Project

General

Profile

Actions

Enhancement #476

closed

Static Web Space on Thorfinn

Added by Marc Dequènes over 8 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Category:
Service :: Web
Start date:
2015-08-29
Due date:
% Done:

100%

Estimated time:
Patch Available:
Confirmed:
No
Branch:
Entity:
DuckCorp
Security:
Help Needed:

Description

This will allow users to play with tools like Glowing Bear (which may later become a service if it matches certain criteria).

Actions #1

Updated by Pierre-Louis Bonicoli over 8 years ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 90
Tasks done:
  • orfeo
    • DNS entry static.perso.duckcorp.org created
  • thorfinn
    • apache2 installed, virtualhost added
      • logs are stored in /var/log/apache2/duckcorp/static.perso.duckcorp.org/
    • HTTP and HTTPS flows allowed (/etc/mp-admin/firewalling updated)
    • glowing-bear repository cloned in /srv/www/static/damien/glowing-bear/
  • daneel
    • certificate created using mkcert
Actions #2

Updated by Pierre-Louis Bonicoli over 8 years ago

Tasks done:
  • daneel:
    • adm_publish_tlsa

http://thorfinn.duckcorp requests are redirected to http://www.duckcorp.org.

ExecCGI is excluded from AllowOverride:

AllowOverride AuthConfig FileInfo Indexes Limit Options=MultiViews,SymLinksIfOwnerMatch,Includes

ACLs for /srv/www/static/<user> are:

# file: srv/www/static/<user>/
# owner: <user>
# group: www-data
# flags: -s-
user::rwx
group::r-x
group:www-data:r-x
mask::r-x
other::---
default:user::rwx
default:group::r-x
default:group:www-data:r-x
default:mask::r-x
default:other::---

About glowing-bear, the required configuration for apache is:

SSLProxyEngine on
ProxyPass "/damien/glowing-bear/weechat/" "wss://localhost:9001/weechat/" 
RewriteEngine On
RewriteCond %{REQUEST_URI}               ^/damien/glowing-bear/weechat   [NC]
RewriteRule /damien/glowing-bear/weechat wss://localhost:9001/weechat    [P,L]

One TCP port must be allocated by glowing-bear user.

Actions #4

Updated by Pierre-Louis Bonicoli over 8 years ago

I forgot to configure logrotate, I did the following modifications on /etc/logrotate.d/apache2:

-/var/log/apache2/*.log {
-    daily
+/var/log/apache2/*.log /var/log/apache2/*/*/*.log {
+    weekly
     missingok
-    rotate 14
+    rotate 26
     compress
     delaycompress
     notifempty

Actions #5

Updated by Pierre-Louis Bonicoli over 6 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 90 to 100
Actions

Also available in: Atom PDF