Hi,

I installed Pound-3.0d without problem, but I cannot get anything to work.

First, this is the first time I see the YAML syntax, and it looks like very
'unstable'. Any space or anything wrong give an error without being able to
say where is the problem.
Second, I found a Yaml validator (http://www.yamllint.com/). It takes the
man example, and after removing the spaces at the beginning of the line, it
says that the syntax is good, but removes the Backends name (the &eb from
your example).
But https://onlineyamltools.com/edit-yaml is OK and was very useful to
understand the syntax.

( 192.168.1.12 is my wiki server, working on port 80, and  192.168.1.13 is
my new pound server with Centos 8.1, as described before).

Global:
  - User: "pound"
  - Group: "pound"
  - Err404: "/var/www/htdocs/error/generic_error_page"
  - Err405: "/var/www/htdocs/error/generic_error_page"
  - Err500: "/var/www/htdocs/error/generic_error_page"

Backends:
  - &wiki
    Address: 192.168.1.12
    Port: 80

HTTPListeners:
  -  Address: 192.168.1.13
     Port: 80
     Services:
     - URL: "./wiki/*"
       Backends:
         - *wiki

HTTPSListeners:

I run pound in debug and get that:
#  pound -d 9 -f /etc/pound3.cfg
debug option 9 /usr/src/Pound-3.0d/src/config.c:628
config file option /etc/pound3.cfg /usr/src/Pound-3.0d/src/config.c:618
start get_others /usr/src/Pound-3.0d/src/config.c:560
start get_backends /usr/src/Pound-3.0d/src/config.c:123
addr 192.168.11.129 /usr/src/Pound-3.0d/src/config.c:139
port 80 /usr/src/Pound-3.0d/src/config.c:142
push /usr/src/Pound-3.0d/src/config.c:168
start get_http /usr/src/Pound-3.0d/src/config.c:277
addr 192.168.11.135 /usr/src/Pound-3.0d/src/config.c:291
port 80 /usr/src/Pound-3.0d/src/config.c:294
start get_services /usr/src/Pound-3.0d/src/config.c:209
URL ./wiki/* /usr/src/Pound-3.0d/src/config.c:228
push /usr/src/Pound-3.0d/src/config.c:258
push /usr/src/Pound-3.0d/src/config.c:320
Prepare backends /usr/src/Pound-3.0d/src/pound.c:153
Starting resurrector thread /usr/src/Pound-3.0d/src/util.c:80
Prepare listeners /usr/src/Pound-3.0d/src/pound.c:185
Prepare services for listener 0 /usr/src/Pound-3.0d/src/pound.c:188
7F5D286CD700 start service /usr/src/Pound-3.0d/src/http.c:45
7F5D25EC8700 thr_http start /usr/src/Pound-3.0d/src/http.c:511
7F5D25EC8700 start loop /usr/src/Pound-3.0d/src/http.c:515
7F5D256C7700 thr_http start /usr/src/Pound-3.0d/src/http.c:511
7F5D256C7700 start loop /usr/src/Pound-3.0d/src/http.c:515
7F5D27ECC700 thr_http start /usr/src/Pound-3.0d/src/http.c:511
7F5D27ECC700 start loop /usr/src/Pound-3.0d/src/http.c:515
7F5D276CB700 thr_http start /usr/src/Pound-3.0d/src/http.c:511
7F5D276CB700 start loop /usr/src/Pound-3.0d/src/http.c:515
7F5D26ECA700 thr_http start /usr/src/Pound-3.0d/src/http.c:511
7F5D26ECA700 start loop /usr/src/Pound-3.0d/src/http.c:515
7F5D24EC6700 thr_http start /usr/src/Pound-3.0d/src/http.c:511
7F5D24EC6700 start loop /usr/src/Pound-3.0d/src/http.c:515
7F5D246C5700 thr_http start /usr/src/Pound-3.0d/src/http.c:511
7F5D246C5700 start loop /usr/src/Pound-3.0d/src/http.c:515
7F5D266C9700 thr_http start /usr/src/Pound-3.0d/src/http.c:511
7F5D266C9700 start loop /usr/src/Pound-3.0d/src/http.c:515
It stops there and I get a new Resurrect line every minute or so...

