Apache & BIND DNS with Django, JIRA and Bitbucket

This guide walks you through a basic (though not completely functional) setup of Apache and BIND to allow you to access your site and other servers locally through DNS names.

Most of this comes from Linux Journal and Atlassian.

Note, my server is only on a closed network, so I didn't concern myself with the security issues of mod_proxy. Do not enable proxying with ProxyRequests until you have secured your server. Open proxy servers are dangerous both to your network and to the Internet at large.

BIND

  1. Unpack the kit into any convenient directory and run the BINDInstall program as Administrator. This will install the named and associated programs into the correct directories and set up the required registry keys.
  2. BINDInstall requires that you install it under an account with restricted privileges. The installer will prompt you for an account name (the default is "named") and a password for that account. It will also check for the existence of that account. If it does not exist is will create it with only the privileges required to run BIND. If the account does exist it will check that it has only the one privilege required: "Log on as a service". If it has too many privileges it will prompt you if you want to continue. Leave the defaults and enter in a password.
  3. In "C:\Program Files\ISC BIND 9\etc" create 2 files, named.conf and db.example.org.

    Note, if you are not able to edit the files in the \etc directory, edit them elsewhere and paste them in.

  4. In db.example.org, enter the following:

    ;
    ; BIND data file for example.org
    ;
    $TTL 4h
    @  IN  SOA ns1.example.org. root.example.org. (
            2       ; Serial
            604800  ; Refresh
            86400   ; Retry
            2419200     ; Expire
            604800 )    ; Negative Cache TTL
    ;
    @   IN NS   ns1.example.org.
    @   IN A    192.168.1.100   ; replace with IP Address of server
    www IN A    192.168.1.100   ; replace with IP Address of server
    ns1     IN A    192.168.1.100   ; replace with IP Address of server
    
  5. In named.conf, enter the following:

    zone "example.org" {
        type master;
        file "C:\Program Files\ISC BIND 9\etc\db.example.org";
    };
    
    zone "www.example.org" {
        type master;
        file "C:\Program Files\ISC BIND 9\etc\db.example.org";
    };
    
    zone "jira.example.org" {
        type master;
        file "C:\Program Files\ISC BIND 9\etc\db.example.org";
    };
    
    zone "bitbucket.example.org" {
        type master;
        file "C:\Program Files\ISC BIND 9\etc\db.example.org";
    };
    
  6. Replace "example.org" everywhere above with the human-readable address you would like.

  7. Restart the service "ISC Bind" in "Services" (click Start Menu, type "Services", hit enter).

Apache and Atlassian

  1. Unzip Apache and move the folder "Apache24" to "C:\"
  2. Open cmd.exe and go to the directory "C:\Apache24\bin"
  3. You can install Apache as a Windows NT service as follows from the command prompt at the Apache bin subdirectory:

    httpd.exe -k install
    
  4. Open "httpd.conf" in "C:\Apache24\conf"

  5. Enable mod_proxy and supporting modules in the Apache httpd.conf configuration file by uncommenting (i.e. remove the leading '#') the following lines if necessary:

    LoadModule proxy_module modules/mod_proxy.so 
    LoadModule proxy_connect_module modules/mod_proxy_connect.so 
    LoadModule proxy_http_module modules/mod_proxy_http.so
    

    If these lines don't exist in the configuration file, just add them.

  6. Use multiple name-based virtual hosts if each application is on a different domain. For example:

    NameVirtualHost *:80
    
    <VirtualHost *:80>
        ServerName www.example.org
        ServerAlias *.example.org example.org
    
        ProxyRequests Off
        ProxyVia Off
    
        <Proxy *>
             Require all granted
        </Proxy>
    
        ProxyPass / http://<ip_address>:8000/
        ProxyPassReverse / http://<ip_address>:8000/
    </VirtualHost>
    
    <VirtualHost *:80>
        ServerName jira.example.org
    
        ProxyRequests Off
        ProxyVia Off
    
        <Proxy *>
             Require all granted
        </Proxy>
    
        ProxyPass / http://<ip_address>:8080/
        ProxyPassReverse / http://<ip_address>:8080/
    </VirtualHost>
    
    <VirtualHost *:80>
        ServerName bitbucket.example.org
    
        ProxyRequests Off
        ProxyVia Off
    
        <Proxy *>
             Require all granted
        </Proxy>
    
        ProxyPass / http://<ip_address>:7990/
        ProxyPassReverse / http://<ip_address>:7990/
    </VirtualHost>
    
  7. Uncomment the HTTP Connector line and leave the defaults, but add your subnet IP:

            <Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
               maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
               maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
               acceptCount="100" disableUploadTimeout="true" bindOnInit="false" scheme="http"
               proxyName="jira.example.org" proxyPort="80"/>
    
  8. Restart the service "Apache HTTP Server" in "Services" (click Start Menu, type "Services", hit enter).

You should now be able to access your servers locally at www.example.org, jira.example.org, and bitbucket.example.org.

Nov. 9, 2018, 4:21 p.m.