Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Virtual hosting made easy
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4  Next  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
DiamondDog
n00b
n00b


Joined: 18 Jun 2002
Posts: 17
Location: Israel

PostPosted: Mon Jan 13, 2003 3:56 am    Post subject: DUDE!!!!!!!!!!!!!!!!!!!!! Reply with quote

Keep up the good work ppl like you are the foundation of our communinty
the open source community :twisted:

I just recieved my new server i will test it asap.


GoodJob Again Diamond
_________________
Old dude
Back to top
View user's profile Send private message
nikl
n00b
n00b


Joined: 06 Feb 2003
Posts: 5
Location: Hamburg, DE

PostPosted: Thu Feb 06, 2003 3:46 am    Post subject: Reply with quote

delta407 wrote:
Continuing discussion via PM.


hi delta,

I read your scripts with great interest and applied them slightly modified on my little homeserver a couple weeks ago. How much feedback have you received through PM yet? Would you or anyone else be interested to enhance these ideas a little more in terms of developing a more "complete" set of server administration scripts?
_________________
- Nikl
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Thu Feb 06, 2003 3:51 am    Post subject: Reply with quote

I'm sure there's interest in it, but the real trick would be to make it all web-based... :D (Actually, after one command -- a `wget http://mysite/install.sh -O - | bash` -- one could, in theory, perform a completely automated installation to the point of allowing web-based administration...)

To be honest, I don't have time right now to work on these scripts, but if there's a glaring error I will probably correct it. If anyone has ideas, feel free to post 'em here.
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
nikl
n00b
n00b


Joined: 06 Feb 2003
Posts: 5
Location: Hamburg, DE

PostPosted: Thu Feb 06, 2003 4:00 am    Post subject: Some ideas Reply with quote

1) provide a web-frontend, that'd sure be sweet!
2) provide a commandline-interface, but I'd prefer Python rather than bash ;)
3) possibly store configuration in a db of any kind (bdb, sql, ldap, ...)

just my 2 cents
_________________
- Nikl
Back to top
View user's profile Send private message
geoffs
n00b
n00b


Joined: 15 Feb 2003
Posts: 35
Location: Canada

PostPosted: Sat Feb 15, 2003 8:28 am    Post subject: Reply with quote

hey delta, just wondering if instead of using apache, apache2 will work?

looks like some great work.
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Sun Feb 16, 2003 6:39 pm    Post subject: Reply with quote

geoffs wrote:
hey delta, just wondering if instead of using apache, apache2 will work?
Probably, but I haven't tried it. As long as you have custom logging capabilities (for the auto log-splitting) and mod_rewrite available you should be good -- nothing but the installer modifies your Apache configuration.
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
ZoneRanger
n00b
n00b


Joined: 24 Nov 2002
Posts: 12

PostPosted: Sun Feb 16, 2003 7:14 pm    Post subject: Reply with quote

Delta,

I like what I see and would like to give this a try, but I can't find the vhost-install. Can you give me the full URL for the wget command?

Thanks
Scott
Back to top
View user's profile Send private message
ZoneRanger
n00b
n00b


Joined: 24 Nov 2002
Posts: 12

PostPosted: Sun Feb 16, 2003 7:18 pm    Post subject: Reply with quote

Delta,

Nevermind, I found it. Keep up the great work though.

Thanks again
Back to top
View user's profile Send private message
LoT-Soma
n00b
n00b


Joined: 13 Jan 2003
Posts: 7

PostPosted: Thu Mar 13, 2003 4:36 pm    Post subject: Reply with quote

wow thanx theyu should put this into the news letter :)
Back to top
View user's profile Send private message
steveb
Advocate
Advocate


Joined: 18 Sep 2002
Posts: 4564

PostPosted: Tue Apr 15, 2003 12:03 am    Post subject: Reply with quote

delta407 wrote:
Yes... that's part of the MISC phase. Specifically, it's supposed to add /root/bin/ to root's path, but apparently it didn't work.
Code:
mv /etc/profile /etc/profile.bak
cat /etc/profile.bak | sed -e 's/${ROOTPATH}"/${ROOTPATH}:~\/bin/"' > /etc/profile

(It did make a backup, though.)


change it to something like this:
Code:
cat /etc/profile.bak | sed -e '/^[\t ]*export PATH/{s/:~\/bin:/:/g;s/:~\/bin\"/\"/g;s/\"~\/bin:/\"/g;s/\"~\/bin\"/\"\"/g;}' | sed -e '/^[\t ]*export PATH/s/\(\${ROOTPATH}\)\([\":]\)/\1:~\/bin\2/' > /etc/profile
fist this strips away any ~/bin entry and then adds one just after ${ROOTPATH}.

if you would have (don't ask me why) a path entry like ~/bin/~/bin, then it will not break that entry:
Code:
# echo -ne "\texport PATH=\"~/bin/~/bin:/bin:/sbin:/usr/bin:/usr/sbin:\${ROOTPATH}\"\n" | sed -e '/^[\t ]*export PATH/{s/:~\/bin:/:/g;s/:~\/bin\"/\"/g;s/\"~\/bin:/\"/g;s/\"~\/bin\"/\"\"/g;}' | sed -e '/^[\t ]*export PATH/s/\(\${ROOTPATH}\)\([\":]\)/\1:~\/bin\2/'
        export PATH="~/bin/~/bin:/bin:/sbin:/usr/bin:/usr/sbin:${ROOTPATH}:~/bin"


and if you already have a ~/bin entry it would not double the ~/bin entry again, instead it will clean all the ~bin entries and add a last one:
Code:
#  echo -ne "\texport PATH=\"~/bin:~/bin:/bin:~/bin:/sbin:~/bin:/usr/bin:~/bin:/usr/sbin:~/bin:\${ROOTPATH}:~/bin\"\n" | sed -e '/^[\t ]*export PATH/{s/:~\/bin:/:/g;s/:~\/bin\"/\"/g;s/\"~\/bin:/\"/g;s/\"~\/bin\"/\"\"/g;}' | sed -e '/^[\t ]*export PATH/s/\(\${ROOTPATH}\)\([\":]\)/\1:~\/bin\2/'
        export PATH="/bin:/sbin:/usr/bin:/usr/sbin:${ROOTPATH}:~/bin"


and it will only modify lines having a export PATH statement at the beginning:
Code:
# echo -ne "#\texport PATH=\"/bin:/sbin:/usr/bin:/usr/sbin:\${ROOTPATH}\"\n\texport PATH=\"/bin:/sbin:/usr/lib/distcc/bin:/usr/lib/ccache/bin:/usr/bin:/usr/sbin:\${ROOTPATH}\"\n" | sed -e '/^[\t ]*export PATH/{s/:~\/bin:/:/g;s/:~\/bin\"/\"/g;s/\"~\/bin:/\"/g;s/\"~\/bin\"/\"\"/g;}' | sed -e '/^[\t ]*export PATH/s/\(\${ROOTPATH}\)\([\":]\)/\1:~\/bin\2/'
#       export PATH="/bin:/sbin:/usr/bin:/usr/sbin:${ROOTPATH}"
        export PATH="/bin:/sbin:/usr/lib/distcc/bin:/usr/lib/ccache/bin:/usr/bin:/usr/sbin:${ROOTPATH}:~/bin"



cheers

SteveB
Back to top
View user's profile Send private message
cryos
Retired Dev
Retired Dev


Joined: 08 Mar 2003
Posts: 242
Location: US

PostPosted: Tue Apr 15, 2003 9:49 am    Post subject: Web based admin Reply with quote

Wow! This is totally great. I have really learnt a lot from just reading this thread, and it has answered several questions I had about some of the cleverer things you can do with virtual hosting.

One thing I have always wanted to do is create my own customised web based admin for creating new users, mail accounts etc. How would one go about doing this? I thought of using PHP, but it would need root access for several operations. Perl was another thought. I would love some tips on how to make good, secure web based admin scripts.

I might be able to transform some of these amazing scripts into web based ones then. I am pretty good with PHP/Perl, and so just need to figure out how to give my web based scripts root access in a safe way...

Keep up the great work, you've taught me a lot about virtual hosting in this thread! :D
Back to top
View user's profile Send private message
goldeneye
n00b
n00b


Joined: 22 Mar 2003
Posts: 12
Location: Berlin, Germany

PostPosted: Tue Apr 22, 2003 1:24 am    Post subject: quick vhosts with apache2 Reply with quote

Some notes on setting up virtual hosts on a machine with a single ip address with Apache 2.

Establishing a vhost is quite easy there, you just have to put the following in your /etc/apache2/conf/vhosts/vhost.conf:
Code:
NameVirtualHost *

# default host
<VirtualHost *>
  ServerName default.domain.tld
  DocumentRoot /home/httpd/htdocs
</VirtualHost>

# your extra, virtual hosts
<VirtualHost *>
  ServerName vhost1.domain.tld
  DocumentRoot /path/to/vhost1

  <Directory /path/to/vhost1 >
    Options Indexes FollowSymLinks
    Allow from All
  </Directory>
</VirtualHost>

<VirtualHost *>
  ServerName vhost2.domain.tld
  DocumentRoot /path/to/vhost2

  <Directory /path/to/vhost2 >
    Options Indexes FollowSymLinks
    Allow from All
  </Directory>
</VirtualHost>



The first virtual host is the default one. This is the one you should have configured in /etc/apache2/conf/apache2.conf outside any <VirtualHost> with ServerName and DocumentRoot.


All directories I named /path/to/vhost* above should have permissions set with user=vhost user and group=apache.

The following will prepend the name of the vhost to each log message. You can use the script split-logfile to split them into several ones as delta407 is doing with his script on a daily basis. See http://httpd.apache.org/docs-2.0/vhosts/fd-limits.html#splitlogs for more info on that.
Code:
LogFormat "%v %h %l %u %t \"%r\" %s %b" vhost
CustomLog logs/access_log vhost


If you wanna do more with vhosts consider apaches manual: http://httpd.apache.org/docs-2.0/vhosts/

Alex
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Fri May 02, 2003 12:45 am    Post subject: Re: Web based admin Reply with quote

cryos wrote:
One thing I have always wanted to do is create my own customised web based admin for creating new users, mail accounts etc. How would one go about doing this?
Carefully. ;-)

cryos wrote:
I thought of using PHP, but it would need root access for several operations.
Code:
# emerge sudo

With sudo and a handful of carefully set up shell scripts, you can let your web server user securely perform a limited number of operations as root (specifically, the shell scripts).

cryos wrote:
Perl was another thought.
Was? ;-)

cryos wrote:
I would love some tips on how to make good, secure web based admin scripts.
Security has several levels. One is making sure that the user is who they say they are, another is making sure that user is allowed to perform the operation they are attempting to, another is to make sure that operation works exactly as intended without giving that user any more power than intended. <plug type="shameless"> The first two can be handled easily with a web application framework, such as LISSARD. </plug>

The last one is left to a utility, like sudo, and careful coding. (The shell scripts are so that the web server isn't directly performing operations, but telling something else to. They can be 700/root:root, meaning that if someone gained web server privs then they can't see exactly what your script is doing.)

cryos wrote:
I might be able to transform some of these amazing scripts into web based ones then. I am pretty good with PHP/Perl, and so just need to figure out how to give my web based scripts root access in a safe way...
Again, check out sudo, and make sure your target scripts carefully scrutinize their inputs. (My scripts do not.) Check for shell metacharacters and so on before elevating to root.

cryos wrote:
Keep up the great work, you've taught me a lot about virtual hosting in this thread! :D
No problem.

goldeneye wrote:
Establishing a vhost is quite easy there, you just have to put the following in your /etc/apache2/conf/vhosts/vhost.conf:
One of the perks of -- indeed, the primary reason for -- setting up virtual hosting in this manner is that one may create a new virtual host by simply creating a directory. No poking in config files, no killing/restarting the web server, etc. That's why I'm using this crazy mod_rewrite thing instead of the built-in Apache virtual hosting directives: it's far easier to automate.
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
WaMan
Tux's lil' helper
Tux's lil' helper


Joined: 28 Jun 2002
Posts: 96

PostPosted: Sat May 03, 2003 3:42 am    Post subject: Reply with quote

Thanks for the nice set of scripts - I'm slowly trying to figure everything out.

One thing I can't figure out is whether the routing to the virtual hosts is supposed to be done automatically, or if I am supposed to add
Code:
<VirtualHost *>
    ServerName www.otherdomain.tld
    DocumentRoot /www/otherdomain
    </VirtualHost>


manually.

Here's my problem: I'm just testing things out, so I put www.otherdomain.com in my hosts file at 127.0.0.1. When I take a look at www.otherdomain.com in my browser, I can only see the default website, not www.otherdomain.com. Is this 1) because I cheated by using my hosts file, 2) becuase I'm supposed to manually add the virtual domain, or 3) for some other reason?


