| 1 |
On 1/18/22 1:26 PM, Raphael Mejias Dias wrote: |
| 2 |
> Hello, |
| 3 |
|
| 4 |
Hi, |
| 5 |
|
| 6 |
> I've modified a little my config file: |
| 7 |
|
| 8 |
Okay. |
| 9 |
|
| 10 |
> ProxyPass "zmz" "http://raphaxx.intranet:8280/zm/ |
| 11 |
> ProxyPassReverse "zmz" "http://raphaxx.intranet:8280/zm/" |
| 12 |
|
| 13 |
I would expect the first parameter to be anchored / fully qualified from |
| 14 |
within the site's URL. E.g. |
| 15 |
|
| 16 |
ProxyPass "/zmz" "http://raphaxx.intranet:8280/zm/" |
| 17 |
ProxyPassReverse "/zmz" "http://raphaxx.intranet:8280/zm/" |
| 18 |
|
| 19 |
My expectation would be that for this <VirtualHost> to proxy any |
| 20 |
requests to the "/zmz" path (sub-directory?) to the "/zm/" path on an |
| 21 |
HTTP server on port 8280 of raphaxx.intranet. |
| 22 |
|
| 23 |
Aside: Make sure that "raphaxx.intranet" resolves where you want it to. |
| 24 |
Be mindful of IPv4 vs IPv6. |
| 25 |
|
| 26 |
> My ssl is ok, the ssl redirect is on default.conf |
| 27 |
|
| 28 |
Okay. |
| 29 |
|
| 30 |
> But this ProxyReverse, I've been trying in many ways, another file, and |
| 31 |
> so on, but nothing works. |
| 32 |
|
| 33 |
I have the following in a config file for a service that I disabled a |
| 34 |
few months ago. |
| 35 |
|
| 36 |
ProxyPass "/" "http://127.0.0.1:8080/" |
| 37 |
ProxyPassReverse "/" "http://127.0.0.1:8080/" |
| 38 |
|
| 39 |
This was in use in a Named Virtual Host that reverse proxied everything |
| 40 |
to port 8080 listening on localhost (127.0.0.1). |
| 41 |
|
| 42 |
Aside: Port 8080 on localhost (127.0.0.1) was actually an SSH remote |
| 43 |
port forward to a web server running on the remote client machine. |
| 44 |
|
| 45 |
You will want to adjust the source path ("/") and the destination |
| 46 |
("http://127.0.0.1:8080/") as you need. But this is copied verbatim |
| 47 |
from a site that I disabled recently. (Disabling is typical Ubuntu / |
| 48 |
Debian remove a sym-link so that the config is not in the sites-enabled |
| 49 |
directory. No changes to the actual config file.) |
| 50 |
|
| 51 |
> About the VirtualHost for the 8280, I'm guessing it was not necessary, |
| 52 |
> because the 8280 is the VM and the VM has its own apache2. |
| 53 |
|
| 54 |
ACK |
| 55 |
|
| 56 |
> I have a nat rule to redirect 192.168.0.15:8280 to my VM server |
| 57 |
> 192.168.2.100:80 on my root server 192.168.0.15. |
| 58 |
|
| 59 |
Okay. That could be a complicating factor. |
| 60 |
|
| 61 |
You say "NAT rule". I'm taking that to mean a Destination NAT (DNAT) |
| 62 |
rule for port forwarding. The important bit is that it doesn't alter |
| 63 |
the source IP (SNAT). So you could potentially be running into a TCP |
| 64 |
triangle scenario. |
| 65 |
|
| 66 |
Unless you have a specific reason to use the NAT rule, I would strongly |
| 67 |
suggest altering the ProxyPass(Reverse) rules to use the proper target. |
| 68 |
|
| 69 |
ProxyPass "/zmz" "http://192.168.2.100:80/zm/" |
| 70 |
ProxyPassReverse "/zmz" "http://192.168.2.100:80/zm/" |
| 71 |
|
| 72 |
Just avoid the potential for a TCP triangle all together. |
| 73 |
|
| 74 |
Considering the potential complexity, please share what sort of errors / |
| 75 |
failures you are seeing. Given the remote nature of the real server |
| 76 |
(from the point of view of the Apache HTTPD instance), please provide |
| 77 |
output of a TCP dump for tests. Let's make sure that all the bases are |
| 78 |
covered. |
| 79 |
|
| 80 |
> About Caddy, I do not want to install another server and deal with |
| 81 |
> another config. |
| 82 |
|
| 83 |
I can fully understand and appreciate that. |
| 84 |
|
| 85 |
> Thanks! |
| 86 |
|
| 87 |
You're welcome. |
| 88 |
|
| 89 |
|
| 90 |
|
| 91 |
-- |
| 92 |
Grant. . . . |
| 93 |
unix || die |
Archives