Apache 2.2 reverse-proxy behind Nexus 3 - apache

The apache server is configure with following items :
<VirtualHost *:80>
...
<IfModule mod_proxy.c>
ProxyRequests Off
ProxyPreserveHost On
ProxyPass /jenkins/ http://localhost:8080/ timeout=300
ProxyHTMLURLMap http://localhost:8080 /jenkins
<Location /jenkins/>
ProxyPassReverse /
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLURLMap / /jenkins/ [L]
RequestHeader unset Accept-Encoding
</Location>
ProxyPass /nexus/ http://localhost:8081/ timeout=300
ProxyHTMLURLMap http://localhost:8081 /nexus
<Location /nexus/>
ProxyPassReverse /
ProxyHTMLEnable On
ProxyHTMLExtended On
ProxyHTMLURLMap / /nexus/ [L]
RequestHeader unset Accept-Encoding
</Location>
ProxyVia On
</IfModule>
Jenkins proxy works fine.
Nexus proxy load the page but cannot load resources. The HTML page ressources are not defined with the right path, instead of myhost.domain/nexus/static/... the URLs are myhost.domain/static/.... What's going wrong in the configuration ?

The solution is to switch Nexus context path configuration to '/nexus/'. In general, it seems that the nexus context path must match the proxy context path.

Related

How to disable http to https re-direct in Jenkins?

I currently have Jenkins running behind SSL with http re-driecting to https. For a custom integration which doesn't support SSL yet, I need to disable the http to https re-direct. I am unable to do so by commenting the re-direct in apache conf.
Following is my apache config.
<VirtualHost *:80>
ServerName jenkins-tb.myorg.com
ServerAlias www.jenkins-tb.myorg.com
ProxyRequests Off
ProxyVia On
Redirect permanent / https://jenkins-tb.myorg.com/
# RewriteEngine On
# RewriteCond %{HTTPS} !=on
# RewriteRule ^/?login/(.*) https://%{SERVER_NAME}/login/$1 [R,L]
</Virtualhost>
<VirtualHost *:443>
ServerName jenkins-tb.myorg.com
ServerAlias www.jenkins-tb.myorg.com
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/apache2/ssl/crt/jenkins-asd.myorg.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/key/server_jenkins-asd.myorg.com.key
ProxyRequests Off
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
# ProxyPassReverse /login http://jenkins-thunderbolt.myorg.com/login
# ProxyPassReverse /login https://jenkins-thunderbolt.myorg.com/login
ProxyPass /sonar http://localhost:9000/sonar
ProxyPassReverse /sonar http://localhost:9000/sonar
RequestHeader set X_FORWARDED_PROTO "https"
RequestHeader set X-Forwarded-Port "443"
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
<Proxy http://localhost:8080/*>
Order allow,deny
Allow from all
</Proxy>
ProxyPreserveHost on
# AllowEncodedSlashes NoDecode
</VirtualHost>
How do i re-enable http without disabling https? Basically need to stop re-direction from http to https.
Based on you configuration, replace the <VirtualHost *:80> block with the following. But please note, passwords are now transfered in clear text.
<VirtualHost *:80>
ServerName jenkins-tb.myorg.com
ServerAlias www.jenkins-tb.myorg.com
ProxyRequests Off
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
ProxyPass /sonar http://localhost:9000/sonar
ProxyPassReverse /sonar http://localhost:9000/sonar
RequestHeader set X_FORWARDED_PROTO "http"
RequestHeader set X-Forwarded-Port "80"
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
<Proxy http://localhost:8080/*>
Order allow,deny
Allow from all
</Proxy>
ProxyPreserveHost on
</Virtualhost>
This also includes that /sonar is also available over http.

Apache Rewrite to a Location

We have a single web application that handles different URL formats and returns the same content in a different formats.
/dosomething
/foo/dosomething (returns mobile content)
/bar/dosomething (returns html for a browser)
See the sample Virtual Host below.
For Apache 2.2, I used Rewrite Rules to redirect http://www.foobarbaz.net/dosomething to the Location "/baz/" which functioned as I expected.
The "PT" flag on the RewriteRule passed the URI back to Apache and allowed us to serve content from the "baz" location.
<VirtualHost *:80>
ServerName www.foobarbaz.net
RewriteEngine On
#Block requests for favicon
RewriteRule ^/favicon.ico$ - [F]
# If the requested URI is NOT located in bar or foo
# Prepend an /baz to everything that does not already starts with it
# and force the result to be handled by the next URI-handler ([PT])
RewriteCond %{REQUEST_URI} !^/bar/.*$
RewriteCond %{REQUEST_URI} !^/foo/.*$
RewriteRule ^/(.*) /baz/$1 [PT,QSA]
<Location "/baz/">
RequestHeader append ABC-Request-Origin "/baz"
ProxyPass ajp://localhost:8009/webapp/
ProxyPassReverse /
ProxyPassReverseCookiePath /webapp /
</Location>
<Location "/bar/">
RequestHeader append ABC-Request-Origin "/bar"
ProxyPass ajp://localhost:8009/webapp/
ProxyPassReverse /
ProxyPassReverseCookiePath /webapp /bar/
</Location>
<Location "/foo/">
RequestHeader append ABC-Request-Origin "/foo"
ProxyPass ajp://localhost:8009/webapp/
ProxyPassReverse /
ProxyPassReverseCookiePath /webapp /foo/
</Location>
</VirtualHost>
For Apache 2.4.12, the Rewrite Rules do not function in the same manner and Apache tries to find the content on the file system. Apache looks for a "baz" directory which does not exist.
I tried adding another location "/" and removing the rewrite rules (see below).
The docs indicate that for overlapping Locations, the least specific should go first.
http://httpd.apache.org/docs/current/sections.html
This works for "/", but not for "/foo/" or "/bar". It seems that "/" is always used and "foo" and "bar" are always included in the request to the p.roxy
<VirtualHost *:80>
ServerName www.foobarbaz.net
<Location "/">
RequestHeader append ABC-Request-Origin "/baz"
ProxyPass ajp://localhost:8009/webapp/
ProxyPassReverse /
ProxyPassReverseCookiePath /webapp /
</Location>
<Location "/bar/">
RequestHeader append ABC-Request-Origin "/bar"
ProxyPass ajp://localhost:8009/webapp/
ProxyPassReverse /
ProxyPassReverseCookiePath /webapp /bar/
</Location>
<Location "/foo/">
RequestHeader append ABC-Request-Origin "/foo"
ProxyPass ajp://localhost:8009/webapp/
ProxyPassReverse /
ProxyPassReverseCookiePath /webapp /foo/
</Location>
</VirtualHost>
Does anyone have suggestions on how to improve this setup? Or suggestions on handling requests to "/" differently that "/foo" or "/bar"
Thanks for any help.
Jim
It appears that using a Location "/" first does properly use the Locations for "/", "/foo" and "/bar" I do have other issues related to building links in the application, but I do not believe it is an Apache issue.

Relative url done right with ProxyHTMLURLMap?

For example psweb1.example.com:8002/main/login/login.jsp needs to redirect to psweb1.example.com/demo1/main/login/login.jsp
and psweb1.example.com:8002/content/* needs to direct to psweb1.example.com/demo1/content/*
I cannot get the proper relative paths redirected. Any help is appreciated.
This is my config in httpd.conf
<VirtualHost *:80>
ServerName psweb1.example.com
ServerAlias psweb1.example.com
ProxyPass /demo1/ http://psweb1.example.com:8002/
ProxyHTMLURLMap http://psweb1.example.com:8002/ /demo1
<Location /demo1/>
ProxyPassReverse http://psweb1.example.com:8002/
SetOutputFilter proxy-html
ProxyHTMLURLMap / /demo1/
ProxyHTMLURLMap /demo1 /demo1
RequestHeader unset Accept-Encoding
</Location>
</VirtualHost>