Thanks for your help
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Sat May 03, 2003 4:19 am    Post subject: Reply with quote

WaMan wrote:
One thing I can't figure out is whether the routing to the virtual hosts is supposed to be done automatically, or if I am supposed to add
Code:
<VirtualHost *>
    ServerName www.otherdomain.tld
    DocumentRoot /www/otherdomain
    </VirtualHost>


manually.
It's automatic. Just create /pub/www/hosts/my.host.name and your machine will answer as my.host.name, serving files from that directory. (mod_rewrite is, truly, the Apache swiss army knife.)

WaMan wrote:
Is this 1) because I cheated by using my hosts file, 2) becuase I'm supposed to manually add the virtual domain, or 3) for some other reason?
Guessing 3. What does your Apache access/error log report? Does /pub/www/hosts/www.otherdomain.com exist?
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
WaMan
Tux's lil' helper
Tux's lil' helper


Joined: 28 Jun 2002
Posts: 96

PostPosted: Sun May 04, 2003 5:19 am    Post subject: Reply with quote

Hi delta407,

Thanks for the response. Here are the logs you suggested and yes, the domain directories are created. Below, I fire up apache and then look at localhost followed by www.mydomain.ca

Quote:

# more access_log
127.0.0.1 - - [04/May/2003:01:10:19 -0400] "GET / HTTP/1.1" 200 1464 "-" "Mozilla/5.0 Galeon/1.2.8 (X1
1; Linux i686; U;) Gecko/20030302"
127.0.0.1 127.0.0.1 - - [04/May/2003:01:10:19 -0400] "GET / HTTP/1.1" 200 1464
127.0.0.1 - - [04/May/2003:01:10:19 -0400] "GET /apache_pb.gif HTTP/1.1" 404 285 "http://localhost/" "
Mozilla/5.0 Galeon/1.2.8 (X11; Linux i686; U;) Gecko/20030302"
127.0.0.1 127.0.0.1 - - [04/May/2003:01:10:19 -0400] "GET /apache_pb.gif HTTP/1.1" 404 285
127.0.0.1 - - [04/May/2003:01:10:25 -0400] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 Galeon/1.2.8 (X11;
Linux i686; U;) Gecko/20030302"
127.0.0.1 127.0.0.1 - - [04/May/2003:01:10:25 -0400] "GET / HTTP/1.1" 200 -
127.0.0.1 - - [04/May/2003:01:10:25 -0400] "GET /apache_pb.gif HTTP/1.1" 404 285 "http://www.mydomain.c
a/" "Mozilla/5.0 Galeon/1.2.8 (X11; Linux i686; U;) Gecko/20030302"
127.0.0.1 127.0.0.1 - - [04/May/2003:01:10:25 -0400] "GET /apache_pb.gif HTTP/1.1" 404 285




Quote:

more error_log
[Sun May 4 01:10:09 2003] [alert] apache: Could not determine the server's fully qualified domain nam
e, using 127.0.0.1 for ServerName
[Sun May 4 01:10:10 2003] [notice] Apache/1.3.27 (Unix) (Gentoo/Linux) configured -- resuming normal
operations
[Sun May 4 01:10:10 2003] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun May 4 01:10:10 2003] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Sun May 4 01:10:19 2003] [error] [client 127.0.0.1] File does not exist: /pub/www/default/apache_pb.
gif
[Sun May 4 01:10:25 2003] [error] [client 127.0.0.1] File does not exist: /pub/www/default/apache_pb.
gif

Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Sun May 04, 2003 10:26 am    Post subject: Reply with quote

WaMan wrote:
Code:

# more access_log
127.0.0.1 - - [04/May/2003:01:10:19 -0400] "GET / HTTP/1.1" 200 1464 "-" "Mozilla/5.0 Galeon/1.2.8 (X11; Linux i686; U;) Gecko/20030302" 127.0.0.1
It seems as if your browser is sending a Host: header of 127.0.0.1 instead of "www.mydomain.ca"...?

