Vhost — различия между версиями

Материал из pNp Wiki
Перейти к: навигация, поиск
(Конфигурирование виртуального хоста)
(Конфигурирование виртуального хоста)
 
(не показано 8 промежуточных версий этого же участника)
Строка 3: Строка 3:
 
==== Предварительные требования ====
 
==== Предварительные требования ====
 
* Виртуальная машина с двумя сетевыми интерфейсами
 
* Виртуальная машина с двумя сетевыми интерфейсами
* Установленные пакеты: <code>bash-completion</code>, <code>policycoreutils</code>, <code>policycoreutils-python</code>, <code>policycoreutils-devel</code>, <code>setroubleshoot-server</code>, <code>httpd</code>, <code>elinks</code>, <code>curl</code>
+
* Установленные пакеты: <code>bash-completion</code>, <code>policycoreutils</code>, <code>policycoreutils-python</code>, <code>policycoreutils-devel</code>, <code>setroubleshoot-server</code>, <code>httpd</code>, <code>httpd-manual</code>, <code>elinks</code>, <code>curl</code>
  
 
== Конфигурирование виртуального хоста ==
 
== Конфигурирование виртуального хоста ==
Строка 45: Строка 45:
 
Создадим файл <code>index.html</code>:
 
Создадим файл <code>index.html</code>:
 
<syntaxhighlight lang="bash">
 
<syntaxhighlight lang="bash">
[root@vm-01 logs]# printf "Hello world.\n$(date)" > /content/index.html
+
[root@vm-01 logs]# printf "Hello world.\n$(date)\n" > /content/index.html
 
[root@vm-01 logs]# restorecon -vR /content/
 
[root@vm-01 logs]# restorecon -vR /content/
 
[root@vm-01 logs]#
 
[root@vm-01 logs]#
 
</syntaxhighlight>
 
</syntaxhighlight>
 +
Файл <code>/etc/httpd/conf.d/vm-01.conf</code> приводим к следующему виду:
 +
<syntaxhighlight lang="bash">
 +
[root@vm-01 logs]# cat /etc/httpd/conf.d/vm-01.conf
 +
# Virtual Hosts
 +
#
 +
# Required modules: mod_log_config
 +
 +
# If you want to maintain multiple domains/hostnames on your
 +
# machine you can setup VirtualHost containers for them. Most configurations
 +
# use only name-based virtual hosts so the server doesn't need to worry about
 +
# IP addresses. This is indicated by the asterisks in the directives below.
 +
#
 +
# Please see the documentation at
 +
# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
 +
# for further details before you try to setup virtual hosts.
 +
#
 +
# You may use the command line option '-S' to verify your virtual host
 +
# configuration.
 +
 +
#
 +
# VirtualHost example:
 +
# Almost any Apache directive may go into a VirtualHost container.
 +
# The first VirtualHost section is used for all requests that do not
 +
# match a ServerName or ServerAlias in any <VirtualHost> block.
 +
#
 +
<VirtualHost *:80>
 +
    ServerAdmin webmaster@vm-01.example.com
 +
    DocumentRoot "/content"
 +
    ServerName vm-01.example.com
 +
    ServerAlias www.vm-01.example.com
 +
    ErrorLog "/var/log/httpd/vm-01.example.com-error_log"
 +
    CustomLog "/var/log/httpd/vm-01.example.com-access_log" common
 +
<Directory "/content">
 +
    AllowOverride None
 +
    # Allow open access:
 +
    Require all granted
 +
</Directory>
 +
</VirtualHost>
 +
</syntaxhighlight>
 +
Проверяем синтаксис конфигурационного файла:
 +
<syntaxhighlight lang="bash">
 +
[root@vm-01 logs]# httpd -t
 +
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.122.158. Set the 'ServerName' directive globally to suppress this message
 +
Syntax OK
 +
[root@vm-01 logs]# httpd -D DUMP_VHOSTS
 +
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.122.158. Set the 'ServerName' directive globally to suppress this message
 +
VirtualHost configuration:
 +
*:80                  vm-01.example.com (/etc/httpd/conf.d/vm-01.conf:23)
 +
[root@vm-01 logs]#
 +
</syntaxhighlight>
 +
Либо, для тех же целей можно использовать утилиту <code>apachectl</code>:
 +
<syntaxhighlight lang="bash">
 +
[root@vm-01 logs]# apachectl configtest
 +
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.122.158. Set the 'ServerName' directive globally to suppress this message
 +
Syntax OK
 +
[root@vm-01 logs]#
 +
</syntaxhighlight>
 +
==== Запуск ====
 +
Запускаем сервис:
 +
<syntaxhighlight lang="bash">
 +
[root@vm-01 logs]# systemctl start httpd
 +
[root@vm-01 logs]# systemctl is-active httpd
 +
active
 +
[root@vm-01 logs]#
 +
</syntaxhighlight>
 +
Добавляем разрешение в файрволе:
 +
<syntaxhighlight lang="bash">
 +
[root@vm-01 ~]# firewall-cmd --add-service={http,https} --permanent
 +
success
 +
[root@vm-01 ~]# firewall-cmd --reload
 +
success
 +
[root@vm-01 ~]# firewall-cmd --list-services
 +
dhcpv6-client https http ssh dns
 +
[root@vm-01 ~]#
 +
</syntaxhighlight>
 +
==== Проверка ====
 +
С виртуальной машины <code>vm-02</code> обратимся к странице при помощи утилиты <code>curl</code>:
 +
<syntaxhighlight lang="bash">
 +
[root@vm-02 ~]# curl "http://192.168.1.1"
 +
Hello world.
 +
Tue Jan 23 13:57:22 MSK 2018
 +
[root@vm-02 ~]#
 +
</syntaxhighlight>
 +
 +
== Ссылки ==
 +
[https://httpd.apache.org/docs/2.4/vhosts/ Apache Virtual Hosts]<br />
 +
[https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-web_servers#s2-apache-virtualhosts RHEL System Administration Guide]

