apache proxy doesn't work - apache

I've got a problem with my apache configuration.
I'm running a apache2 in a docker container.
In the same container is a webrick running on port 3000
What I want is that when someone calls subdomain.mydomain.de
There should be a pass through to
subdomain.mydomain.de:3000
I've done this:
sudo nano /etc/apache2/sites-enabled/000-default.conf
added this in default.conf
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName mydomain.de
ServerAlias *.mydomain.de
ProxyPass / http://subdomain.mydomain.de:3000/
ProxyPassReverse / http://subdomain.mydomain.de:3000/
</VirtualHost>
a2enmod proxy
sudo /etc/init.d/apache2 restart
But all what I got is this:
Internal Server Error
The server encountered an internal error or misconfiguration and was
unable to complete your request.
Please contact the server administrator at [no address given] to
inform them of the time this error occurred, and the actions you
performed just before this error.
More information about this error may be available in the server error
log.

Solution for this problem is:
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo service apache2 reload

Related

Apache2 reverse proxy to a nextcloud server does not work

I've made a Ubuntu 18.04 Reverse Proxy Server with Apache2 and it works. I can reverse proxy to another apache2 webserver with no problem.
But now I want to do the exact same thing to a nextcloud server but it does not work.
My steps:
1) I copied the old configuration
2) changed the external Domain and the internal IP Adress from the Server
3) now I restarted the apache2 server and it does not work
There is no error in the error.log file from apache.
Maybe there is an error on the nextcloud server but I don't know how to continue.
Thanks Raphael
This is my working config for the Apache proxy pointing to the local Nextcloud in a Docker based instance:
ProxyPreserveHost On
ProxyRequests Off
ServerName cloud.myserver.local
ServerAlias cloud
ProxyPass / http://localhost:8000/
ProxyPassReverse / http://localhost:8000/

How to run websockets on Apache via wss?

I am trying to run a PHP chat on sockets.
Server configuration: Ubuntu-18.04-amd64, Apache/2.4.29, SSL certificate from Let's Encrypt.
I use rachet. Here, here and here it is described how to connect sockets through SSL connections. But I didn’t succeed.
I installed the necessary modules in Apache:
sudo a2enmod proxy
sudo a2enmod proxy_wstunnel
sudo a2enmod proxy_http
Wrote in /etc/apache2/apache2.conf
<VirtualHost *: 443>
<Location "/chat/">
ProxyPreserveHost On
ProxyPass /ws ws://xxxxxx.xx:999
ProxyPassReverse /ws ws://xxxxxx.xx:999
</Location>
</VirtualHost>
Opened 999 port
sudo iptables -I INPUT -p tcp --dport 999 -j ACCEPT
Restarted Apache
sudo systemctl restart apache2
Launched a chat server
php /var/www/html/chat/bin/chat-server.php
Wrote in the socket call script
websocket = new WebSocket ('wss://xxxxxx.xx/chat');
I tried to connect from a browser at
https://xxxxxx.xx/chat/
And got an error
WebSocket connection to 'wss://xxxxxx.xx/chat' failed: Error during
WebSocket handshake: Unexpected response code: 301
I read various tips, but still could not understand what I was doing wrong. Any attempt to change the situation creates errors 301, 300, 500 or 200.
Please tell me what I was wrong?

Apache proxy pass to unix domain socket

I need to forward all traffic from specified port to a Unix Domain Socket in Apache:
In sites-enabled/000-default.conf I have defined a VirtualHost:
<VirtualHost *:8091>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / unix:/var/lib/jenkins/workspace/myproject/mysocket.sock|http://127.0.0.1/
ProxyPassReverse / unix:/var/lib/jenkins/workspace/myproject/mysocket.sock|http://127.0.0.1/
</VirtualHost>
In ports.conf I have:
Listen 80
Listen 8091
I have both proxy and proxy_http mods enabled:
krzysiek:/etc/apache2$ a2enmod proxy
Module proxy already enabled
krzysiek:/etc/apache2$ a2enmod proxy_http
Module proxy already enabled
I am using Apache 2.4.7 and offical documentation states that:
In 2.4.7 and later, support for using a Unix Domain Socket is available by using a target which prepends unix:/path/lis.sock|
When I reload Apache I get error:
krzysiek:/etc/apache2$ sudo service apache2 restart
* Restarting web server apache2 [fail]
* The apache2 configtest failed.
AH00526: Syntax error on line 64 of /etc/apache2/sites-enabled/000-default.conf:
ProxyPass URL must be absolute!
I tried changing:
ProxyPass / unix:/var/(...)
To:
ProxyPass / unix:///var/(...)
Then Apache reloads correctly but forwarding DOES NOT work, error.log says:
[proxy:warn] [pid 22436] [client 10.0.4.19:47662] AH01144: No protocol handler was valid for the URL /. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
Could you explain me what I'm doing wrong? Or how do I forward traffic from port to unix socket on Apache correctly?
Might be a bit late 🙂, but the following apache config works for me:
ProxyRequests off
Define SOCKET_NAME /path/to/my.sock
ProxyPass / unix:${SOCKET_NAME}|uwsgi://%{HTTP_HOST}/
ProxyPassReverse / unix:${SOCKET_NAME}|uwsgi://%{HTTP_HOST}/
with modules proxy and proxy_uwsgi loaded.
Important do not place your socket in /tmp (I think systemd prevents the apache process to directly access it for security reasons).
Also, watch out for the file permissions.

Configure apache2 and host to pass traffic to a docker container with nginx

I'm currently running a ubuntu webserver with apache2, hosting multiple sites and subdomains. I would like to host bitwarden on my own webserver, which is only shipped in a docker container with nginx.
I would like to use a subdomain e.g. bitwarden.domain.com to access bitwarden. But I have no idea how to configure apache2 / host to pass through traffic going to bitwarden.domain.com to the docker container running bitwarden (without affecting the other domains).
My question: How to configure apache2/docker to achieve this? Is there any documentation/tutorial for this?
After starting the docker container, grab the container ip, port:
local_docker_ip, local_docker_port
And you have a couple of options:
Use apache2 Virtual host with a redirect:
<VirtualHost *:80>
ServerName bitwarden.domain.com
Redirect permanent / http://{local_docker_ip}:{local_docker_port}/
</VirtualHost>
Or use the apache2 proxy module. First, enable proxy modules by running the commands:
a2enmod proxy
a2enmod proxy_http
Then, add the following virtual host:
<VirtualHost *:80>
ProxyPreserveHost On
ProxyRequests Off
ServerName bitwarden.domain.com
ProxyPass / http://{local_docker_ip}:{local_docker_port}/
ProxyPassReverse / http://{local_docker_ip}:{local_docker_port}/
</VirtualHost>
I hope it helps

Apache Webserver ReverseProxy to serve Apache Solr Admin Panel

I'm trying to run an Apache Solr Service (on its emdedded jetty server) on a remote server. The admin has provided me following information:
DNS: my.server.com
IP: xxx.xxx.xxx
Server OS: 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u1 (2016-09-03) x86_64 GNU/Linux
Only Port 80 is accessible. On the server we want to deploy Apache Solr and a microservice which uses Solr as search engine. I want to use Apache Webserver to forward the HTTP-Request to the Solr Admin UI and to the microservice UI, but it doesn't seem to work, I use Apache Server version: Apache/2.4.10 (Debian)
Server built: Sep 15 2016 20:44:43.
I installed Apache and started the server, so far everything works as expected. I can access the admin view from Apache entering the DNS in my browser.
I enabled a few modules following this articel https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension:
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_ajp
a2enmod rewrite
a2enmod deflate
a2enmod headers
a2enmod proxy_balancer
a2enmod proxy_connect
a2enmod proxy_html
Then I tried to configure a virtual host under /etc/apache2/sites-available/myconf.conf:
<VirtualHost *:80>
DocumentRoot /var/www/html
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
ProxyPass /solr http://my.server.com:8983 retry=0 timeout=5
ProxyPassReverse /solr http://my.server.com:8983
ProxyPass /microservice http://my.server.com:6868 retry=0 timeout=5
ProxyPassReverse /microservice http://my.server.com:6868
LogLevel debug
</VirtualHost>
Solr uses its standard port 8983 and the microservice will be on port 6868. When I try to acces solr with http://my.server.com/solr I get an HTTP 503 Service unavailable.
I first tried this:
/usr/sbin/setsebool -P httpd_can_network_connect 1
But it changed nothing. I also had to install first:
apt-get install policycoreutils
to make this option available. The solr service seems to be ok:
solr status
Found 1 Solr nodes:
Solr process 14082 running on port 8983
{
"solr_home":"/etc/apache-solr/solr-6.2.0/server/solr",
"version":"6.2.0 764d0f19151dbff6f5fcd9fc4b2682cf934590c5 - mike - 2016-08-20 05:41:37",
"startTime":"2016-10-07T12:02:05.300Z",
"uptime":"0 days, 1 hours, 29 minutes, 55 seconds",
"memory":"29.7 MB (%6.1) of 490.7 MB"}
The Apache log keeps saying:
The timeout specified has expired: AH00957: HTTP: attempt to connect to xxx.xxx.xxx:8983 (my.server.com) failed
AH00959: ap_proxy_connect_backend disabling worker for (my.server.com) for 0s
AH01114: HTTP: failed to make connection to backend: my.server.com
Without my timeout setting everthing keeps the same but it takes ages before I get the 503 Error.
Any hints? After one day struggeling I'm depressed ... all I want is to finish the task.
Thanks in advance!
It turns out that I needed to append a slash to the urls:
ProxyPass /solr/ http://my.server.com:8983/ retry=0 timeout=5
ProxyPassReverse /solr/ http://my.server.com:8983/
ProxyPass /microservice/ http://my.server.com:6868/ retry=0 timeout=5
ProxyPassReverse /microservice/ http://my.server.com:6868/