[LON-CAPA-admin] certbot and document root

Raeburn, Stuart raeburn at msu.edu
Thu Dec 20 10:18:39 EST 2018 

Nathan,

LON-CAPA works with a VirtualHost block in /etc/httpd/conf, e.g.,

<VirtualHost *:80>
    ServerName loncapa.winona.edu
    DocumentRoot /home/httpd/html
    RewriteOptions Inherit
</VirtualHost>

The LON-CAPA installation currently adds a rewrite configuration file to /etc/httpd/conf/loncapa_rewrite.conf, which you can use in your VirtualHost block for port 80 by including: RewriteOptions Inherit.

(The standard LON-CAPA Apache config file: /etc/httpd/conf//loncapa_apache.conf contains:
Include conf/loncapa_rewrite.conf )

By default, loncapa_rewrite.conf contains: 
RewriteEngine off

You can edit the file to change that to on, or use the following command to replace the default with the contents of loncapa_rewrite_on.conf (from the rewrites directory).

cp /etc/httpd/conf/rewrites/loncapa_rewrite_on.conf /etc/httpd/conf/loncapa_rewrite.conf

>
> Is "/home/httpd/html" the appropriate document root for loncapa?
>

Yes, the DocumentRoot for LON-CAPA is: /home/httpd/html

This is set in /etc/httpd/conf/loncapa_apache.conf which your httpd.conf should include using this line:
Include conf/loncapa_apache.conf

>
> Related, because it is a cloud service it has an untypeable domain name.  Is this a problem?
>

When you run ./UPDATE to install LON-CAPA you should have been prompted to enter the hostname -- you would enter: loncapa.winona.edu.  That will add the correct hostname to /home/httpd/lonTabs/hosts.tab

You could also add the following to /etc/hosts

52.162.238.218 loncapa.winona.edu

One of the LON-CAPA daemons (lonc) contains a routine which in 2.11.2 uses the perl module: Sys::Hostname to get the server's hostname.  (The lonc daemon will connect to a lond daemon to submit requests for data from a LON-CAPA node).

In the case where loncnew connects to lond on the same node, the server's hostname needs to match the hostname contained in /home/httpd/lonTabs/hosts.tab, for the connection to be considered "local".

In that case, if the LON-CAPA daemons are running, and a local data request had been made in the past 5 minutes, the command:

ps -ef |grep lon

would include:

lonc: loncapa.winona.edu Connection count: 1 Retries remaining: 5 (local) 
lond: Listening to winonal1 (local) 

Anyway, in LON-CAPA 2.11.3, use of Sys::Hostname will be replaced with Sys::Hostname::FQDN::fqdn() when loncnew needs the hostname of the server. (This change is being made primarily for the benefit of servers running Ubuntu, but might also impact your cloud-service based installation).

>
> Certbot requires a "Virtual host" to run successfully.
>

certbot can take a number of arguments, e.g., certbot certonly -d loncapa.winona.edu

Personally, I always use the certonly arg, as my experience has been that certbot simply overwrites the existing /etc/httpd/conf.d/ssl.conf file, without preserving what was there.


Stuart Raeburn
LON-CAPA Academic Consortium

________________________________________
From: LON-CAPA-admin <lon-capa-admin-bounces at mail.lon-capa.org> on behalf of Moore, Nathan T <nmoore at winona.edu>
Sent: Wednesday, December 19, 2018 3:25 PM
To: list about administration and system updating
Subject: [LON-CAPA-admin] certbot and document root

I'm working on an loncapa install on a RHEL7.6 box, running Apache 2.4.6

I had loncapa up and running 2 hrs ago but I've messed up the httpd configuration.

Specifically, after the loncapa install I started working with certbot for ssl.  Certbot requires a "Virtual host" to run successfully.  The certbot email list suggests I include something like:

ServerName loncapa.winona.edu:80

And

Listen 80
<VirtualHost *:80>
    DocumentRoot "/home/httpd/html"
    ServerName loncapa.winona.edu

    # Other directives here
        RewriteEngine on
        RewriteCond %{SERVER_NAME} =loncapa.winona.edu
        RewriteRule ^ https://urldefense.proofpoint.com/v2/url?u=https-3A__-25-257BSERVER-5FNAME-257D-25-257BREQUEST-5FURI-257D&d=DwICAg&c=nE__W8dFE-shTxStwXtp0A&r=VsGo3jOm8tGLd6f-KlhT-g&m=dMYj84-IuuQUJFhnQGzZSlJxAfEzz__wPpslbUh_E1A&s=dmyiZuymxwtZkvgfRwppwnZaV3V6_8vOjIbQUlhKF1I&e= [END,NE,R=permanent]
</VirtualHost>

With these changes, loncapa fails to load anything.

Is "/home/httpd/html" the appropriate document root for loncapa?

Related, because it is a cloud service it has an untypeable domain name.  Is this a problem?
[root at WSU-Lon-Capa conf]# hostname --fqdn
WSU-Lon-Capa.iel215phooculndmj5ogxpf3zg.ex.internal.cloudapp.net
But our local dns maps loncapa.winona.edu to the machine's ip address 52.162.238.218
--- --- --- ---
Nathan Moore, PhD
Physics, Winona State University

-----Original Message-----
From: LON-CAPA-admin <lon-capa-admin-bounces at mail.lon-capa.org> On Behalf Of Raeburn, Stuart
Sent: Friday, August 24, 2018 2:49 PM
To: list about administration and system updating <lon-capa-admin at mail.lon-capa.org>
Subject: Re: [LON-CAPA-admin] Removing Resource Identifier Reference

Lee,

>
> The plan is to remove the reference to that sequence in the new
> course, but I wanted to double check with the list to see if there is any advice before I start editing course files.
>

If you prefer not to edit course files, then on the command line on your library server as user: www you could simply create a file named: group_allfolders26759251377393070.sequence in:
/home/httpd/lonUsers/uiuc/1/i/9/1i928139c6d645b29uiuclibrary1/userfiles

containing:

<map>
<resource id="1" src="" type="start"></resource> <link from="1" to="2" index="1"></link> <resource id="2" src="" type="finish"></resource> </map>

In a web browser you would select a Course Coordinator role in the course, (or re-initialize if a role is already selected in the course) and then use the Course Editor to hide that item (or remove it).

Is there a group_allfolders.sequence file in the userfiles sub-directory? Are there groups in the course?

Stuart Raeburn
LON-CAPA Academic Consortium

________________________________________
From: LON-CAPA-admin <lon-capa-admin-bounces at mail.lon-capa.org> on behalf of Bynum, Lee Hamilton <leebynum at illinois.edu>
Sent: Thursday, August 23, 2018 12:19 PM
To: 'lon-capa-admin at mail.lon-capa.org'
Subject: [LON-CAPA-admin] Removing Resource Identifier Reference

Hello Everyone,

In the process of merging two courses' content we have managed to include a reference to a group sequence that doesn't exist in the new course.  As a result the course is reporting Map not loaded: The file /home/httpd/lonUsers/uiuc/1/i/9/1i928139c6d645b29uiuclibrary1/userfiles/group_allfolders26759251377393070.sequence does not exist on course initialization.

The plan is to remove the reference to that sequence in the new course, but I wanted to double check with the list to see if there is any advice before I start editing course files.

Thanks,

Lee
_______________________________________________
LON-CAPA-admin mailing list
LON-CAPA-admin at mail.lon-capa.org
https://urldefense.proofpoint.com/v2/url?u=http-3A__mail.lon-2Dcapa.org_mailman_listinfo_lon-2Dcapa-2Dadmin&d=DwICAg&c=nE__W8dFE-shTxStwXtp0A&r=VsGo3jOm8tGLd6f-KlhT-g&m=dMYj84-IuuQUJFhnQGzZSlJxAfEzz__wPpslbUh_E1A&s=y7WmSP9bavlYo46REHyV4TWZ_L75dBMJlGUS8pzLVH0&e=
_______________________________________________
LON-CAPA-admin mailing list
LON-CAPA-admin at mail.lon-capa.org
https://urldefense.proofpoint.com/v2/url?u=http-3A__mail.lon-2Dcapa.org_mailman_listinfo_lon-2Dcapa-2Dadmin&d=DwICAg&c=nE__W8dFE-shTxStwXtp0A&r=VsGo3jOm8tGLd6f-KlhT-g&m=dMYj84-IuuQUJFhnQGzZSlJxAfEzz__wPpslbUh_E1A&s=y7WmSP9bavlYo46REHyV4TWZ_L75dBMJlGUS8pzLVH0&e=

More information about the LON-CAPA-admin mailing list