Very Goog Tutorial. Congratulations.
Ovidio Marinho Falcao Neto
ovidio...@gmail.com
88269088
Paraiba-Brasil
2011/7/1 Ross Peoples <ross.peop...@gmail.com>
> This post is meant to be informative, as I have been trying to get this
> working on my server for about a week now and I've finally got what I
> wanted. Sorry in advance if this turns out to be really long, but I'm hoping
> that my hard work and research will help someone else in the same situation.
>
> Let's start with a problem statement: How do I run multiple web2py
> applications all using different domains/subdomains AND make those sites
> usable with SSL on Apache? Oh, and while we're at it, how do we keep
> existing PHP sites working? I am using Ubuntu 10.04 as a LAMP server in
> production and want to start hosting multiple web2py sites/applications on
> it as well.
>
> The best recommendation I can make as far as getting web2py installed is to
> follow the documentation:
> http://web2py.com/book/default/chapter/11#Apache-setup
>
> You will want to read the Apache Setup section and the first part of the
> mod_wsgi section where web2py is downloaded, unziped and owned by www-data.
> After that, the Apache config files mentioned are great for simple server
> setups, but we want something more complex, so we will make our own.
>
> First let's go over what we have and what we need:
>
> We have an existing PHP app running on oldapp.com. We have two web2py
> applications that we want to run and we have two domains for them:
> exampleapp.com and anotherexample.com. If you want to run any of these
> sites on SSL, then you need to get certificates for them. If they are simple
> apps, then you can get free 1-year certificates from StartSSL.com. I won't
> go into detail about how to get these certificates or decrypting the private
> keys, as that is a fairly broad topic and the documentation from your chosen
> certificate authority can probably explain it better than I can.
>
> So now we assume you have your SSL certificates, now it's time to configure
> Apache and web2py. First, let's take care of the PHP application. Hopefully
> you will have each PHP site in it's own VirtualHost file, and not called
> 000-default. If it is, then you will need to run the following commands to
> disable the site, rename it, and re-enable it:
>
> sudo a2dissite 000-default
> sudo mv /etc/apache2/sites-available/000-default
> /etc/apache2/sites-available/php-oldapp
> sudo a2ensite php-oldapp
> sudo /etc/init.d/apache2 restart
>
> Check to make sure your PHP site is still working, as we're done with that.
> Next, we need to create a default web2py configuration. So run your
> preferred text editor to create a new default file (I'll use nano here for
> simplicity):
>
> sudo nano /etc/apache2/sites-available/000-default
>
> Now, put the following in your new configuration file:
>
> # This is the default VirtualHost and should be the first VirtualHost
>
> # This is required in order to run SSL web2py sites
> NameVirtualHost *:443
>
>
> # Make this process global so that other VirtualHosts can access it (i.e. SSL
> sites)
>
> WSGIDaemonProcess web2py user=www-data group=www-data display-name=%{GROUP
> }
>
> <VirtualHost *:80>
> WSGIProcessGroup web2py
> WSGIScriptAlias / /var/repositories/web2py/wsgihandler.py
>
> <Directory /var/repositories/web2py/>
> AllowOverride None
> Order Allow,Deny
> Deny from all
> <Files wsgihandler.py>
> Allow from all
> </Files>
> </Directory>
>
> AliasMatch ^/([^/]+)/static/(.*) \
> /var/repositories/web2py/applications/$1/static/$2
> <Directory /var/repositories/web2py/applications/*/static/>
> Order Allow,Deny
> Allow from all
> </Directory>
>
> <Location /admin>
> Deny from all
> </Location>
>
> <LocationMatch ^/([^/]+)/appadmin>
> Deny from all
> </LocationMatch>
>
> CustomLog /var/log/apache2/access.log common
> ErrorLog //var/log/apache2/error.log
> </VirtualHost>
>
> This configuration file will run all of your non-SSL web2py sites. You can
> map domain names to applications with web2py's routes.py file (which we will
> see later) without ever having to touch this Apache configuration file
> again. To test this, enable the site and restart Apache:
>
> sudo a2ensite 000-default
> sudo /etc/init.d/apache2 restart
>
> web2py should be working now, but it may not work the way we want yet, as
> we have not configured its routers.py file yet. Now we need to set up SSL
> for our sites. In order to do this, we need a Apache configuration
> (VirtualHost) file for each domain/application. This is because each domain
> needs its own certificate and it's best to let Apache handle this for us. We
> need to make another file for our SSL-enabled exampleapp:
>
> sudo nano /etc/apache2/sites-available/web2py-exampleapp-ssl
>
> Put the following in the new configuration file:
>
> <VirtualHost *:443>
> ServerName exampleapp.com
> ServerAlias *.exampleapp.com
>
> SSLEngine on
> SSLCertificateFile /var/repositories/web2py/exampleapp.com.crt
> SSLCertificateKeyFile /var/repositories/web2py/exampleapp.com.key
>
> WSGIProcessGroup web2py
> WSGIScriptAlias / /var/repositories/web2py/wsgihandler.py
>
> <Directory /var/repositories/web2py/>
> AllowOverride None
> Order Allow,Deny
> Deny from all
> <Files wsgihandler.py>
> Allow from all
> </Files>
> </Directory>
>
> AliasMatch ^/([^/]+)/static/(.*) \
> /var/repositories/web2py/applications/$1/static/$2
> <Directory /var/repositories/web2py/applications/*/static/>
> Order Allow,Deny
> Allow from all
> </Directory>
>
> <Location /admin>
> Deny from all
> </Location>
>
> <LocationMatch ^/([^/]+)/appadmin>
> Deny from all
> </LocationMatch>
>
> CustomLog /var/log/apache2/access.log common
> ErrorLog //var/log/apache2/error.log
> </VirtualHost>
>
> Just replace "exampleapp" with the name of the domain and
> the appropriate names of the private key file and the certificate file. You
> can use this file as a template for other SSL sites, again, just change the
> domain name and SSL file names and you can have as many SSL-enabled sites as
> you have certificates.
>
> Enable this site and restart Apache to make sure there were no
> configuration errors:
>
> sudo a2enmod web2py-exampleapp-ssl
> sudo /etc/init.d/apache2 restart
>
> Now we need to configure web2py to map our domains to the proper
> applications. Open the routes.py file and configure the router:
>
> routers = dict(
> BASE = dict(
> domains = {
> 'exampleapp.com': 'exampleapp',
> 'www.exampleapp.com': 'exampleapp',
> 'anotherexample.com': 'anotherexample',
> 'www.anotherexample.com': 'anotherexample',
> }
> ),
> )
>
> This part is pretty simple. Just replace the domain/subdomain names on the
> left and the application names they belong to on the right. Finally, restart
> Apache again for the router changes to take effect:
>
> sudo /etc/init.d/apache2 restart
>
> Now test your sites to see if they work on both HTTP and HTTPS. If you have
> any trouble, I have attached some example files to this post that you can
> examine. If you're still having problems, let me know. I am no Apache expert
> by any stretch of the imagination, as I am still learning myself, but I'll
> try to help if there are any problems.
>