At this point, I would use Ethereal to sniff the loopback traffic in order to find out what Host: header your browser is actually sending in the HTTP request. Are you using a proxy on localhost or anything silly like that?
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
WaMan
Tux's lil' helper
Tux's lil' helper


Joined: 28 Jun 2002
Posts: 96

PostPosted: Sun May 04, 2003 2:46 pm    Post subject: Reply with quote

I'm not really sure if I understand your concern. The log was created by first looking at [url]http://localhost [/url]
in my browser (just as a reference) and then I typed in [url]www.mydomain.ca [/url] - so there are 2 seperate events in there. The one that doesn't work is
Quote:

127.0.0.1 - - [04/May/2003:01:10:25 -0400] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 Galeon/1.2.8 (X11; Linux i6
86; U;) Gecko/20030302"
127.0.0.1 127.0.0.1 - - [04/May/2003:01:10:25 -0400] "GET / HTTP/1.1" 200 -
127.0.0.1 - - [04/May/2003:01:10:25 -0400] "GET /apache_pb.gif HTTP/1.1" 404 285 "http://www.mydomain.ca/" "Moz
illa/5.0 Galeon/1.2.8 (X11; Linux i686; U;) Gecko/20030302"
127.0.0.1 127.0.0.1 - - [04/May/2003:01:10:25 -0400] "GET /apache_pb.gif HTTP/1.1" 404 285



This still shows that the host of interest is "http://www.mydomain.ca/", at least for the gif request.
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Sun May 04, 2003 7:08 pm    Post subject: Reply with quote

The first field in the log file indicates the virtual host; the second to last field (which reads mydomain.ca) indicates the referrer. In short, something strange is happening in wonderland. ;-)
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
WaMan
Tux's lil' helper
Tux's lil' helper


Joined: 28 Jun 2002
Posts: 96

PostPosted: Mon May 05, 2003 2:30 am    Post subject: Reply with quote

Hi Delta407,

Sorry to pester you again - thanks for your help. I think my problem is just some really stupid permission problem in my commonapache.conf. Even without the virtual hosting it seems that I can only serve documents from /home/httpd/htdocs. I have changed all the settings I thought were relevant, so I must have a typo or something silly somewher. Would you be so kind as to post yours?

Thanks again
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Mon May 05, 2003 2:43 am    Post subject: Reply with quote

If you have the necessary "<Directory ___>" section, it's probably an issue with Apache reading the parent directories. Because of the way .htaccess files are read -- Apache checks /full/path/to/dir, /full/path/to, /full/path, /full, and / for .htaccess files. It Apache can't read /full/path, it doesn't matter what the permissions are elsewhere, it throws a 403 Forbidden.

I would suggest checking the directory permissions, and then tell me if you still have issues.
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
WaMan
Tux's lil' helper
Tux's lil' helper


Joined: 28 Jun 2002
Posts: 96

PostPosted: Mon May 05, 2003 2:46 am    Post subject: Reply with quote

All the directories and their parents are chmod 755.

What should DocumentRoot be set to?
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Mon May 05, 2003 5:55 am    Post subject: Reply with quote

Mine is /pub/www/, but even with that in place I have no problems serving files symlinked into /home/httpd/htdocs and elsewhere.
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
splooge
l33t
l33t


Joined: 30 Aug 2002
Posts: 636

PostPosted: Wed May 07, 2003 5:41 am    Post subject: Reply with quote

Stupid question. I have RTFM and STFW. (see sig.) I just need some clarification on this:

axfrdns seems to be the program for zone transfers.

dnscache seems to be the program to be a caching name server (for a lan or similar)

The problem: they both run on the same port: 53. Thus: I can't load them both at the same time.

How can I get axfrdns and dnscache to act as if they were running on the same port? (Is this the right question to ask?) I understand how DNS works, I just don't quite understand how djbdns works with its separate programs. BIND seemed to handle all this on the same port (I think?).

I'm sure it's a simple solution that just hasn't 'clicked' yet in my head. Thanks for your time :-)
_________________
http://get.a.clue.de
Back to top
View user's profile Send private message
delta407
Bodhisattva
Bodhisattva


Joined: 23 Apr 2002
Posts: 2876
Location: Chicago, IL

PostPosted: Wed May 07, 2003 11:47 am    Post subject: Reply with quote

Slightly OT, but okay. axfrdns does zone transfers, yes, but it listens on port 53 TCP -- dnscache listens on port 53 UDP. The problem comes in making dnscache and tinydns cooperate, as they both use UDP. ;-)
_________________
I don't believe in witty sigs.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2, 3, 4  Next
Page 2 of 4

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum