Scared to try to use NS and vhosts

I’m throwing in my vote for vhost management in the gui.

I need to get 5 sites off a vps that has intermittent uptime, they’re non profit sites, low traffic, I was thinking to spin up NS in a container on Google but after reading around here I’m scared to try to use NS to hack up e-smith for vhosts… my still running Zentyals and my Ubuntus with Webmin support vhosts in the gui…

Here I can’t figure out… do I use the templates, /etc/e-smith/templates/etc/httpd/conf.d, I’m sure not going to use /etc/httpd/conf.d, but looking at one NS server I have, it has roundcube, ntop, collectd and an html site on website root… but if I look in the various places where the conf.ds are, I can’t find ntop or the website that’s on the website root, where is the persistent conf for the shared folder that’s on website root, which conf.d is the one that’ll persist through an update… I need to get those folks off that vps and while it’s easy to drop all their email domains on NS, I don’t see how I can safely use NS for their web pages.

AFAIK, vhost management through server-manager gui is working fine. It’s not flexible enough to cover all possible use cases and there’s where you may need some under the hood customization. Sometimes you need a custom template, but most of the time a common httpd/conf.d fragment is enough.

I think, after about 3 hours, that I can see and understand what you’re saying. I fired up a machine, dug through the docs, created 3 aliases in dns, created 3 shared folders local users, set sharing to everyone, set them for web site root, associated each aliias with the server ip in my dns server and each domain entered into a browser address bar returns the apache welcome page. But when I drop an index.html page into an alias’s ibay directory I still get the welcome page.

Ok…

When I look around in an NS server I have live on the web, with its static html page in /var/lib/nethserver/ibay/Bob/index.html, I can’t figure out why NS is serving the web page.

ls /etc/httpd/conf.d/
collectd-web.conf  php.conf  proxypass.conf  README  roundcubemail.conf  ssl.conf  welcome.conf

ls /etc/e-smith/templates/etc/httpd/conf.d/
collectd-web.conf  proxypass.conf  roundcubemail.conf  ssl.conf

ls /var/www/html/
collectd-web

So, I’ve just realized that, basically, between the NS documentation and e-smith, I have no fucking clue how my live nethserver web server is working.

I assume that Apache, on my Nethserver machine, is serving my index.html page to the requesting browser, so how is Apache directed to serve the page I put in the ibay folder and where is that info in the Nethserver documentation?

The only reason I knew to put my index.html page in the ibay directory is because I found said directory in the documentation for Backups, that directory isn’t even in the docs for shared folders.

So, I’m off for a while, I’m a little pissed because I feel like I just spent the morning, when I really shouldn’t have, needlessly reinventing the wheel, and I still don’t know what’s going on.

1 Like

Ok, so I found it here, but I’m not clear on why it’s serving the welcome page instead of the index.html page;

[root@server32 nethserver.d]# cat test3.ibay
# ================= DO NOT MODIFY THIS FILE =================
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at https://dev.nethesis.it/projects/nethserver/wiki/NethServer
# original work from http://www.contribs.org/development/
#
# Copyright (C) 2013 Nethesis S.r.l.
# http://www.nethesis.it - support@nethesis.it
#

#
# 05alias
#
DocumentRoot "/var/lib/nethserver/ibay/test3"


#
# 30forcessl_redirect disabled
# see https://wiki.apache.org/httpd/RewriteHTTPToHTTPS
#



#
# 10directory_begin -- basic ibay directory setup
#
<Directory /var/lib/nethserver/ibay/test3>
    Options None
    Options +Indexes
    Options +Includes



#
# 60allowoverride is disabled
#
    AllowOverride None


#
# 60forcessl_require disabled
#
# SSLRequireSSL


    Options +Indexes +FollowSymLinks
    DirectoryIndex index.shtml index.htm index.html index.php

</Directory>


[root@server32 nethserver.d]# ls /var/lib/nethserver/ibay/test3
index.html  setup_video.html
[Mon Apr 04 13:11:21 2016] [error] [client 192.168.124.126] Directory index forbidden by Options directive: /var/www/html/
[Mon Apr 04 13:11:22 2016] [error] [client 192.168.124.126] File does not exist: /var/www/html/favicon.ico, referer: http://test3/

Edits to either /etc/httpd/nethserver.d/test3.ibay and /etc/httpd/nethserver.d/test3.com:80.vhost will be overwritten as soon as I reload apache and I haven’t figured out which conf to edit in /etc/e-smith/templates/etc/httpd/conf/httpd.conf.

@davidep, we need some docs on this. :frowning2:
Can you please suggest the best way to configure the httpd server?

I think the only way to make it simple, is to split shared folder and virtual hosts.
Give me a little time, I would like to open a topic on this.

I agree, the Apache configuration lacks documentation, I think because it lacks some design decisions and has a legacy of features from e-smith.

We should follow conventions from upstream. Existing RPMs from our base distro are not used to configuring virtual hosts and I think it is a good habit we have to maintain.

Thus, until we develop a virtual-host panel, my preferred way to configure a virtual host is drop a .conf file under /etc/httpd/conf.d.

I proposed the same in the past and I agree we should go that way!

Also we had some discussions on this topic I want to recall

Edit: new topic

1 Like

and also to answer about the merge-request

mmh… I’m missing something? :open_mouth:

Ok gentlemen, just to clarify, with regards to our need to get our 5 sites off our current vps,

I spent some time to get NS apache to serve 3 different static index.html pages to 3 different domain requests against the same ip.

Just to clarify my idea of what apache vhost is.

test3.com not test3.com/test3 to ip 1 on serverA
test4.com not test4.com/test4 to ip 1 on serverA
test5.com not test5.com/test5 to ip 1 on serverA

Now these tests are just static html, never mind trying to use something like wordpress as @Nas posted a how to for, never mind trying to get wordpress in NS to serve multiple sites.

So what I’m seeing here is that Nethserver is not going to work for us at this time, is that correct?

This isn’t a rant or complaint, I’m not going to swear off NS or run off in a huff, it’s simply a question of whether or not the tool can fit our needs at this time because I can’t keep spending the hours trying to reinvent the wheel and failing to accomplish the clients goal.

@GG_jr @davidep

Can someone explain in simple words how the vhost work in NS ?
Not how it should but how it is actually working.

From this we can try to make a template, and/or add a interface that can add parameters from the UI.
But first before making the UI I need to understand how NS implements virtual hosts.

1 Like

Create three host aliases under DNS page, then create three shared folders by setting each one as “web site root” of the respective (v)host name.

See also

http://docs.nethserver.org/en/latest/shared_folder.html

1 Like

I did that.
That’s covered in all my posts above. :unamused:

f*$& I am so stupid.
I was using server alias instead of hosts.

sigh.

Thanks for the push @davidep

The question I have is, did I misread this or read into it what it wasn’t? The sentence is correct… but misleading, or not?

The Virtual host selector lists all Server alias defined under the DNS page.

http://docs.nethserver.org/en/latest/shared_folder.html#web-access

Because after I added the domains and ip under hosts I deleted all the aliases and the server now works as I expect, so what I read into the docs doesn’t match with what @davidep just posted, so either I’m just stupid or we need to make some changes to the docs. Prob both.

Could we reword it like (?)

The Virtual host selector lists all items available from "DNS > Alias server" page.

I don’t understand, if I did that, removing the server alias and write the domain name in the host tab, I cannot use them in the virtualhost of the shared folder

I’m sorry, it simply doesn’t make sense to me, but I’m basically ignorant anyway.
That vhost selector list under shared folders lists server aliases from dns it seems… why, what’s the point, the intended function?
I don’t see how it relates to vhosts as I understand them, now that I have no server aliases and have populated the hosts and now have a working vhost system. idk what’s going on really, so I have nothing to offer.

Can you list files under /etc/httpd/nethserver.d there is something that i don’t understand.

@davidep

Hi, still stupid here, but I’ve run out of time today.

Was messing around today, installed wordpress straight from wordpress.org into the base NS, copied the owncloud.conf over to a new wordpress.conf, edited with wordpress of course, and dumped the wp files into a folder next to owncloud, browsing to testserver/wordpress, wordpress works great.

Was looking at the vhosts some more. Wondered to myself… why do I need to have entries in dns - hosts? This is standalone behind a gateway.

But here’s the thing… I think that in order to use vhosts it’s necessary to use server alias or e-smith will not create the vhost confs. I think that when I originally created the server aliases those confs for the ibay directories were left over even though I deleted the aliases and made entries in hosts. The reason I say this is that the 00default:80.vhost has all the test domains listed in it but if I browse to any domain I always get the index.html that is the last listed domain in that 00default file.

So nothing works like I posted above anymore and I’m even more confused.

So, I’m making notes for myself here… and tomorrow, if I have time, I may recreate those entries in server alias to see what happens.

My end goal here is to spin up an NS instance in Google cloud, with a wordpress installation hosting 5 sites for 5 domains with email on a single ip… but this is getting out of hand…

Hi @fasttech ,

AFAIK, this can be done only through Reverse Proxy (you have only one public IP and you must publish to the Web different domains (www, webmail), NOT ALIASES, hosted on the same machine, with the same port (80, 443).

Of course, maybe I’m wrong.

When I have looked for MS ISA Server replacement (ISA/Forefront TMG can do Reverse Proxy), I read on a forum that you need another Linux Machine to do Reverse Proxy if your Linux Firewall/Router can’t do that.

Endian and Sophos can do Reverse Proxy from UI but only for paid versions.

I ask for this feature for a long time and for many, many times, but …
Apache can do Reverse Proxy but I don’t know how.
I think that if Apache is a part of NS, this can be done on the same machine.
I read some docs from Apache website but I’m not good enough to make this.

http://www.apachetutor.org/admin/reverseproxies
https://httpd.apache.org/docs/2.4/mod/mod_proxy.html

EDIT:

@Hunv just published here:

Proposal for ns7 VirtualHost page

about this.