Hoping this is the correct place to post, Most of the stuff here appears to be desktop and no separate forum to discuss server software. I’ve checked the 15.1 box but this could equally apply to Tumbleweed.
Configuring Apache2 there are lots of suggested settings pointing at /srv/www/vhosts/ as if it were the default directory to put the web contents into, e.g. /srv/www/vhosts/mydomain.tld/contents. However, there is a htdocs directory, /srv/www/htdocs/ but no /srv/www/vhosts/.
So it would would be easier, rather than modifying all those paths, to simply mkdir /vhosts and use it. Which leaves htdocs with nothing to do. It is an empty directory. Is there anything pointing towards htdocs which may break if it is deleted?
Looking through a few of these config files, they appear to be in a time warp. I downloaded Leap 15.1 to the VPS. Are these the correct config files for the current version of Apache2? Which I think is 2.4.? Has anybody else found similar?
When installing and configuring any app installed from the oepnSUSE repositories (particularly what you likely would call a “server” app)
If a pattern is available and appropriate, install the pattern, not just the individual components.
In this particular case, does your website require a LAMP (Linux/Apache/MySQL/PHP) stack?
If your use case requires these, then install the LAMP pattern instead of each individual component… You’;; have a better chance of installing all necessary components and not forgetting something.
If using YaST Software Manager to install, there is a “Patterns” view, else IIRC you can search for patterns.
If using zypper, you can list, then install the pattern of your choice.
If a YaST module exists for the app you’re installing, install it (if necessary) and use it to configure initially.
This should get you set up initially with a working, standard configuration which can be tweaked further per your needs.
If you need help, you’re starting from a standard configuration others can replicate or understand already.
All YaST modules start with “yast2-”
You can list them using YAST Software Manager or zypper, then install if relevant.
In the case of Apache, there is the “yast2-http-server” module which can set you up with various onfigurations.
In the case of Apache,
There are some additional configurations you may need to do which may not be obvious…
If you’re deploying a PHP website, you’ll likely need to activate/enable PHP module support
If you’re running a MySQL/Mariadb instance, you may need to run the standard security script to configure its basic security setup and configure a database Administrator account password.
Not having experienced yast2, TSU, I am ill placed to comment. The rest of your post I completely concur with. I would also add it makes good sense to test at each possible stage. For instance, add a simple index.html page to the document root and bring it up in the browser as soon as the Apache http server is installed and configured to a stage at which it should be functional; adding a line containing phpinfo(); to a very simple php file, saving it as index.php and opening it in a browser to ensure not only PHP but all of the modules installed with it are configured correctly. None of which will happen if the user forgets to restart apache2 or a2enmod php, which in the case of OpenSUSE would be a2enmod php7 (for 15.1).
However, using an immediately previously updated zypper to download packages should, surely, install packages which are contemporaneous with the operating system? This is Leap 15.1, not the SuSE-6.1 I installed from a CD inside a book cover which I bought in something like 2002. Could have been 2001 or 2003 but certainly within that time frame.
I’ve seen instructions re. using /srv/www/vhosts in the past but never used them, stuck to the openSUSE/SUSE default ( stored in /etc/apache2/default-server.conf ) of /srv/www/htdocs and fwiw all 12 domains/subdomains on my VPS run fine, incl. https ( certs managed by letsencrypt ). If you want to override this setting, and install packages that do not read that file but have the webroot configured in the spec file (IMHO they shouldn’t but I never had to check) they would install in /srv/www/htdocs anyway. For my own convenience I use the following logic in the naming:
For subdomain nextcloud.knurpht.com I would create /srv/www/htdocs/nextcloud.knurpht.com . When creating a certificate this results in the cert and keys being created in /etc/letsencrypt/live/nextcloud.knurpht.com . This all results in the ease of being able to use configs from other distros by simply replacing f.e. /var/www/html by /srv/www/htdocs and move on, without having to mess with the defaults. The naming also makes me easily see what folder I have to be in when troubleshooting ( or f.e. looking for config files, logs etc ).
When getting started, and nothing has been done yet, the easiest way to start is to use YaST’s http server module. Enable apache to start at boot, open firewallport ( from the module ), hit OK, go to http://ip_address_of_vps and you should see a page showing “It works !” which is the content of the index.html file in /srv/www/htdocs. If that works you can add vhosts using the same module.
In short: stick to the openSUSE/SUSE defaults, it will make your life easier. And … in case of asking for support you can refer to those defaults.
Don’t tinker with vendor defaults. Life is easier without doing so. Always use ‘yast2 http-server’ and ‘yast2 sysconfig’ unless it definitely gets in your way.
@Knurpht on the button with good info about which of the masses of docs OpenSuSE actually state the defaults for this purpose. I’m very grateful. It was certainly not obvious. Also grateful to all three contributors for the nod towards YaST/YaST2, which I’ll start to read up on and learn how to use. Yet another {Software or System?} Tool, IIRC.
Knurpht, do you know if all the OS 15.1 (o-o was it you said in another thread? or o.o?) repos are now up to date? My host still has the corrupted 15.1 with a disaster somewhere in the NetworkManager-Wicked-Firewalld range. I’m finding it extremely difficult to troubleshoot. If I get it wrong the system hangs, won’t reboot cleanly and the only cure is to reinstall. I’m not a sysadmin although I’ve dabbled in IT admin for many years. This is my first time with SuSE of any flavour for, I’d say, about 16 or 17 years. Can I tell the host it’s all clear to go ahead and replace it yet?
No idea what’s corrupted. I use wicked with DHCP on my VPS. And used the method I described to setup the domains/subdomains. Can you explain, preferably with error messages between CODE tags what goes wrong?
Leap 15.1 was installed from a “Softaculous virtualizor” instance access to which is supplied by the host. he installed it, I later learnt, during the period of the move of OpenSUSE resources from the USA to Germany.
So when I needed to get IPv6 running on the VS, which it should have been already, I ran the status network command and followed up with the recommended:
Finally either systemctl start wicked (note no d for daemon added) or systemctl start network, at which point the system hangs and there is nowhere to go. This is now after at least 4 reinstalls and going into the code to try and find any faults. Running wicked with debug on makes no difference at all and the logs are cleared with the reinstall. Hence- impossible. I also tried with yast from the command line but it will not start wicked. At least it does no harm but only leaves the option of going back to forcing. Which breaks.
I’ve reached the conclusion that only a clean install is going to fix this. 15.2 is not due for public release until 2 July, almost 4 weeks away.
Just found some more information, further down in the document cited above, section 28: following that, once again entering yast from the CLI, the interface got as far as having written configurations for drivers, device, network, routing, hostname and DNS, networks and firewall, it got stuck at 77% of “Activating Network Services”. Which is where it remains. I’m leaving it there in the somewhat dubious case it may be able to sort itself out.
An install with chosing the ‘server’ role should activate wicked AFAIK with DHCP. And that should work, without having the need to fiddle with it. The VPS providers usually at least give a VPS 1 IP address. The one VPS I installed with Leap 15.1 is no longer under my control, but that worked with an OOTB install as well. Remember during install to enable SSH and open it’s firewall port. That gives you easy access.
The yast interface has hung. I see from the address bar at the top it is in fact yast2. “YaST2 - lan @ dom02.dominame.net”.
While it is still there I am able to open another terminal, su to root and run root commands including wicked. However, I know that as soon as I manage to close that interface down the system will no longer respond. Another reinstall.
If anybody reads this within a short time period and knows the answer, please tell me what to check or adjustments to make so the VS will restart gracefully and allow me back in.
00:03.0 Ethernet controller: Red Hat, Inc. Virtio network device
Thanks gogalthorp but it is a VPS. Also, zypper can refresh and update. I’ve had apache2 and php.info working (as index.php) too.
The problem I suspect was that wicked was not working at all. NetworkManager was in total control. However, wicked is now working for so long as I have the currently stalled yast2 interface hung where it is. I need to make a file configuration change before I can force a reboot to shut that interface down, so the VS will come back up again. Otherwise there will no login and yet another reinstall will be required.
The two things not working prior to making changes in yast were IPv6 and firewalld.
SDB articles are also generally good references, but you have to be sure the content is up to date…
The following SDB:LAMP looks up to date https://en.opensuse.org/SDB:LAMP_setup
Minor comment on earliest posts…
Any SuSE prior to 2007 was a completely different distro before Novell purchased SuSE, completely rebuiilt the distro from the ground up so that anything afterwards is completely incompatible.
And, although I haven’t set up a vhost on openSUSE for awhile, I remember that the YaST tool supported that configuration last I looked not that long ago.
Also,
My personal comment is that a common trap for distro hoppers and others with experience with other distros should quickly recognize that Apache is set up differently on every distro… I don’t think that there are any 2 distros that set up anything like each other. This makes it more important to conform with recommended setups on any distro and not try to apply your experience from one distro exactly to another… You’ll likely end up with a mess of configurations and locations, unable to use tools available in that distro and likely with security problems.
Bottom line,
I highly recommend using the references in this post to guide your setup, and if you diverge do so carefully.
Also,
My personal comment is that a common trap for distro hoppers and others with experience with other distros should quickly recognize that Apache is set up differently on every distro… I don’t think that there are any 2 distros that set up anything like each other. This makes it more important to conform with recommended setups on any distro and not try to apply your experience from one distro exactly to another… You’ll likely end up with a mess of configurations and locations, unable to use tools available in that distro and likely with security problems.
TSU
Oh, yes indeed, TSU, I can confirm from personal experience. And as time goes on the wikis, knowledge bases and forums grow ever larger so it is ever harder to pick out the “official”, current distro line from all the other distracting stuff.
Distro hopping? I have been with Arch on desktop and laptop for, probably, 7 or 8 years now and used Debian on servers for several of those before switching to Arch altogether. Non culpis m’lud.
All that aside, thanks for the links. I’m bookmarking this thread for future use and I hope it will also help others new to OpenSuSE.
gogalthorp, changing from NetworkManager to wicked in yast got me to where I am, i.e in a hung console. I need an escape route which does not break networking/firewall so I can reboot and still get back in. I can do this from the other console I have open, but not from that yast instance. That instance has hung. A bit like crashed but just still and unresponsive instead of banging out lots of error messages then closing down or simply leaving a blank screen from which the user has nowhere to go.
I now have a rather strange, to me anyway, and inexplicable update. The hung terminal finally exited with “broken pipe”. I sniffed around in the other terminal but could see nothing. So I rebooted. Lo and behold, I was able to log back in and the speed of the login told me IPv6 is now enabled. Running “wicked show all” as root confirmed.
So, sincere thanks to all who have contributed to the thread. I now have the wherewithall to go ahead and fix Apache according to the OpenSuSE way, and will log out with the confidence that I shall be able to log in again with everything, at last, as it should be.
How? If anybody would like to hazard a guess, please do so.
Most likely it was just the interface hanging, not the actions it was supposed to achieve. But the rest of your post makes me think that the VPS now runs wicked with an OK networkconfiguration.
Yes, that’s what I was thinking. Until I ran zypper ref and got the repos unreachable again. So I’m now back to searching through the possibilities, including firewalld which I know nothing about, before I dare to logout again. As in my earlier thread at https://forums.opensuse.org/showthread.php/540321-Network-broken-possible-wicked-problem everything looks OK. Needle in a haystack job.
I don’t know if an automated installer can answer the questions of installation type (server-desktop-laptop-etc) but I suspect I’m stuck with what I’ve got and will have to reconfigure to fit the server environment. In the unlikely scenario of my being asked, I would advise the devs of every distro to offer the option of a basic installation onto which users can build or add their required “set” from a number of options. That would remove hosts from the position of being between a rock and a hard place. I wouldn’t go as far as Arch, within which there is the basic and build from there. But nobody enters Arch blindfolded.
As it stands wicked is now the network controller. I have just started firewalld. Problems with networking on IPv4 did not begin until I invoked wicked in place of NM so questions of external DNS servers are not helpful (for the information of past and future contributors).
The questions now are whether the trouble is caused by internal DNS/routing/network configurations, if so which ones, or firewalld settings. I am not a total stranger to networking or security hardening. But I am painfully aware of the danger of assuming what worked in another environment or distro will work wherever we are now is that much irreparable damage can be caused. In this case, as a minimum, yet another reinstall without the benefit of logs or any other ways of learning from it.
<edit>The good news, if it can be construed as such, is that I have been able to log in with another terminal so can afford to take a little risk. If one goes down the other may hopefully survive and allow me to read some logs and try to rescue the build.</edit>