Creating several friendica instances as domains and/or subdomains on one VPS with one IP

TupambAdminOrg [2024.03]

2 weeks ago • •

TupambAdminOrg [2024.03]
2 weeks ago • •

Creating several friendica instances as domains and/or subdomains on one VPS with one IP

Hi there @Friendica Developers and @Friendica Admins.

The plan is to change this single domain ubunu 2022.04lts VPS hosting into a single IP multi domain VPS server. For that purpose some apache VPS server tutorials were checked out and the specific steps were singled out to achieve that goal.

A main question hasn't been solved to define the naming of the folder structure and .conf files themself:

Can the domain name in VPS folder structure be:
/var/www/domaincom/
or does it have to be
/var/www/domain.com/

Are both

v.01
@Tutorial

Hi there @Friendica Developers and @Friendica Admins.

A main question hasn't been solved to define the naming of the folder structure and .conf files themself:

Can the domain name in VPS folder structure be:
/var/www/domaincom/
or does it have to be
/var/www/domain.com/

Are both options possible or does the system, for a correct working environment, need the dot in the folder structure?

Are there any general discussions in the #apache #server environment that might lead to some standard in this regard in the future that makes it reasonable to consider one of the two above cited options as more logical to go for from the very beginning?

In the case of very long domain or subdomain names, isn't it more reasonable to choose the option without the real domain name including the dot?
Example:
https: //1dhfsbbdpv4wshuh7nymcfy66t5reqqkfvy9.domain.org/

Depending on the chosen naming syntax this would lead to the following folder structure options:
/var/www/1dhfsbbdpv4wshuh7nymcfy66t5reqqkfvy9.domain.org/
vs
/var/www/1d_domainorg/

Does the naming of the .conf file in /etc/apache2/sites-available/ refer to the actual domain name or to the folder name used in /var/www/?

In the first answer to this topic we'll address the question about:

How to solve best a step by step change to migrate from a single VPS #hosting environment where one domain is served by one IP at:
/var/www/html/
to a multi domain VPS hosting were several domains are served by one IP on one #debian #ubuntu [2022.04lts] #VPS, leaving /html in place if a client request doesn’t match any other sites, like proposed in this digitalOcean tutorial:
/var/www/html/ as fall back option
/var/www/domaincom/index.html
/var/www/subdomaindomaincom/index.html
/var/www/domainorg/index.html
/var/www/subdomaindomainorg/index.html

Any comments hints and observations are really appreciated!
#admin #fediAdmin

in reply to TupambAdminOrg [2024.03]

TupambAdminOrg [2024.03]

in reply to TupambAdminOrg [2024.03] • 2 weeks ago • •

v.01

How to solve best a step by step change to migrate from a working single VPS #hosting environment to a multi domain VPS hosting:

Step one

Create a new directory for the existing working domain in /var/www/:
rootname@VPShosting:~# mkdir /var/www/domainorg/

Create a copy of the working installation from /var/www/html/ in the new /var/www/domainorg/ directory:
rootname@VPShosting:~# cp -R /var/www/html/ /var/www/domainorg/

Check ownership of /domainorg/ itself and folders in /domainorg/
rootname@VPShosting:~# ls -l /var/www/
rootname@VPShosting:~# ls -l /var/www/domainorg/

Create a domain registry file on the VPS server in /etc/apache2/sites-available/ for the domain:
rootname@VPShosting:~# nano /etc/apache2/sites-available/domainorg.conf
¡ OR ?
rootname@VPShosting:~# ¡

v.01

How to solve best a step by step change to migrate from a working single VPS #hosting environment to a multi domain VPS hosting:

Step one

Create a new directory for the existing working domain in /var/www/:
rootname@VPShosting:~# mkdir /var/www/domainorg/

Create a copy of the working installation from /var/www/html/ in the new /var/www/domainorg/ directory:
rootname@VPShosting:~# cp -R /var/www/html/ /var/www/domainorg/

Check ownership of /domainorg/ itself and folders in /domainorg/
rootname@VPShosting:~# ls -l /var/www/
rootname@VPShosting:~# ls -l /var/www/domainorg/

Create the following content in that domain.org.conf file and safe it:

<VirtualHost *:80>
ServerAdmin badmin@domain.org
ServerName domain.org
DocumentRoot /var/www/domainorg
DirectoryIndex index.html
ErrorLog ${APACHE_LOG_DIR}/domainorg_error.log
CustomLog ${APACHE_LOG_DIR}/domainorg_access.log combined
</VirtualHost>

Check domain IP redirect settings by the domain registry!

Restart the Apache webserver to apply the configuration changes:
rootname@VPShosting:~# systemctl restart apache2

If the changes created were correct, the domain will start running from within the newly created directory tree. To check that this is true you can create a test index.html for that purpose while renaming the actual index.html to index_old.html in the old folder tree. If your site is still up and running after the following changes and not displaying the newly created test index.html, that means that it is served by the new folder structure.

Rename the existing index.html:
rootname@VPShosting:~# mv /var/www/html/index.html /var/www/html/index_old.html

Create a index.html test file for testing of the applied changes:
rootname@VPShosting:~# nano /var/www/html/index.html

Copy the following content into it and save it:

<html>
<title>name-based virtual hosting setup</title>
<h1>Welcome to the /html/ index.html fall back file.</h1>
<p>This is a test file for a name-based virtual hosting setup</p>
</html>

Step two
Create a subdomain test site:
rootname@VPShosting:~# mkdir /var/www/castdomainorg/

Create a index.html file to test the new subdomain.
rootname@VPShosting:~# nano /var/www/html/castdomainorg/index.html

<html>
<title>castdomainorg</title>
<h1>Welcome to cast.domain.org Website</h1>
<p>This is the first test subdomain site hosted with name-based virtual hosting</p>
</html>

Create ownership for the user www-datafor files and folders in /castdomainorg/
rootname@VPShosting:~# chown -R www-data:www-data /var/www/castdomainorg/

Create a domain registry file on the VPS server in /etc/apache2/sites-available/ for the subdomain:
rootname@VPShosting:~# nano /etc/apache2/sites-available/castdomainorg.conf
¡ OR ?
¡ rootname@VPShosting:~# nano /etc/apache2/sites-available/cast.domain.org.conf ?

Create the following content in that cast.domain.org.conf file and safe it:

<VirtualHost *:80>
ServerAdmin badmin@cast.domain.org
ServerName cast.domain.org
DocumentRoot /var/www/castdomainorg
DirectoryIndex index.html
ErrorLog ${APACHE_LOG_DIR}/castdomainorg_error.log
CustomLog ${APACHE_LOG_DIR}/castdomainorg_access.log combined
</VirtualHost>

Restart the Apache webserver to apply the configuration changes:
rootname@VPShosting:~# systemctl restart apache2

Set the subdomain IP redirect settings at the domain registry to the single VPS IP.
Depending on specific settings of the IP update routine, these changes can take up to a day to take effect and your subdomain index.html file should show up.

Once you are sure that everything worked out as intended you can delete the old /var/www/html/ files and folders and leave only the fall back index file in place. To do so you might first change the folder name, than recreate the folder, move the index.html fall back file to the new empty /html/ folder and than delete the old folder tree and it's content:
rootname@VPShosting:~# mv /var/www/html/ /var/www/html_old/
rootname@VPShosting:~# make /var/www/html/
rootname@VPShosting:~# mv /var/www/html_old/index.html /var/www/html/index.html
rootname@VPShosting:~# rm -r /var/www/html_old/

#hosting

in reply to TupambAdminOrg [2024.03]

TupambAdminOrg [2024.03]

in reply to TupambAdminOrg [2024.03] • 2 weeks ago (Received 1 week ago) • •

Create a [sub]domain

Create the inicial folder to host the content:
rootname@VPShosting:~# mkdir /var/www/subdomainorg/

