OpenLiteSpeed with DirectAdmin

quangtam

Verified User
Joined
Sep 8, 2011
Messages
19
Dear DA,

I think OpenLiteSpeed is good way for replace Apache, so how to install DirectAdmin with OpenLiteSpeed?

Best regards,
 
@scsi,

That's a generic page which says nothing about DirectAdmin. If anyone reading has experience with DirectAdmin integration, please reply to the thread.

Jeff
 
Just bear in mind that the open source version will probably never support htaccess and control panel plugins. mod_rewrite is supported via the control panel which means that the server has to be restarted after every modification...
 
As of CustomBuild 2040 and DirectAdmin 1.56.3 a new feature is in an active development:


- https://www.directadmin.com/features.php?id=2304


Even templates are ready:


Code:
# ls -1 /usr/local/directadmin/data/templates/openlitespeed*.conf
/usr/local/directadmin/data/templates/openlitespeed_ips.conf
/usr/local/directadmin/data/templates/openlitespeed_listener.conf
/usr/local/directadmin/data/templates/openlitespeed_vhost.conf
 
Thanks. Found possible issues:

- letsencrypt.sh does not install a cert/key to Openlitespeed
- ssl cert/key pair for localhost is installed after installation, even if a valid ssl key/cert pair exist.
- The file httpd-listeners.conf is redundant here?
- The CACertFile directive is missing in ips.conf, listeners.conf, httpd-vhosts.conf, users` openlitespeed.conf ? The certFile points to a single cert file.


Code:
# ls -la /usr/local/lsws/ssl.crt/server.crt.combined
-rw------- 1 root root 3936 Apr 25 12:26 /usr/local/lsws/ssl.crt/server.crt.combined

# grep certFile *
httpd-listeners.conf:  certFile                /usr/local/lsws/ssl.crt/server.crt
httpd-vhosts.conf:    certFile                /usr/local/lsws/ssl.crt/server.crt
ips.conf:    [B]certFile                /usr/local/lsws/ssl.crt/server.crt.combined[/B]

# grep certFile /usr/local/directadmin/data/users/*/openlitespeed.conf | grep combined -c
[B]0[/B]
 
- letsencrypt.sh does not install a cert/key to Openlitespeed
- ssl cert/key pair for localhost is installed after installation, even if a valid ssl key/cert pair exist.
- The file httpd-listeners.conf is redundant here?
- The CACertFile directive is missing in ips.conf, listeners.conf, httpd-vhosts.conf, users` openlitespeed.conf ? The certFile points to a single cert file.


Code:
# ls -la /usr/local/lsws/ssl.crt/server.crt.combined
-rw------- 1 root root 3936 Apr 25 12:26 /usr/local/lsws/ssl.crt/server.crt.combined

# grep certFile *
httpd-listeners.conf:  certFile                /usr/local/lsws/ssl.crt/server.crt
httpd-vhosts.conf:    certFile                /usr/local/lsws/ssl.crt/server.crt
ips.conf:    [B]certFile                /usr/local/lsws/ssl.crt/server.crt.combined[/B]

# grep certFile /usr/local/directadmin/data/users/*/openlitespeed.conf | grep combined -c
[B]0[/B]

httpd-listeners.conf isn't in the package, I guess you've got it in configure/ folder of CB with previous releases, feel free to remove it from configure/ as it's not loaded anywhere.

letsencrypt.sh has been fixed. CB 2.0 rev. 2062 uses .combined. DA pre-release binaries should be updated today, to include the use of .combined in OLS vhosts. Thank you for the report! :)
 
Thank YOU. Does it mean to run a WebAdmin console? It does not start on my end.

Tried to set a password with /usr/local/lsws/admin/misc/admpass.sh

Had to create a symlink:

Code:
cd /usr/local/lsws/admin/fcgi-bin
ln -s admin_php5 admin_php

and a missing directory:

Code:
mkdir -p /usr/local/lsws/logs

and still no console after a restart:

Code:
# netstat -ntpl | grep 7080 -c
0

What did I miss? LiteSpeed goes with a DA plugin, will it be installed here too?
 
WebAdmin is disabled on DA environment. It breaks the configs when saving anything there, as it just replaces 'include something.conf' lines with the content from something.conf and then include is gone at all. If you see a need for WebAdmin, we may ask OLS if they'd be interested in fixing it (but I guess it might require a lot of from from their end, as they're saving everything to a single httpd_config.conf, and DA saves it similarly to nginx/apache (many different files, included into the main config, which allows easier customization) :)

Regarding /usr/local/lsws/logs - did you get anything logged there? It should use standard /var/log/httpd (error_log, domains/ dir etc.).
 
Thanks for clarifying the situation with WebAdmin.

Only restart attempts are written to the specific folder /usr/local/lsws/logs/

Code:
# tail /usr/local/lsws/logs/lsrestart.log
Fri Apr 26 00:45:57 +07 2019
start, LSWS running: 0
Fri Apr 26 10:10:50 +07 2019
stop, LSWS running: 0
Fri Apr 26 10:10:51 +07 2019
start, LSWS running: 0
Fri Apr 26 10:11:01 +07 2019
restart, LSWS running: 1
Fri Apr 26 10:11:02 +07 2019
start, LSWS running: 0


As for SSL, there is one issue left requiring your attention. It is the case when an user's domain is using a server's cert, currently no combined cert is used here:


Code:
# cat /usr/local/directadmin/data/users/admin/openlitespeed.conf

... skipped ...

  vhssl  {
    keyFile                 /etc/httpd/conf/ssl.key/server.key
    certFile                [B]/etc/httpd/conf/ssl.crt/server.crt[/B]
    certChain               1
    sslProtocol             30
  }
  # include aliases
  include /usr/local/lsws/conf/httpd-alias.conf
}
 
OLS supports mod_rewrites from .htaccess file with some restrictions...

mod_rewrite rules from .htaccess are loaded at start time.
 
OLS supports mod_rewrites from .htaccess file with some restrictions...

mod_rewrite rules from .htaccess are loaded at start time.

Thanks for your answer, but what would this mean in a real-world experience? As an example, what would happen if on a vps with a couple of wordpress websites nginx/apache would be switched to openlitespeed? Will the wordpress sites work as normal as they would do with litespeed enterprise?
 
Code:
# cat /usr/local/directadmin/data/users/admin/openlitespeed.conf

... skipped ...

  vhssl  {
    keyFile                 /etc/httpd/conf/ssl.key/server.key
    certFile                [B]/etc/httpd/conf/ssl.crt/server.crt[/B]
    certChain               1
    sslProtocol             30
  }
  # include aliases
  include /usr/local/lsws/conf/httpd-alias.conf
}

This one should have been fixed in DA pre-release binaries about 3-4 days ago or so. Regarding .htaccess - reload is possible from user-level, auto-done on File Manager .htaccess edit time, and can also be set to be ran in cronjob: https://help.directadmin.com/item.php?id=2097 (lswsctrl restart = graceful reload, zero downtime).
 
Last edited:
I've fixed the URL, thanks for noticing it, and testing OLS extensively! :)
 
It's my pleasure ;)

Found OLS restarts with a delay and noticeable delay if an error found in mod_rewrite, e.g.:

Code:
2019-05-06 19:11:02.548722 [ERROR] [(null)] rewrite: invalid rewrite condition while parsing: RewriteCond %{HTTP_HOST} ! ^example.net [NC]
2019-05-06 19:11:02.553827 [ERROR] [(null)] rewrite: invalid rewrite condition while parsing: RewriteCond %{HTTP_HOST} ! ^example.net [NC]

And whenever no errors in .htaccess are found, OLS restarts fine as expected.

Well, this is just a notice for future cases to read /var/log/httpd/error_log for possible errors, if anybody faces it.
 
David from OpenLiteSpeed (developer) said that slowdown is not caused by this RewriteCond, and it's likely that the server was handling requests, and it'd cause stopping to need more time. If you're sure it's the RewriteCond slowing it down, I'd suggest reporting it as a bug to OpenLiteSpeed. Thank you!
 
Back
Top