add Apache Virtual Hosts

2020-12-19 21:16:22 -08:00
parent b9b5fb4337
commit 687a3716cc
20 changed files with 1136 additions and 17 deletions
--- a/docs/posts/apache-virtual-hosts.md
+++ b/docs/posts/apache-virtual-hosts.md
@ -0,0 +1,103 @@
+---
+title: "Apache Virtual Hosts"
+date: 2020-12-20
+draft: false
+tags: ["Apache","Virtual Hosts","LetsEncrypt","Lets Encrypt","Reverse Proxy","DNS"]
+authors: ["trent"]
+---
+date: 2020-12-20
+
+## **Use Virtual Hosts**
+This is a very useful way to keep your server organized.
+
+## **Virtual Hosts On Your Lan**
+You can practice on your Lan.
+### Setting up DNS on your Lan
+For instance, if your router is running `dnsmasq`, this may be as simple
+as describing the virtual hosts in `/etc/hosts` on the router.
+```console
+192.168.1.101     blog.devbox blogstatic.devbox
+```
+### Here's An Example Reverse Proxy for A Flask Blog On Your Lan
+```apache
+# /etc/apache2/sites-enabled/blog.devbox.conf
+<VirtualHost *:80>
+
+    ServerName blog.devbox
+
+    # dont' block LetsEncrypt
+    # ProxyPass "/.well-known" !  ... not needed on your Lan
+
+    # don't block /var/www/html/favicon.ico
+    ProxyPass "/favicon.ico" !
+
+    ProxyPass "/" "http://127.0.0.1:8000/"
+    ProxyPassReverse "/" "http://127.0.0.1:8000/"
+
+    ErrorLog ${APACHE_LOG_DIR}/error.log
+    CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+</VirtualHost>
+```
+### Here's An Example for A Static Blog On Your Lan
+```apache
+# /etc/apache2/sites-enabled/blogstatic.devbox.conf
+<VirtualHost *:80>
+	ServerName blogstatic.devbox
+	DocumentRoot /var/www/html/blogstatic/site
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
+```
+## **Wan Deployment**
+### Set up DNS
+Log into your dns provider and create records
+
+* A record for **blog.example.com** pointing to your ipv4 address
+* AAAA record for **blog.example.com** pointing to your ipv6 address
+* A record for **blogstatic.example.com** pointing to your ipv4 address
+* AAAA record for **blogstatic.example.com** pointing to your ipv6 address
+
+### Start With Virtual Hosts for HTTP
+You don't need to create virtual hosts for SSL configuration, because
+CertBot will automatically do that for you.
+#### Reverse Proxy
+```apache
+# /etc/apache2/sites-enabled/blog.example.com.conf
+<VirtualHost *:80>
+
+    ServerName blog.example.com
+
+    # dont' block LetsEncrypt
+    ProxyPass "/.well-known" !
+
+    # don't block /var/www/html/favicon.ico
+    ProxyPass "/favicon.ico" !
+
+    ProxyPass "/" "http://127.0.0.1:8000/"
+    ProxyPassReverse "/" "http://127.0.0.1:8000/"
+
+    ErrorLog ${APACHE_LOG_DIR}/error.log
+    CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+</VirtualHost>
+```
+#### Static Site
+```apache
+# /etc/apache2/sites-enabled/blogstatic.example.com.conf
+<VirtualHost *:80>
+	ServerName blogstatic.example.com
+	DocumentRoot /var/www/html/blogstatic/site
+
+	ErrorLog ${APACHE_LOG_DIR}/error.log
+	CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
+```
+### Get LetsEncrypt Certs
+```console
+certbot --apache -d blog.example.com -d blogstatic.example.com
+```
+Certbot will create and enable new conf files with SSL encryption configured,
+and will modify your http conf files with redirections to https.
+