Previously:
- Install Fedora Core 3. Turn off a bunch of services. done
- Setup Samba and move a bunch of stuff off of other boxes. done
- Turn on and configure Apache. done
- Configure the router to port forward HTTP and SSH to the new box. Test. done
- Setup a skeleton "nothing to see here" web page and test. done
- Setup some other random web stuff and test. done
- Get dynamic DNS set up through dyndns.org, and teach the router about it. Test. done
Picking up the story again last night at 1 AM:
- Setup and configure MySQL. done
- Migrate databases off of the old box. done
- Generate SSL cert for Apache, restart, and test locally. done
- Setup a virtual domain for dynamic DNS. Test locally. done
- Configure the router to also port forward HTTPS. Test... Connection refused. Hm... Double-check the router to make sure I didn't get dyslexic with the HTTPS port number. Nope. Check the httpd logs. Nothing. Restart Apache and try again. http works; https doesn't. Triple check everything. Nada. wtf?
The punchline, found at 2 AM after much flailing, was in /etc/sysconfig/iptables, which I'd touched once to get Samba working, and had then forgotten about. My FC3 install had ports unblocked for HTTP and SSH, but not HTTPS. Go figure. Add a line to support tcp on port 443, restart iptables, and test. Ah. Much better. Now I can sleep the sleep of those who can securely serve up a "nothing to see here" page from a home linux box.
