Adding A Separate (but related) Server

shawngibson · July 1, 2023, 8:28pm

Hi All, hope you’re well…and Happy Canada Day (if you’re into that sort of thing).

This should be quick, I hope: Is there a “best” way to install a so-called “staging” server as a (subdomain? localhost?) of another server? For example, https://example.com is my main public-facing, website, and I’d like to add a private server, located on a different partition, to do development work, called (e.g.) dev.example.com.

Since I finally have all the bits up and running, I would like to start working elsewhere than my actual website and push changes through only when ready, on demand.

I’m open to any and all suggestions here:)

Merci,
Shawn

SYSTEM INFORMATION
OS type and version	22.04
Virtualmin version	7.7

Joe · July 1, 2023, 9:02pm

I make it another top-level virtual server that looks identical to the production one (with a different hostname, of course).

If can be on a different system, if you have the resources for it.

Stegan · July 1, 2023, 9:05pm

Best? I am not sure but I set them up as “sub-server”. I’m not really interested in a dev server but more about a dev.domain.com so a user can use it to run a new version of their website prior to release. The site will have already undergone pretty thorough testing on their own “development” system.

stefan1959 · July 1, 2023, 9:38pm

If it on a public area add noidex to stop bots adding to search engines.

shawngibson · July 2, 2023, 2:34pm

Thanks Joe. That was my first thought, but I only own two domains, and the other is tied to a paid-for hosting service until 2024. In other words, I only have access to one domain for this project. And I’m unemployed ATM, unfortunately, so new domains are not possible right now. So, it would seem my only options are a subdomain, localhost, or a new, dedicated IP, is that correct?

I can definitely rejig things a bit and move this staging/dev area from the VirtualMin box to the computer I actually use for dev work, that’s possible, per your last point.

But in all these cases, I’m not sure how to perform the creation and administration of such via VirtualMin/WebMin. So, out of my apparent options, how would you navigate through VirtualMin to create a dev area on a different LAN machine with (your preferred choice of) localhost, an IP (i.e. 10.0.0.100), or a subdomain (i.e., dev.mydom.com)?

Any reading below this point is not necessary as regards my question, so ignore if you wish:)

This is also a great idea. I am about to start building new versions of my site, repurposed for other uses (e.g., as a drop-in intranet package or a db-driven website “shell”), so using subdomains as a way of showing interested parties a particular variation is an excellent idea.

I definitely need to do some due diligence now, as I have so far done nothing to shape/protect my website area or my LAN re: how the outside world interacts with my assets, save trusting WebMin to configure firewalld, and allowing only specific ports and services with ufw on the other boxes. Once again, getting back to Joe’s Samba concern from way-back, I still have no idea exactly “who” has access to my Samba shares after allowing it through firewalld, and under Webmin>Servers>Samba Windows File Sharing I’ve not yet had a chance to explore my options.

I have a backup/snapshot of VirtualMin (everything except the public_html folder and /var/lib/mysql) plus full TimeShift backups of my entire LAN created at exactly the same point, both in time and in functionality as regards each box’s firewalld (or ufw) config for Samba and Remmina). But I just don’t feel like winging it right now, after all the work I’ve done to get things purring nicely finally, so I am deferring to the experts here…

Joe · July 2, 2023, 4:38pm

Absolutely not!

Virtualmin doesn’t care what you name your virtual servers. I shouldn’t have used the word “domain” here. It gets overloaded too much and is confusing (which is why Virtualmin calls it a virtual server, but that’s also overloaded and confusing these days). Pretend I said “make it another top-level virtual server”. (In fact, I’ll edit my original post so it says that.)

I have virtualmin.com and dev.virtualmin.com (and dozens of other subdomains of virtualmin.com for various development and API services on different systems). All are their own Virtual Servers. I almost never use sub-servers because, I own the whole system (or VM), and I don’t need them to all be owned by the same user. Sub-servers are about ownership, and have nothing to do with what they’re named and whether they are “in” some domain.

shawngibson · July 2, 2023, 6:17pm

Thanks Joe.

So, I have my dev box (LAN IP 10.0.0.100) and my website/VirtualMin box (LAN IP 10.0.0.101). I am now confused. Can I use VirtualMin to create another, private, site (staging/dev) that is physically housed on the other computer? Wouldn’t I need to install VirtualMin on that box, too?

Just to be extra clear, this is akin to, in Windows (sorry ), editing the dev box’s hosts file to, say:

127.0.0.1     localhost
# The following domain does not exist on the internet
127.0.0.1    iamlocal.com
10.0.0.100   iamlocal.com
10.0.0.100   still-local.iamlocal.com

…and Apache’s httpd.conf file to:

ServerRoot “D:/stuff/iamlocal”
…
Listen 10.0.0.100:80
…
ServerName iamlocal.com
…
DocumentRoot “D:/stuff/iamlocal/htdocs”

Whereas the VirtualMin/public box hosts file would be:

127.0.0.1	localhost
127.0.1.1	site
10.0.0.101	site.my-real-domain.com	site
#
#added to gain access to my private dev site
`10.0.0.100     iamlocal.com`
`10.0.0.100     sub1.iamlocal.com`
`10.0.0.100     iamhungry.iamlocal.com`

From my dev box (IP 10.0.0.100) I enter my-real-domain.com or sub.my-real-domain.com in Google and reach my VirtualMin box (IP 10.0.0.101) circuitously through the Internet and am presented back with my real website. I could also, from dev box @ 10.0.0.100, enter iamlocal.com and be presented back with my local dev site via Apache directly.

Could I enter iamlocal.com on the other (VirtualMin) box (IP 10.0.0.101) and be presented with my dev site, because it is included in the local hosts file? But if I try to go to iamlocal.com from LAN box3 (IP 10.0.0.102), I would get an error page, because I have not instructed LAN box3 @ 10.0.0.102 via its hosts file to be locally aware of iamlocal.com, correct?

Finally, from Toledo or Timbuktu, if someone opened Google and entered my-real-domain.com they will get my website, but if they entered iamlocal.com would they get a “Dude, that doesn’t exist” page from Google?

This is all to clarify the question: can I create a new, private, server with VirtualMin using a “fake” domain name that would not validate, e.g., with letsencrypt, but would not (in theory) throw errors in VirtualMin during the creation process? And can I house subdomains of my live, public, server on another computer?

Joe · July 3, 2023, 2:06am

I feel like either you’re making this way too complicated or Virtualmin is making it seem way too complicated.

Why do you get the impression that you can’t do local domains in VIrtualmin? You can give Virtualmin any name you want. You can create google.com for all Virtualmin cares (it obviously won’t work! but you can do it, it’s just a name).

Is the automatic Let’s Encrypt cert request (which will obviously fail for phony/local/unresolvable names!) making this seem like it’s not working? What can we do to make it less intimidating? We’ve been arguing in our private chat for the past hour or so about this. We aren’t having much luck understanding what’s making this so confusing for folks, but a lot of people have been confused since we started automatically requesting LE certs, so we’re doing something wrong…we’re just not sure what we need to do to make it less frightening/confusing for new users.

Stegan · July 3, 2023, 9:05am

That used to confuse me. But having since learned to turn it off. Especially when you learn (or read the docs) and not set the hostname to a real domain. It is fine when adding a VS with a domain but confusing when installing Virtualmin.

shawngibson · July 3, 2023, 11:21am

Just waking up here so I’ll be able to respond properly later on. But for now, all I can say re: Let’s Encrypt implementation in VirtualMin is, after about 15 years and dozens of locally built/run Apache sites (HTML/MySQL/PHP, Flash, WordPress, AS(icky)P) trying and failing every single time to get up and running with https: (usually via CertBot/Let’s Encrypt), VirtualMin is literally a godsend.

Please don’t mess too much with the Post-Installation Wizard and such when it comes to Let’s Encrypt. Even the cert regeneration page works well (its location escapes me pre-caffeination). I can only imagine there is much more going on behind the scenes, but from a user’s PoV, you’ve nailed it.

I have severe PTSD and severe ADHD, formally, so much of my timidity and/or confidence at moving forward without expert guidance is a feature, not a bug; hencePreformatted text many of my posts on this forum. I have a perfect fresh TimeShift backup of my VirtualMin box ready to save me, but I’d rather ask questions which might lessen any catastrophic decisions I make, such as when figuring out how to add a staging server in a best-practices manner.

And now, to the coffee.

Ilia · August 10, 2023, 9:58pm

I have reverted to run connectivity check by default before requesting Let’s Encrypt certificate. It can safe time and also provide and explanation about why it fails. Also it won’t be a problem anymore as we discussed it and @Jamie is going to remove the default domain creation from the wizard anyway.

We will look into implementing support for LE SSL certificate for the hostname in a better way in the future.