(FYI, the wiki service is defined in Pound 2.8:
   Service
      HeadRequire "Host:*.(sos|www).abscom.eu.*"
      URL         "^\/wiki\/*"
      BackEnd
         Address  192.168.1.12
         Port     80
      End
   End
)

And also, I did not find how to declare the domain name like in:
  HeadRequire

Could you give more examples about how to translate working examples from
the 2.8 cfg file to 3.0?

If you don't have a Centos 8.1 available for tests, or you want to see what
is wrong on my serveur, I can give you a direct access to it, just send me
your email via sms, and I will send you the access with Guacamole.

thank you,

Christian COMMARMOND
+33 6 82 33 52 32


Le jeu. 4 juin 2020 à 18:38, Christian COMMARMOND <
christian.commarm...@gmail.com> a écrit :

> Hi Joe,
>
> you are a king. Your explanations worked perfectly. I was just missing tar.
>
> So, hereunder, exactly what I did (99% is yours). Maybe you could paste
> this on a page of your website? I think it will be useful to others.
>
> I installed Centos 8.1 using:
> CentOS-8.1.1911-x86_64-dvd1.iso
> And choose the minimal installation
> Then:
>    yum update
>    yum install -y
> https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
>    yum install -y dnf-plugins-core
>    yum config-manager --set-enabled PowerTools
>    yum install -y wget cmake make gcc nano pcre-devel libnsl2-devel
> mbedtls-devel gcc-c++ uthash-devel libyaml-devel gperftools-devel *tar*
>    cd /usr/src
>    wget https://github.com/nanomsg/nanomsg/archive/1.1.5.tar.gz
>    tar -zxvf 1.1.5.tar.gz
>    cd nanomsg-1.1.5/ && mkdir build && cd build && cmake
> -DCMAKE_INSTALL_PREFIX:PATH=/usr .. && make && make install
>    ldconfig
>    cd ../..
>    wget https://www.apsis.ch/pound/Pound-3.0c.tgz
>    tar -zxvf Pound-3.0c.tgz
>    cd Pound-3.0c/build && cmake .. && make
>    cd ../..
>    Pound-3.0c/build/pound -v
>    ldd Pound-3.0c/build/pound
>
> Now, I will have to copy my pound and letencrypt files and test... But
> this will be tomorrow. I will let you know how it goes (i don't have
> anything too complicated, so it should go fine...).
>
> best regards,
>
> Christian COMMARMOND
>
>
>
> Le jeu. 4 juin 2020 à 16:52, Joe Gooch <joseph.go...@sapphirek12.com> a
> écrit :
>
>> This Dockerfile works.  I started with nng but it required a newer
>> version of cmake. So I went back to nanomsg. I was unable to find nng or
>> nanomsg in Centos8 or EPEL8 or pretty much anywhere... The Fedora 33 rpm
>> wanted asciidoctor which I couldn't find for CentOS 8 either.
>> Dockerfile
>> -------
>> FROM centos:8
>>
>> RUN yum install -y
>> https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
>> RUN yum install -y dnf-plugins-core
>> RUN yum config-manager --set-enabled PowerTools
>> RUN yum install -y wget cmake make gcc nano pcre-devel libnsl2-devel
>> mbedtls-devel gcc-c++ uthash-devel libyaml-devel gperftools-devel
>> WORKDIR /usr/src
>> RUN wget https://github.com/nanomsg/nanomsg/archive/1.1.5.tar.gz
>> RUN tar -zxvf 1.1.5.tar.gz
>> RUN cd nanomsg-1.1.5/ && mkdir build && cd build && cmake
>> -DCMAKE_INSTALL_PREFIX:PATH=/usr .. && make && make install
>> RUN ldconfig
>> RUN wget https://www.apsis.ch/pound/Pound-3.0c.tgz
>> RUN tar -zxvf Pound-3.0c.tgz
>> RUN cd Pound-3.0c/build && cmake .. && make
>> RUN Pound-3.0c/build/pound -v
>> RUN ldd Pound-3.0c/build/pound
>> ------
>>
>>
>> LDD output:
>>         linux-vdso.so.1 (0x00007ffdd0d8e000)
>>         libyaml-0.so.2 => /lib64/libyaml-0.so.2 (0x00007fbc88417000)
>>         libnanomsg.so.5 => /lib64/libnanomsg.so.5 (0x00007fbc881c3000)
>>         libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fbc87fa3000)
>>         libpcreposix.so.0 => /lib64/libpcreposix.so.0 (0x00007fbc87da0000)
>>         libtcmalloc.so.4 => /lib64/libtcmalloc.so.4 (0x00007fbc879a4000)
>>         libmbedcrypto.so.3 => /lib64/libmbedcrypto.so.3
>> (0x00007fbc87740000)
>>         libmbedx509.so.0 => /lib64/libmbedx509.so.0 (0x00007fbc87520000)
>>         libmbedtls.so.12 => /lib64/libmbedtls.so.12 (0x00007fbc872f1000)
>>         libc.so.6 => /lib64/libc.so.6 (0x00007fbc86f2e000)
>>         libanl.so.1 => /lib64/libanl.so.1 (0x00007fbc86d2a000)
>>         librt.so.1 => /lib64/librt.so.1 (0x00007fbc86b21000)
>>         libnsl.so.2 => /lib64/libnsl.so.2 (0x00007fbc86907000)
>>         /lib64/ld-linux-x86-64.so.2 (0x00007fbc88637000)
>>         libpcre.so.1 => /lib64/libpcre.so.1 (0x00007fbc86696000)
>>         libunwind.so.8 => /lib64/libunwind.so.8 (0x00007fbc8647e000)
>>         libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00007fbc860e9000)
>>         libm.so.6 => /lib64/libm.so.6 (0x00007fbc85d67000)
>>         libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007fbc85b4f000)
>>         libpkcs11-helper.so.1 => /lib64/libpkcs11-helper.so.1
>> (0x00007fbc85932000)
>>         libz.so.1 => /lib64/libz.so.1 (0x00007fbc8571b000)
>>         libtirpc.so.3 => /lib64/libtirpc.so.3 (0x00007fbc854e8000)
>>         libdl.so.2 => /lib64/libdl.so.2 (0x00007fbc852e4000)
>>         libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007fbc84e05000)
>>         libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2
>> (0x00007fbc84bb5000)
>>         libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fbc848c5000)
>>         libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fbc846a9000)
>>         libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fbc844a5000)
>>         libkrb5support.so.0 => /lib64/libkrb5support.so.0
>> (0x00007fbc84294000)
>>         libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fbc84090000)
>>         libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fbc83e79000)
>>         libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fbc83c4e000)
>>         libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x00007fbc839ca000)
>>
>>
>>
>>
>> ------
>>
>>
>> Joe
>>
>>
>>
>> From: pound <pound-boun...@apsis.ch> on behalf of Christian COMMARMOND <
>> christian.commarm...@gmail.com>
>> Reply-To: reverse proxy and load balancer <pound@apsis.ch>
>> Date: Thursday, June 4, 2020 at 10:02 AM
>> To: reverse proxy and load balancer <pound@apsis.ch>
>> Subject: Re: [pound] ANNOUNCE: Pound - reverse proxy and load balancer -
>> v3.0c
>>
>> Hi,
>>
>> First, I want to thank you for pound. I use it for several years now, but
>> since I had recently compatibility problems, I try to install pound 3 on
>> Centos 8.1. But without success so far.
>>
>> I am confused by website that states that :
>> nanomsg This project has largely been superceded by the
>> https://github.com/nanomsg/nng project. Users are encouraged to use nng
>> if they are able.   1.1.5, released on October 15, 2018. So I downloaded
>> nanomsg 1.1.5
>> mbedSSL is in fact mbedTLS. At least, the provided link goes on this
>> one...
>> tcmalloc is still in gperftools-libs and I did not find it anywhere else.
>> pcreposix looks like part of pcre, but impossible to find pcreposix.h in
>> a repository (and I found a 2010 book stating it is replaced by ap_regex.h
>> ???)
>>
>> But after installation of all the listed packages (but what I listed
>> before), I get this:
>>
>> [root@Cent8Pound build]# cmake ..
>> -- The C compiler identification is GNU 8.3.1
>> -- Check for working C compiler: /usr/bin/cc
>> -- Check for working C compiler: /usr/bin/cc -- works
>> -- Detecting C compiler ABI info
