I have 2 docker containers, 1 running apache2 and 1 running a python api.
In non-https, I was able to make the connection such that requests on 80 are channeled to the docker container running the python api. When I enable HTTPS, requests come in as 400 (bad request).
Any help greatly appreciated. This is my virtual host file.
<VirtualHost *:443>
ServerName domain.com
ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://172.17.0.1:8000/
ProxyPassReverse / http://172.17.0.1:8000/
SSLEngine on
SSLCertificateFile "/usr/local/apache2/conf/.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/.key"
</VirtualHost>
Apache logs should contain a more detailed error, however based on the configuration you posted, I would check if "/usr/local/apache2/conf/.crt" and "/usr/local/apache2/conf/.key" exists.
Related
I have a nextjs application running in a docker. When I had the same docker image running locally and goto localhost:3000 everything runs perfectly.
I then deploy the image to the server and I have apache2 proxy passing to the site I get a broken landing page
I see I am getting errors like this
Request URL: http://example.com/_next/static/css/175964cd052c7c3f.css
Request Method: GET
Status Code: 502 Proxy Error
My apache setup is like this
<VirtualHost *:80>
ServerName example.com
ServerAlias example.com
ProxyPreserveHost On
ProxyRequests Off
ProxyVia On
ProxyPass /excluded !
ProxyPass / http://127.0.0.1:3000 connectiontimeout=6000 timeout=6000
ProxyPassReverse / http://127.0.0.1:3000
CustomLog /var/log/apache2/mydomain.access.log combined
ErrorLog /var/log/apache2/mydomain.error.log
</VirtualHost>
Any help would be appreciated
Thanks
<VirtualHost *:80>
ServerName www.myservername.com
ServerAlias myservername.com
ErrorLog /var/www/myapp/log/error.log
CustomLog /var/www/myapp/log/requests.log combined
ProxyRequests on
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>
It seems something was clashing. When I stripped it down to the above it works
I have a Docker container running Apache that is currently listening to the port 80.
I am trying to run another website on the same server, using Apache natively this time, also listening to the port 80.
The problem is that I cannot have both applications listening to the same port (Docker and Apache).
Can I set up the server’s native Apache installation to redirect internally certain requests based on the domain name to my Docker container? For instance, Apache would listen to the port 80 and requests to mycontainer.com would be internally transferred to the port 9999 to which Docker would listen.
Yes, you can do that. The first time I wanted to test, this is the way I did and worked with no issue.
We have an Apache container running to port 80, and let us call another domain like mycontainer.com that we want to be accessible on port 80 too but we cannot.
No matter how do you run these containers, I mean by docker run or docker-compose, but the point is they should be in the same network.
Create a network called my_network:
docker network create my_network
I call the first Apache as main and the latter as the_name one.
So now let us run both in the same network:
docker run --name main --network my_network httpd
docker run --name the_name --network my_network another_image
Now you can exec into the the_name container and create a domain.conf file in Apache conf path with below contents:
<VirtualHost *:80>
ServerName mycontainer.com
ProxyPreserveHost On
ProxyPass "/" "http://the_name:9999/"
ProxyPassReverse "/" "http://the_name:9999/"
ProxyRequests Off
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
I Guess it is possible with Apache named virtual host and Proxy Pass.
You can try something like below. Just make sure you enabled apache mod_proxy.
NameVirtualHost *:80
<VirtualHost *:80>
ServerName app-running-in-docker-container.com
ErrorLog "var/log/container_error_log"
CustomLog "var/log/container_access_log" common
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:999
ProxyPassReverse / http://127.0.0.1:999
</VirtualHost>
<VirtualHost *:80>
ServerName app-running-natively.com
DocumentRoot /path/to/project/doc/root
ErrorLog "var/log/nativelyapp_error_log"
CustomLog "var/log/nativelyapp_access_log" common
</VirtualHost>
I Configured SSL for rails app running with thin server in CentOS linux environment with apache. When I try to open my site using "https" I am getting Apache error page and I checked apache error logs and got the following error message
Directory index forbidden by Options directive.
I made some changes in /etc/httpd/conf.d/welcome.conf as
"Options -Indexes" TO "Options +Indexes"
then I am getting directory structure in browser.
Please help me to solve the issue
Update:
<VirtualHost *:80>
ServerName XXXX
ServerAlias www.XXXX.com
DocumentRoot XXXX
RewriteEngine On
<Proxy balancer://thinservers>
BalancerMember http://127.0.0.1:3000
</Proxy>
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://thinservers%{REQUEST_URI} [P,QSA,L]
ProxyPass / balancer://thinservers/
ProxyPassReverse / balancer://thinservers/
ProxyPreserveHost on
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
# Custom log file locations
ErrorLog XXXX
CustomLog XXXX
Your included Apache configuration shows the HTTP virtual host as it's litening on port 80
<VirtualHost *:80>
HTTPS connects to a different virtual host defined on port 443 you will need to modify this virtualhost's configuration in order to change the way the HTTPS portion of your website behaves.
I have a server running a rails 3.2 application. It has thin server running on port 3000, apache(proxy) server running on 443.
Is it possible that if I try to host another rails application on the same server by creating a folder under /www and make it run on port 3002 or any other and then another apache for proxy on some other port ?
The new rails app that I have created is in Rails 4 with Ruby 2.0
Please guide.
Add another VirtualHost for port 3002
<VirtualHost *:3002>
ServerName your-server-name
DocumentRoot /www/your-second-app-public-folder-path
<Directory /www/your-second-app-public-folder-path>
AllowOverride all
Options -MultiViews
</Directory>
</VirtualHost>
use host virtual host configuration specifying different ports for the same ip
You have multiple domains going to the same IP and also want to serve multiple ports. By defining the ports in the "NameVirtualHost" tag, you can allow this to work. If you try using <VirtualHost name:port> without the NameVirtualHost name:port or you try to use the Listen directive, your configuration will not work.
Refer Running different sites on different ports.
Server configuration
Listen 80
Listen 8080
NameVirtualHost 172.20.30.40:80
NameVirtualHost 172.20.30.40:8080
<VirtualHost 172.20.30.40:80>
ServerName www.example.com
DocumentRoot /www/domain-80
</VirtualHost>
<VirtualHost 172.20.30.40:8080>
ServerName www.example.com
DocumentRoot /www/domain-8080
</VirtualHost>
I'm trying to configure SSL on EC2onrails with no luck. At present I am unable to even telnet into my server at port 443, it simply says trying MY.IP.ADDRESS... and stays there indefinitely. Telnet into 80 works fine.
This was my starting point. I followed the instructions exactly, and because I have a go daddy cert I created this custom default-ssl file so I could add the SSLCertificateChainFile directive:
NameVirtualHost *:443
<VirtualHost *:443>
Include /etc/apache2/sites-available/app.custom
Include /etc/apache2/sites-available/app.common
ErrorLog /mnt/log/apache2/error.log
LogLevel warn
CustomLog /mnt/log/apache2/access.log combined
# see http://httpd.apache.org/docs/2.2/ssl/ssl_intro.html and http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
SSLEngine On
SSLCertificateFile /etc/ec2onrails/ssl/cert/ec2onrails-default.crt
SSLCertificateKeyFile /etc/ec2onrails/ssl/private/ec2onrails-default.key
SSLCertificateChainFile /etc/ec2onrails/ssl/cert/ec2onrails-chain.crt
RequestHeader set X_FORWARDED_PROTO 'https'
ServerName MY_SERVER_NAME
</VirtualHost>
Note that I had to add
ServerName MY_SERVER_NAME
Or else I saw the following warning at apache startup in the error.log file:
[Wed May 27 19:46:20 2009] [warn] RSA server certificate CommonName (CN) ` MY_SERVER_NAME' does NOT match server name!?
I have run cap ec2onrails:server:enable_ssl, apache boots up cleanly, regular access over port 80 works, and apache access logs indicate no request activity to port 443. I know apache is loading my default-ssl config files because if I type gobbledygook in them it complains at startup.
Has anyone else successfully gotten SSL working with EC2onRails? What else can I do to debug this issue? Right now I am using ec2onRails version 0.9.9.1 which is based on a version of Ubuntu.
OK I figured it out. Amazon's EC2 has it's own firewall as part of its "security group" concept. This firewall was blocking port 443.