Aware this question has being asked a few times and I've read a lot of the solutions but I still cannot get my reverse proxy to work.
I have a Raspberry Pi with Pi-hole.
Hostname: pi-hole.local
IP address: 192.168.1.254
Lighttpd port: 8080
I want to visit http://pi-hole.local in my browser without :8080 and view the Pi-hole admin page.
ATM, I have to type http://pi-hole.local:8080.
I have added mod_proxy to:
server.modules = (
...
mod_proxy
...
)
I have server.port = 8080 and I have this block:
$HTTP["url"] =~ "pi-hole.local" {
proxy.server = ( "" => ("" => ( "host" => "192.168.1.254", "port" => 8080 )))
}
pi-hole.local is the URI authority, not the url-path.
$HTTP["host"] =~ "pi-hole.local" {
proxy.server = ( "" => ("" => ( "host" => "192.168.1.254", "port" => 8080 )))
}
Separately, for http://pi-hole.local to work, lighttpd also needs to be listening on port 80. Is that the case on your system? Is something else listening on port 80? If not, then $SERVER["socket"] == "*:80" {} will have lighttpd additionally listening on port 80, in addition to server.port = 8080. However, I have not looked into how pi-hole uses this, so you should test that pi-hole still works the way you want it to.
Instead of mod_proxy, a better way might be mod_redirect.
server.modules += ("mod_redirect")
$HTTP["host"] =~ "pi-hole.local" {
url.redirect = ("" => "http://pi-hole.local:8080${url.path}${qsa}")
}
Related
I have a reverse proxy setting in my Apache's httpd.conf:
ProxyPass "/endpoint" "https://someurl.com/endpoint"
ProxyPassReverse "/endpoint" "https://someurl.com/endpoint"
And I need to replicate this in Lighttpd. I'm running a JS app which calls localhost:8080/endpoint to retrieve some data. I'd like to set up a proxy to always redirect /endpoint to https://someurl.com/endpoint.
In my lighttpd.conf I have the following settings:
server.modules = ("mod_proxy")
$HTTP["url"] =~ "^.*endpoint" {
proxy.server = ( "" => (( "host" => "https://someurl.com/endpoint" ) ) )
}
based on this SO answer.
I have also tried:
server.modules = ("mod_proxy")
proxy.server = ( "/endpoint" => (( "host" => "https://someurl.com/endpoint" )))
based on the lighttpd docs.
In both cases, I'm still hitting localhost:8080/endpoint which results in a 404 error. How do I set up the proxy correctly?
In lighttpd 1.4.46 and later, you can use proxy.header. See
https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModProxy
server.modules = ("mod_proxy")
$HTTP["url"] == "/endpoint" {
proxy.server = ( "" => (( "host" => "someurl.com" )))
proxy.header = ( "map-host-request" => ( "-" => "someurl.com"),
"map-host-response" => ("-" => "-"))
}
I have a web server with differents IP addresses.
Apache virtualhosts and DNS are mapped like this :
ip1 => ip1.domain.com
ip2 => ip2.domain.com
ip3 => ip3.domain.com
I did this so i can use guzzlehttp from different IP addresses.
But if I do this, from any on those virthual host :
$client = new \GuzzleHttp\Client();
$url = "https://www.whatismyip.com";
$response = $client->request('GET', $url);
$content = $response->getBody();
I walways get the IP from the server, not from the virtualhost.
Am I missing something ? Is there a better way to do this ?
Thanks for your help,
Turns out all it need is to specify the network interface in Guzzle.
No need for different virtual host, one is enough.
Example:
$client = new \GuzzleHttp\Client(['curl' => [ CURLOPT_INTERFACE => 'eth0:1' ]]);
I'm relatively new to puppet and currently working on 'puppetlabs-apache' module. I'm missing something while setting both ssl and non-ssl on a virtual-host.
Manifest applied:
include apache
include apache::mod::rewrite
#apache::vhost { 'site.mydomain.com':
# port => '80',
# docroot => '/var/www/site',
# rewrite_rule => '(.*) https://site.mydomain.com [R,L]',
#}
apache::vhost { 'site.mydomain.com':
port => '443',
ssl => true,
docroot => '/var/www/site',
docroot_owner => 'www-data',
docroot_group => 'www-data',
# rewrite_rule => '(.*) https://site.mydomain.com [R,L]',
}
The thing is I don't need the non-ssl (80 port), but all requests should redirect to 443.
If I comment out the first vhost definition of site.mydomain.com for port 80, it throws an error:
Error 400 on SERVER: Duplicate declaration: Apache::Vhost[site2.mydomain.com] is already declared in file..
Not sure what I'm missing here. What should I do to make this permanent redirect happen?
http://site2.mydomain.com/ => https://site2.mydomain.com/
To configure a virtual host to redirect unencrypted connections to SSL, declare them with separate apache::vhost defined types and redirect unencrypted requests to the virtual host with SSL enabled:
apache::vhost { 'site.mydomain.com:80':
servername => 'site.mydomain.com',
port => '80',
docroot => '/var/www/site',
rewrite_rule => '(.*) https://site.mydomain.com [R,L]',
redirect_status => 'permanent',
redirect_dest => 'https://site.mydomain.com'
}
apache::vhost { 'site.mydomain.com:443':
servername => 'site.mydomain.com',
port => '443',
ssl => true,
docroot => '/var/www/site',
docroot_owner => 'www-data',
docroot_group => 'www-data',
rewrite_rule => '(.*) https://site.mydomain.com [R,L]',
}
You also needed those additional redirect attributes for the non-ssl virtualhost resource. Since apache::vhost is a defined resource type with no namevar, you can circumvent the multiple resource declaration issue by using two unique and purely cosmetic resource titles.
Working out Matt's answer and error while running it made me come at following answer.
apache::vhost { 'site.mydomain.com:80' ... }
apache::vhost { 'site.mydomain.com:443' : ...}
Thanks,
I have the following problem:
I'm running a router with openwrt and a lighttpd webserver and i'm trying to redirect https traffic to a specific domain.
Here is my lighttpd.conf:
$SERVER["socket"] == ":443" {
url.redirect = (
"" => "http://name.tld",
)
}
If I call routerip:443 everything works fine,
but when I call https://routerip it gives me an error, for example:
ERR_NETWORK_CHANGED
or something with DNS_ERROR
I suspect it is relying explicitly on the redirect destination, which in your example still uses "http" as the protocol. Try modifying your redirect to include https:
url.redirect = (
"" => "https://name.tld",
)
I have a webcam stream only accessible on the host machine via http://localhost:1234
This stream has no authentication.
I would like to setup a lightweight http server that listens on port 80 for outside connections, prompts for username and password, and then forwards the stream from localhost:1234
How do I do this?
Lighttpd can do this.
The following config files will forward requests to http://domain.com/ => http://localhost:1234/ requesting a http basic auth first.
lighttpd.conf
## Add auth and proxy mods to your existing modules list
server.modules = (
"mod_auth",
"mod_proxy"
)
$HTTP["host"] == "domain.com" {
auth.backend = "plain"
auth.backend.plain.userfile = "lighttpd-plain.user"
auth.require = (
"/" => (
"method" => "basic",
"realm" => "MyWebcam",
"require" => "valid-user"
)
)
proxy.server = (
"/" => (
(
"host" => "127.0.0.1",
"port" => 1234
)
)
)
}
lighttpd-plain.user
webcamuser:webcampassword
Make sure you load mod_auth before mod_proxy in server.modules, getting them in the wrong order can make lighty panic.