Sign in Subscribe
Monica

Monica - Take Three, Part Two

David Buhlman

4 min read
Monica - Take Three, Part Two
Photo by Celine Nadon / Unsplash

I'm picking this back up from where I left off a few days ago.

Configure Monica

Steps performed on MONICA-01

  • cd /var/www/monica
  • php artisan setup:production -v
    • Setup is done. Have fun.

Configure Cron Job

Steps performed on MONICA-01

  • crontab -u www-data -e
    • * * * * * php /var/www/monica/artisan schedule:run > > /dev/null 2>&1
  • I saved the crontab file

Configure Apache Webserver

Steps performed on MONICA-01

  • chown -R www-data:www-data /var/www/monica
  • chmod -R 775 /var/www/monica/storage
  • a2enmod rewrite
  • nano /etc/apache2/sites-available/monica.conf
ServerName YOUR IP ADDRESS/DOMAIN
ServerAdmin webmaster@localhost
DocumentRoot /var/www/monica/public
<Directory /var/www/monica/public>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
  • a2dissite 000-default.conf
  • a2ensite monica.conf
  • a2enmod proxy_fcgi setenvif
  • a2enconf php7.4-fpm
  • service php7.4-fpm restart
  • service apache2 restart
    • Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xeu apache2.service" for....

I try to test the website from my desktop but it times out.

  • sudo reboot

Testing again produces the same time out result.

  • service apache2 status
  • Failed to start The Apache HTTP Service

Well let's troubleshoot this.

  • cd /etc/apache2
  • apache2ctl configtest

It gives me a syntax error on line 2 of /etc/apache2/sites-enabled/monica.conf. Whoops! I forgot to remove the stars from my copy/paste. I correct this error.

  • service apache2 restart

Success!

  • service apache2 status
    • Active:active (running)

When I test from a browser it times out.

  • sudo reboot

Testing from the browser again, this time the connection is refused. For some reason it doesn't seem to want to load the index.php file so I create a info.php file, which displays just fine.

Well it looks like when I try to load index.php it is trying to redirect to http://FQDN/register which then gives a 404 error. I try adding .php to the end and the page loads but without and CSS. Trying to register and it craps out. Oh I see! It is failing on the HTTPS. Cause it isn't enabled. The documentation is lacking that fact. Well lets work that up ourselves.

Setting up SSL/HTTPS

Steps performed on MONICA-01

  • a2enmod rewrite
    • Rewrite already enabled
  • nano /etc/apache2/apache2.conf

Where I changed:

<Directory /var/www/html>  
    AllowOverride Off  
</Directory>

to the following:

  <Directory /var/www/html>
	  AllowOveride All
  </Directory>
  • mkdir /etc/apache2/certificate
  • cd /etc/apache2/certificate
  • openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out apache-certificate.crt

Generated key.

  • nano /etc/apache2-sites-enabled/monica.conf
  • I add the following:
<VirtualHost *:443>  
    ServerAdmin webmaster@localhost  
    DocumentRoot /var/www/monica/public  
    ErrorLog ${APACHE_LOG_DIR}/error.log  
    CustomLog ${APACHE_LOG_DIR}/access.log combined  
    SSLEngine on  
    SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt  
    SSLCertificateKeyFile /etc/apache2/certificate/apache.key  
</VirtualHost>
  • service apache2 restart

This failed.

  • cd /etc/apache2
  • apache2ctl configtest
  • Name or service not known: AH00547: Could not resolve host name 443 - ignoring! Syntax error on line 13 of /etc/apache2/sites-enabled/monica.conf: invalid command 'SSLEngine', perhaps misspelled or defined by a module not include in the server configuration.

Ahhh I see, I need to add the SSL mod

  • a2enmod ssl
  • apache2ctl configtest
    • Syntax error on line 15 of /etc/apache2/sites-enabled/monica.conf: SSLCertificateKeyFile: file /etc/apache2/certificate/apache.key does not exist or is empty.

Doh! I botched that first cert command and forgot the keyout switch. Let's fix it!

  • openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out apache-certificate.crt -keyout apache.key
  • apache2ctl configtest
    • Syntax OK. Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message.
  • service apache2 restart

Success!

Testing in a browser gives an error Secure Connection Failed. An error occurred during a connection to xxx. SSL received a record that exceeded the maximum permissible length. SSL_ERROR_RX_RECORD_TOO_LONG

That's a new one for me. Is it because I reused the same certificate name twice? No that's not it. After a lock of hacking around at my .conf file I finally cleared it of all the errors. Testing shows the site is now loading correctly. Here is my final working .conf:

<VirtualHost *:80>
        RewriteEngine On
        RewriteCond %{HTTPS} !=on
        RewriteRule ^/(.*)$ [https://10.100.100.6/$1](https://10.100.100.6/$1) [R,L]
</VirtualHost>
<VirtualHost *:80>
        ServerName 10.100.100.6
        RewriteEngine on
        RewriteRule ^/(.*)$ [https://10.100.100.6/$1](https://10.100.100.6/$1) [R,L]
</VirtualHost>
<VirtualHost *:443>
        ServerName 10.100.100.6
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/monica/public
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        SSLEngine on
        SSLCertificateFile /etc/apache2/certificate/monica.crt
        SSLCertificateKeyFile /etc/apache2/certificate/monica.key
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
        <directory /var/www/monica/public>
Options All
AllowOverride All
Require all granted
      </directory>
</VirtualHost>

Man I must be beyond tired today. Doing all of this backwards and full of typos and errors. Probably a good place to call it a day. Just goes to show I still need to shake off some of my Linux rust.