Apache Configuration 24.04LTS
Apache Tweaks
First we are going to move the document root of the apache webserver to be something more sensible, do this before we start installing any more web related things.
First Disable the default site...
a2dissite 000-default.conf
Now copy the default config to a new one which we will make the new default.
sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/solaris-default.conf
Now edit this new default config
nano /etc/apache2/sites-available/solaris-default.conf
VirtualHost *:80> ServerName scottworld.net ServerAlias solaris.scottworld.net ServerAdmin mark@scottworld.net DocumentRoot /srv/data/www <Directory /srv/data/www> Options +Indexes Require all granted </Directory> # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
Now we enable this as the default apache site.
a2ensite solaris-default.conf
Restart the apache2 service
service apache2 restart
Now check you can see the new document root by pointing a browser at your webserver (Drop a simple html file in there and see if you can read it. Remember to change the permissions on the directory to 775 along with ownership for www-data
chown www-data:www-data /srv/data/www -R
SSL Forwarding
Create CNAMEs in external DNS to point to out location so external requests are directed to home address.
CNAME would be domoticz.scottworld.net CNAME solaris.scottworld.net
Example to create a new apache website and reverse proxy to internal content.
Create a certificate for SSL using certbot
certbot -d <thedomainname> e.g: domoticz.scottworld.net
Create a file for the site in /etc/apache2/sites-available (eg site.conf)
<IfModule mod_ssl.c> <VirtualHost _default_:443> ServerName domoticz.scottworld.net SSLEngine on SSLCertificateFile /etc/letsencrypt/live/domoticz.scottworld.net/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/domoticz.scottworld.net/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/domoticz.scottworld.net/chain.pem ProxyPass / http://127.0.0.1:8080/ ProxyPassReverse / http://127.0.0.1:8080/ #ProxyHTMLURLMap http://192.168.3.200:8080 / </VirtualHost> </IfModule>Then enable apache proxy and the site itself. a2enmod proxy a2enmod proxy_html And Enable the site we just made a2ensite domoticz.conf And restart apache systemctl restart apache2 Now add an https cert using lets encrypt. https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04