Текущая версия на 10:31, 31 января 2018

Конфигурирование Apache. Виртуальные хосты

Предварительные требования

  • Виртуальная машина с двумя сетевыми интерфейсами
  • Установленные пакеты: bash-completion, policycoreutils, policycoreutils-python, policycoreutils-devel, setroubleshoot-server, httpd, httpd-manual, elinks, curl

Конфигурирование виртуального хоста

Включим поддержку обычного виртуального хоста vm-01.example.com. Для хранения наших примеров будем использовать директорию /content. Скопируем пример из документации в качестве "рыбы" для нашего будущего виртуального хоста, затем создадим директорию и присвоем ей контекст SELinux:

[root@vm-01 logs]# rpm -qd httpd
/usr/share/doc/httpd-2.4.6/ABOUT_APACHE
/usr/share/doc/httpd-2.4.6/CHANGES
/usr/share/doc/httpd-2.4.6/LICENSE
/usr/share/doc/httpd-2.4.6/NOTICE
/usr/share/doc/httpd-2.4.6/README
/usr/share/doc/httpd-2.4.6/VERSIONING
/usr/share/doc/httpd-2.4.6/httpd-dav.conf
/usr/share/doc/httpd-2.4.6/httpd-default.conf
/usr/share/doc/httpd-2.4.6/httpd-info.conf
/usr/share/doc/httpd-2.4.6/httpd-languages.conf
/usr/share/doc/httpd-2.4.6/httpd-manual.conf
/usr/share/doc/httpd-2.4.6/httpd-mpm.conf
/usr/share/doc/httpd-2.4.6/httpd-multilang-errordoc.conf
/usr/share/doc/httpd-2.4.6/httpd-vhosts.conf
/usr/share/doc/httpd-2.4.6/proxy-html.conf
/usr/share/man/man8/apachectl.8.gz
/usr/share/man/man8/fcgistarter.8.gz
/usr/share/man/man8/htcacheclean.8.gz
/usr/share/man/man8/httpd.8.gz
/usr/share/man/man8/rotatelogs.8.gz
/usr/share/man/man8/suexec.8.gz    
[root@vm-01 logs]# cp /usr/share/doc/httpd-2.4.6/httpd-vhosts.conf /etc/httpd/conf.d/vm-01.conf
[root@vm-01 logs]# ls -Z /var/www/
drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin
drwxr-xr-x. root root system_u:object_r:httpd_sys_content_t:s0 html
[root@vm-01 logs]# mkdir /content
[root@vm-01 logs]# semanage fcontext -at httpd_sys_content_t "/content(/.*)?"
[root@vm-01 logs]# restorecon -vR /content/
restorecon reset /content context unconfined_u:object_r:default_t:s0->unconfined_u:object_r:httpd_sys_content_t:s0
[root@vm-01 logs]# ls -Z / | grep cont
drwxr-xr-x. root root unconfined_u:object_r:httpd_sys_content_t:s0 content
[root@vm-01 logs]#

Создадим файл index.html:

[root@vm-01 logs]# printf "Hello world.\n$(date)\n" > /content/index.html
[root@vm-01 logs]# restorecon -vR /content/
[root@vm-01 logs]#

Файл /etc/httpd/conf.d/vm-01.conf приводим к следующему виду:

[root@vm-01 logs]# cat /etc/httpd/conf.d/vm-01.conf 
# Virtual Hosts
#
# Required modules: mod_log_config

# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at 
# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost *:80>
    ServerAdmin webmaster@vm-01.example.com
    DocumentRoot "/content"
    ServerName vm-01.example.com
    ServerAlias www.vm-01.example.com
    ErrorLog "/var/log/httpd/vm-01.example.com-error_log"
    CustomLog "/var/log/httpd/vm-01.example.com-access_log" common
	<Directory "/content">
    		AllowOverride None
    		# Allow open access:
    		Require all granted
	</Directory>
</VirtualHost>

Проверяем синтаксис конфигурационного файла:

[root@vm-01 logs]# httpd -t
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.122.158. Set the 'ServerName' directive globally to suppress this message
Syntax OK
[root@vm-01 logs]# httpd -D DUMP_VHOSTS
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.122.158. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80                   vm-01.example.com (/etc/httpd/conf.d/vm-01.conf:23)
[root@vm-01 logs]#

Либо, для тех же целей можно использовать утилиту apachectl:

[root@vm-01 logs]# apachectl configtest
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 192.168.122.158. Set the 'ServerName' directive globally to suppress this message
Syntax OK
[root@vm-01 logs]#

Запуск

Запускаем сервис:

[root@vm-01 logs]# systemctl start httpd
[root@vm-01 logs]# systemctl is-active httpd
active
[root@vm-01 logs]#

Добавляем разрешение в файрволе:

[root@vm-01 ~]# firewall-cmd --add-service={http,https} --permanent 
success
[root@vm-01 ~]# firewall-cmd --reload 
success
[root@vm-01 ~]# firewall-cmd --list-services 
dhcpv6-client https http ssh dns
[root@vm-01 ~]#

Проверка

С виртуальной машины vm-02 обратимся к странице при помощи утилиты curl:

[root@vm-02 ~]# curl "http://192.168.1.1"
Hello world.
Tue Jan 23 13:57:22 MSK 2018
[root@vm-02 ~]#

Ссылки

Apache Virtual Hosts
RHEL System Administration Guide