====== Differences ====== This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
using:howto:twister_on_your_self-host_server [2014/02/11 21:34] natir Add secure by password |
using:howto:twister_on_your_self-host_server [2014/05/20 13:11] (current) erkan_yilmaz typo |
||
---|---|---|---|
Line 1: | Line 1: | ||
<markdown> | <markdown> | ||
- | # Twister on self-host server | + | # Twister on self-hosted server |
This how-to is write for unix like operating system. | This how-to is write for unix like operating system. | ||
Line 103: | Line 103: | ||
## Apache proxy | ## Apache proxy | ||
+ | I supose here we want all request to twister to be secure by https, so I redirect http request to https | ||
+ | |||
+ | ``` | ||
+ | # The redirection from http to https | ||
+ | <VirtualHost *:80> | ||
+ | DocumentRoot /var/www/ | ||
+ | ServerName twister.example.com | ||
+ | <IfModule mod_rewrite.c> | ||
+ | RewriteEngine on | ||
+ | RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 | ||
+ | </IfModule> | ||
+ | |||
+ | CustomLog /var/log/apache2/twister-access.log combined | ||
+ | ErrorLog /var/log/apache2/twister-error.log | ||
+ | </VirtualHost> | ||
+ | |||
+ | # The real part of the configuration | ||
+ | <VirtualHost *:443> | ||
+ | ServerAdmin webmaster@localhost | ||
+ | # Edit with your dns | ||
+ | ServerName twister.example.com | ||
+ | | ||
+ | # Set DocumentRoot to twister html directory to let apache | ||
+ | # serve static contents | ||
+ | DocumentRoot /path/to/twister-html/ | ||
+ | | ||
+ | # Usage of a custom log path | ||
+ | CustomLog /var/log/apache2/twister-access.log combined | ||
+ | ErrorLog /var/log/apache2/twister-error.log | ||
+ | | ||
+ | # Enable SSL | ||
+ | SSLEngine on | ||
+ | SSLCertificateFile /etc/apache2/ssl/twister.example.com/ssl.crt | ||
+ | SSLCertificateKeyFile /etc/apache2/ssl/twister.example.com/ssl.key | ||
+ | SSLCertificateChainFile /etc/apache2/ssl/chain.crt | ||
+ | |||
+ | # we use url rewriting for proxying | ||
+ | RewriteEngine on | ||
+ | | ||
+ | # redirect / to /index.html if the request is | ||
+ | # a GET request. Call to the API seems to be all POST | ||
+ | RewriteCond %{THE_REQUEST} GET | ||
+ | RewriteRule ^/$ /index.html [L] | ||
+ | | ||
+ | # proxy POST request to / to twister | ||
+ | RewriteCond %{THE_REQUEST} POST | ||
+ | RewriteRule ^/$ http://127.0.0.1:28332/ [P,QSA] | ||
+ | | ||
+ | # Authentication | ||
+ | <Location /> | ||
+ | AuthUserFile /some/secure/path/.htpassword | ||
+ | AuthGroupFile /dev/null | ||
+ | AuthName "Accès sécurisé" | ||
+ | AuthType Basic | ||
+ | <LIMIT GET POST> | ||
+ | Require user twister | ||
+ | </LIMIT> | ||
+ | </Location> | ||
+ | </VirtualHost> | ||
+ | ``` | ||
+ | |||
+ | Now making the password file (add -c option if you are creating the file): | ||
+ | ``` | ||
+ | twister@example:~$ htpasswd /some/secure/path/.htpassword twister | ||
+ | New password: mon_jolie_mot_de_passe | ||
+ | Re-type new password: mon_jolie_mot_de_passe | ||
+ | Adding password for user twister | ||
+ | |||
+ | twister@example:~$ cat /some/secure/path/.htpassword | ||
+ | twister:$apr1$WpQNVebq$y4DyXYs06D2naWaDF0buM0 | ||
+ | ``` | ||
+ | |||
+ | For the authentication to work, we need to use the same user and password in the /some/secure/path/.htpassword file and in the ``.twister/twister.conf``. We also need to increse the maximum number of concurrent threads serving twister. I put 100 by guess (default is 4), it works for me without increasing the load on my server. | ||
+ | |||
+ | My ``.twister/twister.conf`` : | ||
+ | ``` | ||
+ | twister@example:~/.twister$ cat twister.conf | ||
+ | rpcuser=twister | ||
+ | rpcpassword=mon_jolie_mot_de_passe | ||
+ | rpcthreads=100 | ||
+ | rpcallowip=127.0.0.1 | ||
+ | ``` | ||
</markdown> | </markdown> |