API tools faq
paste
Advertisement
load-net

apache2_test

load-net
Mar 1st, 2023
35
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.60 KB | None | 0 0
raw download clone embed print report
  1. apt update && apt upgrade
  2. apt install -y apache2 mc sudo
  3. systemctl status apache2
  4.  
  5.  
  6.  
  7.  
  8. mkdir -p /var/www/html/load.sytes.net/public
  9.  
  10. chmod -R 755 /var/www/html/load.sytes.net
  11. chown -R www-data:www-data /var/www/html/load.sytes.net
  12.  
  13.  
  14.  
  15. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  16. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  17. sudo apt update
  18. sudo apt install -y certbot
  19. sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
  20.  
  21. sudo mkdir -p /var/lib/letsencrypt/.well-known
  22. sudo chgrp www-data /var/lib/letsencrypt
  23. sudo chmod g+s /var/lib/letsencrypt
  24.  
  25.  
  26. mcedit /etc/apache2/conf-available/letsencrypt.conf
  27.  
  28. Alias /.well-known/acme-challenge/ "/var/lib/letsencrypt/.well-known/acme-challenge/"
  29. <Directory "/var/lib/letsencrypt/">
  30. AllowOverride None
  31. Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
  32. Require method GET POST OPTIONS
  33. </Directory>
  34.  
  35. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  36.  
  37. mcedit /etc/apache2/conf-available/ssl-params.conf
  38.  
  39. SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
  40. SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
  41. SSLHonorCipherOrder off
  42. SSLSessionTickets off
  43.  
  44. SSLUseStapling On
  45. SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"
  46.  
  47. Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
  48. Header always set X-Frame-Options SAMEORIGIN
  49. Header always set X-Content-Type-Options nosniff
  50.  
  51. SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparam.pem"
  52.  
  53. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  54.  
  55.  
  56. sudo a2enmod ssl
  57. sudo a2enmod headers
  58. sudo a2enmod http2
  59. sudo a2enconf letsencrypt
  60. sudo a2enconf ssl-params
  61. sudo systemctl reload apache2
  62.  
  63.  
  64.  
  65.  
  66. sudo certbot certonly --agree-tos --email [email protected] --webroot -w /var/lib/letsencrypt/ -d load.sytes.net
  67. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  68. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  69. mcedit /etc/apache2/sites-available/load.sytes.net.conf
  70.  
  71. <VirtualHost *:80>
  72. ServerName load.sytes.net
  73. ServerAlias www.load.sytes.net
  74.  
  75. Redirect permanent / https://load.sytes.net/
  76. </VirtualHost>
  77.  
  78. <VirtualHost *:443>
  79. ServerName load.sytes.net
  80. ServerAlias www.load.sytes.net
  81.  
  82. Protocols h2 http/1.1
  83.  
  84. <If "%{HTTP_HOST} == 'www.load.sytes.net'">
  85. Redirect permanent / https://load.sytes.net/
  86. </If>
  87.  
  88. DocumentRoot /var/www/html/load.sytes.net/public
  89. ErrorLog ${APACHE_LOG_DIR}/load.sytes.net-error.log
  90. CustomLog ${APACHE_LOG_DIR}/load.sytes.net.log combined
  91.  
  92. SSLEngine On
  93. SSLCertificateFile /etc/letsencrypt/live/load.sytes.net/fullchain.pem
  94. SSLCertificateKeyFile /etc/letsencrypt/live/load.sytes.net/privkey.pem
  95.  
  96. # Other Apache Configuration
  97.  
  98. </VirtualHost>
  99. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  100.  
  101. sudo systemctl reload apache2
  102. 0 */12 * * * root test -x /usr/bin/certbot -a ! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --renew-hook "systemctl reload apache2"
  103.  
  104. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  105. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  106. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  107.  
  108.  
  109. a2ensite load.sytes.net.conf
  110. a2ensite default-ssl.conf
  111.  
  112. *********************************************************************
  113.  
  114. mcedit /var/www/html/load.sytes.net/public/index.html
  115.  
  116. <html>
  117. <head>
  118. <title>Welcome to load.um.sytes.net!</title>
  119. </head>
  120. <body>
  121. <h1>Success! The load.um.sytes.net virtual host is working!</h1>
  122. </body>
  123. </html>
  124.  
  125. ********************************************************************
  126.  
  127. a2ensite load.sytes.net.conf
  128.  
  129. a2ensite 000-default
  130. a2dissite 000-default
  131. a2dissite load.sytes.net.conf
  132.  
  133. systemctl reload apache2
  134.  
  135.  
  136. a2enmod {модуль} — подключение модуля;
  137. a2dismod {модуль} — отключение модуля;
  138. a2ensite {конфиг виртуального хоста} — подключает виртуальный хост;
  139. a2dissite {конфиг виртуального хоста} — отключает виртуальный хост.
  140.  
  141. sudo certbot certonly --agree-tos --email [email protected] --webroot -w /var/lib/letsencrypt/ -d load.sytes.net
  142.  
  143. ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  144.  
  145. sudo certbot renew --dry-run
  146.  
  147.  
  148.  
  149.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!