-12-20
draft: false
tags: ["Apache","Virtual Hosts","LetsEncrypt","Lets Encrypt","Reverse Proxy","DNS"]
redo home page
2021-09-10 20:26:47 -07:00
authors: ["trent", "john", "joe"]
post: 16
add Apache Virtual Hosts
2020-12-19 21:16:22 -08:00
---
date: 2020-12-20
## **Use Virtual Hosts**
This is a very useful way to keep your server organized.
## **Virtual Hosts On Your Lan**
You can practice on your Lan.
### Setting up DNS on your Lan
For instance, if your router is running `dnsmasq`, this may be as simple
as describing the virtual hosts in `/etc/hosts` on the router.
```console
192.168.1.101 blog.devbox blogstatic.devbox
```
### Here's An Example Reverse Proxy for A Flask Blog On Your Lan
```apache
# /etc/apache2/sites-enabled/blog.devbox.conf
<VirtualHost *:80>
ServerName blog.devbox
# dont' block LetsEncrypt
# ProxyPass "/.well-known" ! ... not needed on your Lan
# don't block /var/www/html/favicon.ico
ProxyPass "/favicon.ico" !
ProxyPass "/" "http://127.0.0.1:8000/"
ProxyPassReverse "/" "http://127.0.0.1:8000/"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
```
### Here's An Example for A Static Blog On Your Lan
```apache
# /etc/apache2/sites-enabled/blogstatic.devbox.conf
<VirtualHost *:80>
ServerName blogstatic.devbox
DocumentRoot /var/www/html/blogstatic/site
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
```
## **Wan Deployment**
### Set up DNS
Log into your dns provider and create records
* A record for **blog.example.com** pointing to your ipv4 address
* AAAA record for **blog.example.com** pointing to your ipv6 address
* A record for **blogstatic.example.com** pointing to your ipv4 address
* AAAA record for **blogstatic.example.com** pointing to your ipv6 address
### Start With Virtual Hosts for HTTP
You don't need to create virtual hosts for SSL configuration, because
CertBot will automatically do that for you.
#### Reverse Proxy
```apache
# /etc/apache2/sites-enabled/blog.example.com.conf
<VirtualHost *:80>
ServerName blog.example.com
# dont' block LetsEncrypt
ProxyPass "/.well-known" !
# don't block /var/www/html/favicon.ico
ProxyPass "/favicon.ico" !
ProxyPass "/" "http://127.0.0.1:8000/"
ProxyPassReverse "/" "http://127.0.0.1:8000/"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
```
#### Static Site
```apache
# /etc/apache2/sites-enabled/blogstatic.example.com.conf
<VirtualHost *:80>
ServerName blogstatic.example.com
DocumentRoot /var/www/html/blogstatic/site
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
```
### Get LetsEncrypt Certs
```console
certbot --apache -d blog.example.com -d blogstatic.example.com
```
Certbot will create and enable new conf files with SSL encryption configured,
and will modify your http conf files with redirections to https.
Reference in New Issue Copy Permalink