Apache mit Makros – Kurzanleitung

Veröffentlichung 10. September 2018 @ 20:58
Letzte Änderung 21. März 2021 @ 9:49

Übersicht

  • Anlage typischer Virtual-Host-Konfigurationen mit Makros
  • Anwendungsbeispiel mit Umleitungen auf kanonische URL mit Authentifizierung und PHP-FPM-Anbindung

Voraussetzungen

Ubuntu-Server

  • Admin-E-Mail webmaster@example.com
  • Betriebsystem Ubuntu Server 16.04.05 LTS #lsb_release -a
  • htpasswd-Datei /etc/apache2/.htpasswd
  • Installation /srv/www/example
  • Konfiguration /etc/apache2/conf-available/macro.conf, /etc/apache2/mods-available/macro.load, /etc/apache2/sites-available/example.conf
  • Log /var/log/apache2/example-access.log, /var/log/apache2/example-error.log
  • PHP-FPM-Socket /run/php/php7.0-fpm-example.sock
  • Ports HTTP 80, HTTPS 443
  • Software Apache 2.4.18 #apache2 -v
  • Software PHP 7.0.30 #php –version
  • URLs http://example.com, http://www.example.com, https://example.com, https://www.example.com
  • Zertifikate und Schlüssel /etc/letsencrypt/live/example.com/*.pem, /etc/letsencrypt/live/www.example.com/*.pem

Apache-Modul mod_macro aktivieren

a2enmod macro

Apache-Makro-Konfiguration anlegen und aktivieren

Konfigurationsdatei anlegen

#Macros for single directives / sets of directives:
<Macro MacroDocument $DocumentRoot>
DocumentRoot $DocumentRoot
</Macro>
<Macro MacroLog $Log>
CustomLog ${APACHE_LOG_DIR}/$Log-access.log vhost_combined
ErrorLog ${APACHE_LOG_DIR}/$Log-error.log
</Macro>
<Macro MacroRedirect $Redirect>
Redirect permanent / $Redirect
</Macro>
<Macro MacroServer $ServerAdmin $ServerName>
ServerAdmin $ServerAdmin
ServerName $ServerName
</Macro>
<Macro MacroServerAlias $ServerAlias>
ServerAlias $ServerAlias
</Macro>
<Macro MacroSSL $SSLCertificateFile $SSLCertificateKeyFile>
SSLCertificateFile $SSLCertificateFile
SSLCertificateKeyFile $SSLCertificateKeyFile
SSLEngine on
</Macro>
#Macros for directories:
<Macro MacroDirectoryAuth $Directory $AuthName $AuthUserFile>
<Directory $Directory>
AuthBasicProvider file
AuthName $AuthName
AuthType Basic
AuthUserFile $AuthUserFile
Require valid-user
</Directory>
</Macro>
#Special purpose macros:
<Macro MacroPHPFPMProxy $Socket>
<FilesMatch "\.php$">
<If "-f %{REQUEST_FILENAME}">
SetHandler "proxy:unix:/run/php/php7.0-fpm-$Socket.sock|fcgi://localhost/"
</If>
</FilesMatch>
<Proxy "fcgi://localhost/">
</Proxy>
</Macro>
#Macros for virtual hosts:
<Macro MacroVirtualHostHTTPForRedirectWithAlias $Port $Log $Redirect $ServerAdmin $ServerName $ServerAlias>
<VirtualHost *:$Port>
Use MacroLog $Log
Use MacroRedirect $Redirect
Use MacroServer $ServerAdmin $ServerName
Use MacroServerAlias $ServerAlias
</VirtualHost>
</Macro>
<Macro MacroVirtualHostHTTPSForRedirect $Port $Log $Redirect $ServerAdmin $ServerName $SSLCertificateFile $SSLCertificateKeyFile>
<VirtualHost *:$Port>
Use MacroLog $Log
Use MacroRedirect $Redirect
Use MacroServer $ServerAdmin $ServerName
Use MacroSSL $SSLCertificateFile $SSLCertificateKeyFile
</VirtualHost>
</Macro>
<Macro MacroVirtualHostHTTPSWithAuthAndFPM $Port $DocumentRoot $Log $ServerAdmin $ServerName $SSLCertificateFile $SSLCertificateKeyFile $AuthUserFile $Socket>
<VirtualHost *:$Port>
Use MacroDocument $DocumentRoot
Use MacroLog $Log
Use MacroServer $ServerAdmin $ServerName
Use MacroSSL $SSLCertificateFile $SSLCertificateKeyFile
Use MacroDirectoryAuth $DocumentRoot $ServerName $AuthUserFile
Use MacroPHPFPMProxy $Socket
</VirtualHost>
</Macro>

Konfiguration aktivieren

a2enconf macro

Konfiguration testen und Apache neuladen

apache2ctl configtest
systemctl reload apache2
#systemctl status apache2

[Beispiel] Virtuellen Host mit Umleitung von http://example.com, http://www.example.com und https://example.com auf https://www.example.com, Authentifizierung und PHP-FPM-Anbindung einrichten

Apache-Konfigurationsdatei anlegen

Use MacroVirtualHostHTTPForRedirectWithAlias "80" "example" "https://example.com/" "webmaster@example.com" "example.com" "www.example.com"
Use MacroVirtualHostHTTPSForRedirect "443" "example" "https://www.example.com/" "webmaster@example.com" "example.com" "/etc/letsencrypt/live/example.com/fullchain.pem" "/etc/letsencrypt/live/example.com/privkey.pem"
Use MacroVirtualHostHTTPSWithAuthAndFPM "443" "/srv/www/example" "example" "webmaster@example.com" "www.example.com" "/etc/letsencrypt/live/www.example.com/fullchain.pem" "/etc/letsencrypt/live/www.example.com/privkey.pem" "/etc/apache2/.htpasswd" "example"
UndefMacro MacroVirtualHostHTTPForRedirectWithAlias
UndefMacro MacroVirtualHostHTTPSForRedirect
UndefMacro MacroVirtualHostHTTPSWithAuthAndFPM

Virtuellen Host aktivieren

a2ensite example

Konfiguration testen und Apache neuladen

apache2ctl configtest
systemctl reload apache2
#systemctl status apache2

Quellen

https://httpd.apache.org/
https://httpd.apache.org/docs/2.4/mod/mod_macro.html
https://serverfault.com/questions/717481/how-can-i-fix-recurring-php-503-errors-on-my-apache-mod-proxy-fcgi-php-fpm-serve
https://wiki.apache.org/httpd/PHP-FPM