4.9 KiB
RUG WEBHOSTING
- Docker domain hosting
- 5+ GB website space ( fair use policy )
- PHP support (Linux/Apache variant)
- ASP support (Windows/IIS variant)
The following options are available at an extra charge:
- expansion of web space (in consultation with CIT)
- e-mail addresses
- domain registration (.nl, .com, .org, .eu, etc.).
Since 2017 every new hosting domain is automatically a docker environment. There's still a active connection between the old shared environment and the new one.
HTTPS
The whole webhosting environment is behind several loadbalancers, force ssl does not work out of the box. Because the internal communication between the loadbalancers (lb) and webservers are plain http.
If you force a website without the correct headers, the application will stay in a loop and fail. The answer is simple , the webserver doesn't know that the request is secure! only the loadbalancer knows.
If we do a htaccess override, actually were telling the webserver , redirect once, if the Header HTTP:X-SSL-Enabled is true, don't do anything! otherwise redirect to https.
Examples
standard
client http (80) <-> http (80) -> http (80) -> website (80)
or both
client https (443) <--> (443) -> http (80) -> website(80)
force https
client http (80) <-> force redirect https (443) -> http (80) -> website (80)
htaccess Override
# auto redirect to ssl, only for webhosting.rug.nl domains or with own certificates
<IfModule mod_rewrite.c>
RewriteEngine On
RequestHeader set HTTP:X-SSL-Enabled "true"
RewriteCond %{HTTP:X-SSL-Enabled} !true
RewriteRule (.*) https://domain.webhosting.rug.nl/$1 [R,L]
</IfModule>
wordpress https
Download the plugin simple ssl and enable https
Do not force an https override by htaccess!
SSH
SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH.
Example Connection
ssh f-number@ssh.webhosting.rug.nl
Example Tunnel
ssh -L 8080:IP:80 f-number@ssh.webhosting.rug.nl -N 1
WEB This only works with Two Factor Authentication
https://ssh.webhosting.rug.nl
Two factor auth
Put two files inside you're homedir/.ssh folder
mobile_number and email_address
$ cat ~/.ssh/mobile_number
0612345678
$ cat ~/.ssh/email_address
email@rug.nl
Aps
filezilla
putty
wincp
ducky
ssh
MYSQL
PHPmyAdmin
https://mysql.webhosting.rug.nl
CLI dump database
$ ssh account@ssh.webhosting.rug.nl
$ mysqldump --host mysql01.service.rug.nl -u account -p -D database \
| gzip -c | > ~/backup/database.sql.gz
CLI restore database
$ ssh account@ssh.webhosting.rug.nl
$ gunzip < ~/backup/database.sql.gz | mysql --host mysql01.service.rug.nl \
-u account -p database > ~/backup/database.sql
CLI optimize database
$ ssh account@ssh.webhosting.rug.nl
$ mysqloptimze --host mysql01.service.rug.nl -u account -p -D database
CLI enter database
$ ssh account@ssh.webhosting.rug.nl
$ mysql --host mysql01.service.rug.nl -u account -p
CLI remote access database
$ ssh -L 3306:mysql01.service.rug.nl:3306 account@ssh.webhosting.rug.nl -N 1
$ mysql --host localhost -u account -p
POSTGRES
phpPgAdmin
https://psql.webhosting.rug.nl
PHP
$ cat ~\site.htaccess
Override upload filesize
<IfModule mod_php5.c>
php_value upload_max_filesize 100M
php_value post_max_size 100M
php_value max_execution_time 200
php_value max_input_time 200
</IfModule>
Override memory limit
<IfModule mod_php5.c>
php_value memory_limit 64M
</IfModule>
Access
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^129\.125\.
RewriteCond %{REMOTE_ADDR} !^77\.43\.20\.
RewriteCond %{REMOTE_ADDR} !^10\.9\.
RewriteRule ^(.*)$ - [R=403,L]
GIT
URL
set environment
$ account@ssh.webhosting.rug.nl
$ git config --global user.name "My Username"
$ git config --global user.email "email@rug.nl"
DOCKER
REGISTRY URL
https://registry.webhosting.rug.nl
login private registry
$ docker login registry.webhosting.rug.nl
create tag push
$ cd docker-build-directory
$ docker build -t name .
$ docker tag name:latest registry.webhosting.rug.nl/username/name:latest
$ docker push registry.webhosting.rug.nl/username/name:latest
docker run debug
$ docker run --rm -it -p "":80 registry.webhosting.rug.nl/username/name:latest