Re: [web2py] Multiple Domains, Subdomains, and Applications with SSL. Single web2py Instance on Apache

2011-07-13 Thread Ross Peoples 
Glad you got it resolved. And I'm glad this is helping others. I should 
mention though that the Apache configurations mentioned in my original post 
disable admin and app admin access completely (even over SSL). This is a 
good idea unless you absolutely need it, since web2py's admin application 
doesn't have any protection against brute-force hacking attempts. However, I 
have submitted a patch that adds this protection to the admin application. 
If it gets accepted, it may be moderately safe to enable the admin 
application over SSL, but only if you need it. To enable admin over SSL, you 
would simply change these lines in the Apache site configuration files:

   
  Deny from all 
   

   
  Deny from all 
  

You can remove these lines, or simply put a hash mark (#) in front of the 
Deny from all part. Using the hash marks could make it easier to switch 
admin on and off if you only want it on when needed. Just keep in mind that 
you would need to run:

sudo /etc/init.d/apache2 reload

In order for the change to take effect. If for some reason the changes don't 
get applied, then doing an Apache restart instead of a reload should do the 
trick.

Re: [web2py] Multiple Domains, Subdomains, and Applications with SSL. Single web2py Instance on Apache

2011-07-13 Thread danto 
2011/7/13 Ross Peoples 

> it looks correct, and shouldn't make any difference as long as indentation
> is correct. Maybe try lowercasing the domain names. Also, do you have any
> other routing options besides this one?
>

yeah, it is very weird, but suddenly after stoping, wait for about 10 secs
and then starting apache now it works. I was using the *restart* command of
apache before but it didn't work, so maybe is something with the cache or
alike. I remark on "suddenly" because I did the same procedure a few times
before without changes. At least now is still working.

Thank you anyway, and for that you decided been informative to others in the
first post.

best regards :)

Re: [web2py] Multiple Domains, Subdomains, and Applications with SSL. Single web2py Instance on Apache

2011-07-13 Thread Ross Peoples 
it looks correct, and shouldn't make any difference as long as indentation 
is correct. Maybe try lowercasing the domain names. Also, do you have any 
other routing options besides this one?

Re: [web2py] Multiple Domains, Subdomains, and Applications with SSL. Single web2py Instance on Apache

2011-07-12 Thread danto 
I don't know what should be wrong, but I cannot map 2 apps to different
subdomains in the same domain, my routes.py is like the follow:

#!/usr/bin/python
#-*- coding: utf-8 -*-

routers = dict(
  BASE  = dict(
domains = {
'sub1.AAA.com' : 'app1',
'sub2.AAA.com' : 'app2',
}
)
  )


All works when there're just 1 app mapped (sub1<->app1) but it stop working
when I add the second statement (sub2 <-> app2).
I restart/stop/start apache after every change on routes.py

I'm using webfaction, if that is useful to know.

Re: [web2py] Multiple Domains, Subdomains, and Applications with SSL. Single web2py Instance on Apache

2011-07-01 Thread Ovidio Marinho 
Very Goog Tutorial. Congratulations.



