2020-01-24 - Re: [GRASE-Hotspot] Apache configuration

Header Data

From: Tim <ti***8@gmail.com>
Message Hash: dda3d7c211267592159b09ca1a0f347dc783d7a3df174d43be76f950c0339465
Message ID: <CAESLx0KD-JzrgFM2Bsoz96y8M9HPXjCrfRkNxQGfB=tfDLLMoQ@mail.gmail.com>
Reply To: <f21219f8-d91e-1fa5-6d63-0494fe580f44@gmail.com>
UTC Datetime: 2020-01-24 22:44:05 UTC
Raw Date: Sat, 25 Jan 2020 13:44:05 +0800

Raw message 

Yes and no.

The way the Grase hotspot works, is it adds an alias for /grase to serve
the hotspot interface. This is adding as an Apache configuration file, and
not an apache site. This was done so that on the default apache site
installed, which listens on all IPs, we could have /grase serve the hotspot
interface, and whatever else the server was already serving via apache
would still work.

This allows you to run your own websites via the default apache host,
without having to worry about breaking the Grase hotspot interface. It also
ensures (by using the default site) that we'll end up on the site that is
listening on the IP addresses. If we tried to put our own site config in
place listening on the Hotspot IP, then the admin interface wouldn't be
accessible except from the client side of the Hotspot. If we tried to put
our own site listening on all IP's (so we can access it from the server,
from clients, and from the WAN side), we'd probably either break an
existing site, or if our config was loaded later, the hotspot wouldn't work.

You can modify your own default Apache site to restrict where it is
accessible from, but you'll need to ensure it can be accessed from the
client side of the hotspot (by IP address), and from any admin interfaces
if you also want to administer it from a device that isn't on the hotspot.

I have contemplated going with a hostname based apache virtual host, but
this means that we need to ensure our DNS is used by the clients, else they
won't be able to access the interface. It was much more reliable to use a
direct IP for the interface. I've also debated using a public DNS name
serving a private IP address, but this would mean that you wouldn't be able
to change the hotspot client IP range, which could conflict with other
local networks, and that the hotspot would then be reliant on the public
DNS staying active.

I hope that gives some insight into why it works the way it works. Our
overrides are in /etc/apache2/conf-available/grase-conf-apache2.conf and
you should find the apache default site in
/etc/apache2/sites-available/000-default.conf which serves /var/www to any
IP/hostname that isn't overriden by a more specific site.

Regards

Tim

On Mon, 20 Jan 2020 at 20:58, Charles Chambers <cc***2@gmail.com> wrote:

> I notice that the LAN IP of the hotspot (mine comes up at 192.168.0.200)
> has a default instance of Apache running on it.  Two questions:
>
> 1) Is this by design?  Not that *I* want to, but can it be blocked?
>
> 2)  I can browse to it from any admin machine on the LAN (my main admin
> workstation is at 192.168.0.4).  What exactly would be the collection of
> configuration files for that instance of Apache?  I'm sure they are not the
> same collection of configuration files running the hotspot interface...
>
>
> Charlie
>
> --
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to gr***e@grasehotspot.org.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/f21219f8-d91e-1fa5-6d63-0494fe580f44%40gmail.com
> .
>

Thread