1 |
On 1/18/22 1:26 PM, Raphael Mejias Dias wrote: |
2 |
> Hello, |
3 |
|
4 |
Hi, |
5 |
|
6 |
> I've modified a little my config file: |
7 |
|
8 |
Okay. |
9 |
|
10 |
> ProxyPass "zmz" "http://raphaxx.intranet:8280/zm/ |
11 |
> ProxyPassReverse "zmz" "http://raphaxx.intranet:8280/zm/" |
12 |
|
13 |
I would expect the first parameter to be anchored / fully qualified from |
14 |
within the site's URL. E.g. |
15 |
|
16 |
ProxyPass "/zmz" "http://raphaxx.intranet:8280/zm/" |
17 |
ProxyPassReverse "/zmz" "http://raphaxx.intranet:8280/zm/" |
18 |
|
19 |
My expectation would be that for this <VirtualHost> to proxy any |
20 |
requests to the "/zmz" path (sub-directory?) to the "/zm/" path on an |
21 |
HTTP server on port 8280 of raphaxx.intranet. |
22 |
|
23 |
Aside: Make sure that "raphaxx.intranet" resolves where you want it to. |
24 |
Be mindful of IPv4 vs IPv6. |
25 |
|
26 |
> My ssl is ok, the ssl redirect is on default.conf |
27 |
|
28 |
Okay. |
29 |
|
30 |
> But this ProxyReverse, I've been trying in many ways, another file, and |
31 |
> so on, but nothing works. |
32 |
|
33 |
I have the following in a config file for a service that I disabled a |
34 |
few months ago. |
35 |
|
36 |
ProxyPass "/" "http://127.0.0.1:8080/" |
37 |
ProxyPassReverse "/" "http://127.0.0.1:8080/" |
38 |
|
39 |
This was in use in a Named Virtual Host that reverse proxied everything |
40 |
to port 8080 listening on localhost (127.0.0.1). |
41 |
|
42 |
Aside: Port 8080 on localhost (127.0.0.1) was actually an SSH remote |
43 |
port forward to a web server running on the remote client machine. |
44 |
|
45 |
You will want to adjust the source path ("/") and the destination |
46 |
("http://127.0.0.1:8080/") as you need. But this is copied verbatim |
47 |
from a site that I disabled recently. (Disabling is typical Ubuntu / |
48 |
Debian remove a sym-link so that the config is not in the sites-enabled |
49 |
directory. No changes to the actual config file.) |
50 |
|
51 |
> About the VirtualHost for the 8280, I'm guessing it was not necessary, |
52 |
> because the 8280 is the VM and the VM has its own apache2. |
53 |
|
54 |
ACK |
55 |
|
56 |
> I have a nat rule to redirect 192.168.0.15:8280 to my VM server |
57 |
> 192.168.2.100:80 on my root server 192.168.0.15. |
58 |
|
59 |
Okay. That could be a complicating factor. |
60 |
|
61 |
You say "NAT rule". I'm taking that to mean a Destination NAT (DNAT) |
62 |
rule for port forwarding. The important bit is that it doesn't alter |
63 |
the source IP (SNAT). So you could potentially be running into a TCP |
64 |
triangle scenario. |
65 |
|
66 |
Unless you have a specific reason to use the NAT rule, I would strongly |
67 |
suggest altering the ProxyPass(Reverse) rules to use the proper target. |
68 |
|
69 |
ProxyPass "/zmz" "http://192.168.2.100:80/zm/" |
70 |
ProxyPassReverse "/zmz" "http://192.168.2.100:80/zm/" |
71 |
|
72 |
Just avoid the potential for a TCP triangle all together. |
73 |
|
74 |
Considering the potential complexity, please share what sort of errors / |
75 |
failures you are seeing. Given the remote nature of the real server |
76 |
(from the point of view of the Apache HTTPD instance), please provide |
77 |
output of a TCP dump for tests. Let's make sure that all the bases are |
78 |
covered. |
79 |
|
80 |
> About Caddy, I do not want to install another server and deal with |
81 |
> another config. |
82 |
|
83 |
I can fully understand and appreciate that. |
84 |
|
85 |
> Thanks! |
86 |
|
87 |
You're welcome. |
88 |
|
89 |
|
90 |
|
91 |
-- |
92 |
Grant. . . . |
93 |
unix || die |