Hi, I installed Pound-3.0d without problem, but I cannot get anything to work.
First, this is the first time I see the YAML syntax, and it looks like very 'unstable'. Any space or anything wrong give an error without being able to say where is the problem. Second, I found a Yaml validator (http://www.yamllint.com/). It takes the man example, and after removing the spaces at the beginning of the line, it says that the syntax is good, but removes the Backends name (the &eb from your example). But https://onlineyamltools.com/edit-yaml is OK and was very useful to understand the syntax. ( 192.168.1.12 is my wiki server, working on port 80, and 192.168.1.13 is my new pound server with Centos 8.1, as described before). Global: - User: "pound" - Group: "pound" - Err404: "/var/www/htdocs/error/generic_error_page" - Err405: "/var/www/htdocs/error/generic_error_page" - Err500: "/var/www/htdocs/error/generic_error_page" Backends: - &wiki Address: 192.168.1.12 Port: 80 HTTPListeners: - Address: 192.168.1.13 Port: 80 Services: - URL: "./wiki/*" Backends: - *wiki HTTPSListeners: I run pound in debug and get that: # pound -d 9 -f /etc/pound3.cfg debug option 9 /usr/src/Pound-3.0d/src/config.c:628 config file option /etc/pound3.cfg /usr/src/Pound-3.0d/src/config.c:618 start get_others /usr/src/Pound-3.0d/src/config.c:560 start get_backends /usr/src/Pound-3.0d/src/config.c:123 addr 192.168.11.129 /usr/src/Pound-3.0d/src/config.c:139 port 80 /usr/src/Pound-3.0d/src/config.c:142 push /usr/src/Pound-3.0d/src/config.c:168 start get_http /usr/src/Pound-3.0d/src/config.c:277 addr 192.168.11.135 /usr/src/Pound-3.0d/src/config.c:291 port 80 /usr/src/Pound-3.0d/src/config.c:294 start get_services /usr/src/Pound-3.0d/src/config.c:209 URL ./wiki/* /usr/src/Pound-3.0d/src/config.c:228 push /usr/src/Pound-3.0d/src/config.c:258 push /usr/src/Pound-3.0d/src/config.c:320 Prepare backends /usr/src/Pound-3.0d/src/pound.c:153 Starting resurrector thread /usr/src/Pound-3.0d/src/util.c:80 Prepare listeners /usr/src/Pound-3.0d/src/pound.c:185 Prepare services for listener 0 /usr/src/Pound-3.0d/src/pound.c:188 7F5D286CD700 start service /usr/src/Pound-3.0d/src/http.c:45 7F5D25EC8700 thr_http start /usr/src/Pound-3.0d/src/http.c:511 7F5D25EC8700 start loop /usr/src/Pound-3.0d/src/http.c:515 7F5D256C7700 thr_http start /usr/src/Pound-3.0d/src/http.c:511 7F5D256C7700 start loop /usr/src/Pound-3.0d/src/http.c:515 7F5D27ECC700 thr_http start /usr/src/Pound-3.0d/src/http.c:511 7F5D27ECC700 start loop /usr/src/Pound-3.0d/src/http.c:515 7F5D276CB700 thr_http start /usr/src/Pound-3.0d/src/http.c:511 7F5D276CB700 start loop /usr/src/Pound-3.0d/src/http.c:515 7F5D26ECA700 thr_http start /usr/src/Pound-3.0d/src/http.c:511 7F5D26ECA700 start loop /usr/src/Pound-3.0d/src/http.c:515 7F5D24EC6700 thr_http start /usr/src/Pound-3.0d/src/http.c:511 7F5D24EC6700 start loop /usr/src/Pound-3.0d/src/http.c:515 7F5D246C5700 thr_http start /usr/src/Pound-3.0d/src/http.c:511 7F5D246C5700 start loop /usr/src/Pound-3.0d/src/http.c:515 7F5D266C9700 thr_http start /usr/src/Pound-3.0d/src/http.c:511 7F5D266C9700 start loop /usr/src/Pound-3.0d/src/http.c:515 It stops there and I get a new Resurrect line every minute or so... (FYI, the wiki service is defined in Pound 2.8: Service HeadRequire "Host:*.(sos|www).abscom.eu.*" URL "^\/wiki\/*" BackEnd Address 192.168.1.12 Port 80 End End ) And also, I did not find how to declare the domain name like in: HeadRequire Could you give more examples about how to translate working examples from the 2.8 cfg file to 3.0? If you don't have a Centos 8.1 available for tests, or you want to see what is wrong on my serveur, I can give you a direct access to it, just send me your email via sms, and I will send you the access with Guacamole. thank you, Christian COMMARMOND +33 6 82 33 52 32 Le jeu. 4 juin 2020 à 18:38, Christian COMMARMOND < christian.commarm...@gmail.com> a écrit : > Hi Joe, > > you are a king. Your explanations worked perfectly. I was just missing tar. > > So, hereunder, exactly what I did (99% is yours). Maybe you could paste > this on a page of your website? I think it will be useful to others. > > I installed Centos 8.1 using: > CentOS-8.1.1911-x86_64-dvd1.iso > And choose the minimal installation > Then: > yum update > yum install -y > https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm > yum install -y dnf-plugins-core > yum config-manager --set-enabled PowerTools > yum install -y wget cmake make gcc nano pcre-devel libnsl2-devel > mbedtls-devel gcc-c++ uthash-devel libyaml-devel gperftools-devel *tar* > cd /usr/src > wget https://github.com/nanomsg/nanomsg/archive/1.1.5.tar.gz > tar -zxvf 1.1.5.tar.gz > cd nanomsg-1.1.5/ && mkdir build && cd build && cmake > -DCMAKE_INSTALL_PREFIX:PATH=/usr .. && make && make install > ldconfig > cd ../.. > wget https://www.apsis.ch/pound/Pound-3.0c.tgz > tar -zxvf Pound-3.0c.tgz > cd Pound-3.0c/build && cmake .. && make > cd ../.. > Pound-3.0c/build/pound -v > ldd Pound-3.0c/build/pound > > Now, I will have to copy my pound and letencrypt files and test... But > this will be tomorrow. I will let you know how it goes (i don't have > anything too complicated, so it should go fine...). > > best regards, > > Christian COMMARMOND > > > > Le jeu. 4 juin 2020 à 16:52, Joe Gooch <joseph.go...@sapphirek12.com> a > écrit : > >> This Dockerfile works. I started with nng but it required a newer >> version of cmake. So I went back to nanomsg. I was unable to find nng or >> nanomsg in Centos8 or EPEL8 or pretty much anywhere... The Fedora 33 rpm >> wanted asciidoctor which I couldn't find for CentOS 8 either. >> Dockerfile >> ------- >> FROM centos:8 >> >> RUN yum install -y >> https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm >> RUN yum install -y dnf-plugins-core >> RUN yum config-manager --set-enabled PowerTools >> RUN yum install -y wget cmake make gcc nano pcre-devel libnsl2-devel >> mbedtls-devel gcc-c++ uthash-devel libyaml-devel gperftools-devel >> WORKDIR /usr/src >> RUN wget https://github.com/nanomsg/nanomsg/archive/1.1.5.tar.gz >> RUN tar -zxvf 1.1.5.tar.gz >> RUN cd nanomsg-1.1.5/ && mkdir build && cd build && cmake >> -DCMAKE_INSTALL_PREFIX:PATH=/usr .. && make && make install >> RUN ldconfig >> RUN wget https://www.apsis.ch/pound/Pound-3.0c.tgz >> RUN tar -zxvf Pound-3.0c.tgz >> RUN cd Pound-3.0c/build && cmake .. && make >> RUN Pound-3.0c/build/pound -v >> RUN ldd Pound-3.0c/build/pound >> ------ >> >> >> LDD output: >> linux-vdso.so.1 (0x00007ffdd0d8e000) >> libyaml-0.so.2 => /lib64/libyaml-0.so.2 (0x00007fbc88417000) >> libnanomsg.so.5 => /lib64/libnanomsg.so.5 (0x00007fbc881c3000) >> libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fbc87fa3000) >> libpcreposix.so.0 => /lib64/libpcreposix.so.0 (0x00007fbc87da0000) >> libtcmalloc.so.4 => /lib64/libtcmalloc.so.4 (0x00007fbc879a4000) >> libmbedcrypto.so.3 => /lib64/libmbedcrypto.so.3 >> (0x00007fbc87740000) >> libmbedx509.so.0 => /lib64/libmbedx509.so.0 (0x00007fbc87520000) >> libmbedtls.so.12 => /lib64/libmbedtls.so.12 (0x00007fbc872f1000) >> libc.so.6 => /lib64/libc.so.6 (0x00007fbc86f2e000) >> libanl.so.1 => /lib64/libanl.so.1 (0x00007fbc86d2a000) >> librt.so.1 => /lib64/librt.so.1 (0x00007fbc86b21000) >> libnsl.so.2 => /lib64/libnsl.so.2 (0x00007fbc86907000) >> /lib64/ld-linux-x86-64.so.2 (0x00007fbc88637000) >> libpcre.so.1 => /lib64/libpcre.so.1 (0x00007fbc86696000) >> libunwind.so.8 => /lib64/libunwind.so.8 (0x00007fbc8647e000) >> libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00007fbc860e9000) >> libm.so.6 => /lib64/libm.so.6 (0x00007fbc85d67000) >> libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007fbc85b4f000) >> libpkcs11-helper.so.1 => /lib64/libpkcs11-helper.so.1 >> (0x00007fbc85932000) >> libz.so.1 => /lib64/libz.so.1 (0x00007fbc8571b000) >> libtirpc.so.3 => /lib64/libtirpc.so.3 (0x00007fbc854e8000) >> libdl.so.2 => /lib64/libdl.so.2 (0x00007fbc852e4000) >> libcrypto.so.1.1 => /lib64/libcrypto.so.1.1 (0x00007fbc84e05000) >> libgssapi_krb5.so.2 => /lib64/libgssapi_krb5.so.2 >> (0x00007fbc84bb5000) >> libkrb5.so.3 => /lib64/libkrb5.so.3 (0x00007fbc848c5000) >> libk5crypto.so.3 => /lib64/libk5crypto.so.3 (0x00007fbc846a9000) >> libcom_err.so.2 => /lib64/libcom_err.so.2 (0x00007fbc844a5000) >> libkrb5support.so.0 => /lib64/libkrb5support.so.0 >> (0x00007fbc84294000) >> libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x00007fbc84090000) >> libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fbc83e79000) >> libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fbc83c4e000) >> libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x00007fbc839ca000) >> >> >> >> >> ------ >> >> >> Joe >> >> >> >> From: pound <pound-boun...@apsis.ch> on behalf of Christian COMMARMOND < >> christian.commarm...@gmail.com> >> Reply-To: reverse proxy and load balancer <pound@apsis.ch> >> Date: Thursday, June 4, 2020 at 10:02 AM >> To: reverse proxy and load balancer <pound@apsis.ch> >> Subject: Re: [pound] ANNOUNCE: Pound - reverse proxy and load balancer - >> v3.0c >> >> Hi, >> >> First, I want to thank you for pound. I use it for several years now, but >> since I had recently compatibility problems, I try to install pound 3 on >> Centos 8.1. But without success so far. >> >> I am confused by website that states that : >> nanomsg This project has largely been superceded by the >> https://github.com/nanomsg/nng project. Users are encouraged to use nng >> if they are able. 1.1.5, released on October 15, 2018. So I downloaded >> nanomsg 1.1.5 >> mbedSSL is in fact mbedTLS. At least, the provided link goes on this >> one... >> tcmalloc is still in gperftools-libs and I did not find it anywhere else. >> pcreposix looks like part of pcre, but impossible to find pcreposix.h in >> a repository (and I found a 2010 book stating it is replaced by ap_regex.h >> ???) >> >> But after installation of all the listed packages (but what I listed >> before), I get this: >> >> [root@Cent8Pound build]# cmake .. >> -- The C compiler identification is GNU 8.3.1 >> -- Check for working C compiler: /usr/bin/cc >> -- Check for working C compiler: /usr/bin/cc -- works >> -- Detecting C compiler ABI info >> -- Detecting C compiler ABI info - done >> -- Detecting C compile features >> -- Detecting C compile features - done >> -- Looking for pthread.h >> -- Looking for pthread.h - found >> -- Looking for pthread_create >> -- Looking for pthread_create - not found >> -- Check if compiler accepts -pthread >> -- Check if compiler accepts -pthread - yes >> -- Found Threads: TRUE >> -- Looking for 33 include files stdio.h, ..., mbedtls/error.h >> -- Looking for 33 include files stdio.h, ..., mbedtls/error.h - found >> -- Looking for include file pcreposix.h >> -- Looking for include file pcreposix.h - not found >> -- Looking for include file pcre/pcreposix.h >> -- Looking for include file pcre/pcreposix.h - not found >> -- Looking for include file regex.h >> -- Looking for include file regex.h - found >> -- Looking for include file stdarg.h >> -- Looking for include file stdarg.h - found >> -- Configuring done >> -- Generating done >> -- Build files have been written to: /root/Pound-3.0c/build >> >> >> [root@Cent8Pound build]# make >> Scanning dependencies of target pound >> [ 16%] Building C object CMakeFiles/pound.dir/src/backend.c.o >> [ 33%] Building C object CMakeFiles/pound.dir/src/config.c.o >> [ 50%] Building C object CMakeFiles/pound.dir/src/http.c.o >> [ 66%] Building C object CMakeFiles/pound.dir/src/pound.c.o >> [ 83%] Building C object CMakeFiles/pound.dir/src/util.c.o >> [100%] Linking C executable pound >> CMakeFiles/pound.dir/src/config.c.o: In function `get_ciphers': >> config.c:(.text+0x1dcd): undefined reference to >> `mbedtls_ssl_get_ciphersuite_id' >> config.c:(.text+0x1f8c): undefined