rra 5 years ago
parent
commit
31d988b7a3
  1. 113
      content/fundamentals/webserver.md

113
content/fundamentals/webserver.md

@ -23,6 +23,7 @@ The instructions on this guide were run on a Debian Stretch distribution.
- A spare computer.
- A basic understanding of the command line.
- An [ssh server and client](ssh.html) installed
- A registered domain name
- Have an available power socket next to your router.
- An ethernet cable to connect your server to the router.
@ -37,10 +38,10 @@ If you want to geek out further about the differences between Apache and Nginx,
So, without further ado, open a terminal window and let's get started:
First, make sure you have the newest package versions by updating your package lists and then upgrading these packages:
First, make sure you update your packages list:
```bash
$ sudo apt update && upgrade
$ sudo apt update
```
Then, install the Apache HTTP server software:
@ -55,7 +56,7 @@ $ sudo systemctl status apache2
```
Example output:
```bash
```
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:
Active: active (running) since Sat 2019-06-22 21:29:51 UTC; 6s ago
@ -73,9 +74,113 @@ Jun 22 21:29:50 supermuch systemd[1]: Starting The Apache HTTP Server...
Jun 22 21:29:51 supermuch systemd[1]: Started The Apache HTTP Server.
```
## Configuration Time
You can find Apache's configuration files in the following location: /etc/apache2/sites-available.
The 000-default.conf file should look a little something like this:
```
ServerAdmin webmaster@localhost
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
# ServerName example.org
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
```
For ease of use, and in case you would like to have several websites/services running behind a single server, copy this file into another, easily identifiable one, for example, calling it something like "mydomain.conf".
```bash
$ sudo cp 000-default.conf mydomain.conf
```
Using your favourite text editor, uncomment the ServerName line and change it to reflect your domain name:
```
ServerAdmin webmaster@localhost
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName mydomain.org
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
```
Enable this configuration by running:
```bash
$ sudo a2ensite mydomain.org
```
## HTTPS
## Configuration Time
HTTPS, which stands for *hypertext transfer protocol secure*, is an extension of the HTTP protocol. As its name suggests, it adds a layer of security to the data exchanged between client and server. By adding an encryption layer to the exchanged packets, it seeks to avoid man-in-the-middle attacks, eavesdropping, etc.
As part of its bigger goal to "encrypt the entire Internet", the [Electronic Frontier Foundation](https://certbot.eff.org/about/) developed Certbot, a free and open source tool for automating the server-side deployment of [Let's Encrypt Certificates](https://letsencrypt.org/), thus enabling HTTPS.
Let's get down to it! Again, these instructions are specific to Debian 9 (Stretch), but detailed instructions for installation on other distros can be found on [Certbot's website](https://certbot.eff.org/instructions)
First, add backports to your packages list and update it:
```bash
$ echo deb http://deb.debian.org/debian stretch-backports main | sudo tee -a /etc/apt/sources.list && sudo apt update
```
Now, install Certbot:
```bash
$ sudo apt install certbot python-certbot-apache -t stretch-backports
```
Run Certbot to get the right certificates for your domain:
```bash
$ sudo certbot certonly -d myserver.org
```
## index.html

Loading…
Cancel
Save