Apache mit Makros – Kurzanleitung

Veröffentlichung 10. September 2018 @ 20:58
Letzte Änderung 20. September 2018 @ 17:58

Übersicht

  • Anlage typischer Virtual-Host-Konfigurationen mit Makros
  • Anwendungsbeispiel mit Umleitungen auf kanonische URL mit Authentifizierung und PHP-FPM-Anbindung

Voraussetzungen

Ubuntu-Server

  • Admin-E-Mail webmaster@example.com
  • Betriebsystem Ubuntu Server 16.04.05 LTS #lsb_release -a
  • htpasswd-Datei /etc/apache2/.htpasswd
  • Installation /srv/www/example
  • Konfiguration /etc/apache2/conf-available/macro.conf, /etc/apache2/mods-available/macro.load, /etc/apache2/sites-available/example.conf
  • Log /var/log/apache2/example-access.log, /var/log/apache2/example-error.log
  • PHP-FPM-Socket /run/php/php7.0-fpm-example.sock
  • Ports HTTP 80, HTTPS 443
  • Software Apache 2.4.18 #apache2 -v
  • Software PHP 7.0.30 #php –version
  • URLs http://example.com, http://www.example.com, https://example.com, https://www.example.com
  • Zertifikate und Schlüssel /etc/letsencrypt/live/example.com/*.pem, /etc/letsencrypt/live/www.example.com/*.pem

Apache-Modul mod_macro aktivieren

a2enmod macro

Apache-Makro-Konfiguration anlegen und aktivieren

Konfigurationsdatei anlegen

#Macros for single directives / sets of directives:
<Macro MacroDocument $DocumentRoot>
  DocumentRoot $DocumentRoot
</Macro>
<Macro MacroLog $Log>
  CustomLog ${APACHE_LOG_DIR}/$Log-access.log vhost_combined
  ErrorLog ${APACHE_LOG_DIR}/$Log-error.log
</Macro>
<Macro MacroRedirect $Redirect>
  Redirect permanent / $Redirect
</Macro>
<Macro MacroServer $ServerAdmin $ServerName>
  ServerAdmin $ServerAdmin
  ServerName $ServerName
</Macro>
<Macro MacroServerAlias $ServerAlias>
  ServerAlias $ServerAlias
</Macro>
<Macro MacroSSL $SSLCertificateFile $SSLCertificateKeyFile>
  SSLCertificateFile $SSLCertificateFile
  SSLCertificateKeyFile $SSLCertificateKeyFile
  SSLEngine on
</Macro>
#Macros for directories:
<Macro MacroDirectoryAuth $Directory $AuthName $AuthUserFile>
  <Directory $Directory>
    AuthBasicProvider file
    AuthName $AuthName
    AuthType Basic
    AuthUserFile $AuthUserFile
    Require valid-user
  </Directory>
</Macro>
#Special purpose macros: 
<Macro MacroPHPFPMProxy $Socket>
  <FilesMatch "\.php$">
    <If "-f %{REQUEST_FILENAME}">
      SetHandler "proxy:unix:/run/php/php7.0-fpm-$Socket.sock|fcgi://localhost/"
    </If>
  </FilesMatch>
  <Proxy "fcgi://localhost/">
  </Proxy>
</Macro>
#Macros for virtual hosts:
<Macro MacroVirtualHostHTTPForRedirectWithAlias $Port $Log $Redirect $ServerAdmin $ServerName $ServerAlias>
  <VirtualHost *:$Port>
    Use MacroLog $Log
    Use MacroRedirect $Redirect
    Use MacroServer $ServerAdmin $ServerName
    Use MacroServerAlias $ServerAlias
  </VirtualHost>
</Macro>
<Macro MacroVirtualHostHTTPSForRedirect $Port $Log $Redirect $ServerAdmin $ServerName $SSLCertificateFile $SSLCertificateKeyFile>
  <VirtualHost *:$Port>
    Use MacroLog $Log
    Use MacroRedirect $Redirect
    Use MacroServer $ServerAdmin $ServerName
    Use MacroSSL $SSLCertificateFile $SSLCertificateKeyFile
  </VirtualHost>
</Macro>
<Macro MacroVirtualHostHTTPSWithAuthAndFPM $Port $DocumentRoot $Log $ServerAdmin $ServerName $SSLCertificateFile $SSLCertificateKeyFile $AuthUserFile $Socket>
  <VirtualHost *:$Port>
    Use MacroDocument $DocumentRoot
    Use MacroLog $Log
    Use MacroServer $ServerAdmin $ServerName
    Use MacroSSL $SSLCertificateFile $SSLCertificateKeyFile
    Use MacroDirectoryAuth $DocumentRoot $ServerName $AuthUserFile
    Use MacroPHPFPMProxy $Socket
  </VirtualHost>
</Macro>

Konfiguration aktivieren

a2enconf macro

Konfiguration testen und Apache neuladen

apache2ctl configtest
systemctl reload apache2
#systemctl status apache2

[Beispiel] Virtuellen Host mit Umleitung von http://example.com, http://www.example.com und https://example.com auf https://www.example.com, Authentifizierung und PHP-FPM-Anbindung einrichten

Apache-Konfigurationsdatei anlegen

Use MacroVirtualHostHTTPForRedirectWithAlias "80" "example" "https://example.com/" "webmaster@example.com" "example.com" "www.example.com"
Use MacroVirtualHostHTTPSForRedirect "443" "example" "https://www.example.com/" "webmaster@example.com" "example.com" "/etc/letsencrypt/live/example.com/fullchain.pem" "/etc/letsencrypt/live/example.com/privkey.pem"
Use MacroVirtualHostHTTPSWithAuthAndFPM "443" "/srv/www/example" "example" "webmaster@example.com" "www.example.com" "/etc/letsencrypt/live/www.example.com/fullchain.pem" "/etc/letsencrypt/live/www.example.com/privkey.pem" "/etc/apache2/.htpasswd" "example"
UndefMacro MacroVirtualHostHTTPForRedirectWithAlias
UndefMacro MacroVirtualHostHTTPSForRedirect
UndefMacro MacroVirtualHostHTTPSWithAuthAndFPM

Virtuellen Host aktivieren

a2ensite example

Konfiguration testen und Apache neuladen

apache2ctl configtest
systemctl reload apache2
#systemctl status apache2

Quellen

https://httpd.apache.org/
https://httpd.apache.org/docs/2.4/mod/mod_macro.html
https://serverfault.com/questions/717481/how-can-i-fix-recurring-php-503-errors-on-my-apache-mod-proxy-fcgi-php-fpm-serve
https://wiki.apache.org/httpd/PHP-FPM

Schreibe einen Kommentar