Recommended structure file- and webserver

Thoht

Thoht

I'm setting up a server to host a couple of minor blogs and act as a NAS (Samba) for my LAN. I've got two HDDs, one 80 GB for the OS and one 1 TB for the users. I mounted the 1 TB to /home and installed Apache.

I'd like the users to keep their files and websites in their private folders. When I used Archlinux many folders were automatically created, such as /home/thoht/www, which were accessed through a web browser by visiting http://www.mydomain.com/~thoht. In addition to this I'll be using virtual hosts (I think) to connect domains (http://www.thoht.com) to the specific directories (/home/thoht/www).

On top of that I want Samba access to root to easily edit configuration files (is this a better/more secure option as opposed to allowing SSH root access?) and store music etc.

Is this viable?
 
Referring to the web files, you can easily get to where you were before...

(1)install apache22 (cd /usr/ports/www/apache22 && make install clean distclean)
(2)edit /usr/local/etc/apache22/httpd.conf and uncomment "Include etc/apache22/extra/httpd-userdir.conf" near the bottom. By default, this serves up ~user/public_html. You will have to edit /usr/local/etc/apache22/extra/httpd-userdir.conf if you would like otherwise.
(3) if you want apache22 to start up at boot, echo 'apache22_enable="YES"' >> /etc/rc.conf and then you should be able to start apache by '/usr/local/etc/rc.d/apache22 start' and it will start at bootup from now on. If you just want to try it out, /usr/local/etc/rc.d/apache22 forcestart allows you to start up with out and rc.conf directives.

As for the public_html directory already being in a newly created users home directory, you will have to populate /etc/skel with the skeleton you want each new user to have.


As to the Samba (/usr/ports/net/samba33) issue, Samba is no problem. To change config files, I would recommend just SSHing in for that and to store you files in it's own chown'ed directory. you can make -that- off the root and share it...

HTH
 
Thoht said:
On top of that I want Samba access to root to easily edit configuration files (is this a better/more secure option as opposed to allowing SSH root access?) and store music etc.
Click to expand...
Most certainly not. Use a regular account to ssh into the machine and use su or sudo to become root.
 
Okey, is there a recommended way to gain root access over SFTP or similar? Just for the sake of being able to view configuration files in a GUI editor on my laptop.

Thanks for the tip about /etc/skel, I had no idea.
 
For most configuration files, root access is not required to view them although you'll need root access to edit them.

By default, sftp does not chroot users, so you can simply login as a normal user and grab the files you need. Another option, as SirDice mentioned, is to use SSH as a normal user to view the files and use $ su or $ sudo su as necessary. Sudo is not a part of the base system though.

Note: Adding apache22_http_accept_enable="YES" to /etc/rc.conf or
Code: 
options         ACCEPT_FILTER_HTTP
options         ACCEPT_FILTER_DATA
to the kernel configuration (remember to rebuild the kernel) will get rid of the error messages when starting Apache, even though these aren't necessary for Apache to run.

Using the command # apachectl is also more convenient than typing the location of the shell script. # apachectl graceful to reload the configuration, # apachectl restart to restart, etc.
 
Thank you all for your tips!

I understand that since root can (unless you turn safety off) only be accessed through within another user login I'll just have to live with ee. :-/

When I created a new user account after having added a public_html folder with a sample index.html file to /etc/skel it wasn't created in the new user home directory. Any idea as to why this could have happened?

Another thing, I set up my virtual hosts in /usr/local/etc/apache22/httpd.conf:
Code: 
NameVirtualHost *:80

<VirtualHost *:80>
        DocumentRoot /home/jim/public_html
        ServerName jimsblog.com
</VirtualHost>

<VirtualHost *:80>
        DocumentRoot /home/joe/public_html
        ServerName joesblog.com
</VirtualHost>

Visiting joesblog.com in my browser takes me straight to his ~/public_html/index.html, and I'm pretty sure jimsblog will result in the same (haven't gotten the domain yet, still waiting). However, if I visit the server IP, instead of being sent to the Apache default index.html I'm sent to Jim's index.html. Why is that?
 
Thoht said:
Another thing, I set up my virtual hosts in /usr/local/etc/apache22/httpd.conf
Click to expand...

Apache has moved to a modular config setup. You should use /usr/local/etc/apache22/extra/httpd-vhosts.conf and include it from httpd.conf:

Code: 
# Virtual hosts
Include etc/apache22/extra/httpd-vhosts.conf

if I visit the server IP, instead of being sent to the Apache default index.html I'm sent to Jim's index.html. Why is that?
Click to expand...

Because it is the first virtualhost in your list, so it gets passed to the visitor by default. You can define a separate vhost for the IP address if you like.

Code: 
<VirtualHost *:80>
        ServerName your.ip.add.ress
        DocumentRoot /where/ever/you/like
</VirtualHost>
 
You must log in or register to reply here.
Back
Top