Child pages
  • Apache setup
Skip to end of metadata
Go to start of metadata

Set up httpd.conf

LoadModule access_module modules/mod_access.so
LoadModule alias_module modules/mod_alias.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so

<VirtualHost *:80>
    DocumentRoot /opt/noc
    ServerName localhost
    Alias /media /opt/noc/contrib/lib/django/contrib/admin/static/
    Alias /static /opt/noc/static/
    <Directory /opt/noc>
        Order allow,deny
        Allow from all
    </Directory>
    <Location /media>
        Order allow,deny
        Allow from all
    </Location>
    ProxyRequests On
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    ProxyPass / http://localhost:8000/
    ProxyPassReverse / http://localhost:8000/
</VirtualHost>

Warning: For Apache 2.2 mod_access renamed to mod_authz_host

 

If you want to use secure connections:

Generate certificate first

Linux
#cd /etc/ssl/apache2
/etc/ssl/apache2# openssl req -new -x509 -nodes -out server.crt -keyout server.key -days 1000
/etc/ssl/apache2# openssl x509 -noout -text -in server.crt
FreeBSD
#cd /usr/local/etc/apache2
/usr/local/etc/apache2# openssl req -new -x509 -nodes -out server.crt -keyout server.key -days 1000
/usr/local/etc/apache2# openssl x509 -noout -text -in server.crt

 

Then, set up httpd.conf

LoadModule access_module modules/mod_access.so
LoadModule alias_module modules/mod_alias.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule ssl_module modules/mod_ssl.so

<VirtualHost *:443>
	SSLEngine on
	SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
	SSLCertificateFile /etc/ssl/apache2/server.crt
    SSLCertificateKeyFile /etc/ssl/apache2/server.key
    DocumentRoot /opt/noc
    ServerName localhost
    Alias /media /opt/noc/contrib/lib/django/contrib/admin/static/
    Alias /static /opt/noc/static/
	<IfModule setenvif_module>
        BrowserMatch ".*MSIE.*" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
    </IfModule>
    <Directory /opt/noc>
		SSLOptions +StdEnvVars
        Order allow,deny
        Allow from all
    </Directory>
    <Location /media>
        Order allow,deny
        Allow from all
    </Location>
    ProxyRequests On
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    ProxyPass / http://localhost:8000/
    ProxyPassReverse / http://localhost:8000/
</VirtualHost>

Note: On FreeBSD Apache2 modules live in /usr/local/libexec/apache2

Tip: If you see in ErrorLog messages like:

 

RSA server certificate CommonName (CN) `localhost' does NOT match server name!?

Remove certificate what jast create and try once more type correct FQDN.

File "/etc/hosts" and command "hostname -f" may help.