Apache web server
Zentyal 4.0 still includes the Apache server, it's just not managed from the Zentyal interface as in previous versions.
In this document, we are going to detail how to deploy virtual domains using this Apache server to achieve the functionality provided by the former 'webserver' module.
Contents |
Default virtual host
The simplest case is using the default virtual host, this is, accessing directly by IP or using an URL that points to your server IP but is not registered as a configured virtual host in Apache. In this case, the configuration specifies that:
DocumentRoot /var/www/html
This means that you can simply install a webapp below this 'document root' folder and access it directly, for example:
/var/www/html/moodle
and access using: http://your_server_ip_address/moodle
Remember to open the HTTP port in the Zentyal firewall, it is not open by default.
Configuring a non-SSL virtual host
In this case you will need to create a file under
/etc/apache2/sites-available
For example
/etc/apache2/sites-available/testhost.com.conf
and include the following configuration
<VirtualHost *:80> #Change the admin email for your case ServerAdmin webmaster@zentyal.zentyal-domain.lan ServerName testhost.com:80 #This will be the root Directory for your virtual host DocumentRoot /srv/www/testhost.com #You can choose the location of your log files ErrorLog /var/log/apache2/testhost.com-error.log CustomLog /var/log/apache2/testhost.com-access.log combined </VirtualHost> <Directory /srv/www/testhost.com> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory>
Create the root directory:
# mkdir -p /srv/www/testhost.com
Enable the site and reload apache:
root@zentyal:/etc/apache2/sites-available# a2ensite testhost.com.conf Enabling site testhost.com. To activate the new configuration, you need to run: service apache2 reload root@zentyal:/etc/apache2/sites-available# service apache2 reload * Reloading web server apache2 *
You can now drop your desired web application under the root directory, remember that you will be forwarded only if the URL matches the ServerName, in other words, your DNS has to resolve http://testhost.com TO the IP of your server.
Configuring a Virtual Host, SSL version
You may want to restrict your users to access the virtual domain using HTTPS, for security reasons. You will follow the same produce and steps than the last case, but the configuration file is slightly different:
<VirtualHost *:80> #Change the admin email for your case ServerAdmin webmaster@zentyal.zentyal-domain.lan ServerName testhostssl.com:80 DocumentRoot /srv/www/testhostssl.com ErrorLog /var/log/apache2/testhostssl.com-error.log CustomLog /var/log/apache2/testhostssl.com-access.log combined #If your remove this Redirect line, your virtual host will accept BOTH http and https connections Redirect permanent / https://testhostssl.com:443/ </VirtualHost> <VirtualHost *:443> ServerAdmin webmaster@zentyal.zentyal-domain.lan ServerName testhostssl.com:443 DocumentRoot /srv/www/testhostssl.com #Point these two variables to your certificate files, you can leave them as "snakeoil" # for testing purposes SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key SetEnv HTTPS On ErrorLog /var/log/apache2/testhostssl.com-error.log CustomLog /var/log/apache2/testhostssl.com-access.log combined </VirtualHost> <Directory /srv/www/testhostssl.com> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory>
Create the directory, copy the contents, enable the site, reload configuration and verify the DNS as shown in the former example.
Enabling "public-html"
You may want to allow your users to create their personal web directories, for this case, you just need to execute:
a2enmod userdir
and
service apache2 reload
you will be able to create a folder "public_html" (this name is mandated by the module configuration file) inside the home of an user and then access it using
http://your_server_ip_or_hostname/~username
Remember that you need to modify the permissions to grant the 'www-data' user read access to this folder.