Create a index.html file to test the new subdomain:
rootname@VPShosting:~# nano /var/www/html/subdomainorg/index.html

content of index.html

<html>
<title>subdomainorg</title>
<h1>Welcome to sub.domain.org Website</h1>
<p>This is the first test subdomain site hosted with name-based virtual hosting</p>
</html>

Create ownership for the user www-data of the files and folders in /subdomainorg/:
rootname@VPShosting:~# chown -R www-data:www-data /var/www/subdomainorg/

Change ownership of the folder /subdomainorg/ itself to the user root:
rootname@VPShosting:~# chown root:root /var/www/subdomainorg

Create a domain registry file on the VPS server in /etc/apache2/sites-available/ for the subd

This entry was edited (2 weeks ago)

in reply to TupambAdminOrg [2024.03]

TupambAdminOrg [2024.03]

in reply to TupambAdminOrg [2024.03] • 2 weeks ago (Received 1 week ago) • •

Once the subdomain appears in your browser as a http site, you can proceed to create a let's encrypt SSL certificate for the domain.

As this is just creating a new certificate on an already existing let's encrypt registered certbot environment, this is quite fast and straight forward. The cert builds on the information created by the previous step of creating a sub.domain.org.conf file in /etc/apache2/sites-available/ and will create a new .conf file named:
sub.domain.org-le-ssl.conf

rootname@VPShosting:~$ sudo certbot --apache

print of the certbot routine

Once the subdomain appears in your browser as a http site, you can proceed to create a let's encrypt SSL certificate for the domain.

rootname@VPShosting:~$ sudo certbot --apache

print of the certbot routine

root@VPShosting:~# sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: domain.org
2: sub.domain.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 2
Requesting a certificate for sub.domain.org
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/sub.domain.org/fullchain.pem
Key is saved at: /etc/letsencrypt/live/sub.domain.org/privkey.pem
This certificate expires on 2025-05-25.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for sub.domain.org to /etc/apache2/sites-available/sub.domain.org-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://sub.domain.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Successfully deployed certificate for sub.domain.org to /etc/apache2/sites-available/sub.domain.org-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on
https://sub.domain.org

in reply to TupambAdminOrg [2024.03]

Ⓜ3️⃣3️⃣ 🌌

in reply to TupambAdminOrg [2024.03] • 2 weeks ago • •

TL;DR 😉

Are both options possible or does the system, for a correct working environment, need the dot in the folder structure?

At some point you will eventually write automatization scripts, so you may want to keep that consistent and use FQDN as part of the path, so dots.

in reply to Ⓜ3️⃣3️⃣ 🌌

utopiArte

in reply to Ⓜ3️⃣3️⃣ 🌌 • 2 weeks ago • •

FQDN = Fully Qualified Domain Name

> so you may want to keep that consistent

I guess that means means for internal coherence and understanding of eventual scripts (?).

At the same time I guess your answer means that there is no problem by the simplified syntax choosen for the folder name.

WHat about the .conf name, is that nameing related to the URL domain name or does the sistem read the content of the .conf file and the naming is irrelevant for the funcioning?

> TL;DR 😉
I know, that's in part why it's called v.01. This is completely new for my mind so it has to "write it out loud extensively" to create understanding for itself. The idea is to shred it down later on into simple copy/paste instructions, internalizing the content by doing so.
👍

in reply to utopiArte

utopiArte

in reply to utopiArte • 2 weeks ago • •

Actually the following howTo doesn't really clarify the question about the .conf name, as the place holder your_domain is used two times, in the .conf name and inside the file itself. Anyway doesn't look like the .conf name has to be the domain name but that it's more than reasonable to use it anyway.

https://www.digitalocean.com/community/tutorials/how-to-configure-the-apache-web-server-on-an-ubuntu-or-debian-vps
Within your virtual host file, you can add a ServerName directive that specifies the domain name or IP address that this request should handle. This is the option that would add specificity to the virtual host, allowing it to override the default definition if it matches the ServerName value.
Run the following command to open your virtual host file, making sure to replace the your_domain variable with your actual domain name:
sudo nano /etc/apache2/sites-available/your_domain.conf
Append your_domain to the ServerName directive:
/etc/apache2/sites-available/your_domain.conf
…
ServerName your_domain
…

in reply to utopiArte

utopiArte

in reply to utopiArte • 2 weeks ago (Received 1 week ago) • •

v.02

Create a new directory

for the existing working domain in /var/www/:

rootname@VPShosting:~# mkdir /var/www/domainorg/

Create a copy of the working installation

from /var/www/html/ in the new /var/www/domainorg/ directory. Check ownership of /domainorg/ itself and folders in /domainorg/:

rootname@VPShosting:~# cp -R /var/www/html/ /var/www/domainorg/
rootname@VPShosting:~# ls -l /var/www/
rootname@VPShosting:~# ls -l /var/www/domainorg/

Create a domain registry

file on the VPS server in /etc/apache2/sites-available/ for the domain. Create the following content in that domain.org.conf file:

rootname@VPShosting:~# nano /etc/apache2/sites-available/domain.org.conf

<VirtualHost *:80>
ServerAdmin badmin@domain.org
Serve

v.02

Create a new directory

for the existing working domain in /var/www/:

rootname@VPShosting:~# mkdir /var/www/domainorg/

Create a copy of the working installation

from /var/www/html/ in the new /var/www/domainorg/ directory. Check ownership of /domainorg/ itself and folders in /domainorg/:

rootname@VPShosting:~# cp -R /var/www/html/ /var/www/domainorg/
rootname@VPShosting:~# ls -l /var/www/
rootname@VPShosting:~# ls -l /var/www/domainorg/

Create a domain registry

file on the VPS server in /etc/apache2/sites-available/ for the domain. Create the following content in that domain.org.conf file:

rootname@VPShosting:~# nano /etc/apache2/sites-available/domain.org.conf

<VirtualHost *:80>
ServerAdmin badmin@domain.org
ServerName domain.org
DocumentRoot /var/www/domainorg
DirectoryIndex index.html
ErrorLog ${APACHE_LOG_DIR}/domainorg_error.log
CustomLog ${APACHE_LOG_DIR}/domainorg_access.log combined
</VirtualHost>

Check domain IP redirect settings by the domain registry!

the Apache webserver to apply the configuration changes:

rootname@VPShosting:~# sudo a2ensite domain.org.
rootname@VPShosting:~# systemctl restart apache2

test changes

rootname@VPShosting:~# mv /var/www/html/index.html /var/www/html/index_old.html
rootname@VPShosting:~# nano /var/www/html/index.html

<html>
<title>name-based virtual hosting setup</title>
<h1>Welcome to the /html/ index.html fall back file.</h1>
<p>This is a test file for a name-based virtual hosting setup</p>
</html>

Create a subdomain

test site. Create a index.html file to test the new subdomain. Create ownership for the user www-datafor files and folders in /castdomainorg/

rootname@VPShosting:~# mkdir /var/www/castdomainorg/
rootname@VPShosting:~# nano /var/www/html/castdomainorg/index.html

<html>
<title>castdomainorg</title>
<h1>Welcome to cast.domain.org Website</h1>
<p>This is the first test subdomain site hosted with name-based virtual hosting</p>
</html>

rootname@VPShosting:~# chown -R www-data:www-data /var/www/castdomainorg/

Create a domain registry

file on the VPS server in /etc/apache2/sites-available/ for the subdomain. Create the following content in that cast.domain.org.conf file:

rootname@VPShosting:~# nano /etc/apache2/sites-available/cast.domain.org.conf

<VirtualHost *:80>
ServerAdmin badmin@cast.domain.org
ServerName cast.domain.org
DocumentRoot /var/www/castdomainorg
DirectoryIndex index.html
ErrorLog ${APACHE_LOG_DIR}/castdomainorg_error.log
CustomLog ${APACHE_LOG_DIR}/castdomainorg_access.log combined
</VirtualHost>

