Webapps-common

From SME Server
Jump to navigation Jump to search


webbapps-common for SME Server

  Skill level: developer
Risk of inconsistencies with Koozali SME Server methodology, upgrades & functionality is high. One must be knowledgeable about how changes impact their Koozali SME Server. Significant risk of irreversible harm.


Maintainer

Daniel B. from Firewall Services

About

The webapps tool is a set of template fragments and actions that can be helpful to create Apache Virtual hosts in a flexible way outside of the default IBays. For example you would like your web application to be available from '/opt/myapp'. The webapps tool also provides the ability serve your web application as a sub domain on your main domain e.g. 'http://myapp.mydomain.com'. Next to this there are a number of parameters that can be set that control flexibility and security.


Installing the webapps tool will not provide any additional functionality to server-manager, nor any other visible change to the end user. The webapps functionality is solely controlled by db keys and events.

Requirements

You need the firewall-services repo to install this contribs

Installation 8.x 9.x

The webapps tool is currently available in the Firewall Services repository. To enable the FWS repo please see here

Some of the existing contribs already use the webapps tool and therefore the webapps tool is being installed as a dependecy for that contrib. The following contribs are know to have a dependency on the webapps tool:

After enabling the FWS repo, one can install the webapp tool:

yum install smeserver-webapps-common --enablerepo=fws

However you can use to reconfigure some web application of fws by using

signal-event webapps-update

Configuration

The most important things to know is that you can create a domain by command line. More features will be created compared with the standard virtualhost templates, you have:

  • DocumentRoot to set an arbitrary document root instead of having to choose an ibay
  • RequireSSL to ask the forced SSL communication (default 'disabled', on by 'enabled')
  • Authentication different way to protect your domain
  • Authentication Basic : to ask for a basic auth when reaching this vhost (all valid users of sme server)
  • Authentication LemonLDAP : to ask for a smeserver-lemonldap-ng when reaching this vhost
  • ProxyPassTarget target of the ProxyPassReverse and ProxyPass (default "", enable by an URL)
  • Redirect target of the RedirectMatch permanent (default "", enable by an URL)
  • Rewrite target of the RewriteRule (default "" enable by an URL)
  • AllowHosts 'local' or 'IP,IP,IP...' (default "")
  • ProxyPreserveHost target of the 'ProxyPreserveHost on' (default is no, enabled is yes)
  • ProxyNoKeepAlive target of the 'SetEnv proxy-nokeepalive 1'(default is no, enabled is yes)
  • Alias target of the Alias (alias,target) (default "")
  • SetEnv target of the SetEnv (parameter,parameter) (default "")
  • AllowGroups all groups listed will be granted by LDAP to browse the web directory (group1,group2,group3) (default "")

You can create a domain like this:

db domains set stuff.foo.fr domain Description "My super custom app" Content Primary Nameservers internet TemplatePath WebAppVirtualHost DocumentRoot /opt/stuff RequireSSL enabled
signal-event domain-create stuff.foo.fr

Bugs

Sources for this contribs can be found in Firewall Service's repository [1]