ProxyPass and DocumentRoot on one domain - apache

Let's say I have the following configuration:
<VirtualHost domain.com>
# Server names, admins, logs etc...
ProxyVia On
ProxyRequests Off
<Location "/">
ProxyPass http://localhost:8080/tomcat-webapp/
ProxyPassReverse http://localhost:8080/tomcat-webapp/
Order allow,deny
Allow from all
</Location>
</VirtualHost>
Now, I want the address domain.com/forum to display content of my MyBB forum, which has its files inside the /var/www/forum directory. How to accomplish this?

Actually, I resolved this problem with the following code:
ProxyPass /forum !
ProxyPass / http://localhost:8080/tomcat-webapp/
ProxyPassReverse / http://localhost:8080/tomcat-webapp/
Alias /forum /var/www/forum

What it is recommending is using mod_rewrite to perform the ProxyPass instead of ProxyPass/ProxyPassReverse command.
Try something like:
RewriteRule ^/forum - [L]
RewriteRule ^/(.*) http://localhost:8080/tomcat-webapp/$1 [P,L]
ProxyPassReverse / http://localhost:8080/tomcat-webapp/

I use:
<VirtualHost *:80>
#other irrelevant configs here
ProxyPass /forum http://localhost:8080/myBB
ProxyPassReverse /forum http://localhost:8080/myBB
ProxyPass / http://localhost:8081/tomcat-app
ProxyPassReverse / http://localhost:8081/tomcat-app
</VirtualHost>
You don't have to say "tomcat-app" if your tomcat app is the root app.

Related

Bad redirection of Mattermost docker behind reverse proxy apache2

I am trying to install the docker version of Mattermost on my Ubuntu 14.04 with apache2 version 2.4.7.
Here is the configuration of mattermost-ssl.conf:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster#localhost
ServerName www.my.website.fr
ServerAlias website.fr
DocumentRoot /home/www/www-website
[...]
<Proxy *>
Require all granted
</Proxy>
ProxyPreserveHost On
ProxyRequests Off
RewriteEngine on
ProxyPass /mattermost http://localhost:8083
ProxyPassReverse /mattermost http://localhost:8083
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* ws://127.0.0.1:8083%{REQUEST_URI} [P,QSA,L]
<Location /home/www/www-soft/mattermost>
Require all granted
ProxyPass http://127.0.0.1:8083/
ProxyPassReverse http://127.0.0.1:8083/
</Location>
[...]
</VirtualHost>
</IfModule>
The website is accessible but nothing appears on the page, because I got such error messages (one example among several others of the same form):
Failed to load resource: the server responded with a status of 404 (Not Found) https://www.my.website.fr/static/main.9e27a2872d73987ea8ec.css
Instead of trying to access the file at:
https://www.my.website.fr/mattermost/static/main.9e27a2872d73987ea8ec.css (which exists, I tested)
(I replaced my website domain by "my.website.fr")
Is there any obvious reason why the apache proxy is not redirecting correctly with the /mattermost prefix ? Am I missing something ?
The dedicated page in Mattermost documentation didn't help me much resolving this (https://docs.mattermost.com/install/config-apache2.html)
From apache documentation: https://httpd.apache.org/docs/2.4/mod/core.html#location
The directive limits the scope of the enclosed directives
by URL.
Which means you need to change:
<Location /home/www/www-soft/mattermost>
Require all granted
ProxyPass http://127.0.0.1:8083/
ProxyPassReverse http://127.0.0.1:8083/
</Location>
to
<Location /mattermost>
Require all granted
ProxyPass http://127.0.0.1:8083/
ProxyPassReverse http://127.0.0.1:8083/
</Location>
Because your document root is set to
DocumentRoot /home/www/www-website
You're also using proxypass to handle requests to the same path
ProxyPass /mattermost http://localhost:8083
ProxyPassReverse /mattermost http://localhost:8083
You need to chose which solution you want to implement: both might not work well together.
At last, you're also using
ProxyPreserveHost On
which I'm not sure it's needed/working as you think: please refer to https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypreservehost to find out if it's realy required in your environment.

Try to setup jitsi behind a apache2 reverse proxy

Iam using a ubuntu 18.04 linux VM as a reverse proxy to forward https subdomains to intern targets f.e. guacamole.mydomain.com and jitsi.mydomain.com.
Each system is a seperate linux VM.
public ip --> web reverse proxy 192.168.2.10 --> guacamole.mydomain.com 192.168.2.20 and jitsi.mydomain.com 192.168.2.30
guacamole is working as expected but iam facing some issues with fowarding https to jitsi.mydomain.com.
All other ports are directly forwarded to jitsi without a proxy.
i created two conf files in /etc/apache2/sites-enabled one for jitsi and one for guacamole and generated a lets encrypt cert with certbot --apache.
When i try to open jits.mydomain.com from outside, i get the following Error: ERR_TOO_MANY_REDIRECTS.
Within the network jitsi is reachable via https, so what did i miss?
unfortunately iam not very familiar with proxy and apache.
thanks in advance guys.
jitsi.conf
<VirtualHost *:80>
ServerName jitsi.mydomain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
ProxyPass / http://192.168.2.30:80/
ProxyPassReverse / http://192.168.2.30:80/
RewriteEngine on
RewriteCond %{SERVER_NAME} =jitsi.mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
jitsi-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName jitsi.mydomain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
ProxyPass / http://192.168.2.30:80/
ProxyPassReverse / http://192.168.2.30:80/
SSLCertificateFile /etc/letsencrypt/live/jitsi.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/jitsi.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
guacamole.conf
<VirtualHost *:80>
ServerName guacamole.mydomain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
<Location />
Order allow,deny
Allow from all
ProxyPass http://192.168.2.20:8080/guacamole/ flushpackets=on
ProxyPassReverse http://192.168.2.20:8080/guacamole/
ProxyPassReverseCookiePath /guacamole /
</Location>
<Location /websocket-tunnel>
Order allow,deny
Allow from all
ProxyPass ws://192.168.2.20:8080/guacamole/websocket-tunnel
ProxyPassReverse ws://192.168.2.20:8080/guacamole/websocket-tunnel
</Location>
SetEnvIf Request_URI "^/tunnel" dontlog
CustomLog /var/log/apache2/guac.log common env=!dontlog
RewriteEngine on
RewriteCond %{SERVER_NAME} =guacamole.mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
guacamole-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName guacamole.mydomain.com
ProxyPreserveHost On
DocumentRoot /var/www/html
ProxyPass /.well-known !
<Location />
Order allow,deny
Allow from all
ProxyPass http://192.168.2.20:8080/guacamole/ flushpackets=on
ProxyPassReverse http://192.168.2.20:8080/guacamole/
ProxyPassReverseCookiePath /guacamole /
</Location>
<Location /websocket-tunnel>
Order allow,deny
Allow from all
ProxyPass ws://192.168.2.20:8080/guacamole/websocket-tunnel
ProxyPassReverse ws://192.168.2.20:8080/guacamole/websocket-tunnel
</Location>
SetEnvIf Request_URI "^/tunnel" dontlog
CustomLog /var/log/apache2/guac.log common env=!dontlog
SSLCertificateFile /etc/letsencrypt/live/guacamole.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/guacamole.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Just stumbled upon your question while looking for a solution of a different problem on Jitsi but I think you'll find a useful solution in this page:
https://debamax.com/blog/2020/03/18/installing-jitsi-behind-a-reverse-proxy/
It's not my solution. I'm just trying to help.
Cheers

How to properly redirect a url to the exist-db port

In apache virtual host I attempted to redirect /db to the exist database. This works only momentarily such that it shows the exist welcome screen but then exist redirects to the dashboard and that page is not found.
ProxyPreserveHost On
ProxyRequests Off
ProxyPass /db http:**localhost:8899
ProxyPassReverse /db http:**localhost:8899
I'd like to set things up so I can do REST queries like /db/rest
What am I doing wrong?
Thanks
You need to do some URL rewriting and cookie handling: the following example maps "/" and "myapp2". It is possible to map to /rest/db/myapp1 too.
<VirtualHost *:80>
ProxyRequests off
ServerName myserver
ProxyPass /myapp2/ http://localhost:8080/exist/apps/myapp2/
ProxyPassReverse /myapp2/ http://localhost:8080/exist/apps/myapp2/
ProxyPass / http://localhost:8080/exist/apps/myapp1/
ProxyPassReverse / http://localhost:8080/exist/apps/myapp1/
ProxyPassReverseCookieDomain localhost myserver
ProxyPassReverseCookiePath / /exist
RewriteEngine on
RewriteRule ^/(.*)$ /$1 [PT]
</VirtualHost>

Apache rewriterule with proxyPass and proxyPassReverse

I need to use the following Rewrite rule with the proxyPass and proxyPassReverse
RewriteEngine On
RewriteRule ^(market|stock|mutual)$ stackoverflow/$1 [L]
My virtual host defination is
<VirtualHost *>
ServerName localhost
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
Where Shall I insert the rewrite rule so that when I hit the URL -- localhost/market, then it will perform an internal rewrite to localhost:8080/stackoverflow/market
Please help
Got it
<VirtualHost *>
ServerName localhost
ProxyPass / http://localhost:8080/stackoverflow/
ProxyPassReverse / http://localhost:8080/stackoverflow/
RewriteEngine On
RewriteRule ^(market|stock|mutual)$ stackoverflow/$1 [L]
</VirtualHost>

Apache proxying subdomain root requests

Description
Internal Tomcat server that has webapps listening on 8080:
"http://internal:8080/foo-webservice/"
"http://internal:8080/foo-website/"
External facing Apache server is proxying requests for a subdomain:
"http://foo.domain.com/"
Any requests of the root of the subdomain would be proxied to the foo-website webapp on Tomcat.
Any other requests would be proxied to the appropriate path / webapp
Use Case A
Request:
"http://foo.domain.com/index.html"
Proxied to:
"http://internal:8080/foo-website/index.html"
Use Case B
Request:
"http://foo.domain.com/webservice/listener.html?param1=foo&param2=bar"
Proxied to:
"http://internal:8080/foo-webservice/listener.html?param1=foo&param2=bar"
VirtualHost definition
Current virtual host definition which satisfies Use Case B:
<VirtualHost *:80>
ServerName foo.domain.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorLog /var/log/apache2/foo_error.log
LogLevel warn
CustomLog /var/log/apache2/foo_access.log combined
# RewriteRules
# ?
# ProxyPass
ProxyPreserveHost On
ProxyPass / http://internal:8080/
ProxyPassReverse / http://internal:8080/
</VirtualHost>
Attempt 1
# RewriteRules
RewriteEngine On
RewriteRule ^/(.*) http://internal:8080/foo-website/$1 [P]
Use Case A is satisfied
Use Case B fails
Attempt 2
# RewriteRules
RewriteEngine On
RewriteRule ^/$ http://internal:8080/foo-website/$1 [P]
Use Case B is satisfied
Use Case A is not completely satisfied
The index.html in foo-website is loaded, but none of the files in the js, img or css folders.
ProxyPass rules match in order
ProxyPass /webservice/ http://internal:8080/foo-webservice/
ProxyPassReverse /webservice/ http://internal:8080/foo-webservice/
ProxyPass /website/ http://internal:8080/foo-website/
ProxyPassReverse /website/ http://internal:8080/foo-website/
ProxyPass / http://internal:8080/foo-website/
ProxyPassReverse / http://internal:8080/foo-website/
No rewrite rule. Isn't that good enough ?
I think that you need to use the first attempt but include the QSA (query string append) flag in the square brackets at the end of each RewriteRule directive.
I think the issue with Attempt 2 (none of the files in the js, img or css folders being mapped) was a sign that my approach was wrong.
My solution now is to redirect any requests to the root, to the foo-website webapp.
<VirtualHost *:80>
ServerName foo.domain.com
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorLog /var/log/apache2/foo_error.log
LogLevel warn
CustomLog /var/log/apache2/foo_access.log combined
# RewriteRules
RewriteEngine On
RewriteRule ^/$ /foo-website/ [R]
# ProxyPass
ProxyPreserveHost On
ProxyPass / http://internal:8080/
ProxyPassReverse / http://internal:8080/
</VirtualHost>
This was not what I originally wanted, but I think this is the resolution.