- Lo primero que vamos hacer es instalar un contenedor con debian 9, el cual va tener una IP pública
- Con 10 GB de disco duro es suficiente, en el almacenamiento del servidor
- 4 GB de RAM y 4 GB de swap
- Ahora creamos el usuario ugit/CA2
adduser ugit
- Instalamos el servicio openssh
apt-get install openssh-server openssh-client
ssh -l ugit 10.20.200.23
- Consultamos las interfaces existentes:
ls /sys/class/net
nano /etc/network/interfaces
auto eth0
iface eth0 inet static
address 10.20.200.23
netmask 255.255.255.0
gateway 10.20.200.1
apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y
apt-get install apache2 -y
/etc/init.d/apache2 status
apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2018-04-13 15:36:26 UTC; 19s ago
Main PID: 9290 (apache2)
CGroup: /system.slice/apache2.service
├─9290 /usr/sbin/apache2 -k start
├─9292 /usr/sbin/apache2 -k start
└─9293 /usr/sbin/apache2 -k start
Apr 13 15:36:26 proxy-reverso-ex systemd[1]: apache2.service: Failed to rese…ted
Apr 13 15:36:26 proxy-reverso-ex systemd[1]: Starting The Apache HTTP Server...
Apr 13 15:36:26 proxy-reverso-ex systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
- Habilitamos los módulos necesarios
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_ajp
a2enmod rewrite
a2enmod deflate
a2enmod headers
a2enmod proxy_balancer
a2enmod proxy_connect
a2enmod proxy_html
a2enmod ssl
systemctl restart apache2
nano /etc/apache2/conf-available/security.conf
ServerTokens OS
X
ServerTokens Prod
- Verificamos que «ServerSignature On» este es ON
ServerSignature On
- Deshabilitamos el sitio defecto
a2dissite 000-default
systemctl restart apache2
Instalar letsencript
Host: Proxy Reverso
nano /etc/apt/sources.list
deb http://ftp.debian.org/debian stretch-backports main
apt update
apt-get install python-certbot-apache -t stretch-backports
