Re: reverse proxy setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Thu, Jul 11, 2024 at 12:43 PM bruce <badouglas@xxxxxxxxx> wrote:
updated typo..

weird thing now.. based on the current/listed apache conf file...
i get the"Internal Server Error" page now..

On Thu, Jul 11, 2024 at 12:39 PM bruce <badouglas@xxxxxxxxx> wrote:
>
> Hi Frank,
>
> Thanks for the reply.
>
> I'm still going through suggestions, as well as information from other
> sites. I'm still confused, and think I might be making things worse.
>
> Not sure if this is accepted as a question, but if you have
> apache/proxy skills, are you up for making a few $$!
>
> I'm thinking this is reasonably simple, but I'm missing something.
>
> The test server has multiple test apps, running off subfolders
> /var/www/html/test1
> /var/www/html/test2
> /var/www/html/berat
>
> Right now, for the test "berat" app, the changes I made are generating
> an internal 500 server error.
>
> The test url -- http://161.35.5.174/berat
>
> Thanks for your pointers/insight!
>
> weird thing now.. based on the current/listed apache conf file...
> i get the base "ubuntu/apache" default page now..
>  --the "berat" is trimed...
>
> =========================================================
> cat /etc/apache2/sites-available/berat.conf
> <VirtualHost *:80>
>     ServerAdmin foo@xxxxxxxxx
>     ServerName  temp22
>     ServerAlias temp
>
>     DocumentRoot   /var/www/html/berat
>
>      ProxyPass / http://127.0.0.1:3000/
>
>      ProxyPassReverse / http://127.0.0.1:3000/
>
>
>     #DocumentRoot   /var/www/html/berat
>
>
>     <Directory    /var/www/html/berat>
>
>             #ProxyRequests Off
>             #ProxyPreserveHost On
>             #<Proxy *>
>             #  Require all granted
>             #</Proxy>
>
>             #ProxyPass / http://127.0.0.1:3000/
>
>             #ProxyPassReverse / http://127.0.0.1:3000/
>
>     #        DirectoryIndex index.html index.php
>
>     #        Options -Indexes +FollowSymLinks +MultiViews
>             Options +FollowSymLinks
>
>             AllowOverride All
>             Options -MultiViews
>             Order allow,deny
>             Allow from all
>
>             #Require all granted
>             ##Options -Indexes +FollowSymLinks +MultiViews
> AllowOverride All Require all granted
>
>
>             ##Options Indexes FollowSymLinks MultiViews
>             ##Options -Indexes FollowSymlinks
>             #Options FollowSymlinks
>             #AllowOverride All
>             ##Order allow,deny
>             ##allow from all
>             #Require all granted
>     </Directory>
>
>     ##Alias "/berat" "/var/www/html/berat/"
>
>
>     LogLevel debug
>     ErrorLog ${APACHE_LOG_DIR}/error.log
>     CustomLog ${APACHE_LOG_DIR}/access.log combined
> </VirtualHost>
>
> On Thu, Jul 11, 2024 at 9:40 AM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
> >
> >
> >
> > On Thu, Jul 11, 2024 at 8:02 AM Marc <Marc@xxxxxxxxxxxxxxxxx> wrote:
> >>
> >>  I am testing a bit with this:
> >>
> >>      32 <Location /xxxx>
> >>      33     # files are still loaded from default host
> >>      34     Define defaulthost "bbbb"
> >>      35     Define proxyhost "cccc"
> >>      36
> >>      37     ProxyPreserveHost Off
> >>      38     ProxyAddHeaders On
> >>      39     SetOutputFilter  proxy-html
> >>      40     ProxyHTMLEnable On
> >>      41     ProxyHTMLExtended On
> >>      42
> >>      43     ProxyPass        "https://${proxyhost}/aaaa"
> >>      44     ProxyPassReverse "https://${proxyhost}/aaaa"
> >>      45
> >>      46     ProxyPassReverseCookieDomain "${proxyhost}" "${defaulthost}"
> >>      47     ProxyPassReverseCookiePath   "/" "/xxxx/"
> >>      48
> >>      49     Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=None
> >>      50
> >>      51     ProxyHTMLURLMap https://${proxyhost}/aaaa https://${defaulthost}/xxxx
> >>      52
> >>      53     Options +ExecCGI +FollowSymLinks -MultiViews
> >>      54 </Location>
> >>
> >> > -----Original Message-----
> >> > From: bruce <badouglas@xxxxxxxxx>
> >> > Sent: Thursday, 11 July 2024 13:20
> >> > To: users@xxxxxxxxxxxxxxxx
> >> > Subject: reverse proxy setup