>> -- Detecting C compiler ABI info - done
>> -- Detecting C compile features
>> -- Detecting C compile features - done
>> -- Looking for pthread.h
>> -- Looking for pthread.h - found
>> -- Looking for pthread_create
>> -- Looking for pthread_create - not found
>> -- Check if compiler accepts -pthread
>> -- Check if compiler accepts -pthread - yes
>> -- Found Threads: TRUE
>> -- Looking for 33 include files stdio.h, ..., mbedtls/error.h
>> -- Looking for 33 include files stdio.h, ..., mbedtls/error.h - found
>> -- Looking for include file pcreposix.h
>> -- Looking for include file pcreposix.h - not found
>> -- Looking for include file pcre/pcreposix.h
>> -- Looking for include file pcre/pcreposix.h - not found
>> -- Looking for include file regex.h
>> -- Looking for include file regex.h - found
>> -- Looking for include file stdarg.h
>> -- Looking for include file stdarg.h - found
>> -- Configuring done
>> -- Generating done
>> -- Build files have been written to: /root/Pound-3.0c/build
>>
>>
>> [root@Cent8Pound build]# make
>> Scanning dependencies of target pound
>> [ 16%] Building C object CMakeFiles/pound.dir/src/backend.c.o
>> [ 33%] Building C object CMakeFiles/pound.dir/src/config.c.o
>> [ 50%] Building C object CMakeFiles/pound.dir/src/http.c.o
>> [ 66%] Building C object CMakeFiles/pound.dir/src/pound.c.o
>> [ 83%] Building C object CMakeFiles/pound.dir/src/util.c.o
>> [100%] Linking C executable pound
>> CMakeFiles/pound.dir/src/config.c.o: In function `get_ciphers':
>> config.c:(.text+0x1dcd): undefined reference to
>> `mbedtls_ssl_get_ciphersuite_id'
>> config.c:(.text+0x1f8c): undefined reference to
>> `mbedtls_ssl_get_ciphersuite_id'
>> CMakeFiles/pound.dir/src/config.c.o: In function `get_one':
>> config.c:(.text+0x22d0): undefined reference to `mbedtls_x509_crt_init'
>> config.c:(.text+0x22e6): undefined reference to
>> `mbedtls_x509_crt_parse_file'
>> config.c:(.text+0x2315): undefined reference to `mbedtls_pk_init'
>> config.c:(.text+0x2337): undefined reference to `mbedtls_pk_parse_keyfile'
>> config.c:(.text+0x23e6): undefined reference to `mbedtls_pk_check_pair'
>> CMakeFiles/pound.dir/src/config.c.o: In function `get_https':
>> config.c:(.text+0x30f1): undefined reference to `mbedtls_ssl_config_init'
>> config.c:(.text+0x30ff): undefined reference to `mbedtls_ctr_drbg_random'
>> config.c:(.text+0x3107): undefined reference to `mbedtls_ssl_conf_rng'
>> config.c:(.text+0x3122): undefined reference to
>> `mbedtls_ssl_config_defaults'
>> config.c:(.text+0x3133): undefined reference to
>> `mbedtls_ssl_conf_alpn_protocols'
>> config.c:(.text+0x3144): undefined reference to
>> `mbedtls_ssl_conf_authmode'
>> config.c:(.text+0x369e): undefined reference to
>> `mbedtls_ssl_conf_ciphersuites'
>> config.c:(.text+0x36dd): undefined reference to `mbedtls_ssl_conf_sni'
>> config.c:(.text+0x3704): undefined reference to
>> `mbedtls_ssl_conf_own_cert'
>> config.c:(.text+0x3739): undefined reference to
>> `mbedtls_ssl_conf_ca_chain'
>> config.c:(.text+0x374f): undefined reference to
>> `mbedtls_ssl_conf_read_timeout'
>> CMakeFiles/pound.dir/src/http.c.o: In function `c_read':
>> http.c:(.text+0x1d35): undefined reference to `mbedtls_ssl_read'
>> CMakeFiles/pound.dir/src/http.c.o: In function `c_write':
>> http.c:(.text+0x1f52): undefined reference to `mbedtls_ssl_write'
>> CMakeFiles/pound.dir/src/http.c.o: In function `c_close':
>> http.c:(.text+0x1fd5): undefined reference to `mbedtls_ssl_write'
>> http.c:(.text+0x1fe4): undefined reference to `mbedtls_ssl_close_notify'
>> http.c:(.text+0x2005): undefined reference to `mbedtls_ssl_free'
>> http.c:(.text+0x2011): undefined reference to `mbedtls_net_free'
>> CMakeFiles/pound.dir/src/http.c.o: In function `thr_http':
>> http.c:(.text+0x21da): undefined reference to `mbedtls_net_init'
>> http.c:(.text+0x21f5): undefined reference to `mbedtls_ssl_init'
>> http.c:(.text+0x220f): undefined reference to `mbedtls_ssl_setup'
>> http.c:(.text+0x2223): undefined reference to `mbedtls_net_recv_timeout'
>> http.c:(.text+0x222d): undefined reference to `mbedtls_net_send'
>> http.c:(.text+0x2235): undefined reference to `mbedtls_ssl_set_bio'
>> http.c:(.text+0x2244): undefined reference to `mbedtls_ssl_handshake'
>> http.c:(.text+0x2270): undefined reference to `mbedtls_strerror'
>> http.c:(.text+0x22a9): undefined reference to `mbedtls_ssl_free'
>> http.c:(.text+0x22ca): undefined reference to `mbedtls_ssl_get_peer_cert'
>> http.c:(.text+0x22de): undefined reference to `mbedtls_ssl_get_peer_cert'
>> http.c:(.text+0x22fd): undefined reference to `mbedtls_x509_crt_info'
>> http.c:(.text+0x23bb): undefined reference to `mbedtls_ssl_free'
>> http.c:(.text+0x23ca): undefined reference to `mbedtls_net_free'
>> CMakeFiles/pound.dir/src/pound.c.o: In function `main':
>> pound.c:(.text+0xda): undefined reference to `mbedtls_entropy_init'
>> pound.c:(.text+0xe4): undefined reference to `mbedtls_ctr_drbg_init'
>> pound.c:(.text+0x117): undefined reference to `mbedtls_entropy_func'
>> pound.c:(.text+0x121): undefined reference to `mbedtls_ctr_drbg_seed'
>> CMakeFiles/pound.dir/src/util.c.o: In function `do_sni':
>> util.c:(.text+0x78a): undefined reference to `mbedtls_ssl_set_hs_own_cert'
>> collect2: error: ld returned 1 exit status
>> make[2]: *** [CMakeFiles/pound.dir/build.make:144: pound] Error 1
>> make[1]: *** [CMakeFiles/Makefile2:68: CMakeFiles/pound.dir/all] Error 2
>> make: *** [Makefile:84: all] Error 2
>>
>> NOTA:
>> With centos 7, I got to this level:
>> [root@feux2-pound3 build]# make
>> [ 16%] Linking C executable pound
>> CMakeFiles/pound.dir/src/pound.c.o: In function `main':
>> pound.c:(.text+0xf8): undefined reference to `getentropy'
>> collect2: error: ld returned 1 exit status
>> make[2]: *** [pound] Error 1
>> make[1]: *** [CMakeFiles/pound.dir/all] Error 2
>> make: *** [all] Error 2
>>
>> getentropy looks to be added in a later version of glibc than we have in
>> Centos 7.8 repository.
>>
>>
>> So, what can I do? Could you clarify how to build this version?
>>
>> Probably, it is a basic problem. But I am not expert enough.
>>
>>
>> thank you for your help,
>>
>> Christian COMMARMOND
>>
>>
>> Le mar. 5 mai 2020 à 22:04, Carsten Leonhardt <mailto:l...@debian.org> a
>> écrit :
>> Hi Robert,
>>
>> I found more things to report:
>>
>> The setuid call needs to come after the setgid call, otherwise the right
>> to change gid is lost when the uid is changed away from root. So the
>> lines 117-121 and 122-126 need to be switched in src/pound.c.
>>
>>
>> With the configuration below, pound doesn't answer requests but uses
>> 100% CPU. http://localhost:80 works, but http://localhost:8080 doesn't.
>>
>> Regards,
>>
>> Carsten
>>
>> ------8<-----8<------8<------
>> Global:
>>   User:         "_pound"
>>   Group:        "_pound"
>>
>> Backends:
>>   - &be
>>     Address: 127.0.0.1
>>     Port: 80
>>
>> HTTPListeners:
>>   - Address: 127.0.0.1
>>     Port: 8080
>>     Services:
>>       - Backends:
>>         - *be
>>
>> HTTPSListeners:
>> ------8<-----8<------8<------
>>
>> --
>> pound mailing list
>> mailto:pound@apsis.ch
>> https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
>>
>> --
>> pound mailing list
>> pound@apsis.ch
>> https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
>>
>
-- 
pound mailing list
pound@apsis.ch
https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch

Reply via email to