Re: reverse proxy setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Thu, Jul 11, 2024 at 2:41 PM bruce <badouglas@xxxxxxxxx> wrote:
Hi Frank!

Again, thanks for all your replies... Hopefully, I'll eventually have
the "light" turn on!

Here's updated information
 -updated berat,conf  -- for the virthost/config
-output from the  --  /var/logs/apache/error.log
-output from the ---  apachectl -S
and the display from the browser/url

cat /etc/apache2/sites-available/berat.conf
<VirtualHost *:80>
    ServerAdmin foo@xxxxxxxxx
    ServerName  temp22
    ServerAlias temp

    DocumentRoot   /var/www/html/berat

     ProxyPass / http://127.0.0.1:3000/

     ProxyPassReverse / http://127.0.0.1:3000/


    <Directory    /var/www/html/berat>

            Options +FollowSymLinks

            AllowOverride All
            Options -MultiViews

            Require all granted
            ##Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All Require all granted


    </Directory>

    LogLevel debug
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
apachectl -S
AH00558: apache2: Could not reliably determine the server's fully
qualified domain name, using 10.10.0.9. Set the 'ServerName' directive
globally to suppress this message
VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server temp22
(/etc/apache2/sites-enabled/berat.conf:1)    <<<<<<<<<<<<<<<<<<<<
         port 80 namevhost temp22
(/etc/apache2/sites-enabled/berat.conf:1) <<<<<<<<<<<<<<<<<<<<
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/dolibarr.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/domainmod.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/drougnov.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/filgeary.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/flatpress.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/freescout.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/glozzome.conf:1)
                 alias temp
         port 80 namevhost temp22
(/etc/apache2/sites-enabled/invoiceninja.conf:1)
                 alias temp
         port 80 namevhost temp22
(/etc/apache2/sites-enabled/invoiceplane.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/larap.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/mantisbt.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/matomo.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/minthcm.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/petronius.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/priyansh.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/sendportal.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/snipe.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/uideck.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/userlp.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/wave.conf:1)
                 alias temp
         port 80 namevhost temp22 (/etc/apache2/sites-enabled/zentaopms.conf:1)
                 alias temp
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex proxy: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
//////////////////////////////////////////////////////////////////////

more /var/logs/apache2/error.log
[Thu Jul 11 18:34:26.962982 2024] [proxy:debug] [pid 75271]
proxy_util.c(2154): AH00925: initializing worker
http://127.0.0.1:3000/ shared
[Thu Jul 11 18:34:26.963057 2024] [proxy:debug] [pid 75271]
proxy_util.c(2214): AH00927: initializing worker
http://127.0.0.1:3000/ local
[Thu Jul 11 18:34:26.963128 2024] [proxy:debug] [pid 75271]
proxy_util.c(2262): AH00931: initialized single connection worker in
child 75271 for (127.0.0.1:3000)
[Thu Jul 11 18:34:36.463332 2024] [authz_core:debug] [pid 75267]
mod_authz_core.c(843): [client 162.234.196.167:60276] AH01628:
authorization result: granted (no directives)
[Thu Jul 11 18:34:36.463485 2024] [proxy:debug] [pid 75267]
mod_proxy.c(1521): [client 162.234.196.167:60276] AH01143: Running
scheme http handler (attempt 0)
[Thu Jul 11 18:34:36.463499 2024] [proxy:debug] [pid 75267]
proxy_util.c(2576): AH00942: http: has acquired connection for
(127.0.0.1:3000)
[Thu Jul 11 18:34:36.463530 2024] [proxy:debug] [pid 75267]
proxy_util.c(2641): [client 162.234.196.167:60276] AH00944: connecting
http://127.0.0.1:3000/berat to 127.0.0.1:3000
[Thu Jul 11 18:34:36.463645 2024] [proxy:debug] [pid 75267]
proxy_util.c(2864): [client 162.234.196.167:60276] AH00947: connected
/berat to 127.0.0.1:3000
[Thu Jul 11 18:34:36.464155 2024] [proxy:debug] [pid 75267]
proxy_util.c(3336): AH02824: http: connection established with
127.0.0.1:3000 (127.0.0.1:3000)
[Thu Jul 11 18:34:36.464203 2024] [proxy:debug] [pid 75267]
proxy_util.c(3525): AH00962: http: connection complete to
127.0.0.1:3000 (127.0.0.1)
[Thu Jul 11 18:34:36.466804 2024] [proxy:debug] [pid 75267]
proxy_util.c(2592): AH00943: http: has released connection for
(127.0.0.1:3000)



when accessing the server, running the PM2 server, and using curl..

curl http://127.0.0.1:3001
 this generates the data/content.. which should (hopefully)
 be returned/displayed in the browser

but for now..
http://161.35.5.174/berat

 gets --->> "Internal Server Error"


On Thu, Jul 11, 2024 at 1:06 PM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
>
>
>
> On Thu, Jul 11, 2024 at 12:43 PM bruce <badouglas@xxxxxxxxx> wrote:
>>
>> updated typo..
>>
>> weird thing now.. based on the current/listed apache conf file...
>> i get the"Internal Server Error" page now..
>>
>> On Thu, Jul 11, 2024 at 12:39 PM bruce <badouglas@xxxxxxxxx> wrote:
>> >
>> > Hi Frank,
>> >
>> > Thanks for the reply.
>> >
>> > I'm still going through suggestions, as well as information from other
>> > sites. I'm still confused, and think I might be making things worse.
>> >
>> > Not sure if this is accepted as a question, but if you have
>> > apache/proxy skills, are you up for making a few $$!
>> >
>> > I'm thinking this is reasonably simple, but I'm missing something.
>> >
>> > The test server has multiple test apps, running off subfolders
>> > /var/www/html/test1
>> > /var/www/html/test2
>> > /var/www/html/berat
>> >
>> > Right now, for the test "berat" app, the changes I made are generating
>> > an internal 500 server error.
>> >
>> > The test url -- http://161.35.5.174/berat
>> >
>> > Thanks for your pointers/insight!
>> >
>> > weird thing now.. based on the current/listed apache conf file...
>> > i get the base "ubuntu/apache" default page now..
>> >  --the "berat" is trimed...
>> >
>> > =========================================================
>> > cat /etc/apache2/sites-available/berat.conf
>> > <VirtualHost *:80>
>> >     ServerAdmin foo@xxxxxxxxx
>> >     ServerName  temp22
>> >     ServerAlias temp
>> >
>> >     DocumentRoot   /var/www/html/berat
>> >
>> >      ProxyPass / http://127.0.0.1:3000/
>> >
>> >      ProxyPassReverse / http://127.0.0.1:3000/
>> >
>> >
>> >     #DocumentRoot   /var/www/html/berat
>> >
>> >
>> >     <Directory    /var/www/html/berat>
>> >
>> >             #ProxyRequests Off
>> >             #ProxyPreserveHost On
>> >             #<Proxy *>
>> >             #  Require all granted
>> >             #</Proxy>
>> >
>> >             #ProxyPass / http://127.0.0.1:3000/
>> >
>> >             #ProxyPassReverse / http://127.0.0.1:3000/
>> >
>> >     #        DirectoryIndex index.html index.php
>> >
>> >     #        Options -Indexes +FollowSymLinks +MultiViews
>> >             Options +FollowSymLinks
>> >
>> >             AllowOverride All
>> >             Options -MultiViews
>> >             Order allow,deny
>> >             Allow from all
>> >
>> >             #Require all granted
>> >             ##Options -Indexes +FollowSymLinks +MultiViews
>> > AllowOverride All Require all granted
>> >
>> >
>> >             ##Options Indexes FollowSymLinks MultiViews
>> >             ##Options -Indexes FollowSymlinks
>> >             #Options FollowSymlinks
>> >             #AllowOverride All
>> >             ##Order allow,deny
>> >             ##allow from all
>> >             #Require all granted
>> >     </Directory>
>> >
>> >     ##Alias "/berat" "/var/www/html/berat/"
>> >
>> >
>> >     LogLevel debug
>> >     ErrorLog ${APACHE_LOG_DIR}/error.log
>> >     CustomLog ${APACHE_LOG_DIR}/access.log combined
>> > </VirtualHost>
>> >
>> > On Thu, Jul 11, 2024 at 9:40 AM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
>> > >
>> > >
>> > >
>> > > On Thu, Jul 11, 2024 at 8:02 AM Marc <Marc@xxxxxxxxxxxxxxxxx> wrote:
>> > >>
>> > >>  I am testing a bit with this:
>> > >>
>> > >>      32 <Location /xxxx>
>> > >>      33     # files are still loaded from default host
>> > >>      34     Define defaulthost "bbbb"
>> > >>      35     Define proxyhost "cccc"
>> > >>      36
>> > >>      37     ProxyPreserveHost Off
>> > >>      38     ProxyAddHeaders On
>> > >>      39     SetOutputFilter  proxy-html
>> > >>      40     ProxyHTMLEnable On
>> > >>      41     ProxyHTMLExtended On
>> > >>      42
>> > >>      43     ProxyPass        "https://${proxyhost}/aaaa"
>> > >>      44     ProxyPassReverse "https://${proxyhost}/aaaa"
>> > >>      45
>> > >>      46     ProxyPassReverseCookieDomain "${proxyhost}" "${defaulthost}"
>> > >>      47     ProxyPassReverseCookiePath   "/" "/xxxx/"
>> > >>      48
>> > >>      49     Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=None
>> > >>      50
>> > >>      51     ProxyHTMLURLMap https://${proxyhost}/aaaa https://${defaulthost}/xxxx
>> > >>      52
>> > >>      53     Options +ExecCGI +FollowSymLinks -MultiViews
>> > >>      54 </Location>
>> > >>
>> > >> > -----Original Message-----
>> > >> > From: bruce <badouglas@xxxxxxxxx>
>> > >> > Sent: Thursday, 11 July 2024 13:20
>> > >> > To: users@xxxxxxxxxxxxxxxx
>> > >> > Subject: reverse proxy setup
>> > >> >
>> > >> > Hi.
>> > >> >
>> > >> > Testing a github app that appears to use/require reverse proxy to
