Re: Forwarding question.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2/8/2024 23:58:07, Frank Gingras wrote:
. . .


    There are some issues accessing from off premises, that is, when
    requests are entering via the internet facing router.  Like 301 and 400
    errors.

    Configuration is like this:

    Internet router->
    server-with-apache-redirect-to->server-eith-docker-nginx-reverse-proxy-acme-custom-app.
    The domain names are the same on each server.  Currently believe they
    must be for certificate generation and use.

    The virtual host on apache is configured thusly:

    <VirtualHost *:80>
           ServerName www.my-domain.com <http://www.my-domain.com>
           ServerAlias www.my-domain.org <http://www.my-domain.org>
    my-domain.com <http://my-domain.com> my-domain.org
    <http://my-domain.org>
           ProxyPass "/"  "http://www.my-domain.com/
    <http://www.my-domain.com/>"
           ProxyPassReverse "/"  "http://my-domain.com/
    <http://my-domain.com/>"
    </VirtualHost>
    <VirtualHost *:443>
    #     SSLEngine ON
           ServerName www.my-domain.com <http://www.my-domain.com>
           ServerAlias www.my-domain.org <http://www.my-domain.org>
    my-domain.com <http://my-domain.com> my-domain.org
    <http://my-domain.org>
           ProxyPass "/"  "https://www.my-domain.com/
    <https://www.my-domain.com/>"
           ProxyPassReverse "/"  "https://www.my-domain.com/
    <https://www.my-domain.com/>"
    </VirtualHost>

    On the apache server the hosts files is used to resolve the host names
    to the target server.

    Where have I gone wrong?

    ---------------------------------------------------------------------
    To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
    <mailto:users-unsubscribe@xxxxxxxxxxxxxxxx>
    For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
    <mailto:users-help@xxxxxxxxxxxxxxxx>


Why are you using nginx at all in this set up?
The application, a FOSS project, provided a docker image to ease setup for internet access, that includes the app, nginx and an "acme-companion" for certificate generation.
I can add that the certificate, via the app and Lets Encrypt, seems to have generated and installed properly, which suggests the basic forwarding worked.
Also, if I hack the local dns to resolve to the nginx box rather than the apache box (avoiding the forward) things work fine. Only when it resolves to the apache box, as would access via the internet router (which of course involves an IP forward) does the problem surface. 




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux