Veröffentlichung 10. September 2018 @ 20:58
Letzte Änderung 21. März 2021 @ 9:49
Übersicht
- Anlage typischer Virtual-Host-Konfigurationen mit Makros
- Anwendungsbeispiel mit Umleitungen auf kanonische URL mit Authentifizierung und PHP-FPM-Anbindung
Voraussetzungen
Ubuntu-Server
- Admin-E-Mail webmaster@example.com
- Betriebsystem Ubuntu Server 16.04.05 LTS #lsb_release -a
- htpasswd-Datei /etc/apache2/.htpasswd
- Installation /srv/www/example
- Konfiguration /etc/apache2/conf-available/macro.conf, /etc/apache2/mods-available/macro.load, /etc/apache2/sites-available/example.conf
- Log /var/log/apache2/example-access.log, /var/log/apache2/example-error.log
- PHP-FPM-Socket /run/php/php7.0-fpm-example.sock
- Ports HTTP 80, HTTPS 443
- Software Apache 2.4.18 #apache2 -v
- Software PHP 7.0.30 #php –version
- URLs http://example.com, http://www.example.com, https://example.com, https://www.example.com
- Zertifikate und Schlüssel /etc/letsencrypt/live/example.com/*.pem, /etc/letsencrypt/live/www.example.com/*.pem
Apache-Modul mod_macro aktivieren
a2enmod macro
Apache-Makro-Konfiguration anlegen und aktivieren
Konfigurationsdatei anlegen
#Macros for single directives / sets of directives: <Macro MacroDocument $DocumentRoot> DocumentRoot $DocumentRoot </Macro> <Macro MacroLog $Log> CustomLog ${APACHE_LOG_DIR}/$Log-access.log vhost_combined ErrorLog ${APACHE_LOG_DIR}/$Log-error.log </Macro> <Macro MacroRedirect $Redirect> Redirect permanent / $Redirect </Macro> <Macro MacroServer $ServerAdmin $ServerName> ServerAdmin $ServerAdmin ServerName $ServerName </Macro> <Macro MacroServerAlias $ServerAlias> ServerAlias $ServerAlias </Macro> <Macro MacroSSL $SSLCertificateFile $SSLCertificateKeyFile> SSLCertificateFile $SSLCertificateFile SSLCertificateKeyFile $SSLCertificateKeyFile SSLEngine on </Macro> #Macros for directories: <Macro MacroDirectoryAuth $Directory $AuthName $AuthUserFile> <Directory $Directory> AuthBasicProvider file AuthName $AuthName AuthType Basic AuthUserFile $AuthUserFile Require valid-user </Directory> </Macro> #Special purpose macros: <Macro MacroPHPFPMProxy $Socket> <FilesMatch "\.php$"> <If "-f %{REQUEST_FILENAME}"> SetHandler "proxy:unix:/run/php/php7.0-fpm-$Socket.sock|fcgi://localhost/" </If> </FilesMatch> <Proxy "fcgi://localhost/"> </Proxy> </Macro> #Macros for virtual hosts: <Macro MacroVirtualHostHTTPForRedirectWithAlias $Port $Log $Redirect $ServerAdmin $ServerName $ServerAlias> <VirtualHost *:$Port> Use MacroLog $Log Use MacroRedirect $Redirect Use MacroServer $ServerAdmin $ServerName Use MacroServerAlias $ServerAlias </VirtualHost> </Macro> <Macro MacroVirtualHostHTTPSForRedirect $Port $Log $Redirect $ServerAdmin $ServerName $SSLCertificateFile $SSLCertificateKeyFile> <VirtualHost *:$Port> Use MacroLog $Log Use MacroRedirect $Redirect Use MacroServer $ServerAdmin $ServerName Use MacroSSL $SSLCertificateFile $SSLCertificateKeyFile </VirtualHost> </Macro> <Macro MacroVirtualHostHTTPSWithAuthAndFPM $Port $DocumentRoot $Log $ServerAdmin $ServerName $SSLCertificateFile $SSLCertificateKeyFile $AuthUserFile $Socket> <VirtualHost *:$Port> Use MacroDocument $DocumentRoot Use MacroLog $Log Use MacroServer $ServerAdmin $ServerName Use MacroSSL $SSLCertificateFile $SSLCertificateKeyFile Use MacroDirectoryAuth $DocumentRoot $ServerName $AuthUserFile Use MacroPHPFPMProxy $Socket </VirtualHost> </Macro>
Konfiguration aktivieren
a2enconf macro
Konfiguration testen und Apache neuladen
apache2ctl configtest systemctl reload apache2 #systemctl status apache2
[Beispiel] Virtuellen Host mit Umleitung von http://example.com, http://www.example.com und https://example.com auf https://www.example.com, Authentifizierung und PHP-FPM-Anbindung einrichten
Apache-Konfigurationsdatei anlegen
Use MacroVirtualHostHTTPForRedirectWithAlias "80" "example" "https://example.com/" "webmaster@example.com" "example.com" "www.example.com" Use MacroVirtualHostHTTPSForRedirect "443" "example" "https://www.example.com/" "webmaster@example.com" "example.com" "/etc/letsencrypt/live/example.com/fullchain.pem" "/etc/letsencrypt/live/example.com/privkey.pem" Use MacroVirtualHostHTTPSWithAuthAndFPM "443" "/srv/www/example" "example" "webmaster@example.com" "www.example.com" "/etc/letsencrypt/live/www.example.com/fullchain.pem" "/etc/letsencrypt/live/www.example.com/privkey.pem" "/etc/apache2/.htpasswd" "example" UndefMacro MacroVirtualHostHTTPForRedirectWithAlias UndefMacro MacroVirtualHostHTTPSForRedirect UndefMacro MacroVirtualHostHTTPSWithAuthAndFPM
Virtuellen Host aktivieren
a2ensite example
Konfiguration testen und Apache neuladen
apache2ctl configtest systemctl reload apache2 #systemctl status apache2
Quellen
https://httpd.apache.org/
https://httpd.apache.org/docs/2.4/mod/mod_macro.html
https://serverfault.com/questions/717481/how-can-i-fix-recurring-php-503-errors-on-my-apache-mod-proxy-fcgi-php-fpm-serve
https://wiki.apache.org/httpd/PHP-FPM