msb/vhost-stack
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add new etc/apache2/sites-available/001-default-ssl.conf

Browse Source
This commit is contained in:
Matthew Saunders Brown 2024-03-26 13:42:03 -07:00
parent c6ad245c89
commit 0291e8f9f2
2 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
etc/apache2/sites-available/001-default-ssl.conf Normal file
View File

@ -0,0 +1,17 @@
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
DocumentRoot /srv/www/html
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>

17
install.sh
View File

@ -79,8 +79,13 @@ DEBIAN_FRONTEND=noninteractive apt-get -y install apache2 libapache2-mod-authnz-
## http2 handled automatically now. ## http2 handled automatically now.
## http2 doesn't support logio, so look in to vhost log format ## http2 doesn't support logio, so look in to vhost log format
fqdn=`hostname -f`
# force https for phpMyAdmin ?? vhostdomain=`hostname -d`
cp etc/apache2/sites-available/* /etc/apache2/sites-available/
sed -i "s|ssl-cert-snakeoil.pem|$fqdn.pem|g" /etc/apache2/sites-available/*.conf
chmod 644 /etc/apache2/sites-available/*.conf
chown root:root /etc/apache2/sites-available/*.conf
sed -i "s|webmaster@localhost|webmaster@$fqdn|g" /etc/apache2/sites-available/*.conf
cp etc/apache2/conf-available/* /etc/apache2/conf-available/ cp etc/apache2/conf-available/* /etc/apache2/conf-available/
chmod 644 /etc/apache2/conf-available/*.conf chmod 644 /etc/apache2/conf-available/*.conf
chown root:root /etc/apache2/conf-available/*.conf chown root:root /etc/apache2/conf-available/*.conf
@ -89,8 +94,7 @@ cp etc/apache2/mods-available/* /etc/apache2/mods-available/
chmod 644 /etc/apache2/mods-available/*.conf chmod 644 /etc/apache2/mods-available/*.conf
chown root:root /etc/apache2/mods-available/*.conf chown root:root /etc/apache2/mods-available/*.conf
# set vhost subodmain to domain name of server, users may want to consider changing this to a custom domain. # set vhost subodmain to domain name of server, users may want to consider changing this to a custom domain.
vhostdomain=`hostname -d` sed -i "s|example.com|$vhostdomain|g" /etc/apache2/mods-available/macro.conf
sed -i "s|.example.com|.$vhostdomain|g" /etc/apache2/mods-available/macro.conf
# a2enmod proxy_fcgi rewrite headers expires ssl http2 remoteip macro # a2enmod proxy_fcgi rewrite headers expires ssl http2 remoteip macro
a2enmod cgid proxy_fcgi proxy_http rewrite headers expires ssl http2 macro a2enmod cgid proxy_fcgi proxy_http rewrite headers expires ssl http2 macro
# # sed -i "s|CustomLog|#CustomLog|g" /etc/apache2/sites-available/000-default.conf # # sed -i "s|CustomLog|#CustomLog|g" /etc/apache2/sites-available/000-default.conf
@ -268,3 +272,8 @@ else
echo "NOTICE: firewalld not installed, not opening http ports in firewall." echo "NOTICE: firewalld not installed, not opening http ports in firewall."
fi fi
echo
echo "To enable the default https host run:"
echo "letsencrypt-certonly.sh -d $fqdn"
echo "a2ensite 000-default-ssl.conf"
echo "systemctl reload apache2"