Re: reverse proxy setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



right..

and that appears to be from sending the "berat" to the PM2 server...

when I test  -- curl http://127.0.0.1:3001/berat
 throws a "Internal Server Error"

and when I examine the
 /root/.pm2/logs/waitlist-landing-page-error.log
 there appears to be a stacktrace/error data..

so this might be due to screwed up berat.conf config file... which is
my expectation.


On Thu, Jul 11, 2024 at 2:59 PM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
>
>
>
> On Thu, Jul 11, 2024 at 2:55 PM bruce <badouglas@xxxxxxxxx> wrote:
>>
>> on the options.. ok. But I have no clue if they're the right options,
>> as I'm looking over numerous sites, and copious testing -- trial/error
>> to understand.
>>
>> there is no php involved, and the apache error log data I pasted
>> appears to be the relevant data
>>
>> On Thu, Jul 11, 2024 at 2:50 PM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
>> >
>> >
>> >
>> > On Thu, Jul 11, 2024 at 2:41 PM bruce <badouglas@xxxxxxxxx> wrote:
>> >>
>> >> Hi Frank!
>> >>
>> >> Again, thanks for all your replies... Hopefully, I'll eventually have
>> >> the "light" turn on!
>> >>
>> >> Here's updated information
>> >>  -updated berat,conf  -- for the virthost/config
>> >> -output from the  --  /var/logs/apache/error.log
>> >> -output from the ---  apachectl -S
>> >> and the display from the browser/url
>> >>
>> >> cat /etc/apache2/sites-available/berat.conf
>> >> <VirtualHost *:80>
>> >>     ServerAdmin foo@xxxxxxxxx
>> >>     ServerName  temp22
>> >>     ServerAlias temp
>> >>
>> >>     DocumentRoot   /var/www/html/berat
>> >>
>> >>      ProxyPass / http://127.0.0.1:3000/
>> >>
>> >>      ProxyPassReverse / http://127.0.0.1:3000/
>> >>
>> >>
>> >>     <Directory    /var/www/html/berat>
>> >>
>> >>             Options +FollowSymLinks
>> >>
>> >>             AllowOverride All
>> >>             Options -MultiViews
>> >>
>> >>             Require all granted
>> >>             ##Options -Indexes +FollowSymLinks +MultiViews
>> >> AllowOverride All Require all granted
>> >>
>> >>
>> >>     </Directory>
>> >>
>> >>     LogLevel debug
>> >>     ErrorLog ${APACHE_LOG_DIR}/error.log
>> >>     CustomLog ${APACHE_LOG_DIR}/access.log combined
>> >> </VirtualHost>
>> >>
>> >> \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
>> >> apachectl -S
>> >> AH00558: apache2: Could not reliably determine the server's fully
>> >> qualified domain name, using 10.10.0.9. Set the 'ServerName' directive
>> >> globally to suppress this message
>> >> VirtualHost configuration:
>> >> *:80                   is a NameVirtualHost
>> >>          default server temp22
>> >> (/etc/apache2/sites-enabled/berat.conf:1)    <<<<<<<<<<<<<<<<<<<<
>> >>          port 80 namevhost temp22
>> >> (/etc/apache2/sites-enabled/berat.conf:1) <<<<<<<<<<<<<<<<<<<<
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/dolibarr.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/domainmod.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/drougnov.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/filgeary.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/flatpress.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/freescout.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/glozzome.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22
>> >> (/etc/apache2/sites-enabled/invoiceninja.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22
>> >> (/etc/apache2/sites-enabled/invoiceplane.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/larap.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/mantisbt.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/matomo.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/minthcm.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/petronius.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/priyansh.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/sendportal.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/snipe.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/uideck.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/userlp.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/wave.conf:1)
>> >>                  alias temp
>> >>          port 80 namevhost temp22 (/etc/apache2/sites-enabled/zentaopms.conf:1)
>> >>                  alias temp
>> >> ServerRoot: "/etc/apache2"
>> >> Main DocumentRoot: "/var/www/html"
>> >> Main ErrorLog: "/var/log/apache2/error.log"
>> >> Mutex default: dir="/var/run/apache2/" mechanism=default
>> >> Mutex mpm-accept: using_defaults
>> >> Mutex watchdog-callback: using_defaults
>> >> Mutex rewrite-map: using_defaults
>> >> Mutex proxy: using_defaults
>> >> PidFile: "/var/run/apache2/apache2.pid"
>> >> Define: DUMP_VHOSTS
>> >> Define: DUMP_RUN_CFG
>> >> User: name="www-data" id=33
>> >> Group: name="www-data" id=33
>> >> //////////////////////////////////////////////////////////////////////
>> >>
>> >> more /var/logs/apache2/error.log
>> >> [Thu Jul 11 18:34:26.962982 2024] [proxy:debug] [pid 75271]
>> >> proxy_util.c(2154): AH00925: initializing worker
>> >> http://127.0.0.1:3000/ shared
>> >> [Thu Jul 11 18:34:26.963057 2024] [proxy:debug] [pid 75271]
>> >> proxy_util.c(2214): AH00927: initializing worker
>> >> http://127.0.0.1:3000/ local
>> >> [Thu Jul 11 18:34:26.963128 2024] [proxy:debug] [pid 75271]
>> >> proxy_util.c(2262): AH00931: initialized single connection worker in
>> >> child 75271 for (127.0.0.1:3000)
>> >> [Thu Jul 11 18:34:36.463332 2024] [authz_core:debug] [pid 75267]
>> >> mod_authz_core.c(843): [client 162.234.196.167:60276] AH01628:
>> >> authorization result: granted (no directives)
>> >> [Thu Jul 11 18:34:36.463485 2024] [proxy:debug] [pid 75267]
>> >> mod_proxy.c(1521): [client 162.234.196.167:60276] AH01143: Running
>> >> scheme http handler (attempt 0)
>> >> [Thu Jul 11 18:34:36.463499 2024] [proxy:debug] [pid 75267]
>> >> proxy_util.c(2576): AH00942: http: has acquired connection for
>> >> (127.0.0.1:3000)
>> >> [Thu Jul 11 18:34:36.463530 2024] [proxy:debug] [pid 75267]
>> >> proxy_util.c(2641): [client 162.234.196.167:60276] AH00944: connecting
>> >> http://127.0.0.1:3000/berat to 127.0.0.1:3000
>> >> [Thu Jul 11 18:34:36.463645 2024] [proxy:debug] [pid 75267]
>> >> proxy_util.c(2864): [client 162.234.196.167:60276] AH00947: connected
>> >> /berat to 127.0.0.1:3000
>> >> [Thu Jul 11 18:34:36.464155 2024] [proxy:debug] [pid 75267]
>> >> proxy_util.c(3336): AH02824: http: connection established with
>> >> 127.0.0.1:3000 (127.0.0.1:3000)
>> >> [Thu Jul 11 18:34:36.464203 2024] [proxy:debug] [pid 75267]
>> >> proxy_util.c(3525): AH00962: http: connection complete to
>> >> 127.0.0.1:3000 (127.0.0.1)
>> >> [Thu Jul 11 18:34:36.466804 2024] [proxy:debug] [pid 75267]
>> >> proxy_util.c(2592): AH00943: http: has released connection for
>> >> (127.0.0.1:3000)
>> >>
>> >>
>> >>
>> >> when accessing the server, running the PM2 server, and using curl..
>> >>
>> >> curl http://127.0.0.1:3001
>> >>  this generates the data/content.. which should (hopefully)
>> >>  be returned/displayed in the browser
>> >>
>> >> but for now..
>> >> http://161.35.5.174/berat
>> >>
>> >>  gets --->> "Internal Server Error"
>> >>
>> >>
>> >> On Thu, Jul 11, 2024 at 1:06 PM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
>> >> >
>> >> >
>> >> >
>> >> > On Thu, Jul 11, 2024 at 12:43 PM bruce <badouglas@xxxxxxxxx> wrote:
>> >> >>
>> >> >> updated typo..
>> >> >>
>> >> >> weird thing now.. based on the current/listed apache conf file...
>> >> >> i get the"Internal Server Error" page now..
>> >> >>
>> >> >> On Thu, Jul 11, 2024 at 12:39 PM bruce <badouglas@xxxxxxxxx> wrote:
>> >> >> >
>> >> >> > Hi Frank,
>> >> >> >
>> >> >> > Thanks for the reply.
>> >> >> >
>> >> >> > I'm still going through suggestions, as well as information from other
>> >> >> > sites. I'm still confused, and think I might be making things worse.
>> >> >> >
>> >> >> > Not sure if this is accepted as a question, but if you have
>> >> >> > apache/proxy skills, are you up for making a few $$!
>> >> >> >
>> >> >> > I'm thinking this is reasonably simple, but I'm missing something.
>> >> >> >
>> >> >> > The test server has multiple test apps, running off subfolders
>> >> >> > /var/www/html/test1
>> >> >> > /var/www/html/test2
>> >> >> > /var/www/html/berat
>> >> >> >
>> >> >> > Right now, for the test "berat" app, the changes I made are generating
>> >> >> > an internal 500 server error.
>> >> >> >
>> >> >> > The test url -- http://161.35.5.174/berat
>> >> >> >
>> >> >> > Thanks for your pointers/insight!
>> >> >> >
>> >> >> > weird thing now.. based on the current/listed apache conf file...
>> >> >> > i get the base "ubuntu/apache" default page now..
>> >> >> >  --the "berat" is trimed...
>> >> >> >
>> >> >> > =========================================================
>> >> >> > cat /etc/apache2/sites-available/berat.conf
>> >> >> > <VirtualHost *:80>
>> >> >> >     ServerAdmin foo@xxxxxxxxx
>> >> >> >     ServerName  temp22
>> >> >> >     ServerAlias temp
>> >> >> >
>> >> >> >     DocumentRoot   /var/www/html/berat
>> >> >> >
>> >> >> >      ProxyPass / http://127.0.0.1:3000/
>> >> >> >
>> >> >> >      ProxyPassReverse / http://127.0.0.1:3000/
>> >> >> >
>> >> >> >
>> >> >> >     #DocumentRoot   /var/www/html/berat
>> >> >> >
>> >> >> >
>> >> >> >     <Directory    /var/www/html/berat>
>> >> >> >
>> >> >> >             #ProxyRequests Off
>> >> >> >             #ProxyPreserveHost On
>> >> >> >             #<Proxy *>
>> >> >> >             #  Require all granted
>> >> >> >             #</Proxy>
>> >> >> >
>> >> >> >             #ProxyPass / http://127.0.0.1:3000/
>> >> >> >
>> >> >> >             #ProxyPassReverse / http://127.0.0.1:3000/
>> >> >> >
>> >> >> >     #        DirectoryIndex index.html index.php
>> >> >> >
>> >> >> >     #        Options -Indexes +FollowSymLinks +MultiViews
>> >> >> >             Options +FollowSymLinks
>> >> >> >
>> >> >> >             AllowOverride All
>> >> >> >             Options -MultiViews
>> >> >> >             Order allow,deny
>> >> >> >             Allow from all
>> >> >> >
>> >> >> >             #Require all granted
>> >> >> >             ##Options -Indexes +FollowSymLinks +MultiViews
>> >> >> > AllowOverride All Require all granted
>> >> >> >
>> >> >> >
>> >> >> >             ##Options Indexes FollowSymLinks MultiViews
>> >> >> >             ##Options -Indexes FollowSymlinks
>> >> >> >             #Options FollowSymlinks
>> >> >> >             #AllowOverride All
>> >> >> >             ##Order allow,deny
>> >> >> >             ##allow from all
>> >> >> >             #Require all granted
>> >> >> >     </Directory>
>> >> >> >
>> >> >> >     ##Alias "/berat" "/var/www/html/berat/"
>> >> >> >
>> >> >> >
>> >> >> >     LogLevel debug
>> >> >> >     ErrorLog ${APACHE_LOG_DIR}/error.log
>> >> >> >     CustomLog ${APACHE_LOG_DIR}/access.log combined
>> >> >> > </VirtualHost>
>> >> >> >
>> >> >> > On Thu, Jul 11, 2024 at 9:40 AM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
>> >> >> > >
>> >> >> > >
>> >> >> > >
>> >> >> > > On Thu, Jul 11, 2024 at 8:02 AM Marc <Marc@xxxxxxxxxxxxxxxxx> wrote:
>> >> >> > >>
>> >> >> > >>  I am testing a bit with this:
>> >> >> > >>
>> >> >> > >>      32 <Location /xxxx>
>> >> >> > >>      33     # files are still loaded from default host
>> >> >> > >>      34     Define defaulthost "bbbb"
>> >> >> > >>      35     Define proxyhost "cccc"
>> >> >> > >>      36
>> >> >> > >>      37     ProxyPreserveHost Off
>> >> >> > >>      38     ProxyAddHeaders On
>> >> >> > >>      39     SetOutputFilter  proxy-html
>> >> >> > >>      40     ProxyHTMLEnable On
>> >> >> > >>      41     ProxyHTMLExtended On
>> >> >> > >>      42
>> >> >> > >>      43     ProxyPass        "https://${proxyhost}/aaaa";
>> >> >> > >>      44     ProxyPassReverse "https://${proxyhost}/aaaa";
>> >> >> > >>      45
>> >> >> > >>      46     ProxyPassReverseCookieDomain "${proxyhost}" "${defaulthost}"
>> >> >> > >>      47     ProxyPassReverseCookiePath   "/" "/xxxx/"
>> >> >> > >>      48
>> >> >> > >>      49     Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=None
>> >> >> > >>      50
>> >> >> > >>      51     ProxyHTMLURLMap https://${proxyhost}/aaaa https://${defaulthost}/xxxx
>> >> >> > >>      52
>> >> >> > >>      53     Options +ExecCGI +FollowSymLinks -MultiViews
>> >> >> > >>      54 </Location>
>> >> >> > >>
>> >> >> > >> > -----Original Message-----
>> >> >> > >> > From: bruce <badouglas@xxxxxxxxx>
>> >> >> > >> > Sent: Thursday, 11 July 2024 13:20
>> >> >> > >> > To: users@xxxxxxxxxxxxxxxx
>> >> >> > >> > Subject:  reverse proxy setup
>> >> >> > >> >
>> >> >> > >> > Hi.
>> >> >> > >> >
>> >> >> > >> > Testing a github app that appears to use/require reverse proxy to
>> >> >> > >> > display results on the browser.
>> >> >> > >> >
>> >> >> > >> > The basic app uses npm/nextjs to generate content, Per different
>> >> >> > >> > sites, the process uses PM2 to run the process, and to be able to show
>> >> >> > >> > the content via an internal/local "server". This is accessed via  --
>> >> >> > >> > http://127.0.0.1:3000.
>> >> >> > >> >
>> >> >> > >> > Using curl on the local/test server, content can be accessed via the site
>> >> >> > >> >  curl  http://127.0.0.1:3000.
>> >> >> > >> >
>> >> >> > >> > My issue now, is how to create the Apache conf to be able to have the
>> >> >> > >> > user at http://1.2.3.4/berat, be able to display the content. This
>> >> >> > >> > requires somehow setting up the reverse proxy process, in the VirtHost
>> >> >> > >> > of the config file. The test site is being run from a subdir
>> >> >> > >> >   /var/www/html/berat <<<
>> >> >> > >> >
>> >> >> > >> > Researching/testing hasn't had the light go off yet!
>> >> >> > >> >
>> >> >> > >> > Here's what I've got, but it's not correct.
>> >> >> > >> >
>> >> >> > >> > Pointers would be useful. (and possible explanation!)