   Ovidio Marinho Falcao Neto
 ovidio...@gmail.com
 88269088
   Paraiba-Brasil



2011/7/1 Ross Peoples 

> This post is meant to be informative, as I have been trying to get this
> working on my server for about a week now and I've finally got what I
> wanted. Sorry in advance if this turns out to be really long, but I'm hoping
> that my hard work and research will help someone else in the same situation.
>
> Let's start with a problem statement: How do I run multiple web2py
> applications all using different domains/subdomains AND make those sites
> usable with SSL on Apache? Oh, and while we're at it, how do we keep
> existing PHP sites working? I am using Ubuntu 10.04 as a LAMP server in
> production and want to start hosting multiple web2py sites/applications on
> it as well.
>
> The best recommendation I can make as far as getting web2py installed is to
> follow the documentation:
> http://web2py.com/book/default/chapter/11#Apache-setup
>
> You will want to read the Apache Setup section and the first part of the
> mod_wsgi section where web2py is downloaded, unziped and owned by www-data.
> After that, the Apache config files mentioned are great for simple server
> setups, but we want something more complex, so we will make our own.
>
> First let's go over what we have and what we need:
>
> We have an existing PHP app running on oldapp.com. We have two web2py
> applications that we want to run and we have two domains for them:
> exampleapp.com and anotherexample.com. If you want to run any of these
> sites on SSL, then you need to get certificates for them. If they are simple
> apps, then you can get free 1-year certificates from StartSSL.com. I won't
> go into detail about how to get these certificates or decrypting the private
> keys, as that is a fairly broad topic and the documentation from your chosen
> certificate authority can probably explain it better than I can.
>
> So now we assume you have your SSL certificates, now it's time to configure
> Apache and web2py. First, let's take care of the PHP application. Hopefully
> you will have each PHP site in it's own VirtualHost file, and not called
> 000-default. If it is, then you will need to run the following commands to
> disable the site, rename it, and re-enable it:
>
> sudo a2dissite 000-default
> sudo mv /etc/apache2/sites-available/000-default
> /etc/apache2/sites-available/php-oldapp
> sudo a2ensite php-oldapp
> sudo /etc/init.d/apache2 restart
>
> Check to make sure your PHP site is still working, as we're done with that.
> Next, we need to create a default web2py configuration. So run your
> preferred text editor to create a new default file (I'll use nano here for
> simplicity):
>
> sudo nano /etc/apache2/sites-available/000-default
>
> Now, put the following in your new configuration file:
>
> # This is the default VirtualHost and should be the first VirtualHost
>
> # This is required in order to run SSL web2py sites
> NameVirtualHost *:443
>
>
> # Make this process global so that other VirtualHosts can access it (i.e. SSL 
> sites)
>
> WSGIDaemonProcess web2py user=www-data group=www-data display-name=%{GROUP
> }
>
> 
>   WSGIProcessGroup web2py
>   WSGIScriptAlias / /var/repositories/web2py/wsgihandler.py
>
>   
> AllowOverride None
> Order Allow,Deny
> Deny from all
> 
>   Allow from all
> 
>   
>
>   AliasMatch ^/([^/]+)/static/(.*) \
>/var/repositories/web2py/applications/$1/static/$2
>   
> Order Allow,Deny
> Allow from all
>   
>
>   
>   Deny from all
>   
>
>   
>   Deny from all
>   
>
>   CustomLog /var/log/apache2/access.log common
>   ErrorLog //var/log/apache2/error.log
> 
>
> This configuration file will run all of your non-SSL web2py sites. You can
> map domain names to applications with web2py's routes.py file (which we will
> see later) without ever having to touch this Apache configuration file
> again. To test this, enable the site and restart Apache:
>
> sudo a2ensite 000-default
> sudo /etc/init.d/apache2 restart
>
> web2py should be working now, but it may not work the way we want yet, as
> we have not configured its routers.py file yet. Now we need to set up SSL
> for our sites. In order to do this, we need a Apache configuration
> (VirtualHost) file for each domain/application. This is because each domain
> needs its own certificate and it's best to let Apache handle this for us. We
> need to make another file for our SSL-enabled exampleapp:
>
> sudo nano /etc/apache2/sites-available/web2py-exampleapp-ssl
>
> Put the following in the new configuration file:
>
> 
>   ServerName exampleapp.com
>   ServerAlias *.exampleapp.com
>
>   SSLEngine on
>   SSLCertificateFile /var/repositories/web2py/exampleapp.com.crt
>   SSLCertificateKeyFile /var/repositories/web2py/exampleapp.com.key
>
>   WSGIProcessGroup web2py
>   WSGIScriptAlias / /var/repositories/web2py/wsgihandler.py
>
>   
>