(gdb) break *0x972

Debugging, GNU± Linux and WebHosting and ... and ...

Web-hosting Configuration

Since almost two years, I rent a bit of space on the Internet to host my services, and an address (or two) for "my place". 0x972.info and kevin.pouget.me (actually, pouget.me) is where you have to go to find me.

During the first year, I used L'Autre hosting facilities, but I realized that I frustrated not to have a complete control over the server. I guess if you just need a simple HTTP/PHP server, and/or limited Linux administration knowledge, L'Autre would be a nice platform, with a friendly and responsive community.

So last year, I switched to PulseHeberg vps, with which I'm quite happy (although it's not always that fast, but I can't say if it comes from the VPS power, I may 7e/month, I could upgrade, or if it's their network ... ).

Alternc Server Management

During my L'Autre experience, I discovered AlternC (english presentation here), a free web-hosting management platform for Debian. AlternC takes the control of your Debian server; and customizes it so that you can administrate it from its control panel. The main features I use/like are:

  • Split between admin accounts and simple users (although I'm the only one using the machine ...)
  • Apache virtual host management: assign a DNS name to a given directory
  • Simple Web-access statistics
  • Email account management (although my email do not arrive yet on the server, that's too important for me ...)

AlternC login

One thing I was not happy with, with the current version of AlternC (v3.2.3), it's that it doesn't support the HTTPS protocol (maybe because it's complicated to manage user certificates?). But it doesn't matter, as AlternC is easy to tweak.

All the configuration files start with this header:


So let's try to understand how Apache vhost are configured.

$ cat /etc/apache2/conf.d/alternc.conf
# Now we include all the generated configuration
Include /var/lib/alternc/apache-vhost/vhosts_all.conf

Indeed, this file contains what I configured in the web-inteface:

<VirtualHost *:80>
  ServerName phd.kevin.pouget.me
  DocumentRoot "/var/www/alternc/k/kevin/www/0x972.info/blog/"
  AssignUserId #1000 #1000
  SetEnv LOGIN "1000-kevin"

<Directory "/var/www/alternc//k/kevin/www/0x972.info/cgit/">
  php_admin_value open_basedir "/var/www/alternc//k/kevin/:/usr/share/php/"
  php_admin_value upload_tmp_dir /var/www/alternc//k/kevin//tmp
  php_admin_value sendmail_path '/usr/lib/alternc/sendmail "..." '
  php_admin_flag mail.add_x_header on
  Options +MultiViews -FollowSymLinks +SymLinksIfOwnerMatch
  AllowOverride AuthConfig FileInfo Limit Options Indexes

Where is the template for this file?

$ grep DocumentRoot /etc/alternc -r ... /etc/alternc/templates/apache2/vhost.conf: DocumentRoot "%%document_root%%"

There we are :-) I just have to duplicate the template, change the port (can configure Apache to talk https to that port), and I've got my secure web-pages !

$ cat | sudo tee -a /etc/alternc/templates/apache2/vhost.conf
<VirtualHost *:443>
  ServerName %%fqdn%%
  DocumentRoot "%%document_root%%"
  AssignUserId #%%UID%% #%%GID%%
  SetEnv LOGIN "%%UID%%-%%LOGIN%%"

Currently the pages are served under a self-signed certificate, which is not the best as people need to accept the certificate first, and not everybody understands what this step means, but wild-card certificates (for *.0x972.info) cost a lot!

Command-line Server Management

I can't deny I still do most of my management from the command line, and that's good because that's the reason I left l'Autre!

Apache file listing

In some cases like the configuration of my Owncloud server, or Mozilla Sync, I need to pass some special options to Apache, so AlternC is too generic. For instance for Sync, I need to tell Apache how to run Python code:

    WSGIPassAuthorization On
    WSGIScriptAlias / /var/www/alternc/k/kevin/www/0x972.info/sync/sync.wsgi

    WSGIProcessGroup kevin
    WSGIDaemonProcess kevin user=kevin group=kevin processes=2 threads=25
    WSGISocketPrefix run/wsgi

Online Services I Use

  • Owncloud, for calendar and file sharing
  • Roundcube (currently only for internal mails, send by cron automated tasks for instance), maybe Mailpile one day. Postfix and Davecot internally, managed by AlternC
  • Mozilla Sync, for password sharing between my different computers
  • Gitolite and Cgit, for managing and hosting private git repository
  • Wordpress for my parent's blog, Blogotext for mines
  • Selfoss for RSS syndication
  • Pagemap-photowall for sharing photos
  • ZiMeteo for sharing weather measurements

and a few I setup but don't use anymore:

Saturday, February 28, 2015 - No comments

Publié dans :