Guidelines on Apache2 Vhost Setup
For setting up an Apache2 Virtual Host for a particular service on Skynet, the following guidelines must be followed:
Apt-get install as much as possible, putting configs and files in their default apt locations.
Serve Everything from /srv/name_of_vhost/public_html/
Symlink in default locations of files and configs into /srv/name_of_vhost/ (as required)
The Above allows us to use:
VirtualDocumentRoot /srv/%1/public_html VirtualScriptAlias /srv/%1/public_html/cgi-bin
Once $service.skynet.ie exists and points to the server in question, and /srv/$service exists, then the vhost automagically works, with no further configuration necessary. As a result, it is best for the /srv subdir to be the name of the vhost, rather than the name of a package etc. As a result of above (vhost requiring no further configuration), keep service-specific configuration to either /srv/service/.htaccess or /srv/service/public_html/.htaccess were possible.
SSL Certs can be generated by CACert Skynet Admins. "Https can only have one cert per host:port The reason being that the ssl stuff is negioated immediately on connect, before the browser can tell the webserver which vhost it's trying to access" - diamond. A *.skynet.ie cert can be generated for general https use, and should cause NO issues.
Services which require https: a careful redirect from http to https must take place. There are several methods. Having "SSLRequireSSL" in a htaccess file will cause a 403 if accessed over http. The following line in the http vhost can be "ErrorDocument 403 https://securehost.skynet.ie" redirecting it over. This is but one method.
Apache2 reads /etc/apache2/sites-enabled in Alphabetical Order. Typically a 000-default vhost will be placed in /etc/apache2/sites-enabled/ and it will contain NameVirtualServer Information:
NameVirtualHost *:80 NameVirtualHost *:443
Note: The first vhost to appear in alphabetical order in /etc/apache2/sites-enabled/vhost will also be accessible via http://ipaddress_of_server.
Note: Only one instance of NameVirtualHost can exist - otherwise Apache2 will give out. It should appear at the beginning of the first vhost.
Thats about it. Please add in more comments/critiques here as required.