Re: reverse proxy setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Thu, Jul 11, 2024 at 8:02 AM Marc <Marc@xxxxxxxxxxxxxxxxx> wrote:
 I am testing a bit with this:

     32 <Location /xxxx>
     33     # files are still loaded from default host
     34     Define defaulthost "bbbb"
     35     Define proxyhost "cccc"
     36
     37     ProxyPreserveHost Off
     38     ProxyAddHeaders On
     39     SetOutputFilter  proxy-html
     40     ProxyHTMLEnable On
     41     ProxyHTMLExtended On
     42
     43     ProxyPass        "https://${proxyhost}/aaaa"
     44     ProxyPassReverse "https://${proxyhost}/aaaa"
     45
     46     ProxyPassReverseCookieDomain "${proxyhost}" "${defaulthost}"
     47     ProxyPassReverseCookiePath   "/" "/xxxx/"
     48
     49     Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=None
     50
     51     ProxyHTMLURLMap https://${proxyhost}/aaaa https://${defaulthost}/xxxx
     52
     53     Options +ExecCGI +FollowSymLinks -MultiViews
     54 </Location>

> -----Original Message-----
> From: bruce <badouglas@xxxxxxxxx>
> Sent: Thursday, 11 July 2024 13:20
> To: users@xxxxxxxxxxxxxxxx
> Subject: reverse proxy setup
>
> Hi.
>
> Testing a github app that appears to use/require reverse proxy to
> display results on the browser.
>
> The basic app uses npm/nextjs to generate content, Per different
> sites, the process uses PM2 to run the process, and to be able to show
> the content via an internal/local "server". This is accessed via  --
> http://127.0.0.1:3000.
>
> Using curl on the local/test server, content can be accessed via the site
>  curl  http://127.0.0.1:3000.
>
> My issue now, is how to create the Apache conf to be able to have the
> user at http://1.2.3.4/berat, be able to display the content. This
> requires somehow setting up the reverse proxy process, in the VirtHost
> of the config file. The test site is being run from a subdir
>   /var/www/html/berat <<<
>
> Researching/testing hasn't had the light go off yet!
>
> Here's what I've got, but it's not correct.
>
> Pointers would be useful. (and possible explanation!)
>
> cat /etc/apache2/sites-available/berat.conf
> <VirtualHost *:80>
>     ServerAdmin foo@xxxxxxxxx
>     ServerName  temp22
>     ServerAlias temp
>
>     DocumentRoot   /var/www/html/berat
>
>     ProxyRequests Off
>     ProxyPreserveHost On
>     <Proxy *>
>         Require all granted
>     </Proxy>
>
>     ProxyPreserveHost On
>
>     <Location "/berat">
>       ProxyPreserveHost Off
>       ProxyErrorOverride Off
>     </Location>
>
>      #ProxyPass        /api/system-a/
> https://external-domain.example2.org/system-a/
>
>      ProxyPass /berat http://127.0.0.1:3000/
>
>      ProxyPassReverse /berat http://127.0.0.1:3000/
>
>
>     #DocumentRoot   /var/www/html/berat
>
>
>     <Directory    /var/www/html/berat>
>
>             #ProxyRequests Off
>             #ProxyPreserveHost On
>             #<Proxy *>
>             #  Require all granted
>             #</Proxy>
>
>             #ProxyPass / http://127.0.0.1:3000/
>
>             #ProxyPassReverse / http://127.0.0.1:3000/
>
>     #        DirectoryIndex index.html index.php
>
>     #        Options -Indexes +FollowSymLinks +MultiViews
>             Options +FollowSymLinks
>
>             AllowOverride All
>             Require all granted
>             ##Options -Indexes +FollowSymLinks +MultiViews
> AllowOverride All Require all granted
>
>
>             ##Options Indexes FollowSymLinks MultiViews
>             ##Options -Indexes FollowSymlinks
>             #Options FollowSymlinks
>             #AllowOverride All
>             ##Order allow,deny
>             ##allow from all
>             #Require all granted
>     </Directory>
>
>     ##Alias "/berat" "/var/www/html/berat/"
>
>
>     LogLevel debug
>     ErrorLog ${APACHE_LOG_DIR}/error.log
>     CustomLog ${APACHE_LOG_DIR}/access.log combined
> </VirtualHost>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


A couple points here:

1) Avoid proxying from <Location> blocks, unless you have a good reason to
2) Always match the trailing slashes when proxying or redirecting, i.e. /foo -> /foo and /foo/ -> /foo/
3) <Proxy *> is for forward proxies, so remove that

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux