httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel <dferra...@gmail.com>
Subject Re: [users@httpd] Re: How to proxy web server?
Date Tue, 16 May 2017 15:01:58 GMT
Just add this line first:

ProxyPass  /.well-known !

You use the path and ! to specify this as an exception to not proxy.

Always try to define ProxyPass in virtualhost (without location), as
you show possibility A is the simpler one for me, less hassle assured,
less convoluted, imo.

2017-05-16 15:19 GMT+02:00 Florian Lindner <mailinglists@xgm.de>:
> Am 15.05.2017 um 17:05 schrieb Florian Lindner:
>> Hello,
>>
>> Apache 2.4 on Debian Testing, mpm_itk
>>
>> I have the Discourse web forum running in a docker container. The container's webserver
is bount to localhost:2080. The
>> forum should be reachable at either forum.csc-stuttgart.org or csc-stuttgart.org/forum.
>>
>> Possibility A:
>>
>> <VirtualHost *:80>
>>         ServerName forum.csc-stuttgart.org
>>         AssignUserID csc-stuttgart csc-stuttgart
>>         ProxyPreserveHost On
>>         ProxyPass        "/" "http://localhost:2080/"
>>         ProxyPassReverse "/" "http://localhost:2080/"
>>         DocumentRoot /home/csc-stuttgart/csc-stuttgart.org/pub
>>         [...]
>> </VirtualHost>
>>
>> That works fine, beside on little problem. I want to use Let's Encrypt SSL certificates
on that which require a path
>> forum.csc-stuttgart.org/.well-known to be writable from the file system.
>> How can I take just one path out of the Proxy?
>>
>> Wrap the ProxyPass/Reverse in a <LocationMatch> with a PCRE that match everything
except .well-known? Haven't tested it
>> yet. Any better solution?
>
> Ok, I was able to achieve it using:
>
> <VirtualHost *:80>
>         ServerName forum.csc-stuttgart.org
>         AssignUserID csc-stuttgart csc-stuttgart
>         <LocationMatch "^/(?!\.well-known)">
>                 Redirect permanent / https://forum.csc-stuttgart.org/
>         </LocationMatch>
>         DocumentRoot /home/csc-stuttgart/csc-stuttgart.org/pub
>         CustomLog /home/csc-stuttgart/csc-stuttgart.org/log/access.log combined
>         ErrorLog /home/csc-stuttgart/csc-stuttgart.org/log/error.log
> </VirtualHost>
>
> <VirtualHost *:443>
>         ServerName forum.csc-stuttgart.org
>         AssignUserID csc-stuttgart csc-stuttgart
>         ProxyPreserveHost On
>         ProxyPass        "/" "http://localhost:2080/"
>         ProxyPassReverse "/" "http://localhost:2080/"
>         DocumentRoot /home/csc-stuttgart/csc-stuttgart.org/pub
>         CustomLog /home/csc-stuttgart/csc-stuttgart.org/log/access.log combined
>         ErrorLog /home/csc-stuttgart/csc-stuttgart.org/log/error.log
>
>         SSLEngine On
>         SSLCertificateFile /home/csc-stuttgart/csc-stuttgart.org/ssl/forum.csc-stuttgart.org.cert
>         SSLCertificateKeyFile /home/csc-stuttgart/csc-stuttgart.org/ssl/forum.csc-stuttgart.org.key
> </VirtualHost>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>



-- 
Daniel Ferradal
IT Specialist

email         dferradal at gmail.com
linkedin     es.linkedin.com/in/danielferradal

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message