super precarious and confused draft

5 years ago · 7d9d1af716
1 changed files with 109 additions and 4 deletions
--- a/content/fundamentals/webserver.md
+++ b/content/fundamentals/webserver.md
@ -23,6 +23,7 @@ The instructions on this guide were run on a Debian Stretch distribution.
 - A spare computer.
 - A basic understanding of the command line.
 - An [ssh server and client](ssh.html) installed
+- A registered domain name
 - Have an available power socket next to your router.
 - An ethernet cable to connect your server to the router.

@ -37,10 +38,10 @@ If you want to geek out further about the differences between Apache and Nginx,

 So, without further ado, open a terminal window and let's get started:

-First, make sure you have the newest package versions by updating your package lists and then upgrading these packages:
+First, make sure you update your packages list:

 ```bash
-$ sudo apt update && upgrade
+$ sudo apt update
 ```
 Then, install the Apache HTTP server software:

@ -55,7 +56,7 @@ $ sudo systemctl status apache2
 ```

 Example output:
-```bash
+```
 ● apache2.service - The Apache HTTP Server
   Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:
   Active: active (running) since Sat 2019-06-22 21:29:51 UTC; 6s ago
@ -73,9 +74,113 @@ Jun 22 21:29:50 supermuch systemd[1]: Starting The Apache HTTP Server...
 Jun 22 21:29:51 supermuch systemd[1]: Started The Apache HTTP Server.
 ```

+## Configuration Time
+
+You can find Apache's configuration files in the following location: /etc/apache2/sites-available.
+
+The 000-default.conf file should look a little something like this:
+
+```
+ServerAdmin webmaster@localhost
+<VirtualHost *:80>
+        # The ServerName directive sets the request scheme, hostname and port that
+        # the server uses to identify itself. This is used when creating
+        # redirection URLs. In the context of virtual hosts, the ServerName
+        # specifies what hostname must appear in the request's Host: header to
+        # match this virtual host. For the default virtual host (this file) this
+        # value is not decisive as it is used as a last resort host regardless.
+        # However, you must set it for any further virtual host explicitly.
+        # ServerName example.org
+
+        ServerAdmin webmaster@localhost
+        DocumentRoot /var/www/html
+
+        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+        # error, crit, alert, emerg.
+        # It is also possible to configure the loglevel for particular
+        # modules, e.g.
+        #LogLevel info ssl:warn
+
+        ErrorLog ${APACHE_LOG_DIR}/error.log
+        CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+        # For most configuration files from conf-available/, which are
+        # enabled or disabled at a global level, it is possible to
+        # include a line for only one particular virtual host. For example the
+        # following line enables the CGI configuration for this host only
+        # after it has been globally disabled with "a2disconf".
+        #Include conf-available/serve-cgi-bin.conf
+</VirtualHost>
+```
+For ease of use, and in case you would like to have several websites/services running behind a single server, copy this file into another, easily identifiable one, for example, calling it something like "mydomain.conf".
+
+```bash
+$ sudo cp 000-default.conf mydomain.conf
+```
+Using your favourite text editor, uncomment the ServerName line and change it to reflect your domain name:
+
+```
+ServerAdmin webmaster@localhost
+<VirtualHost *:80>
+        # The ServerName directive sets the request scheme, hostname and port that
+        # the server uses to identify itself. This is used when creating
+        # redirection URLs. In the context of virtual hosts, the ServerName
+        # specifies what hostname must appear in the request's Host: header to
+        # match this virtual host. For the default virtual host (this file) this
+        # value is not decisive as it is used as a last resort host regardless.
+        # However, you must set it for any further virtual host explicitly.
+        ServerName mydomain.org
+
+        ServerAdmin webmaster@localhost
+        DocumentRoot /var/www/html
+
+        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
+        # error, crit, alert, emerg.
+        # It is also possible to configure the loglevel for particular
+        # modules, e.g.
+        #LogLevel info ssl:warn
+
+        ErrorLog ${APACHE_LOG_DIR}/error.log
+        CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+        # For most configuration files from conf-available/, which are
+        # enabled or disabled at a global level, it is possible to
+        # include a line for only one particular virtual host. For example the
+        # following line enables the CGI configuration for this host only
+        # after it has been globally disabled with "a2disconf".
+        #Include conf-available/serve-cgi-bin.conf
+</VirtualHost>
+```
+Enable this configuration by running:
+
+```bash
+$ sudo a2ensite mydomain.org
+```

 ## HTTPS

-## Configuration Time
+HTTPS, which stands for *hypertext transfer protocol secure*, is an extension of the HTTP protocol. As its name suggests, it adds a layer of security to the data exchanged between client and server. By adding an encryption layer to the exchanged packets, it seeks to avoid man-in-the-middle attacks, eavesdropping, etc.
+
+As part of its bigger goal to "encrypt the entire Internet", the [Electronic Frontier Foundation](https://certbot.eff.org/about/) developed Certbot, a free and open source tool for automating the server-side deployment of [Let's Encrypt Certificates](https://letsencrypt.org/), thus enabling HTTPS.
+
+Let's get down to it! Again, these instructions are specific to Debian 9 (Stretch), but detailed instructions for installation on other distros can be found on [Certbot's website](https://certbot.eff.org/instructions)
+
+First, add backports to your packages list and update it:
+
+```bash
+$ echo deb http://deb.debian.org/debian stretch-backports main | sudo tee -a /etc/apt/sources.list && sudo apt update
+```
+
+Now, install Certbot:
+
+```bash
+$ sudo apt install certbot python-certbot-apache -t stretch-backports
+```
+Run Certbot to get the right certificates for your domain:
+
+```bash
+$ sudo certbot certonly -d myserver.org
+```
+

 ## index.html