jpuck/avhost

Create Apache 2.4 virtual hosts for Ubuntu

Maintainers

Details

github.com/jpuck/avhost

Source

Issues

Installs: 19

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 18

2.5.2 2017-06-23 14:47 UTC

Requires

Requires (Dev)

GPL-3.0+ 109e72985f4b1254ca55f817b1d3b69dc2167e8d

  • Jeff Puckett <jeff.woop@jeffpuckett.com>

This package is not auto-updated.

Last update: 2024-04-13 17:24:34 UTC

README

Build Status Codecov Latest Stable Version Total Downloads License

PHP 7 command line symfony console application to create Apache 2.4 virtual hosts for Ubuntu.

Getting Started

This is an Apache adminstrative tool whose commands mostly require sudo. It can write configuration files to /etc/apache2/sites-available/ invoke a2ensite as well as writing SSL certificates to /etc/ssl/certs/ and keys to /etc/ssl/private/ so the best way to install it would be somewhere in root's path.

Download the latest release, set it executable, and move it to a good path. Here's a oneline command:

curl -s -L https://github.com/jpuck/avhost/releases/latest | egrep -o '/jpuck/avhost/releases/download/[0-9\.]*/avhost.phar' | wget --base=http://github.com/ -i - -O avhost && chmod +x avhost && sudo mv avhost /usr/local/bin/

After installing, run without any arguments to see a list of commands:

avhost

Use the -h flag with any command to get help with usage:

avhost <command> -h

Troubleshooting

Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details.

Looking at those logs are certainly helpful, but here are a couple things that might not be obvious the first time:

No ssl

To run an encrypted virtual host over TLS (SSL), you must have enabled Apache Module mod_ssl.

sudo a2enmod ssl

No rewrite

The default configuration with avhost is to redirect all traffic to an encrypted connection when available. This is accomplished with Apache Module mod_rewrite.

sudo a2enmod rewrite

This is recommended for many reasons. If necessary, this can be overridden by passing the option --no-require-ssl which makes sense in some cases, like when using a self-signed certificate that might cause trust issues. However, since you can get a free trusted certificate from Let's Encrypt, then there's no reason to be using a self-signed certificate on a public site anyway.

403 Forbidden

If you create the document root in some random folder, then not only must that folder and files be readable to Apache, but also every directory up to root must be executable by Apache in order for it to traverse the file system.

For example, if your site's files are in /path/to/private/web/folder

# up to directory, folders executable
chmod go+X /
chmod go+X /path
chmod go+X /path/to
chmod go+X /path/to/private
chmod go+X /path/to/private/web

# in directory, folders executable, files readable
chmod -R go+rX /path/to/private/web/folder

No headers

In order to add protection such as X-Content-Type-Options "nosniff" and to remove the X-Powered-By information, you must enable Apache Module mod_headers. This is also needed to allow Cross Origin Resource Sharing, which is not enabled by this project - you must manually define your CORS headers if you want.

sudo a2enmod headers

No compression

For performance reasons, most file types are compressed, but you must have enabled Apache Module mod_deflate.

sudo a2enmod deflate