Merge branch 'master' of https://git.vvvvvvaria.org/varia/nooo-hbsc
This commit is contained in:
commit
31d988b7a3
@ -23,6 +23,7 @@ The instructions on this guide were run on a Debian Stretch distribution.
|
||||
- A spare computer.
|
||||
- A basic understanding of the command line.
|
||||
- An [ssh server and client](ssh.html) installed
|
||||
- A registered domain name
|
||||
- Have an available power socket next to your router.
|
||||
- An ethernet cable to connect your server to the router.
|
||||
|
||||
@ -37,10 +38,10 @@ If you want to geek out further about the differences between Apache and Nginx,
|
||||
|
||||
So, without further ado, open a terminal window and let's get started:
|
||||
|
||||
First, make sure you have the newest package versions by updating your package lists and then upgrading these packages:
|
||||
First, make sure you update your packages list:
|
||||
|
||||
```bash
|
||||
$ sudo apt update && upgrade
|
||||
$ sudo apt update
|
||||
```
|
||||
Then, install the Apache HTTP server software:
|
||||
|
||||
@ -55,7 +56,7 @@ $ sudo systemctl status apache2
|
||||
```
|
||||
|
||||
Example output:
|
||||
```bash
|
||||
```
|
||||
● apache2.service - The Apache HTTP Server
|
||||
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:
|
||||
Active: active (running) since Sat 2019-06-22 21:29:51 UTC; 6s ago
|
||||
@ -73,9 +74,113 @@ Jun 22 21:29:50 supermuch systemd[1]: Starting The Apache HTTP Server...
|
||||
Jun 22 21:29:51 supermuch systemd[1]: Started The Apache HTTP Server.
|
||||
```
|
||||
|
||||
## Configuration Time
|
||||
|
||||
You can find Apache's configuration files in the following location: /etc/apache2/sites-available.
|
||||
|
||||
The 000-default.conf file should look a little something like this:
|
||||
|
||||
```
|
||||
ServerAdmin webmaster@localhost
|
||||
<VirtualHost *:80>
|
||||
# The ServerName directive sets the request scheme, hostname and port that
|
||||
# the server uses to identify itself. This is used when creating
|
||||
# redirection URLs. In the context of virtual hosts, the ServerName
|
||||
# specifies what hostname must appear in the request's Host: header to
|
||||
# match this virtual host. For the default virtual host (this file) this
|
||||
# value is not decisive as it is used as a last resort host regardless.
|
||||
# However, you must set it for any further virtual host explicitly.
|
||||
# ServerName example.org
|
||||
|
||||
ServerAdmin webmaster@localhost
|
||||
DocumentRoot /var/www/html
|
||||
|
||||
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
|
||||
# error, crit, alert, emerg.
|
||||
# It is also possible to configure the loglevel for particular
|
||||
# modules, e.g.
|
||||
#LogLevel info ssl:warn
|
||||
|
||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||
|
||||
# For most configuration files from conf-available/, which are
|
||||
# enabled or disabled at a global level, it is possible to
|
||||
# include a line for only one particular virtual host. For example the
|
||||
# following line enables the CGI configuration for this host only
|
||||
# after it has been globally disabled with "a2disconf".
|
||||
#Include conf-available/serve-cgi-bin.conf
|
||||
</VirtualHost>
|
||||
```
|
||||
For ease of use, and in case you would like to have several websites/services running behind a single server, copy this file into another, easily identifiable one, for example, calling it something like "mydomain.conf".
|
||||
|
||||
```bash
|
||||
$ sudo cp 000-default.conf mydomain.conf
|
||||
```
|
||||
Using your favourite text editor, uncomment the ServerName line and change it to reflect your domain name:
|
||||
|
||||
```
|
||||
ServerAdmin webmaster@localhost
|
||||
<VirtualHost *:80>
|
||||
# The ServerName directive sets the request scheme, hostname and port that
|
||||
# the server uses to identify itself. This is used when creating
|
||||
# redirection URLs. In the context of virtual hosts, the ServerName
|
||||
# specifies what hostname must appear in the request's Host: header to
|
||||
# match this virtual host. For the default virtual host (this file) this
|
||||
# value is not decisive as it is used as a last resort host regardless.
|
||||
# However, you must set it for any further virtual host explicitly.
|
||||
ServerName mydomain.org
|
||||
|
||||
ServerAdmin webmaster@localhost
|
||||
DocumentRoot /var/www/html
|
||||
|
||||
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
|
||||
# error, crit, alert, emerg.
|
||||
# It is also possible to configure the loglevel for particular
|
||||
# modules, e.g.
|
||||
#LogLevel info ssl:warn
|
||||
|
||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||
|
||||
# For most configuration files from conf-available/, which are
|
||||
# enabled or disabled at a global level, it is possible to
|
||||
# include a line for only one particular virtual host. For example the
|
||||
# following line enables the CGI configuration for this host only
|
||||
# after it has been globally disabled with "a2disconf".
|
||||
#Include conf-available/serve-cgi-bin.conf
|
||||
</VirtualHost>
|
||||
```
|
||||
Enable this configuration by running:
|
||||
|
||||
```bash
|
||||
$ sudo a2ensite mydomain.org
|
||||
```
|
||||
|
||||
## HTTPS
|
||||
|
||||
## Configuration Time
|
||||
HTTPS, which stands for *hypertext transfer protocol secure*, is an extension of the HTTP protocol. As its name suggests, it adds a layer of security to the data exchanged between client and server. By adding an encryption layer to the exchanged packets, it seeks to avoid man-in-the-middle attacks, eavesdropping, etc.
|
||||
|
||||
As part of its bigger goal to "encrypt the entire Internet", the [Electronic Frontier Foundation](https://certbot.eff.org/about/) developed Certbot, a free and open source tool for automating the server-side deployment of [Let's Encrypt Certificates](https://letsencrypt.org/), thus enabling HTTPS.
|
||||
|
||||
Let's get down to it! Again, these instructions are specific to Debian 9 (Stretch), but detailed instructions for installation on other distros can be found on [Certbot's website](https://certbot.eff.org/instructions)
|
||||
|
||||
First, add backports to your packages list and update it:
|
||||
|
||||
```bash
|
||||
$ echo deb http://deb.debian.org/debian stretch-backports main | sudo tee -a /etc/apt/sources.list && sudo apt update
|
||||
```
|
||||
|
||||
Now, install Certbot:
|
||||
|
||||
```bash
|
||||
$ sudo apt install certbot python-certbot-apache -t stretch-backports
|
||||
```
|
||||
Run Certbot to get the right certificates for your domain:
|
||||
|
||||
```bash
|
||||
$ sudo certbot certonly -d myserver.org
|
||||
```
|
||||
|
||||
|
||||
## index.html
|
||||
|
Loading…
Reference in New Issue
Block a user