Creating several friendica instances as domains and/or subdomains on one VPS with one IP
v.01
@Tutorial
Hi there @Friendica Developers and @Friendica Admins.
The plan is to change this single domain ubunu 2022.04lts VPS hosting into a single IP multi domain VPS server. For that purpose some apache VPS server tutorials were checked out and the specific steps were singled out to achieve that goal.
A main question hasn't been solved to define the naming of the folder structure and .conf files themself:
- Can the domain name in VPS folder structure be:
/var/www/domaincom/
or does it have to be/var/www/domain.com/
Are both options possible or does the system, for a correct working environment, need the dot in the folder structure?
Are there any general discussions in the #apache #server environment that might lead to some standard in this regard in the future that makes it reasonable to consider one of the two above cited options as more logical to go for from the very beginning?
In the case of very long domain or subdomain names, isn't it more reasonable to choose the option without the real domain name including the dot?
Example:
https: //1dhfsbbdpv4wshuh7nymcfy66t5reqqkfvy9.domain.org/
Depending on the chosen naming syntax this would lead to the following folder structure options:/var/www/1dhfsbbdpv4wshuh7nymcfy66t5reqqkfvy9.domain.org/
vs/var/www/1d_domainorg/
Does the naming of the .conf
file in /etc/apache2/sites-available/
refer to the actual domain name or to the folder name used in /var/www/
?
In the first answer to this topic we'll address the question about:
- How to solve best a step by step change to migrate from a single VPS #hosting environment where one domain is served by one IP at:
/var/www/html/
to a multi domain VPS hosting were several domains are served by one IP on one #debian #ubuntu [2022.04lts] #VPS, leaving /html in place if a client request doesn’t match any other sites, like proposed in this digitalOcean tutorial:/var/www/html/
as fall back option/var/www/domaincom/index.html
/var/www/subdomaindomaincom/index.html
/var/www/domainorg/index.html
/var/www/subdomaindomainorg/index.html
Any comments hints and observations are really appreciated!
#admin #fediAdmin
Lo, thar be cookies on this site to keep track of your login. By clicking 'okay', you are CONSENTING to this.
TupambAdminOrg [2024.03]
in reply to TupambAdminOrg [2024.03] • • •v.01
Step one
Create a new directory for the existing working domain in
/var/www/
:rootname@VPShosting:~#
mkdir /var/www/domainorg/
Create a copy of the working installation from
/var/www/html/
in the new/var/www/domainorg/
directory:rootname@VPShosting:~#
cp -R /var/www/html/ /var/www/domainorg/
Check ownership of /domainorg/ itself and folders in /domainorg/
rootname@VPShosting:~#
ls -l /var/www/
rootname@VPShosting:~#
ls -l /var/www/domainorg/
Create a domain registry file on the VPS server in
... show more/etc/apache2/sites-available/
for the domain:rootname@VPShosting:~#
nano /etc/apache2/sites-available/domainorg.conf
¡ OR ?
rootname@VPShosting:~# ¡
v.01
Step one
Create a new directory for the existing working domain in
/var/www/
:rootname@VPShosting:~#
mkdir /var/www/domainorg/
Create a copy of the working installation from
/var/www/html/
in the new/var/www/domainorg/
directory:rootname@VPShosting:~#
cp -R /var/www/html/ /var/www/domainorg/
Check ownership of /domainorg/ itself and folders in /domainorg/
rootname@VPShosting:~#
ls -l /var/www/
rootname@VPShosting:~#
ls -l /var/www/domainorg/
Create a domain registry file on the VPS server in
/etc/apache2/sites-available/
for the domain:rootname@VPShosting:~#
nano /etc/apache2/sites-available/domainorg.conf
¡ OR ?
rootname@VPShosting:~# ¡
nano /etc/apache2/sites-available/domain.org.conf
?Create the following content in that domain.org.conf file and safe it:
Check domain IP redirect settings by the domain registry!
Restart the Apache webserver to apply the configuration changes:
rootname@VPShosting:~#
systemctl restart apache2
If the changes created were correct, the domain will start running from within the newly created directory tree. To check that this is true you can create a test index.html for that purpose while renaming the actual index.html to index_old.html in the old folder tree. If your site is still up and running after the following changes and not displaying the newly created test index.html, that means that it is served by the new folder structure.
Rename the existing index.html:
rootname@VPShosting:~#
mv /var/www/html/index.html /var/www/html/index_old.html
Create a index.html test file for testing of the applied changes:
rootname@VPShosting:~#
nano /var/www/html/index.html
Copy the following content into it and save it:
Step two
Create a subdomain test site:
rootname@VPShosting:~#
mkdir /var/www/castdomainorg/
Create a index.html file to test the new subdomain.
rootname@VPShosting:~#
nano /var/www/html/castdomainorg/index.html
Create ownership for the user
www-data
for files and folders in/castdomainorg/
rootname@VPShosting:~#
chown -R www-data:www-data /var/www/castdomainorg/
Create a domain registry file on the VPS server in
/etc/apache2/sites-available/
for the subdomain:rootname@VPShosting:~#
nano /etc/apache2/sites-available/castdomainorg.conf
¡ OR ?
¡ rootname@VPShosting:~#
nano /etc/apache2/sites-available/cast.domain.org.conf
?Create the following content in that cast.domain.org.conf file and safe it:
Restart the Apache webserver to apply the configuration changes:
rootname@VPShosting:~#
systemctl restart apache2
Set the subdomain IP redirect settings at the domain registry to the single VPS IP.
Depending on specific settings of the IP update routine, these changes can take up to a day to take effect and your subdomain index.html file should show up.
Once you are sure that everything worked out as intended you can delete the old
/var/www/html/
files and folders and leave only the fall back index file in place. To do so you might first change the folder name, than recreate the folder, move the index.html fall back file to the new empty /html/ folder and than delete the old folder tree and it's content:rootname@VPShosting:~#
mv /var/www/html/ /var/www/html_old/
rootname@VPShosting:~#
make /var/www/html/
rootname@VPShosting:~#
mv /var/www/html_old/index.html /var/www/html/index.html
rootname@VPShosting:~#
rm -r /var/www/html_old/
TupambAdminOrg [2024.03]
in reply to TupambAdminOrg [2024.03] • • •Create a [sub]domain
Create the inicial folder to host the content:
rootname@VPShosting:~#
mkdir /var/www/subdomainorg/
Create a index.html file to test the new subdomain:
rootname@VPShosting:~#
nano /var/www/html/subdomainorg/index.html
content of index.html
Create ownership for the user www-data of the files and folders in /subdomainorg/:
rootname@VPShosting:~#
chown -R www-data:www-data /var/www/subdomainorg/
Change ownership of the folder /subdomainorg/ itself to the user root:
rootname@VPShosting:~#
chown root:root /var/www/subdomainorg
Create a domain registry file on the VPS server in /etc/apache2/sites-available/ for the subd
... show moreCreate a [sub]domain
Create the inicial folder to host the content:
rootname@VPShosting:~#
mkdir /var/www/subdomainorg/
Create a index.html file to test the new subdomain:
rootname@VPShosting:~#
nano /var/www/html/subdomainorg/index.html
content of index.html
Create ownership for the user www-data of the files and folders in /subdomainorg/:
rootname@VPShosting:~#
chown -R www-data:www-data /var/www/subdomainorg/
Change ownership of the folder /subdomainorg/ itself to the user root:
rootname@VPShosting:~#
chown root:root /var/www/subdomainorg
Create a domain registry file on the VPS server in /etc/apache2/sites-available/ for the subdomain:
rootname@VPShosting:~#
nano /etc/apache2/sites-available/sub.domain.org.conf
content of sub.domain.org.conf
Register the new [sub]domain on the VPS server and restart the Apache webserver to apply the configuration changes:
rootname@VPShosting:~#
a2ensite sub.domain.org
rootname@VPShosting:~#
systemctl restart apache2
Register the subdomain IP with the domain registry provider using the VPS IP.
Depending on specific settings of the IP update routine, these changes can take up to a day to take effect and your subdomain index.html file should show up as expected.
TupambAdminOrg [2024.03]
in reply to TupambAdminOrg [2024.03] • • •Once the subdomain appears in your browser as a http site, you can proceed to create a let's encrypt SSL certificate for the domain.
As this is just creating a new certificate on an already existing let's encrypt registered certbot environment, this is quite fast and straight forward. The cert builds on the information created by the previous step of creating a sub.domain.org.conf file in /etc/apache2/sites-available/ and will create a new .conf file named:
sub.domain.org-le-ssl.conf
rootname@VPShosting:~$
sudo certbot --apache
print of the certbot routine
root@VPShosting:~# sudo certbot --apacheSaving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: domain.org
2: sub.domain.org
- - - - - - - - - - - - - - - - - - - - - -
Once the subdomain appears in your browser as a http site, you can proceed to create a let's encrypt SSL certificate for the domain.
As this is just creating a new certificate on an already existing let's encrypt registered certbot environment, this is quite fast and straight forward. The cert builds on the information created by the previous step of creating a sub.domain.org.conf file in /etc/apache2/sites-available/ and will create a new .conf file named:
sub.domain.org-le-ssl.conf
rootname@VPShosting:~$
sudo certbot --apache
print of the certbot routine
root@VPShosting:~# sudo certbot --apacheSaving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: domain.org
2: sub.domain.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 2
Requesting a certificate for sub.domain.org
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/sub.domain.org/fullchain.pem
Key is saved at: /etc/letsencrypt/live/sub.domain.org/privkey.pem
This certificate expires on 2025-05-25.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for sub.domain.org to /etc/apache2/sites-available/sub.domain.org-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://sub.domain.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Successfully deployed certificate for sub.domain.org to /etc/apache2/sites-available/sub.domain.org-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on
https://sub.domain.org
Ⓜ3️⃣3️⃣ 🌌
in reply to TupambAdminOrg [2024.03] • • •TL;DR 😉
At some point you will eventually write automatization scripts, so you may want to keep that consistent and use FQDN as part of the path, so dots.
utopiArte
in reply to Ⓜ3️⃣3️⃣ 🌌 • • •FQDN = Fully Qualified Domain Name
> so you may want to keep that consistent
I guess that means means for internal coherence and understanding of eventual scripts (?).
At the same time I guess your answer means that there is no problem by the simplified syntax choosen for the folder name.
WHat about the
.conf
name, is that nameing related to the URL domain name or does the sistem read the content of the .conf file and the naming is irrelevant for the funcioning?> TL;DR 😉
I know, that's in part why it's called v.01. This is completely new for my mind so it has to "write it out loud extensively" to create understanding for itself. The idea is to shred it down later on into simple copy/paste instructions, internalizing the content by doing so.
👍
utopiArte
in reply to utopiArte • • •Actually the following howTo doesn't really clarify the question about the
.conf
name, as the place holderyour_domain
is used two times, in the.conf
name and inside the file itself. Anyway doesn't look like the.conf
name has to be the domain name but that it's more than reasonable to use it anyway.utopiArte
in reply to utopiArte • • •v.02
Create a new directory
for the existing working domain in/var/www/
:rootname@VPShosting:~#
mkdir /var/www/domainorg/
Create a copy of the working installation
from/var/www/html/
in the new/var/www/domainorg/
directory. Check ownership of /domainorg/ itself and folders in /domainorg/:rootname@VPShosting:~#
cp -R /var/www/html/ /var/www/domainorg/
rootname@VPShosting:~#
ls -l /var/www/
rootname@VPShosting:~#
ls -l /var/www/domainorg/
Create a domain registry
file on the VPS server in/etc/apache2/sites-available/
for the domain. Create the following content in that domain.org.conf file:rootname@VPShosting:~#
... show morenano /etc/apache2/sites-available/domain.org.conf
v.02
Create a new directory
for the existing working domain in/var/www/
:rootname@VPShosting:~#
mkdir /var/www/domainorg/
Create a copy of the working installation
from/var/www/html/
in the new/var/www/domainorg/
directory. Check ownership of /domainorg/ itself and folders in /domainorg/:rootname@VPShosting:~#
cp -R /var/www/html/ /var/www/domainorg/
rootname@VPShosting:~#
ls -l /var/www/
rootname@VPShosting:~#
ls -l /var/www/domainorg/
Create a domain registry
file on the VPS server in/etc/apache2/sites-available/
for the domain. Create the following content in that domain.org.conf file:rootname@VPShosting:~#
nano /etc/apache2/sites-available/domain.org.conf
Check domain IP redirect settings by the domain registry!
register and restart
the Apache webserver to apply the configuration changes:rootname@VPShosting:~#
sudo a2ensite domain.org.
rootname@VPShosting:~#
systemctl restart apache2
test changes
If the changes created were correct, the domain will start running from within the newly created directory tree. To check that this is true you can create a test index.html for that purpose while renaming the actual index.html to index_old.html in the old folder tree. If your site is still up and running after the following changes and not displaying the newly created test index.html, that means that it is served by the new folder structure. Rename the existing index.html:rootname@VPShosting:~#
mv /var/www/html/index.html /var/www/html/index_old.html
rootname@VPShosting:~#
nano /var/www/html/index.html
Create a subdomain
test site. Create a index.html file to test the new subdomain. Create ownership for the userwww-data
for files and folders in/castdomainorg/
rootname@VPShosting:~#
mkdir /var/www/castdomainorg/
rootname@VPShosting:~#
nano /var/www/html/castdomainorg/index.html
rootname@VPShosting:~#
chown -R www-data:www-data /var/www/castdomainorg/
Create a domain registry
file on the VPS server in/etc/apache2/sites-available/
for the subdomain. Create the following content in that cast.domain.org.conf file:rootname@VPShosting:~#
nano /etc/apache2/sites-available/cast.domain.org.conf
Restart the Apache webserver
to apply the configuration changes:rootname@VPShosting:~#
sudo a2ensite cast.domain.org.
rootname@VPShosting:~#
systemctl restart apache2
Set the subdomain IP redirect settings at the domain registry to the single VPS IP.
Depending on specific settings of the IP update routine, these changes can take up to a day to take effect and your subdomain index.html file should show up.
clean the server form backups
Once you are sure that everything worked out as intended you can delete the old/var/www/html/
files and folders and leave only the fall back index file in place. To do so you might first change the folder name, than recreate the folder, move the index.html fall back file to the new empty /html/ folder and than delete the old folder tree and it's content:rootname@VPShosting:~#
mv /var/www/html/ /var/www/html_old/
rootname@VPShosting:~#
make /var/www/html/
rootname@VPShosting:~#
mv /var/www/html_old/index.html /var/www/html/index.html
rootname@VPShosting:~#
rm -r /var/www/html_old/
TupambAdminOrg [2024.03]
in reply to utopiArte • • •let's try this description.
utopiArte
in reply to TupambAdminOrg [2024.03] • • •cp -R /var/www/html/ /var/www/domainorg/rootname@VPShosting:~#
cp -R /var/www/html /var/www/domainorg
All subfolders and files are owned by root, so their ownership has to be changed to www-data:
rootname@VPShosting:~#
chown -R www-data:www-data /var/www/domainorg/
rootname@VPShosting:~#
chown root:root /var/www/domainorg
utopiArte
in reply to utopiArte • • •Check specific settings changed for the single domain setup and how to define/transport those for the specific domain:
https://tupambae.org/display/0ac89072-2065-5da3-1ad7-ba3116437727
Where is the php version used for the specific domain defined?
Is it possible to define the use of different PHP versions for different domains and if so how?
utopiArte
in reply to utopiArte • • •Allow overrides so dynamic pages can built correctly
This was the original setting as a single domain server:
rootname@VPShosting:/var/www/html#
sudo nano /etc/apache2/sites-available/000-default-le-ssl.conf
search for the line:
ctrl+W -> DocumentRoot /var/www/html
add the code snippet:
Main question and most likely correct is now if it's possible to add this command to the domain.org
.conf
file:rootname@VPShosting:~#
nano /etc/apache2/sites-available/domain.org.conf
utopiArte
in reply to TupambAdminOrg [2024.03] • • •Something isn't working out as expected.
The registry of the subdomain example apparently worked out fine.
The change of the orginal main domain VPShosting setup to work from the new folder
/var/www/domainorg/
doesn't work as of now.Ckecked and read all the files in
Instead of/etc/apache2/sites-available/
For now what looks like differences at first sight is in
000-default-le-ssl.conf
:tupambae.org.conf
Also there are the SSL cert registry lines in
... show more000-default-le-ssl.conf
that most likely have to be added todomain.org.conf
Something isn't working out as expected.
The registry of the subdomain example apparently worked out fine.
The change of the orginal main domain VPShosting setup to work from the new folder
/var/www/domainorg/
doesn't work as of now.Ckecked and read all the files in
Instead of/etc/apache2/sites-available/
For now what looks like differences at first sight is in
000-default-le-ssl.conf
:tupambae.org.conf
Also there are the SSL cert registry lines in
000-default-le-ssl.conf
that most likely have to be added todomain.org.conf
The command used to deactivate the original setup was:
a2dissite 000-default
The original site setup contained three
.conf
files in/etc/apache2/sites-available/
:Besides general SSL cert indications the .conf file contains the following lines in the beginning that look like they do matter:
000-default-le-ssl.conf
000-default.conf
(already deactivated by
a2dissite 000-default
)default-ssl.conf
utopiArte
in reply to utopiArte • • •<VirtualHost _default_:80>
<VirtualHost _default_:443>
Looks like the conflict as of now is around the SSL settings and port 443.
... show moreApparently it's the one reserved and dedicated for SSL connections and the respective settings and configuration.
<VirtualHost _default_:80>
<VirtualHost _default_:443>
Looks like the conflict as of now is around the SSL settings and port 443.
Apparently it's the one reserved and dedicated for SSL connections and the respective settings and configuration.
The revision of:
nano /etc/apache2/apache2.conf
didn't result in mayor relevant settings or settings that had been modified.
It basically add's
/etc/apache2/conf-enabled
and/etc/apache2/sites-enabled
as sources for the effective active configuration in place.Looks like averything boils down to
000-default-le-ssl.conf
which was (probably) created when installing certbot let's encrypt SSL in the inicial LAMP instalation.Also in the orginal installation of this server 000-default-le-ssl.conf was mentioned and modified.
It all looks like the content of
000-default-le-ssl.conf
should be basically ported entirely to the filedomain.org.conf
changing the port of that file to 443 and to than decativate000-default-le-ssl.conf
by executing:a2dissite 000-default-le-ssl.conf
A last question that comes up now is with respect to SSL connections for subdomains of domain.org. If those are already included in the issued let's encrypt SSL certificate or if there have to be made changes to that inicial cert instalation.
Also there will have to be a new SSL cert for eventuell new domain.com sites installed on this VPShosting server.
utopiArte
in reply to utopiArte • • •Solved as follows:
The SSL let's encrypt cert is created out of the http file of the given domain or subdomain:
/etc/apache2/sites-available/domain.org.conf
standard domain.org.conf
The SSL domain reference file created from the http filename get's added by default
-le-ssl
to the existing domain.org.conf name. The port for SSL connections is 443 while the standard http connection is over port 80.domain.org-le-ssl.conf
This is the content of the fileSolved as follows:
The SSL let's encrypt cert is created out of the http file of the given domain or subdomain:
/etc/apache2/sites-available/domain.org.conf
standard domain.org.conf
The SSL domain reference file created from the http filename get's added by default
-le-ssl
to the existing domain.org.conf name. The port for SSL connections is 443 while the standard http connection is over port 80.domain.org-le-ssl.conf
This is the content of the file created for a multi domain VPS server. This contenet matches the content that was in the original 000-default-le-ssl.conf file of the single domain VPS setup, created by the certbot routine. The SSL certificate is supposed to be updated automatically every year. For now it is not clear if the changes made will be affected negatively by that automatic SSL cert update.activating and deactivating .conf fles
To make the changes come into effect the new conf file has to be activated, the old one that shouldn't apply anymore should be deactivated and the apache server itself has to be reloaded or to be restarted:rootname@VPShosting:~#
a2ensite domain.org
rootname@VPShosting:~#
a2ensite domain.org-le-ssl.conf
rootname@VPShosting:~#
a2dissite 000-default.conf
rootname@VPShosting:~#
a2dissite 000-default-le-ssl.conf
rootname@VPShosting:~#
systemctl restart apache2
Reloading the site took a while longer than nomal, indicating that new background tasks where happening.
testing the new folder structure
and if site configuration was actually in place.Renaming the index file of the old /html folder.
Reloading the site did still work so the old /html folder structure wasn't active anymore.
Renaming the entire old /html folder structure taking it out of access completely.
Creating a new /html folder.
Creating a new html. index file in /var/www/html.
rootname@VPShosting:~#
mv /var/www/html/index.php /var/www/html/index_old.php
rootname@VPShosting:~#
mv /var/www/html/ /var/www/html_old/
rootname@VPShosting:~#
mkdir /var/www/html/
rootname@VPShosting:~#
nano /var/www/html/index.html
Next steps:
Installing a SSL cert for subdomain.org.
Installing a subdomain test site.
Installing a new friendica domain.com site from scratch.