> >> >
> >> > Hi.
> >> >
> >> > Testing a github app that appears to use/require reverse proxy to
> >> > display results on the browser.
> >> >
> >> > The basic app uses npm/nextjs to generate content, Per different
> >> > sites, the process uses PM2 to run the process, and to be able to show
> >> > the content via an internal/local "server". This is accessed via  --
> >> > http://127.0.0.1:3000.
> >> >
> >> > Using curl on the local/test server, content can be accessed via the site
> >> >  curl  http://127.0.0.1:3000.
> >> >
> >> > My issue now, is how to create the Apache conf to be able to have the
> >> > user at http://1.2.3.4/berat, be able to display the content. This
> >> > requires somehow setting up the reverse proxy process, in the VirtHost
> >> > of the config file. The test site is being run from a subdir
> >> >   /var/www/html/berat <<<
> >> >
> >> > Researching/testing hasn't had the light go off yet!
> >> >
> >> > Here's what I've got, but it's not correct.
> >> >
> >> > Pointers would be useful. (and possible explanation!)
> >> >
> >> > cat /etc/apache2/sites-available/berat.conf
> >> > <VirtualHost *:80>
> >> >     ServerAdmin foo@xxxxxxxxx
> >> >     ServerName  temp22
> >> >     ServerAlias temp
> >> >
> >> >     DocumentRoot   /var/www/html/berat
> >> >
> >> >     ProxyRequests Off
> >> >     ProxyPreserveHost On
> >> >     <Proxy *>
> >> >         Require all granted
> >> >     </Proxy>
> >> >
> >> >     ProxyPreserveHost On
> >> >
> >> >     <Location "/berat">
> >> >       ProxyPreserveHost Off
> >> >       ProxyErrorOverride Off
> >> >     </Location>
> >> >
> >> >      #ProxyPass        /api/system-a/
> >> > https://external-domain.example2.org/system-a/
> >> >
> >> >      ProxyPass /berat http://127.0.0.1:3000/
> >> >
> >> >      ProxyPassReverse /berat http://127.0.0.1:3000/
> >> >
> >> >
> >> >     #DocumentRoot   /var/www/html/berat
> >> >
> >> >
> >> >     <Directory    /var/www/html/berat>
> >> >
> >> >             #ProxyRequests Off
> >> >             #ProxyPreserveHost On
> >> >             #<Proxy *>
> >> >             #  Require all granted
> >> >             #</Proxy>
> >> >
> >> >             #ProxyPass / http://127.0.0.1:3000/
> >> >
> >> >             #ProxyPassReverse / http://127.0.0.1:3000/
> >> >
> >> >     #        DirectoryIndex index.html index.php
> >> >
> >> >     #        Options -Indexes +FollowSymLinks +MultiViews
> >> >             Options +FollowSymLinks
> >> >
> >> >             AllowOverride All
> >> >             Require all granted
> >> >             ##Options -Indexes +FollowSymLinks +MultiViews
> >> > AllowOverride All Require all granted
> >> >
> >> >
> >> >             ##Options Indexes FollowSymLinks MultiViews
> >> >             ##Options -Indexes FollowSymlinks
> >> >             #Options FollowSymlinks
> >> >             #AllowOverride All
> >> >             ##Order allow,deny
> >> >             ##allow from all
> >> >             #Require all granted
> >> >     </Directory>
> >> >
> >> >     ##Alias "/berat" "/var/www/html/berat/"
> >> >
> >> >
> >> >     LogLevel debug
> >> >     ErrorLog ${APACHE_LOG_DIR}/error.log
> >> >     CustomLog ${APACHE_LOG_DIR}/access.log combined
> >> > </VirtualHost>
> >> >
> >> > ---------------------------------------------------------------------
> >> > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> >> > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> >>
> >
> > A couple points here:
> >
> > 1) Avoid proxying from <Location> blocks, unless you have a good reason to
> > 2) Always match the trailing slashes when proxying or redirecting, i.e. /foo -> /foo and /foo/ -> /foo/
> > 3) <Proxy *> is for forward proxies, so remove that

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


This is not really a proper venue to solicit consulting services; asking your questions and posting the answers will suffice.

I see that you're also using 2.2 authz directives now (Allow / Order) - you should be using Require under 2.4 instead.

You should post the output from apachectl -S as well, as it looks like you have misconfigured vhosts.

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux