Tags: #software 

Setting up an apache2 webserver on openSUSE Leap 15.0

The goal of this blog post is to properly remember what I did to create my root-server setup using openSUSE Leap 15.0:

Two detailed and very useful references for a start are:

Here there are just the bare commands without verbose explanation given. All of them should be run with root privileges.

Basic webserver setup

  • Install the required packages:

    zypper install apache2 \
                   php7 php7-mysql apache2-mod_php7 \
                   mariadb mariadb-tools \
  • Enable Apache modules:

    a2enmod php7 rewrite
  • Open the necessary ports in the Firewall (firewalld):

    firewall-cmd --permanent --zone=public --add-service=http --add-service=https
    firewall-cmd --permanent --zone=public --add-port=8888/tcp  # For Jupyter only!
    firewall-cmd --reload
  • Start and enable (on each restart) all services:

    systemctl start  apache2 mysql
    systemctl enable apache2 mysql
  • Configure the mySQL database and follow the instructions given:


Setting up the directories

The used directory structure for the websites and services is as follows:

/srv/www/myMkDocsSite  (https://www.domain.org/)
        /myMediaWiki   (https://wiki.domain.org/)
        /jupyter       (https://www.domain.org:8888)

As Jupyter comes with it’s own web server, one only has to add Apache2 configurations for myMkDocsSite and myMediaWiki. Those configuration files are located in the


directory and have the *.conf extension. The myMkDocsSite.conf may look like this:

<VirtualHost *:80>
    DocumentRoot "/srv/www/myMkDocsSite"
    ServerName www.domain.org
    ServerAlias domain.org
    ServerAdmin joe@mail.com
    ErrorLog /var/log/apache2/error_log
    TransferLog /var/log/apache2/access_log
    HostnameLookups Off
    UseCanonicalName Off
    ServerSignature Off
    <Directory "/srv/www/octave.space">
        Options Indexes FollowSymLinks
        AllowOverride None
        <IfModule !mod_access_compat.c>
            Require all granted
        <IfModule mod_access_compat.c>
            Order allow,deny
            Allow from all

Remember, that for dynamic websites the Apache2 server process might need write privileges. Therefore the owner of the respective directories should be wwwrun and can be set with:

chown -R wwwrun:www <directory>

Now the content of a file index.html should be displayed when typing “http://www.domain.org/” (note: HTTPS comes later!).

Webserver HTTPS setup

Fortunately, these days one has not to pay to be able to use the HTTPS protocol, one can easily make use of services like the Let’s encrypt project.

  • Install the required packages:

    zypper install certbot python-certbot python-certbot-apache
  • Enable the SSL module and ensure the correct server flags:

    a2enmod ssl
    a2enflag SSL
  • Get the certificate by following the output of:

    certbot --apache

    This command usually updates the Apache2 configuration file, e.g. myMkDocsSite.conf above. If there are more websites, just call the certbot command above again to extend the certificate.

  • Update the certificate regulary by establishing a cronjob:

    crontab -e

    and add the lines:

    # renew all certificates methode: renew
    10 5 1 * *  root    /usr/bin/certbot renew

Mediawiki setup

To setup a Mediawiki one can basically follow the installation guide. Additionally, the following extensions should be installed:

With openSUSE Leap, the following extra packages are useful to be installed for all the above:

zypper install git ImageMagick make \
               php7-APCu php7-fileinfo php7-imagick php7-intl php7-mbstring

After that run

php myMediaWiki/maintenance/update.php

to update the MediaWiki database for that extension.

(C) 2017 — 2020 Kai Torben Ohlhus. This work is licensed under CC BY 4.0. Page design adapted from minima and researcher. Get the sources on GitHub.