Odyssey 3 Apache Virtual Host Configuration

This page describes how each virtual host is configured in our Apache 2 installation.

HTTP-only Virtual Hosts

Each virtual hostname has a primary config file named for the virtual host, without the .uwaterloo.ca at the end and without the www. at the beginning (if any). For the usual case of an http-only hostname, the primary config file will look like this:

<VirtualHost *:80>
        ServerName odyssey.uwaterloo.ca
        ErrorLog "|/software/odyssey-3_apache/servers/rotatelogs errors-odyssey"

        # Put virtual-host-specific configuration here

</VirtualHost>
<VirtualHost *:80>
        ServerName www.odyssey.uwaterloo.ca
        ServerAlias odyssey www.odyssey

        Redirect permanent / http://odyssey.uwaterloo.ca/
</VirtualHost>

Note that this actually defines two virtual hosts. The first one is the real one which will serve requests. Its ServerName is a complete DNS name, normally ending in .uwaterloo.ca. By default it will not start with www., but in some cases it will (in particular, if the version of the name without www. needs to be a machine that is not the webserver then this will be so). The ErrorLog is also specified as shown in order that errors will be broken out into separate files by virtual host.

The second virtual host uses a ServerName and a ServerAlias directives to pick up all variations on the official name of the virtual host, definitely including short forms of all names associated with the virtual host obtained by dropping .uwaterloo.ca from the end. The only other directive is a permanent redirect of the entire virtual host to the official name.

Virtual Hosts with HTTP and HTTPS

Virtual hostnames which need to support HTTPS are a bit more complex. In addition to the two virtual hosts required for HTTP, the HTTPS virtual host needs to be specified. The HTTPS virtual host requires the specific IP designated for that virtual host. There is no point in providing redirects for alternate forms of the HTTPS virtual hostname as the browser will complain about security certificate problems before it has an opportunity to see the redirect.

<VirtualHost 129.97.152.138:443>
        SSLEngine on
        SSLOptions +StrictRequire
        SSLCertificateFile ssl/odyssey.pem
        SSLCertificateKeyFile ssl/odyssey.key
        SSLVerifyClient none
        SSLProxyEngine off

        Include sites-available/odyssey_common
        ErrorLog "|/software/odyssey-3_apache/servers/rotatelogs errors-odyssey-ssl"

        # Put virtual-host-specific configuration here

</VirtualHost>
<VirtualHost *:80>
        Include sites-available/odyssey_common
        ErrorLog "|/software/odyssey-3_apache/servers/rotatelogs errors-odyssey"

        # Put virtual-host-specific configuration here

</VirtualHost>
<VirtualHost *:80>
        ServerName www.odyssey.uwaterloo.ca
        ServerAlias odyssey www.odyssey

        Redirect permanent / http://odyssey.uwaterloo.ca/
</VirtualHost>

Many aspects of the hostname-specific configuration are likely to be the same in the HTTP and HTTPS virtual hosts. For this reason we use a secondary config file, named by appending _common to the primary config file name. This secondary file should start with the ServerName directive and continue with whatever other site-specific configuration there is. Configuration that is specific to HTTP or HTTPS can go in the primary config file for the virtual host.

-- IsaacMorland - 15 Nov 2008

Topic revision: r2 - 2008-11-15 - IsaacMorland
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback