Gentoo Archives: gentoo-user

From: Raphael Mejias Dias <raphaxx@×××××.com>
To: Gentoo User <gentoo-user@l.g.o>
Subject: Re: [gentoo-user] Reverse Proxy with Apache2
Date: Tue, 18 Jan 2022 20:26:55
Message-Id: CAA8stUmRHf1Q5p7Fg5Bn8YCgp9g4DiGsJNdnZxUGrjTU2Q70Tw@mail.gmail.com
In Reply to: Re: [gentoo-user] Reverse Proxy with Apache2 by Grant Taylor
1 On Tue, Jan 18, 2022 at 4:17 PM Grant Taylor <
2 gtaylor@×××××××××××××××××××××.net> wrote:
3
4 > On 1/18/22 11:24 AM, Anatoly Laskaris wrote:
5 > > I'm sorry for not answering to the question directly, but why use
6 > apache2?
7 >
8 > - Because Apache is already installed and listening on the port in
9 > question.
10 > - Because that's what the OP asked about.
11 > - Because it might be IBM / Oracle HTTP Server which are re-rolls of
12 > Apache HTTP Server.
13 > - $REASONS
14 >
15 > > There are modern alternatives ...
16 >
17 > Age of something doesn't mean a lot.
18 >
19 > - TCP/IP is from the 80s and yet we are still using it.
20 > - OSI is newer than IPv4.
21 > - IPv6 is newer than IPv4 and OSI.
22 >
23 > Yet we are still talking about the venerable IPv4.
24 >
25 > > And something completely different like Traefik
26 > > (https://doc.traefik.io/traefik/getting-started/quick-start/) which is
27 > > geared towards modern cloud native infrastructure with containers and
28 > > workload orchestrators like Nomad or Kubernetes.
29 > > Usually you don't configure Traefik with static config file, but with
30 > > metadata and annotations in K8S and Consul so it is dynamic and reactive.
31 >
32 > I view adding /additional/ software / daemons as poor form, especially
33 > when the /existing/ software can do the task at hand.
34 >
35 > Don't overlook the port conflict.
36 >
37 > > Or you can use nginx (which is already considered pretty old and clunky,
38 > > but it is much easier than apache still).
39 >
40 > Why start the email asking why something old is used and then finish the
41 > email suggesting the possibility of using something else old?
42 >
43 >
44 >
45 > --
46 > Grant. . . .
47 > unix || die
48 >
49 > Hello,
50
51 I've modified a little my config file:
52
53 <IfModule mod_ssl.c>
54 <VirtualHost *:443>
55 ServerName raphaxx.intranet
56 ServerAdmin raphaxx@×××××.com
57
58 DocumentRoot /var/www/html
59 ErrorLog ${APACHE_LOG_DIR}/error.log
60 CustomLog ${APACHE_LOG_DIR}/access.log combined
61
62 ProxyRequests Off
63 ProxyPreserveHost On
64 <Proxy *>
65 Order deny,allow
66 Allow from all
67 </Proxy>
68
69 ProxyPass "zmz" "http://raphaxx.intranet:8280/zm/"
70 ProxyPassReverse "zmz" "http://raphaxx.intranet:8280/zm/"
71
72 SSLEngine on
73
74 SSLCertificateFile
75 /etc/ssl/certs/apache-selfsigned_raphaxx.crt
76 SSLCertificateKeyFile
77 /etc/ssl/private/apache-selfsigned_raphaxx.key
78
79 <FilesMatch "\.(cgi|shtml|phtml|php)$">
80 SSLOptions +StdEnvVars
81 </FilesMatch>
82 <Directory /usr/lib/cgi-bin>
83 SSLOptions +StdEnvVars
84 </Directory>
85 </VirtualHost>
86 </IfModule>
87
88 My ssl is ok, the ssl redirect is on default.conf
89 But this ProxyReverse, I've been trying in many ways, another file, and so
90 on, but nothing works.
91 About the VirtualHost for the 8280, I'm guessing it was not necessary,
92 because the 8280 is the VM and the VM has its own apache2.
93 I have a nat rule to redirect 192.168.0.15:8280 to my VM server
94 192.168.2.100:80 on my root server 192.168.0.15.
95
96 About Caddy, I do not want to install another server and deal with another
97 config.
98
99 Thanks!

Replies

Subject Author
Re: [gentoo-user] Reverse Proxy with Apache2 Grant Taylor <gtaylor@×××××××××××××××××××××.net>