Adding Void Linux configuration to certbot-apache

Hello.

On Void Linux certbot-apache doesn't out of the box because the defaults used by it aren't applicable to the distro. I was thinking of adding a configuration for it to make the experience a bit better but I am not what those options should be. I thought of filing a PR and discussing it there but I think it's better to ask here first so here it goes.

In the certbot repo, I create a file named certbot-apache/certbot_apache/_internal/override_void.py with the contents:

""" Distribution specific override class for Arch Linux """
import zope.interface

from certbot import interfaces
from certbot_apache._internal import configurator
from certbot_apache._internal.configurator import OsOptions


@zope.interface.provider(interfaces.IPluginFactory)
class ArchConfigurator(configurator.ApacheConfigurator):
    """Arch Linux specific ApacheConfigurator override class"""

    OS_DEFAULTS = OsOptions(
        server_root="/etc/apache",
        vhost_root="/etc/apache/conf",
        vhost_files="*.conf",
        logs_root="/var/log/httpd",
        ctl="apachectl",
        version_cmd=['apachectl', '-v'],
        restart_cmd=['apachectl', 'graceful'],
        conftest_cmd=['apachectl', 'configtest'],
        challenge_location="/etc/apache/conf",
    )

The problem is Void Linux's apache package doesn't come with a directory that looks like an intended vhost_dir. So I am not sure what I should set the vhost_dir and vhost_files attributes.

Secondly I don't know what challenge_location means so I don't know what to set it to.

Any input regarding these two issues is appreciated. For reference I set up Apache to serve a simple static website and was able to install certificates using certbot --apache --apache-ctl /usr/bin/apachectl --apache-server-root /etc/apache. But it would be nice to have this preconfigured in the package which is why I am asking for help here.


Edit: The configuration files supplied by the package are as follows:

/etc/apache/extra/httpd-autoindex.conf
/etc/apache/extra/httpd-dav.conf
/etc/apache/extra/httpd-default.conf
/etc/apache/extra/httpd-info.conf
/etc/apache/extra/httpd-languages.conf
/etc/apache/extra/httpd-manual.conf
/etc/apache/extra/httpd-mpm.conf
/etc/apache/extra/httpd-multilang-errordoc.conf
/etc/apache/extra/httpd-ssl.conf
/etc/apache/extra/httpd-userdir.conf
/etc/apache/extra/httpd-vhosts.conf
/etc/apache/extra/proxy-html.conf
/etc/apache/httpd.conf
/etc/apache/magic
/etc/apache/mime.types
1 Like

Where does Void Linux' Apache put its virtualhosts files then? I'm not familiair with an Apache instance which does not have a specific place for separate virtualhosts files.

In the Gentoo overrides, it's the same as vhost_root, i.e.: where Apache can find a configuration file containing a virtualhost. The Apache plugin uses custom-build, temporary virtualhosts for the challenge files.

I think it would suffice to use the /etc/apache/extra/ for both directory options. The vhost_files is probably fine: all configuration files have the .conf extension, so the file used by certbot should probably use that too.

2 Likes

Here is some more information for you in the form of two of the default configuration files. Maybe you can find something I couldn't:

From the main config, the only reference I can find to a vhost config is the file /etc/apache/extra/httpd-vhosts.conf. It's commented out by default. But since it is not a dedicated vhosts directory I am a bit unsure. Any ideas?

It seems your default Apache doesn't have any virtualhosts configured. A minimum of one virtualhost needs to be configured for the Apache installer plugin to work. Not sure about the Apache authenticator tho..

The vhost_root option is used by the Apache plugin to select the directory where to put its modified configuration file containing the HTTPS virtualhost:

I'm still convinced setting it to /etc/apache/extra/ would work.

So it seems you need to do at least one thing manually on Void Linux: set up a virtualhost. If you use the template provided and the Apache authenticator and installer indeed actually work with your addition to the plugin, certbot would generate a /etc/apache/extra/httpd-vhosts-le-ssl.conf based on the original /etc/apache/extra/httpd-vhosts.conf.

1 Like

Thanks a lot for all the help.

Please let us know if you got things working!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.