Restart the Apache webserver

to apply the configuration changes:

rootname@VPShosting:~# sudo a2ensite cast.domain.org.
rootname@VPShosting:~# systemctl restart apache2

clean the server form backups

rootname@VPShosting:~# mv /var/www/html/ /var/www/html_old/
rootname@VPShosting:~# make /var/www/html/
rootname@VPShosting:~# mv /var/www/html_old/index.html /var/www/html/index.html
rootname@VPShosting:~# rm -r /var/www/html_old/

in reply to utopiArte

TupambAdminOrg [2024.03]

in reply to utopiArte • 2 weeks ago (Received 1 week ago) • •

ok
let's try this description.

in reply to TupambAdminOrg [2024.03]

utopiArte

in reply to TupambAdminOrg [2024.03] • 2 weeks ago (Received 1 week ago) • •

~~cp -R /var/www/html/ /var/www/domainorg/~~

rootname@VPShosting:~# cp -R /var/www/html /var/www/domainorg

All subfolders and files are owned by root, so their ownership has to be changed to www-data:
rootname@VPShosting:~# chown -R www-data:www-data /var/www/domainorg/
rootname@VPShosting:~# chown root:root /var/www/domainorg

This entry was edited (2 weeks ago)

in reply to utopiArte

utopiArte

in reply to utopiArte • 2 weeks ago (Received 1 week ago) • •

Check specific settings changed for the single domain setup and how to define/transport those for the specific domain:
https://tupambae.org/display/0ac89072-2065-5da3-1ad7-ba3116437727

Allow overrides so dynamic pages can built correctly
rootname@VPShosting:/var/www/html# sudo nano /etc/apache2/sites-available/000-default-le-ssl.conf
search for the line:
ctrl+W -> DocumentRoot /var/www/html
add the code snippet:
    <Directory /var/www/html>
        AllowOverride All
    </Directory>
save the file "000-default-le-ssl.conf"

Where is the php version used for the specific domain defined?
Is it possible to define the use of different PHP versions for different domains and if so how?

editing php.ini
rootname@VPShosting:/var/www/html# sudo nano /etc/php/8.1/apache2/php.ini
search for the following lines [ctrl+w] and modify the values:
..

in reply to utopiArte

utopiArte

in reply to utopiArte • 2 weeks ago (Received 1 week ago) • •

Allow overrides so dynamic pages can built correctly
This was the original setting as a single domain server:
rootname@VPShosting:/var/www/html# sudo nano /etc/apache2/sites-available/000-default-le-ssl.conf
search for the line:
ctrl+W -> DocumentRoot /var/www/html
add the code snippet:

    <Directory /var/www/html>
        AllowOverride All
    </Directory>

Main question and most likely correct is now if it's possible to add this command to the domain.org.conf file:
rootname@VPShosting:~# nano /etc/apache2/sites-available/domain.org.conf

<VirtualHost *:80>
ServerAdmin badmin@domain.org
ServerName domain.org
DocumentRoot /var/www/domainorg
<Directory /var/www/domainorg>
AllowOverride All
</Directory>
DirectoryIndex index.html
ErrorLog ${APACHE_LOG_DIR}/domainorg_error.log
CustomLog ${APACHE_LOG_DIR}/domainorg_access.log combined
</VirtualHost>

This entry was edited (2 weeks ago)

in reply to TupambAdminOrg [2024.03]

utopiArte

in reply to TupambAdminOrg [2024.03] • 2 weeks ago (Received 1 week ago) • •

Something isn't working out as expected.
The registry of the subdomain example apparently worked out fine.

The change of the orginal main domain VPShosting setup to work from the new folder /var/www/domainorg/ doesn't work as of now.

Ckecked and read all the files in /etc/apache2/sites-available/
For now what looks like differences at first sight is in 000-default-le-ssl.conf:

<IfModule mod_ssl.c>
<VirtualHost *:443>
</VirtualHost>
</IfModule>

Instead of tupambae.org.conf

<VirtualHost *:80>
</VirtualHost>

Also there are the SSL cert registry lines in 000-default-le-ssl.conf that most likely have to be added to domain.org.conf

ServerName domain.org
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/domain.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.org/priv

Something isn't working out as expected.
The registry of the subdomain example apparently worked out fine.

The change of the orginal main domain VPShosting setup to work from the new folder /var/www/domainorg/ doesn't work as of now.

Ckecked and read all the files in /etc/apache2/sites-available/
For now what looks like differences at first sight is in 000-default-le-ssl.conf:

<IfModule mod_ssl.c>
<VirtualHost *:443>
</VirtualHost>
</IfModule>

Instead of tupambae.org.conf

<VirtualHost *:80>
</VirtualHost>

Also there are the SSL cert registry lines in 000-default-le-ssl.conf that most likely have to be added to domain.org.conf

ServerName domain.org
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/domain.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.org/privkey.pem

The command used to deactivate the original setup was:
a2dissite 000-default

The original site setup contained three .conf files in /etc/apache2/sites-available/:

000-default-le-ssl.conf
000-default.conf
default-ssl.conf

Besides general SSL cert indications the .conf file contains the following lines in the beginning that look like they do matter:

000-default-le-ssl.conf

<IfModule mod_ssl.c>
<VirtualHost *:443>

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html
<Directory /var/www/html>
    AllowOverride All
</Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

ServerName domain.org
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/domain.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.org/privkey.pem
</VirtualHost>
</IfModule>

000-default.conf
(already deactivated by a2dissite 000-default)

<VirtualHost *:80>

	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on
RewriteCond %{SERVER_NAME} =domain.org
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

default-ssl.conf

<IfModule mod_ssl.c>
	<VirtualHost _default_:443>
		ServerAdmin webmaster@localhost

		DocumentRoot /var/www/html

		ErrorLog ${APACHE_LOG_DIR}/error.log
		CustomLog ${APACHE_LOG_DIR}/access.log combined

		SSLEngine on

		SSLCertificateFile	/etc/ssl/certs/ssl-cert-snakeoil.pem
		SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

		<FilesMatch "\.(cgi|shtml|phtml|php)$">
				SSLOptions +StdEnvVars
		</FilesMatch>
		<Directory /usr/lib/cgi-bin>
				SSLOptions +StdEnvVars
		</Directory>
	</VirtualHost>
</IfModule>

in reply to utopiArte

utopiArte

in reply to utopiArte • 2 weeks ago (Received 1 week ago) • •

However, please note this will only work with plain HTTP connections, not with HTTPS (HTTP over SSL): name-based virtual hosts rely on knowing what name is being requested, but this information can't be known by Apache until the encrypted SSL connection is established.
https://serverfault.com/questions/435330/how-to-point-2-different-domains-to-1-ip-address-apache

Looks like the conflict as of now is around the SSL settings and port 443.
Apparently it's the one reserved and dedicated for SSL connections and the respective settings and configuration.

root@VPShosting:/etc/apache2/sites-enabled# ls -l
000-default-le-ssl.conf -> /etc/apache2/sites-available/000-default-le-ssl.conf
cast.domain.org.conf -> ../sites-available/cast.tupambae.org.conf
domain.org.conf -> ../sites-available/tupambae.org.con

This entry was edited (2 weeks ago)

in reply to utopiArte

utopiArte

in reply to utopiArte • 2 weeks ago (Received 1 week ago) • •

Solved as follows:

The SSL let's encrypt cert is created out of the http file of the given domain or subdomain:
/etc/apache2/sites-available/domain.org.conf

standard domain.org.conf

<VirtualHost *:80>
ServerAdmin admin@domain.org
ServerName domain.org
DocumentRoot /var/www/domainorg
# AllowOverride is specifically added for the friendica server
<Directory /var/www/domainorg>
AllowOverride All
</Directory>
# AllowOverride is specifically added for the friendica server
ErrorLog ${APACHE_LOG_DIR}/domainorg_error.log
CustomLog ${APACHE_LOG_DIR}/domainorg_access.log combined
</VirtualHost>

The SSL domain reference file created from the http filename get's added by default -le-ssl to the existing domain.org.conf name. The port for SSL connections is 443 while the standard http connection is over port 80.

domain.org-le-ssl.conf

This is the content of the file

Solved as follows:

The SSL let's encrypt cert is created out of the http file of the given domain or subdomain:
/etc/apache2/sites-available/domain.org.conf

standard domain.org.conf

<VirtualHost *:80>
ServerAdmin admin@domain.org
ServerName domain.org
DocumentRoot /var/www/domainorg
# AllowOverride is specifically added for the friendica server
<Directory /var/www/domainorg>
AllowOverride All
</Directory>
# AllowOverride is specifically added for the friendica server
ErrorLog ${APACHE_LOG_DIR}/domainorg_error.log
CustomLog ${APACHE_LOG_DIR}/domainorg_access.log combined
</VirtualHost>

domain.org-le-ssl.conf

This is the content of the file created for a multi domain VPS server. This contenet matches the content that was in the original 000-default-le-ssl.conf file of the single domain VPS setup, created by the certbot routine. The SSL certificate is supposed to be updated automatically every year. For now it is not clear if the changes made will be affected negatively by that automatic SSL cert update.

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin@domain.org
ServerName domain.org
DocumentRoot /var/www/domainorg
# AllowOverride is specifically added for the friendica server
<Directory /var/www/domainorg>
AllowOverride All
</Directory>
# AllowOverride is specifically added for the friendica server
ErrorLog ${APACHE_LOG_DIR}/domainorg_error.log
CustomLog ${APACHE_LOG_DIR}/domainorg_access.log combined
ServerName domain.org
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/domain.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.org/privkey.pem
</VirtualHost>
</IfModule>

activating and deactivating .conf fles

To make the changes come into effect the new conf file has to be activated, the old one that shouldn't apply anymore should be deactivated and the apache server itself has to be reloaded or to be restarted:

rootname@VPShosting:~# a2ensite domain.org
rootname@VPShosting:~# a2ensite domain.org-le-ssl.conf
rootname@VPShosting:~# a2dissite 000-default.conf
rootname@VPShosting:~# a2dissite 000-default-le-ssl.conf
rootname@VPShosting:~# systemctl restart apache2

Reloading the site took a while longer than nomal, indicating that new background tasks where happening.

testing the new folder structure

and if site configuration was actually in place.
Renaming the index file of the old /html folder.
Reloading the site did still work so the old /html folder structure wasn't active anymore.
Renaming the entire old /html folder structure taking it out of access completely.
Creating a new /html folder.
Creating a new html. index file in /var/www/html.

rootname@VPShosting:~# mv /var/www/html/index.php /var/www/html/index_old.php
rootname@VPShosting:~# mv /var/www/html/ /var/www/html_old/
rootname@VPShosting:~# mkdir /var/www/html/
rootname@VPShosting:~# nano /var/www/html/index.html

<html>
<title>name-based virtual hosting setup</title>
<h1>Welcome to the /html/ index.html fall back file.</h1>
<p>This is a test file for a name-based virtual hosting setup</p>
</html>

Next steps:
Installing a SSL cert for subdomain.org.
Installing a subdomain test site.
Installing a new friendica domain.com site from scratch.

#ServerAdmin #DocumentRoot #ErrorLog #CustomLog

This entry was edited (2 weeks ago)

Lo, thar be cookies on this site to keep track of your login. By clicking 'okay', you are CONSENTING to this.

⇧