One Apache server, multiple clients - best practices for config files?

Posted by OttaSean on Server Fault See other posts from Server Fault or by OttaSean
Published on 2014-05-29T14:53:57Z Indexed on 2014/05/29 15:29 UTC
Read the original article Hit count: 152

First time user; please be gentle. :-) (And if you don't like my question I'd be grateful for a comment as to why...)

I am doing a contract at a government server shop that provides web services for multiple client groups in other areas of the government. My employer has asked me to look into how other shops, in similar situations, handle configuration files, and whether there are any best practices on the subject. I'm pretty sure there are lots of installations out there running multiple VirtualHosts out of one Apache installation, but surprisingly I couldn't find anything online about how people handle config file layout, so was hoping some of you wise folks on ServerFault might have some thoughts or pointers for me.

The current setup - which seems logical to me - is that each client site has its own directory off the root - so:
/client/tps-reports/
/client/silly-walks/
/client/ministry-of-magic/
and so on - and each of those directories has a /htdocs, /cgi-bin, and /conf (among others).

The main /etc/apache/httpd.conf only contains Include statements (and lots of comments), the last of which is:
Include /etc/apache/vhosts/*.conf

The vhosts directory contains symlinks:
tpsrept.conf -> /client/tps-reports/conf/tpsrept.conf
sillywk.conf -> /client/silly-walks/conf/sillywk.conf
mom.conf -> /client/ministry-of-magic/mom.conf

Each of those .conf files contains the actual NameVirtualHost definition and a gigantic <VirtualHost 192.168.12.34> stanza - which contains all the stuff about the specific site.

The idea is that clients have access to what's in their own /client/xx directory, so they can change stuff in the section of the config that is relevant to them. As I mentioned above, that seems fairly logical to me, but I'm wondering if any of you wise folks are aware of potential gotchas with this sort of layout, or any other thoughts on why it is or isn't a good idea. In particular, how do other places do it? Is there a "best practice" for this sort of thing?

Many thanks in advance for your time and any thoughts you all might have.

© Server Fault or respective owner

Related posts about apache-2.2

Related posts about configuration