Let's Encrypt is great but you have to be patient for certbot 0.21.0 (see you other thread). I even use it for my poweredbyclear.com subdomain. In the next couple of weeks I intend to post how to use it for the mail apps.

Marc Laporte wrote:
And all of this also works with Let's Encrypt:
http://wikisuite.org/How-to-install-Let-s-Encrypt-SSL-certificates-on-ClearOS

Best regards,

M ;-)

Thanks for the link. I'm interested in trying Let's Encrypt. Also a thank you for creating this app!!!

Thanks for the question. Nick's answer is accurate. I will just add a few things:

Best practice is to not to use your main domain name as your default website. So /var/www/html/ should have nothing but the default "Congratulations... your web server is running!" message with ClearOS branding. So if someone visits via your IP address, they will not get one of your sites.

For all websites you actually want to host: Sandboxed is the safest / cleanest which is why it's now the default.
https://tracker.clearos.com/view.php?id=16171

Paths are:
/var/www/virtual/example.org/html/ -> Where you put your web accessible files
/var/www/virtual/example.org/logs/ -> Access and error logs
/var/www/virtual/example.org/error/ -> To override default Apache error pages (like 404 errors). Last time I checked, this wasn't working as I'd expect. I'll add documentation later.

So each project is nicely self-contained.


This also permits to have a predictable storage space outside (below) the web accessible directory. This is how we do it for Tiki Wiki CMS Groupware:
https://doc.tiki.org/File-Storage#Ideal_scenario
It's the same idea for any PHP web app.

Having different versions of PHP per website is already available, and is designed to work with both sandbox or standard layout:
http://wikisuite.org/How-to-install-a-PHP-version-picker-on-ClearOS

And all of this also works with Let's Encrypt:
http://wikisuite.org/How-to-install-Let-s-Encrypt-SSL-certificates-on-ClearOS

Best regards,

M ;-)

As far as I know, you cannot change the folder structure for the default web site. This defaults to a webroot of /var/www/html. Also /var/www/html is "bind mounted" into /var/flexshare/shares/{your_web_site}. This is how the ftp upload works, making use of the flexshare capability.

For additional web sites, for the Standard layout, the document root is /var/www/virtual/{your_other_web_site} and the Sandboxed layout has a document root of /var/www/virtual/{your_other_web_site}/html. Both use bind mounts to /var/flexshare/shares/{your_other_web_site}. As this is a new feature there may be a bug here as I would have expected the Sandboxed mount to go to /var/flexshare/shares/{your_web_site}/html but it does allow you access to your own logs. I'll ask Peter when I get the chance.

The Sandboxed set up is the way to go for the future. I think it is being set up in case people want to run different versions of PHP which is under development. Have a look in /etc/httpd/conf.d/flex-443.conf and see how they are set up. Once set, it cannot be changed.