On 02/03/19 10:27 pm, David Mintz wrote: [...] > I also notice that it tries to redirect me to /plinth, which I see > coming from the directive in freedombox.conf (which I gather is > global, not sure how I go about overriding that just for this vhost).
Just released version 19.2 allows you set the home page to 'Apache Default' that will pick up the index.html page in /var/www/html . On an older version you can edit /etc/apache/conf-available/freedombox.conf and change the 'RedirectMatch "^/$" "/plinth"' to what ever you wish. (This manual change will require you to answer a conffile prompt for next version of FreedomBox package upgrade, due to a small oversight. After that the file that will contain the redirection is /etc/apache/conf-available/freedombox-apache-default.conf). > But I do think the vhost for my personal page looks correct: > > <VirtualHost *:443> > > ServerName lin-chi.dyndns.org > ServerAdmin [email protected] > DocumentRoot /opt/www/lin-chi/public > SSLCertificateKeyFile > /etc/letsencrypt/live/lin-chi.dyndns.org/privkey.pem > SSLCACertificateFile > /etc/letsencrypt/live/lin-chi.dyndns.org/fullchain.pem > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > <Directory /opt/www/lin-chi/public > > Options +Indexes +FollowSymLinks -MultiViews > AllowOverride All > Require all granted > </Directory> > > </VirtualHost>> This configuration looks correct. FreedomBox does something very similar. You can also use the following line instead of the above (which picks up certificates from Let's Encrypt directory). Use FreedomBoxTLSSiteMacro lin-chi.dyndns.org a2enconf freedombox-tls-site-macro systemctl reload apache2 > and of course, I reloaded the Apache config (again and again and > again) after changing things. No complaints from Apache. > > The only way I can get it to serve my personal page is by disabling > the RedirectMatch directive and ignoring the certificate error. I can > live with the former, but the certificate error? No good. > > Does this have to do with having the personal and the freedombox > domains set up like this? That is, with the personal site as > example.org and the freedombox as freedombox.example.org? Any > suggestions? From what I gather from Apache documentation. This is not the case. However, you can test this theory by temporarily disabling the subdomain configuration: `a2dissite fbox.lin-chi.dyndns.org; systemctl reload apache2`. Since everything in your setup looks okay, I would: - Ensure that the newly created configuration for lin-chi.dyndns.org is actually enabled. Confirm a symlink from /etc/apache2/sites-enabled/lin-chi.dyndns.org.conf to /etc/apache2/sites-available/lin-chi.dyndns.org.conf. - Verify that /etc/letsencrypt/live/lin-chi.dyndns.org/ actually contains the certificates for the correct domain. That there was no mistake when copying the files. - Enable debug logging by setting 'LogLevel trace4' in /etc/apache2/apache.conf (and also in the virtualhost directives if they overwrote), restart apache and monitor /var/log/apache2/error.log. BTW, I hope you handled the merging of the two /etc/letsencrypt directories and renewals are not an issue. -- Sunil
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/freedombox-discuss