>> > >> > display results on the browser.
>> > >> >
>> > >> > The basic app uses npm/nextjs to generate content, Per different
>> > >> > sites, the process uses PM2 to run the process, and to be able to show
>> > >> > the content via an internal/local "server". This is accessed via  --
>> > >> > http://127.0.0.1:3000.
>> > >> >
>> > >> > Using curl on the local/test server, content can be accessed via the site
>> > >> >  curl  http://127.0.0.1:3000.
>> > >> >
>> > >> > My issue now, is how to create the Apache conf to be able to have the
>> > >> > user at http://1.2.3.4/berat, be able to display the content. This
>> > >> > requires somehow setting up the reverse proxy process, in the VirtHost
>> > >> > of the config file. The test site is being run from a subdir
>> > >> >   /var/www/html/berat <<<
>> > >> >
>> > >> > Researching/testing hasn't had the light go off yet!
>> > >> >
>> > >> > Here's what I've got, but it's not correct.
>> > >> >
>> > >> > Pointers would be useful. (and possible explanation!)
>> > >> >
>> > >> > cat /etc/apache2/sites-available/berat.conf
>> > >> > <VirtualHost *:80>
>> > >> >     ServerAdmin foo@xxxxxxxxx
>> > >> >     ServerName  temp22
>> > >> >     ServerAlias temp
>> > >> >
>> > >> >     DocumentRoot   /var/www/html/berat
>> > >> >
>> > >> >     ProxyRequests Off
>> > >> >     ProxyPreserveHost On
>> > >> >     <Proxy *>
>> > >> >         Require all granted
>> > >> >     </Proxy>
>> > >> >
>> > >> >     ProxyPreserveHost On
>> > >> >
>> > >> >     <Location "/berat">
>> > >> >       ProxyPreserveHost Off
>> > >> >       ProxyErrorOverride Off
>> > >> >     </Location>
>> > >> >
>> > >> >      #ProxyPass        /api/system-a/
>> > >> > https://external-domain.example2.org/system-a/
>> > >> >
>> > >> >      ProxyPass /berat http://127.0.0.1:3000/
>> > >> >
>> > >> >      ProxyPassReverse /berat http://127.0.0.1:3000/
>> > >> >
>> > >> >
>> > >> >     #DocumentRoot   /var/www/html/berat
>> > >> >
>> > >> >
>> > >> >     <Directory    /var/www/html/berat>
>> > >> >
>> > >> >             #ProxyRequests Off
>> > >> >             #ProxyPreserveHost On
>> > >> >             #<Proxy *>
>> > >> >             #  Require all granted
>> > >> >             #</Proxy>
>> > >> >
>> > >> >             #ProxyPass / http://127.0.0.1:3000/
>> > >> >
>> > >> >             #ProxyPassReverse / http://127.0.0.1:3000/
>> > >> >
>> > >> >     #        DirectoryIndex index.html index.php
>> > >> >
>> > >> >     #        Options -Indexes +FollowSymLinks +MultiViews
>> > >> >             Options +FollowSymLinks
>> > >> >
>> > >> >             AllowOverride All
>> > >> >             Require all granted
>> > >> >             ##Options -Indexes +FollowSymLinks +MultiViews
>> > >> > AllowOverride All Require all granted
>> > >> >
>> > >> >
>> > >> >             ##Options Indexes FollowSymLinks MultiViews
>> > >> >             ##Options -Indexes FollowSymlinks
>> > >> >             #Options FollowSymlinks
>> > >> >             #AllowOverride All
>> > >> >             ##Order allow,deny
>> > >> >             ##allow from all
>> > >> >             #Require all granted
>> > >> >     </Directory>
>> > >> >
>> > >> >     ##Alias "/berat" "/var/www/html/berat/"
>> > >> >
>> > >> >
>> > >> >     LogLevel debug
>> > >> >     ErrorLog ${APACHE_LOG_DIR}/error.log
>> > >> >     CustomLog ${APACHE_LOG_DIR}/access.log combined
>> > >> > </VirtualHost>
>> > >> >
>> > >> > ---------------------------------------------------------------------
>> > >> > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>> > >> > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>> > >>
>> > >
>> > > A couple points here:
>> > >
>> > > 1) Avoid proxying from <Location> blocks, unless you have a good reason to
>> > > 2) Always match the trailing slashes when proxying or redirecting, i.e. /foo -> /foo and /foo/ -> /foo/
>> > > 3) <Proxy *> is for forward proxies, so remove that
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>>
>
> This is not really a proper venue to solicit consulting services; asking your questions and posting the answers will suffice.
>
> I see that you're also using 2.2 authz directives now (Allow / Order) - you should be using Require under 2.4 instead.
>
> You should post the output from apachectl -S as well, as it looks like you have misconfigured vhosts.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


Another problem: do not specify more than one Options directive in the same context, merge the two.

As for the error, find the error log entry, and if php is involved, check the php error logs. 

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux