One Apache server, multiple clients - best practices for config files?
Posted
by
OttaSean
on Server Fault
See other posts from Server Fault
or by OttaSean
Published on 2014-05-29T14:53:57Z
Indexed on
2014/05/29
15:29 UTC
Read the original article
Hit count: 152
First time user; please be gentle. :-) (And if you don't like my question I'd be grateful for a comment as to why...)
I am doing a contract at a government server shop that provides web services for multiple client groups in other areas of the government. My employer has asked me to look into how other shops, in similar situations, handle configuration files, and whether there are any best practices on the subject. I'm pretty sure there are lots of installations out there running multiple VirtualHosts out of one Apache installation, but surprisingly I couldn't find anything online about how people handle config file layout, so was hoping some of you wise folks on ServerFault might have some thoughts or pointers for me.
The current setup - which seems logical to me - is that each client site has its own directory off the root - so:
/client/tps-reports/
/client/silly-walks/
/client/ministry-of-magic/
and so on - and each of those directories has a /htdocs, /cgi-bin, and /conf (among others).
The main /etc/apache/httpd.conf only contains Include statements (and lots of comments), the last of which is:
Include /etc/apache/vhosts/*.conf
The vhosts directory contains symlinks:
tpsrept.conf -> /client/tps-reports/conf/tpsrept.conf
sillywk.conf -> /client/silly-walks/conf/sillywk.conf
mom.conf -> /client/ministry-of-magic/mom.conf
Each of those .conf files contains the actual NameVirtualHost definition and a gigantic <VirtualHost 192.168.12.34> stanza - which contains all the stuff about the specific site.
The idea is that clients have access to what's in their own /client/xx directory, so they can change stuff in the section of the config that is relevant to them. As I mentioned above, that seems fairly logical to me, but I'm wondering if any of you wise folks are aware of potential gotchas with this sort of layout, or any other thoughts on why it is or isn't a good idea. In particular, how do other places do it? Is there a "best practice" for this sort of thing?
Many thanks in advance for your time and any thoughts you all might have.
© Server Fault or respective owner