-
Notifications
You must be signed in to change notification settings - Fork 0
/
http_and_https_server_setup_on_ubuntu
202 lines (164 loc) · 10.3 KB
/
http_and_https_server_setup_on_ubuntu
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
http:
echo "options timeout:1 attempts:1 rotate" >> /etc/resolv.conf
sudo apt-get update
sudo apt-get install apache2 -y
sudo systemctl start apache2
sudo systemctl enable apache2
ps awux | grep apache2
copy files to
/var/www/html
Access the server files
http://ip
PyEZ installation:
from jnpr.junos import Device
from jnpr.junos.utils.sw import SW
dev = Device(host='xx.xx.xx.xx', user='xyz', password='xyz', gather_facts=False)
dev.open()
def myprogress(dev, report):
print("host: {}, report: {}".format( dev.hostname, report))
pkg = 'http://1.1.1.2//xyz.tgz'
sw = SW(dev)
ok, msg = sw.install(package=pkg, validate=True, no_copy=False, remote_path='/var/tmp', progress=myprogress)
if ok:
sw.reboot()
https:
apt-get update
apt-get install apache2 openssl
a2enmod ssl
a2enmod rewrite
vi /etc/apache2/apache2.conf
<Directory /var/www/html>
AllowOverride All
</Directory>
mkdir /etc/apache2/certificate
cd /etc/apache2/certificate
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out apache-certificate.crt -keyout apache.key
enter IP address of host as common_name
vi /etc/apache2/sites-enabled/000-default.conf
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt
SSLCertificateKeyFile /etc/apache2/certificate/apache.key
</VirtualHost>
service apache2 restart
root@masterhost:~# apt-get install apache2 openssl
Reading package lists... Done
Building dependency tree
Reading state information... Done
apache2 is already the newest version (2.4.41-4ubuntu3.8).
The following packages were automatically installed and are no longer required:
cgmanager fonts-ubuntu-console fonts-ubuntu-font-family-console g++-5 g++-7 gcc-8-base:i386 guile-2.0-libs javascript-common libargon2-0 libbind9-140 libbind9-160 libboost-iostreams1.54.0 libcgi-fast-perl libcgi-pm-perl
libcloog-isl4 libcryptsetup4 libcupsfilters1 libcupsimage2 libdns-export1100 libdns-export162 libdns1100 libdns162 libept1.4.12 libevent-2.1-6 libfcgi-perl libfile-copy-recursive-perl libgdbm5 libgrpc0 libgrpc3
AccessFileName .htaccess
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
#
# The following directives define some format nicknames for use with
# a CustomLog directive.
#
# These deviate from the Common Log Format definitions in that they use %O
# (the actual bytes sent including headers) instead of %b (the size of the
# requested file), because the latter makes it impossible to detect partial
# requests.
#
# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
# Use mod_remoteip instead.
#
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
SSLEngine on
SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt
SSLCertificateKeyFile /etc/apache2/certficate/apache.key
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
~
~
~
~
~
"/etc/apache2/sites-enabled/000-default.conf" 34L, 1494C written
root@masterhost:/etc/apache2/certificate# service apache2 restart
Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.
root@masterhost:/etc/apache2/certificate# systemctl status apache2 status
Unit status.service could not be found.
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2021-12-15 22:36:26 PST; 22s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 7853 ExecStart=/usr/sbin/apachectl start (code=exited, status=1/FAILURE)
Dec 15 22:36:26 masterhost systemd[1]: Starting The Apache HTTP Server...
Dec 15 22:36:26 masterhost apachectl[7864]: AH00526: Syntax error on line 31 of /etc/apache2/sites-enabled/000-default.conf:
Dec 15 22:36:26 masterhost apachectl[7864]: SSLCertificateKeyFile: file '/etc/apache2/certficate/apache.key' does not exist or is empty
Dec 15 22:36:26 masterhost apachectl[7853]: Action 'start' failed.
Dec 15 22:36:26 masterhost apachectl[7853]: The Apache error log may have more information.
Dec 15 22:36:26 masterhost systemd[1]: apache2.service: Control process exited, code=exited, status=1/FAILURE
Dec 15 22:36:26 masterhost systemd[1]: apache2.service: Failed with result 'exit-code'.
Dec 15 22:36:26 masterhost systemd[1]: Failed to start The Apache HTTP Server.
root@masterhost:/etc/apache2/certificate# ls -lrt /etc/apache2/certficate/apache.key
ls: cannot access '/etc/apache2/certficate/apache.key': No such file or directory
root@masterhost:/etc/apache2/certificate# ls
apache-certificate.crt apache.key
root@masterhost:/etc/apache2/certificate# cat apache.key
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
~
~
~
~
~
"/etc/apache2/sites-enabled/000-default.conf" 34L, 1496C written
root@masterhost:/etc/apache2/certificate# service apache2 restart
root@masterhost:/etc/apache2/certificate# systemctl status apache2 status
Unit status.service could not be found.
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2021-12-15 22:38:12 PST; 46s ago
Docs: https://httpd.apache.org/docs/2.4/
Process: 7908 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 7922 (apache2)
Tasks: 55 (limit: 2315)
Memory: 6.1M
CGroup: /system.slice/apache2.service
├─7922 /usr/sbin/apache2 -k start
├─7923 /usr/sbin/apache2 -k start
└─7924 /usr/sbin/apache2 -k start
Dec 15 22:38:10 masterhost systemd[1]: Starting The Apache HTTP Server...
Dec 15 22:38:12 masterhost apachectl[7921]: AH00557: apache2: apr_sockaddr_info_get() failed for masterhost
Dec 15 22:38:12 masterhost apachectl[7921]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1. Set the 'ServerName' directive globally to suppress this message
Dec 15 22:38:12 masterhost systemd[1]: Started The Apache HTTP Server.