apache.sh 2.9 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
echo ""
echo "Running apache.sh"
echo ""
## Call the variable file so we can fill in the bits
. /tmp/variable.sh
## Create self-signed certs for the secure domains
cd /tmp

## From https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-04
sudo openssl req -x509 -nodes -days 1825 -newkey rsa:2048 -keyout /tmp/apache.key -out /tmp/apache.crt \
-subj "/C=CA/ST=ON/L=Waterloo/O=uWaterloo/OU=IST/CN=wcms-devsite/emailAddress=localhost@example.com"
sudo cp /tmp/apache.crt /etc/ssl/certs/server.crt
sudo cp /tmp/apache.key /etc/ssl/private/server.key


16

17
## Create an Apache vhost
18
profiles="drupal7 drupal7alt drupal7rel drupal7lrel drupal8 drupal8alt drupal7os"
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
for profile in $profiles
  do
   server="${profile/drupal/${vgrtserver}}"
  echo "$server"
  echo "
  <VirtualHost *:80>
      DocumentRoot /var/www/$profile
      ServerAdmin webmaster@localhost
      ServerName $server
      Redirect permanent / https://$server/
        <Directory />
            Options FollowSymLinks
            AllowOverride None
        </Directory>
        <Directory /var/www/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride All
            Order allow,deny
            allow from all
        </Directory>
    </VirtualHost>

   <VirtualHost *:443>
      ServerAdmin webmaster@localhost
      DocumentRoot /var/www/$profile
      ServerName $server
      <Directory />
          Options FollowSymLinks
          AllowOverride None
      </Directory>
      <Directory /var/www/>
          Options Indexes FollowSymLinks MultiViews
          AllowOverride All
          Order allow,deny
          allow from all
      </Directory>

       ErrorLog /error.log

      # Possible values include: debug, info, notice, warn, error, crit,
      # alert, emerg.
      LogLevel warn

      CustomLog /access.log combined

        SSLEngine on
          SSLCertificateFile    /etc/ssl/certs/server.crt
          SSLCertificateKeyFile /etc/ssl/private/server.key

      Alias /doc/ /usr/share/doc/
      <Directory /usr/share/doc/>
          Options Indexes MultiViews FollowSymLinks
          AllowOverride None
          Order deny,allow
          Deny from all
          Allow from 127.0.0.0/255.0.0.0 ::1/128
      </Directory>

  </VirtualHost>" > /etc/apache2/sites-available/$server.conf
done
## rename the default ssl file to 000-default-ssl to match the 000-default.conf
## so when no server is specified it falls back to the ip.
mv /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/000-default-ssl.conf

## Tell Apache about our vhosts
84
a2ensite ${vgrtserver}7.conf ${vgrtserver}7alt.conf ${vgrtserver}8.conf ${vgrtserver}8alt.conf 000-default-ssl.conf ${vgrtserver}7rel.conf ${vgrtserver}7lrel.conf ${vgrtserver}7os.conf
85
86
87
88
89
90
91


## Tweak permissions for www-data user
chgrp www-data /var/log/apache2
chmod g+w /var/log/apache2
chown -R vagrant:www-data /var/www
chmod -R g+w /var/www