Virtual Host & Certificate

How to enable site with apache2 and a template for socket.io nginx server.

Request Certificate

refer to: https://docs.happenn.com/for-dev-aws-and-digital-ocean/aws-certificate#request-certification-with-certbot

Apache2

An example of creating a virtual host for domain example.happenn.com with SSL.

Assuming that the root directory of the project is at /var/www/example.happenn.com and certificate files has been locate to /root/ssl/example.happenn.com.

SSH to the server and go to /etc/apache2/sites-available. Then create a file name example.happenn.com.conf (File name can be anything but using the domain's name is more prefer.

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerAdmin <your email>
        ServerName example.happenn.com
        DocumentRoot /var/www/example.happenn.com

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <Directory "/var/www/example.happenn.com">
           AllowOverride All
        </Directory>

        SSLEngine on
        SSLCertificateFile /root/ssl/example.happenn.com/cert.pem
        SSLCertificateKeyFile /root/ssl/example.happenn.com/privkey.pem
        SSLCertificateChainFile /root/ssl/example.happenn.com/chain.pem

        <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
        </Directory>

        BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    </VirtualHost>
</IfModule>

<VirtualHost *:80>
    ServerAdmin <your email>
    ServerName example.happenn.com
    Redirect "/" "https://example.happenn.com/"
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

The first group is for handling HTTPS and another group is handle redirect from HTTP. Do not forget to change the ServerAdmin email to yours. Then you need to enable the site (this conf file) and restart the apache2 service.

To handle a different domain name, just change anything that has example.happenn.com to the domain you want.

$ sudo a2ensite example.happenn.com.conf
$ sudo service apache2 restart

If there is an error, mostly due to syntax error or unable to locate SSL files. If it is the new server, check if the SSL module is enable.

NGINX

As we are not using nginx for anything except for socket.io due to upgrade issue configuration on apache2. There is not reason to modify or anything.

server {
  listen 443 ssl;
  listen [::]:443 ssl;

  include snippets/ssl-happenn.com.conf;
  include snippets/ssl-params.conf;
  
  root /var/www/html;
  index index.html index.htm index.nginx-debian.html;
  server_name io.happenn.com;

  location / {
    proxy_pass http://localhost:3000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
  }
}

server {
  listen 80;
  listen [::]:80;

  server_name io.happenn.com;
  
  return 302 https://$server_name$request_uri;
}

Similar to apache2, this setup redirect on HTTP and redirect to HTTPS. snippets/ssl- is for certificates. Whereas location configs are focusing on upgrade http header to make ws and wss protocols work. As the node.js run as its own serve, the port cannot be 80 or 443 (in this case, 3000).

PreviousDigital Ocean NextSSH & FTP

Last updated 4 years ago