Merge branch 'master' of https://git.vvvvvvaria.org/varia/nooo-hbsc
This commit is contained in:
rra
commit
31d988b7a3
@ -23,6 +23,7 @@ The instructions on this guide were run on a Debian Stretch distribution.
|
|||||||
- A spare computer.
|
- A spare computer.
|
||||||
- A basic understanding of the command line.
|
- A basic understanding of the command line.
|
||||||
- An [ssh server and client](ssh.html) installed
|
- An [ssh server and client](ssh.html) installed
|
||||||
|
- A registered domain name
|
||||||
- Have an available power socket next to your router.
|
- Have an available power socket next to your router.
|
||||||
- An ethernet cable to connect your server to the router.
|
- An ethernet cable to connect your server to the router.
|
||||||
|
|
||||||
@ -37,10 +38,10 @@ If you want to geek out further about the differences between Apache and Nginx,
|
|||||||
|
|
||||||
So, without further ado, open a terminal window and let's get started:
|
So, without further ado, open a terminal window and let's get started:
|
||||||
|
|
||||||
First, make sure you have the newest package versions by updating your package lists and then upgrading these packages:
|
First, make sure you update your packages list:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ sudo apt update && upgrade
|
$ sudo apt update
|
||||||
```
|
```
|
||||||
Then, install the Apache HTTP server software:
|
Then, install the Apache HTTP server software:
|
||||||
|
|
||||||
@ -55,7 +56,7 @@ $ sudo systemctl status apache2
|
|||||||
```
|
```
|
||||||
|
|
||||||
Example output:
|
Example output:
|
||||||
```bash
|
```
|
||||||
● apache2.service - The Apache HTTP Server
|
● apache2.service - The Apache HTTP Server
|
||||||
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:
|
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:
|
||||||
Active: active (running) since Sat 2019-06-22 21:29:51 UTC; 6s ago
|
Active: active (running) since Sat 2019-06-22 21:29:51 UTC; 6s ago
|
||||||
@ -73,9 +74,113 @@ Jun 22 21:29:50 supermuch systemd[1]: Starting The Apache HTTP Server...
|
|||||||
Jun 22 21:29:51 supermuch systemd[1]: Started The Apache HTTP Server.
|
Jun 22 21:29:51 supermuch systemd[1]: Started The Apache HTTP Server.
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Configuration Time
|
||||||
|
|
||||||
|
You can find Apache's configuration files in the following location: /etc/apache2/sites-available.
|
||||||
|
|
||||||
|
The 000-default.conf file should look a little something like this:
|
||||||
|
|
||||||
|
```
|
||||||
|
ServerAdmin webmaster@localhost
|
||||||
|
<VirtualHost *:80>
|
||||||
|
# The ServerName directive sets the request scheme, hostname and port that
|
||||||
|
# the server uses to identify itself. This is used when creating
|
||||||
|
# redirection URLs. In the context of virtual hosts, the ServerName
|
||||||
|
# specifies what hostname must appear in the request's Host: header to
|
||||||
|
# match this virtual host. For the default virtual host (this file) this
|
||||||
|
# value is not decisive as it is used as a last resort host regardless.
|
||||||
|
# However, you must set it for any further virtual host explicitly.
|
||||||
|
# ServerName example.org
|
||||||
|
|
||||||
|
ServerAdmin webmaster@localhost
|
||||||
|
DocumentRoot /var/www/html
|
||||||
|
|
||||||
|
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
|
||||||
|
# error, crit, alert, emerg.
|
||||||
|
# It is also possible to configure the loglevel for particular
|
||||||
|
# modules, e.g.
|
||||||
|
#LogLevel info ssl:warn
|
||||||
|
|
||||||
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||||
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||||
|
|
||||||
|
# For most configuration files from conf-available/, which are
|
||||||
|
# enabled or disabled at a global level, it is possible to
|
||||||
|
# include a line for only one particular virtual host. For example the
|
||||||
|
# following line enables the CGI configuration for this host only
|
||||||
|
# after it has been globally disabled with "a2disconf".
|
||||||
|
#Include conf-available/serve-cgi-bin.conf
|
||||||
|
</VirtualHost>
|
||||||
|
```
|
||||||
|
For ease of use, and in case you would like to have several websites/services running behind a single server, copy this file into another, easily identifiable one, for example, calling it something like "mydomain.conf".
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ sudo cp 000-default.conf mydomain.conf
|
||||||
|
```
|
||||||
|
Using your favourite text editor, uncomment the ServerName line and change it to reflect your domain name:
|
||||||
|
|
||||||
|
```
|
||||||
|
ServerAdmin webmaster@localhost
|
||||||
|
<VirtualHost *:80>
|
||||||
|
# The ServerName directive sets the request scheme, hostname and port that
|
||||||
|
# the server uses to identify itself. This is used when creating
|
||||||
|
# redirection URLs. In the context of virtual hosts, the ServerName
|
||||||
|
# specifies what hostname must appear in the request's Host: header to
|
||||||
|
# match this virtual host. For the default virtual host (this file) this
|
||||||
|
# value is not decisive as it is used as a last resort host regardless.
|
||||||
|
# However, you must set it for any further virtual host explicitly.
|
||||||
|
ServerName mydomain.org
|
||||||
|
|
||||||
|
ServerAdmin webmaster@localhost
|
||||||
|
DocumentRoot /var/www/html
|
||||||
|
|
||||||
|
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
|
||||||
|
# error, crit, alert, emerg.
|
||||||
|
# It is also possible to configure the loglevel for particular
|
||||||
|
# modules, e.g.
|
||||||
|
#LogLevel info ssl:warn
|
||||||
|
|
||||||
|
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||||
|
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||||
|
|
||||||
|
# For most configuration files from conf-available/, which are
|
||||||
|
# enabled or disabled at a global level, it is possible to
|
||||||
|
# include a line for only one particular virtual host. For example the
|
||||||
|
# following line enables the CGI configuration for this host only
|
||||||
|
# after it has been globally disabled with "a2disconf".
|
||||||
|
#Include conf-available/serve-cgi-bin.conf
|
||||||
|
</VirtualHost>
|
||||||
|
```
|
||||||
|
Enable this configuration by running:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ sudo a2ensite mydomain.org
|
||||||
|
```
|
||||||
|
|
||||||
## HTTPS
|
## HTTPS
|
||||||
|
|
||||||
## Configuration Time
|
HTTPS, which stands for *hypertext transfer protocol secure*, is an extension of the HTTP protocol. As its name suggests, it adds a layer of security to the data exchanged between client and server. By adding an encryption layer to the exchanged packets, it seeks to avoid man-in-the-middle attacks, eavesdropping, etc.
|
||||||
|
|
||||||
|
As part of its bigger goal to "encrypt the entire Internet", the [Electronic Frontier Foundation](https://certbot.eff.org/about/) developed Certbot, a free and open source tool for automating the server-side deployment of [Let's Encrypt Certificates](https://letsencrypt.org/), thus enabling HTTPS.
|
||||||
|
|
||||||
|
Let's get down to it! Again, these instructions are specific to Debian 9 (Stretch), but detailed instructions for installation on other distros can be found on [Certbot's website](https://certbot.eff.org/instructions)
|
||||||
|
|
||||||
|
First, add backports to your packages list and update it:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ echo deb http://deb.debian.org/debian stretch-backports main | sudo tee -a /etc/apt/sources.list && sudo apt update
|
||||||
|
```
|
||||||
|
|
||||||
|
Now, install Certbot:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ sudo apt install certbot python-certbot-apache -t stretch-backports
|
||||||
|
```
|
||||||
|
Run Certbot to get the right certificates for your domain:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
$ sudo certbot certonly -d myserver.org
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
## index.html
|
## index.html
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user