I really like this discussion, we are getting somewhere now.
At least a draft of the “new” virtual hosts can be planned.
Indeed, I don’t want duplicate anything, just:
- move totally the http configuration on VirtualHost
- keep the chance in the VH configuration to select and existing shared folders that it serves. No shared folders? Nothing to serve.
In this scenario we can configure virtualhosts also to serve objects different from shared folders like: webapp (owncloud or wordpress) proxypass, etc…
Am I wrong?
AFAIK this means we loose a nice feature: access to http://<server_ip>/ibayname
If I just need accessing files through HTTP(+WebDAV), why I must configure a virtual-bells-and-whistles-host? 
Do not remove it. Just rename “Web access” as “HTTP” and remove fields “Virtual host” and “Web address (URL)”.
This is always possible through plugins and free-text-area!
So, your point is: why install a VirtualHost module if you need just a simple http support for ibay? Right?
Uhm, I have to think about this, waiting for others thoughts 
Maybe we should create a mockup to clear our mind with a visual example.
1 Like
I really like @davidep comments. Thats one thing I don’t like at Nethserver as much as other things (but it’s far away from beeing bad!).
I implemented the whole VirtualHost stuff (with SSL and only for ProxyPass) in my own conf-files (without using templates etc.). It works and I’m happy about that.
To manage this using a WebGUI would be a great advantaged. Let’s Encrypt integration would be the best. Also to request Let’s Encrypt certificates with one certificate for each (Sub)Domain and not just one certificate for all Domains would be great. That would be the easiest usage everybody can imagine without the need of having knowlege of Linux, Apache configuration, Certificates and Let’s Encrypt.
4 Likes
A friend of mine has shown me how Sophos UTM is managing this.
You have a page, where you configure your Webservers (the Server where the ProxyPass would redirect to) and the Pages (the ServerName of the VirtualHost as well as the Ports).
This is how it looks like:
The “Website”-Management (“virtual Webserver”):
Edit a Website:
And managing the Webservers (“Real Webservers”):
Maybe helpful for some inspiration 
3 Likes
Absolutely, thanks!
So Me and @davidep agree on remove the web configuration part from shared folder.
I’m going to write down a small mockup of the new panel
3 Likes
I’d like to revive this topic. As we said, we need to move forward with these guidelines:
- Shared Folders and Virtualhost need to be separated!
- remove “web access” panel from Shared folders.
- re-think the whole “virtualhost” panel adding more features
- certificate + let’sencrypt support
- advanced php settings
- access by ftp or scp (not by smb)
- ProxyPass
- customizable path (root dir or subdir)
1 Like
What about webdav?
Why not smb?
Just my opinion but you must separate vhosts from the concept of having just another method of sharing files.
Vhost is more related to hosting sites, than to make available the files over http/https.
And you already have owncloud if you want to share files over http.
2 Likes
I can only speak about the vhost topic because I don’t use the other stuff.
It is related to webhosting so, as @Ctek said, it should be separated.
How this should look in detail, I don’t know. Above you see how Sophos solved this. I don’t know if it has to be that big, but at least I must have the possibility to add new vhosts (http and https) and modify the settings of each vhost. Maybe automatic certificate-handling using Let’s encrypt can also be added here.
Because of this:
http://wiki.dreamhost.com/Uploading_your_site
https://it.godaddy.com/help/ftp-how-to-upload-files-96
https://my.bluehost.com/hosting/help/upload-site
Summarizing: everyone uses FTP
1 Like
Offtopic: FTP is the same as Flash. You should not use it but everybody does.
- @Ctek remarked we must separate vhosts and file sharing. I absolutely agree on this.
- @alefattorini says everyone uses FTP/SCP to upload websites, so SMB is not required for vhosts.
My concerns are not duplicating features on “shared folders” and “virtual hosts” pages, such as filesystem permission handling. I’d prefer keeping the filesystem permissions part on “shared folders” and allow referencing them from the “virtual hosts page”. A virtual host could require or even not require (in case of proxypass) a filesystem folder.
Why not a filesystem hierarchy that keeps them separated? Isn’t it simpler? For example creating a new folder under /var/lib/nethserver/virtualhosts with apache:apache
Referencing a shared folder from the “virtual hosts page” IMHO is useless and makes things unnecessarily complicated
- Shared folders: your files
- Virtualhost folders: your sites
2 Likes
Owner should be who uploads. Apache can can receive read permissions from world-readable bit. BUT, sometimes it needs also write permissions…
1 Like
This is exactly a “Shared folders” feature I don’t want to duplicate!
The new User & Groups model in NS7 allows simplifying the underlying implementation of ACLs for Apache. We could add apache group as “Owner” and also apache user under ACLs tab.
This would remove the need of that exoteric checkbox “Allow .htaccess and write permissions overrides”… 
1 Like
A virtual host could require more than one directory with different filesystem permissions.
…or no filesystem at all: think about proxypass setup
I vote for two simpler implementations even if we need to duplicate a little code!