Skip to content

Installation with Apache

Jump to bottom
Andrey Gagarin edited this page Sep 23, 2020 · 5 revisions

Installing Apache

Install the Apache webserver and the necessary modules.

sudo apt update

sudo apt install apache2

Enable modules:

sudo a2enmod headers proxy proxy_http ssl proxy_wstunnel rewrite

Disable the placeholder site that comes with Apache:

sudo a2dissite 000-default.conf

Setting Apache

Create config file /etc/apache2/conf-available/letsencrypt.conf:

 Alias /.well-known/acme-challenge/ "/var/www/html/.well-known/acme-challenge/"
 <Directory "/var/www/html/">
 AllowOverride None
 Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
 Require method GET POST OPTIONS
 </Directory>

After you need to enable config

sudo a2enconf letsencrypt

Create a file /etc/apache2/sites-available/001-site.conf with the following contents, replacing your.site.com with the DNS name of your site. This site will simply redirect all traffic from port 80 (HTTP) to port 443 (HTTPS).

<VirtualHost *:80>
ServerName your.site.com
Redirect / https://your.site.com/
</VirtualHost>

Enable config:

sudo a2ensite 001-site.conf

sudo service apache2 reload

Installing certbot

Install certbot on you server. If you have fresh version of Ubuntu or Debian:

sudo apt-get update

sudo apt-get install certbot python-certbot-apache

For other system you can find installation tips on official website of Certbot:

https://certbot.eff.org/

Obtaining certificate

sudo certbot --apache

Setting ssl for Apache

Create a file /etc/apache2/sites-available/001-site-ssl.conf with the following contents, replacing your.site.com with the DNS name of your site and /path/to/your/ssl-keys/ with the path to your SSL keys. This site will listen on port 443 (HTTPS), decrypt the connection, and pass on the HTTP requests to backend.

<VirtualHost *:443>
ServerName your.site.com

ProxyPreserveHost On

ProxyPass        /upload  http://127.0.0.1:5280/upload/
ProxyPassReverse /upload  http://127.0.0.1:5280/upload/

ProxyPass / http://localhost:8000/
ProxyPassReverse / http://localhost:8000/

SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/your.site.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/your.site.com/privkey.pem

</VirtualHost>

Enable config with ssl:

sudo a2ensite 001-site-ssl.conf

sudo service apache2 restart

Installing SSL certificate into Xabber Server

Contents

Clone this wiki locally