>> >> >> > >> >
>> >> >> > >> > cat /etc/apache2/sites-available/berat.conf
>> >> >> > >> > <VirtualHost *:80>
>> >> >> > >> >     ServerAdmin foo@xxxxxxxxx
>> >> >> > >> >     ServerName  temp22
>> >> >> > >> >     ServerAlias temp
>> >> >> > >> >
>> >> >> > >> >     DocumentRoot   /var/www/html/berat
>> >> >> > >> >
>> >> >> > >> >     ProxyRequests Off
>> >> >> > >> >     ProxyPreserveHost On
>> >> >> > >> >     <Proxy *>
>> >> >> > >> >         Require all granted
>> >> >> > >> >     </Proxy>
>> >> >> > >> >
>> >> >> > >> >     ProxyPreserveHost On
>> >> >> > >> >
>> >> >> > >> >     <Location "/berat">
>> >> >> > >> >       ProxyPreserveHost Off
>> >> >> > >> >       ProxyErrorOverride Off
>> >> >> > >> >     </Location>
>> >> >> > >> >
>> >> >> > >> >      #ProxyPass        /api/system-a/
>> >> >> > >> > https://external-domain.example2.org/system-a/
>> >> >> > >> >
>> >> >> > >> >      ProxyPass /berat http://127.0.0.1:3000/
>> >> >> > >> >
>> >> >> > >> >      ProxyPassReverse /berat http://127.0.0.1:3000/
>> >> >> > >> >
>> >> >> > >> >
>> >> >> > >> >     #DocumentRoot   /var/www/html/berat
>> >> >> > >> >
>> >> >> > >> >
>> >> >> > >> >     <Directory    /var/www/html/berat>
>> >> >> > >> >
>> >> >> > >> >             #ProxyRequests Off
>> >> >> > >> >             #ProxyPreserveHost On
>> >> >> > >> >             #<Proxy *>
>> >> >> > >> >             #  Require all granted
>> >> >> > >> >             #</Proxy>
>> >> >> > >> >
>> >> >> > >> >             #ProxyPass / http://127.0.0.1:3000/
>> >> >> > >> >
>> >> >> > >> >             #ProxyPassReverse / http://127.0.0.1:3000/
>> >> >> > >> >
>> >> >> > >> >     #        DirectoryIndex index.html index.php
>> >> >> > >> >
>> >> >> > >> >     #        Options -Indexes +FollowSymLinks +MultiViews
>> >> >> > >> >             Options +FollowSymLinks
>> >> >> > >> >
>> >> >> > >> >             AllowOverride All
>> >> >> > >> >             Require all granted
>> >> >> > >> >             ##Options -Indexes +FollowSymLinks +MultiViews
>> >> >> > >> > AllowOverride All Require all granted
>> >> >> > >> >
>> >> >> > >> >
>> >> >> > >> >             ##Options Indexes FollowSymLinks MultiViews
>> >> >> > >> >             ##Options -Indexes FollowSymlinks
>> >> >> > >> >             #Options FollowSymlinks
>> >> >> > >> >             #AllowOverride All
>> >> >> > >> >             ##Order allow,deny
>> >> >> > >> >             ##allow from all
>> >> >> > >> >             #Require all granted
>> >> >> > >> >     </Directory>
>> >> >> > >> >
>> >> >> > >> >     ##Alias "/berat" "/var/www/html/berat/"
>> >> >> > >> >
>> >> >> > >> >
>> >> >> > >> >     LogLevel debug
>> >> >> > >> >     ErrorLog ${APACHE_LOG_DIR}/error.log
>> >> >> > >> >     CustomLog ${APACHE_LOG_DIR}/access.log combined
>> >> >> > >> > </VirtualHost>
>> >> >> > >> >
>> >> >> > >> > ---------------------------------------------------------------------
>> >> >> > >> > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>> >> >> > >> > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>> >> >> > >>
>> >> >> > >
>> >> >> > > A couple points here:
>> >> >> > >
>> >> >> > > 1) Avoid proxying from <Location> blocks, unless you have a good reason to
>> >> >> > > 2) Always match the trailing slashes when proxying or redirecting, i.e. /foo -> /foo and /foo/ -> /foo/
>> >> >> > > 3) <Proxy *> is for forward proxies, so remove that
>> >> >>
>> >> >> ---------------------------------------------------------------------
>> >> >> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>> >> >> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>> >> >>
>> >> >
>> >> > This is not really a proper venue to solicit consulting services; asking your questions and posting the answers will suffice.
>> >> >
>> >> > I see that you're also using 2.2 authz directives now (Allow / Order) - you should be using Require under 2.4 instead.
>> >> >
>> >> > You should post the output from apachectl -S as well, as it looks like you have misconfigured vhosts.
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>> >> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>> >>
>> >
>> > Another problem: do not specify more than one Options directive in the same context, merge the two.
>> >
>> > As for the error, find the error log entry, and if php is involved, check the php error logs.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>>
>
> If httpd generates a 500 error, it's always logged, so finding the log entry is crucial to fix your issue.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux