Re: [otrs] otrs and debian virtual hosting

Wed, 25 Apr 2012 00:55:58 -0700 

So on our debian boxes I personally hate the way debian handles vhosts so I
rip their configuration out and put in my own for the vhost part. Below are
my standard build docs for apache on debian, YMMV. And to create extra
vhosts I just add a new config file for each vhost to /srv/vhosts/config/

################################################################################
# apache configuration

# install apache
aptitude install apache2 libapache2-mod-php5 php5 php5-mcrypt php5-cli
php5-curl php5-gd php5-imagick php5-imap php5-ldap php5-mhash php5-mysql
php5-snmp php5-sqlite php5-tidy php5-xcache php5-xmlrpc php5-xsl ldap-utils
imagemagick mysql-client

# create vhost containers
mkdir -p /srv/vhosts/config
mkdir -p /srv/vhosts/sites/00_default/htdocs
cp /var/www/index.html /srv/vhosts/sites/00_default/htdocs/index.html
mkdir -p /srv/vhosts/sites/00_default/cgi-bin
mkdir -p /srv/vhosts/logs

# enable/disable modules
a2dissite 000-default
a2dissite default
a2enmod auth_basic
a2enmod authn_file
a2enmod authz_default
a2enmod cgi
a2enmod deflate
a2enmod include
a2enmod php5
a2enmod rewrite
a2enmod ssl
a2enmod vhost_alias
a2enmod authnz_ldap
a2enmod status
a2enmod mem_cache
a2dismod userdir

# update apache config to use own vhosts
vi /etc/apache2/apache2.conf
# Include the virtual host configurations:
#Include /etc/apache2/sites-enabled/
Include /srv/vhosts/config/

# add in extra compression support
vi /etc/apache2/conf.d/deflate
<Location />
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE image/svg+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/atom_xml
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/x-httpd-php
    AddOutputFilterByType DEFLATE application/x-httpd-fastphp
    AddOutputFilterByType DEFLATE application/x-httpd-eruby
    AddOutputFilterByType DEFLATE text/html
</Location>

# default vhost config
vi /srv/vhosts/config/00_default

<VirtualHost *:80>
    ServerAdmin helpd...@domain.com

    DocumentRoot /srv/vhosts/sites/00_default/htdocs/
    <Directory />
        Options FollowSymLinks
        AllowOverride All
    </Directory>
    <Directory /srv/vhosts/sites/00_default/htdocs/>
        Options -Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /srv/vhosts/sites/00_default/cgi-bin/
    <Directory /srv/vhosts/sites/00_default/cgi-bin>
        AllowOverride None
        Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    # flip all traffic to https
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R]

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /srv/vhosts/logs/00_default_access.log combined

    ServerSignature On
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin helpd...@domain.com

    DocumentRoot /srv/vhosts/sites/00_default/htdocs/
    <Directory />
        Options FollowSymLinks
        AllowOverride All
    </Directory>
    <Directory /srv/vhosts/sites/00_default/htdocs/>
        Options -Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /srv/vhosts/sites/00_default/cgi-bin/
    <Directory /srv/vhosts/sites/00_default/cgi-bin>
        AllowOverride None
        Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog /var/log/apache2/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /srv/vhosts/logs/00_default_ssl_access.log combined

    SSLEngine on
    SSLCertificateFile    /etc/apache2/ssl/server.pem
    SSLCertificateKeyFile /etc/apache2/ssl/server.key.insecure

    SSLProtocol -all +SSLv3 +TLSv1
    SSLCipherSuite SSLv3:+HIGH:+MEDIUM

    # SSL Engine Options:
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
        SSLOptions +StdEnvVars
    </Directory>

    # SSL Protocol Adjustments:
    BrowserMatch ".*MSIE.*" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0

</VirtualHost>
</IfModule>

# secure it up abit
vi /etc/apache2/conf.d/security
ServerTokens Minimal
ServerSignature Off
TraceEnable Off

# php tweaks
vi /etc/php5/apache2/php.ini
magic_quotes_gpc = off
post_max_size = 64M
upload_max_filesize = 64M

# directory fancy index tweaks
vi /etc/apache2/mods-available/autoindex.conf
IndexOptions FancyIndexing FoldersFirst VersionSort NameWidth=*
DescriptionWidth=* ScanHTMLTitles XHTML

# change php gc timeout
vi /etc/php5/apache2/php.ini
session.gc_maxlifetime = 28800

# add www-data to the users group
adduser www-data users

# reset permissions
chmod -R 775 /srv/vhosts
chown -R www-data:users /srv/vhosts

# restart apache
/etc/init.d/apache2 restart





On 24 April 2012 22:33, Carlos Gomes - STI Unesp Franca <
cgo...@franca.unesp.br> wrote:

> anyone?
>

---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Reply via email to