ProxyHTML to rewrite URL

I've got 2 apache servers set up. One on port 80 and another on port 8077. I'm wanting to see everything on the server on 8077 via a reverse proxy. At the moment I've got:
ProxyPreserveHost Off
ProxyHTMLInterp On
ProxyPass /translate/ http://www.example.com:8077/
ProxyPassReverse /translate/ http://www.example.com:8077/
ProxyHTMLURLMap / /translate/
This allows me to get to the initial page of the site, but the links to images, css and other pages don't work.
For example the css in the html shows as
/css/style.css
where I actually want it to be
/translate/css/style.css
For it to pick up the file from the 8077 server. What can I do with the current setting to get that to work?
Ok, this is what I ended up doing to get it working
ProxyPass /translate/ http://www.example.com:8077/
ProxyPassReverse /translate/ http://www.example.com:8077/
ProxyHTMLURLMap http://www.example.com:8087 /translate/
<Location /translate/>
ProxyPassReverse /
SetOutputFilter proxy-html
ProxyHTMLURLMap http://www.example.com:8077 /translate/
ProxyHTMLURLMap / /translate/
ProxyHTMLURLMap /translate/ /translate/
RequestHeader unset Accept-Encoding
</Location>
This seems to work well. The ProxyHTMLURLMap http://www.example.com:8077 /translate/ line was only needed to translate some "referrer" based urls that caused some pages to end up trying to serve directly from the 8077 port server.

How do I configure a Apache proxy for my Couchapp?

I want to realize a proxy through a Apache Webserver 2.2.14 on Ubuntu 10.04.1. for a Couchapp on Couchdb 1.0.1 and I'm not experienced with that. The proxy should also redirect to another couchdb-database and some other pathes in Apaches www-path. The target is, to call the Couchapp (index.html) on sub.something.de.
My Questions are:
It works, but is there a smarter way to do that? My own way looks for me like a Workaround.
A problem is, when I do a logout with couchdb-api, I get another dialog to login from Apache. After I login, I can logout ;) The problem is, that the uri, I call for logout, looks like that _:_#sub.something.de and this don't match with my Proxy-Configuration. What is the solution?
Here is my httpd.conf Configuration:
<VirtualHost *:80>
DocumentRoot "/var/www/Something"
ServerName something
ServerAlias sub.something.de
AllowEncodedSlashes On
ProxyRequests Off
ProxyPreserveHost Off
ProxyVia On
KeepAlive Off
<Proxy *>
AuthType Basic
AuthName "Something Login"
AuthUserFile /home/user/.couchdb_htpasswd
Require valid-user
Order deny,allow
Deny from all
Allow from 127.0.0.1
Satisfy Any
</Proxy>
ProxyPass /something_data http://localhost:5984/something_data/ nocanon
ProxyPass /data http://localhost:5984/something/_design/prototype/data nocanon
ProxyPass /css http://localhost:5984/something/_design/prototype/css nocanon
ProxyPass /vendor http://localhost:5984/something/_design/prototype/vendor nocanon
ProxyPass /js http://localhost:5984/something/_design/prototype/js nocanon
ProxyPass /font http://localhost:5984/something/_design/prototype/font nocanon
ProxyPass /php http://localhost/dev/something/php nocanon
ProxyPass /uploads http://localhost/dev/something/uploads nocanon
ProxyPass /_uuids http://localhost:5984/_uuids nocanon
ProxyPass /_session http://localhost:5984/_session nocanon
ProxyPass /_users http://localhost:5984/_users nocanon
ProxyPass /_users !
ProxyPass /_uuids !
ProxyPass /_session !
ProxyPass /php !
ProxyPass /uploads !
ProxyPass /font !
ProxyPass /data !
ProxyPass /css !
ProxyPass /vendor !
ProxyPass /js !
ProxyPass /something_data !
ProxyPass / http://localhost:5984/something/_design/prototype/index.html nocanon
ProxyPassReverse / http://localhost:5984/something/_design/prototype/
RequestHeader unset Authorization
ErrorLog "/home/user/logs/couchdb_error_log"
CustomLog "/home/user/logs/couchdb_access_log" common
</VirtualHost>
Thx
Set value of urlPrefix in couch.js
#vi /etc/httpd/conf/httpd.conf
ProxyPass /_db/ http://localhost:5984/
ProxyPassReverse /_db/ http://localhost:5984/
#vi /usr/share/couchdb/www/script/couch.js
CouchDB.urlPrefix = '/_db/';