###### About

<https://httpd.apache.org/>

###### Procedure

1. Sign in as root user

2. Run `apt install apache2`

3. Run `a2enmod ssl` to enable SSL/TLS functionality

4. Run `a2enmod rewrite` to allow address rewriting

5. Run `a2enmod proxy && a2enmod proxy_http` to enable reverse proxies

    !!! warning "Warning"

        By default, Apache creates a virtual host and enables a site hosted at `/var/www/html`. Follow the recommendations below to get a 


###### Recommendations

1. Run `rm /etc/apache2/sites-enabled/*` to remove any existing symbolic links to virtual host configurations

2. Run `cd /var/www` to navigate to where sites are suggested to be stored

3. Delete the `html` directory via `rm -rf html`

###### New Site

!!! info "Info"
    
    In the following example, we will create a virtual host that responds only to requests made for `docs.caharkness.com` on port 443. The virtual host will be configured as a reverse proxy, exposing the http features of an application running locally to the requestor, all while handing the TLS handshake and keeping the transmission between Apache and the requestor secure.

1. Create a directory to contain virtual hosts in, e.g.

        mkdir sites && cd sites

2. Create a new directory within the newly created container for our virtual host, e.g.

    ```
    mkdir docs.caharkness.com && cd docs.caharkness.com
    ```

3. Produce a file named `vhost.conf` with the following lines:

    ``` title="vhost.conf"
    <VirtualHost *:443>
        ServerName docs.caharkness.com
        DocumentRoot /var/www/sites/docs.caharkness.com

        SSLEngine on
        SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
        # Uncomment if applicable:
        # SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt

        SSLOptions +StdEnvVars

        <Directory __SITE_DIR__>
            Options -Indexes
            AllowOverride All
        </Directory>

        ProxyPass "/" "http://127.0.0.1:8080/"
        ProxyPassReverse "/" "http://127.0.0.1:8080/"
    </VirtualHost>
    ```

    !!! info "Info"

        1. Acquiring signed certificates is not covered in this example, but if you know the paths to your certificate, key, and chain files, you may specify them above. Otherwise, we default to using Debian's internal "snakeoil" certificates.

4. Run `ln -s vhost.conf /etc/apache2/sites-enabled/docs.caharkness.com-vhost.conf` to link the site's `vhost.conf` to where Apache looks by default for virtual hosts to serve

5. Run `systemctl reload apache2` to gracefully reload changes without interrupting ongoing requests