reference to >> `mbedtls_ssl_get_ciphersuite_id' >> CMakeFiles/pound.dir/src/config.c.o: In function `get_one': >> config.c:(.text+0x22d0): undefined reference to `mbedtls_x509_crt_init' >> config.c:(.text+0x22e6): undefined reference to >> `mbedtls_x509_crt_parse_file' >> config.c:(.text+0x2315): undefined reference to `mbedtls_pk_init' >> config.c:(.text+0x2337): undefined reference to `mbedtls_pk_parse_keyfile' >> config.c:(.text+0x23e6): undefined reference to `mbedtls_pk_check_pair' >> CMakeFiles/pound.dir/src/config.c.o: In function `get_https': >> config.c:(.text+0x30f1): undefined reference to `mbedtls_ssl_config_init' >> config.c:(.text+0x30ff): undefined reference to `mbedtls_ctr_drbg_random' >> config.c:(.text+0x3107): undefined reference to `mbedtls_ssl_conf_rng' >> config.c:(.text+0x3122): undefined reference to >> `mbedtls_ssl_config_defaults' >> config.c:(.text+0x3133): undefined reference to >> `mbedtls_ssl_conf_alpn_protocols' >> config.c:(.text+0x3144): undefined reference to >> `mbedtls_ssl_conf_authmode' >> config.c:(.text+0x369e): undefined reference to >> `mbedtls_ssl_conf_ciphersuites' >> config.c:(.text+0x36dd): undefined reference to `mbedtls_ssl_conf_sni' >> config.c:(.text+0x3704): undefined reference to >> `mbedtls_ssl_conf_own_cert' >> config.c:(.text+0x3739): undefined reference to >> `mbedtls_ssl_conf_ca_chain' >> config.c:(.text+0x374f): undefined reference to >> `mbedtls_ssl_conf_read_timeout' >> CMakeFiles/pound.dir/src/http.c.o: In function `c_read': >> http.c:(.text+0x1d35): undefined reference to `mbedtls_ssl_read' >> CMakeFiles/pound.dir/src/http.c.o: In function `c_write': >> http.c:(.text+0x1f52): undefined reference to `mbedtls_ssl_write' >> CMakeFiles/pound.dir/src/http.c.o: In function `c_close': >> http.c:(.text+0x1fd5): undefined reference to `mbedtls_ssl_write' >> http.c:(.text+0x1fe4): undefined reference to `mbedtls_ssl_close_notify' >> http.c:(.text+0x2005): undefined reference to `mbedtls_ssl_free' >> http.c:(.text+0x2011): undefined reference to `mbedtls_net_free' >> CMakeFiles/pound.dir/src/http.c.o: In function `thr_http': >> http.c:(.text+0x21da): undefined reference to `mbedtls_net_init' >> http.c:(.text+0x21f5): undefined reference to `mbedtls_ssl_init' >> http.c:(.text+0x220f): undefined reference to `mbedtls_ssl_setup' >> http.c:(.text+0x2223): undefined reference to `mbedtls_net_recv_timeout' >> http.c:(.text+0x222d): undefined reference to `mbedtls_net_send' >> http.c:(.text+0x2235): undefined reference to `mbedtls_ssl_set_bio' >> http.c:(.text+0x2244): undefined reference to `mbedtls_ssl_handshake' >> http.c:(.text+0x2270): undefined reference to `mbedtls_strerror' >> http.c:(.text+0x22a9): undefined reference to `mbedtls_ssl_free' >> http.c:(.text+0x22ca): undefined reference to `mbedtls_ssl_get_peer_cert' >> http.c:(.text+0x22de): undefined reference to `mbedtls_ssl_get_peer_cert' >> http.c:(.text+0x22fd): undefined reference to `mbedtls_x509_crt_info' >> http.c:(.text+0x23bb): undefined reference to `mbedtls_ssl_free' >> http.c:(.text+0x23ca): undefined reference to `mbedtls_net_free' >> CMakeFiles/pound.dir/src/pound.c.o: In function `main': >> pound.c:(.text+0xda): undefined reference to `mbedtls_entropy_init' >> pound.c:(.text+0xe4): undefined reference to `mbedtls_ctr_drbg_init' >> pound.c:(.text+0x117): undefined reference to `mbedtls_entropy_func' >> pound.c:(.text+0x121): undefined reference to `mbedtls_ctr_drbg_seed' >> CMakeFiles/pound.dir/src/util.c.o: In function `do_sni': >> util.c:(.text+0x78a): undefined reference to `mbedtls_ssl_set_hs_own_cert' >> collect2: error: ld returned 1 exit status >> make[2]: *** [CMakeFiles/pound.dir/build.make:144: pound] Error 1 >> make[1]: *** [CMakeFiles/Makefile2:68: CMakeFiles/pound.dir/all] Error 2 >> make: *** [Makefile:84: all] Error 2 >> >> NOTA: >> With centos 7, I got to this level: >> [root@feux2-pound3 build]# make >> [ 16%] Linking C executable pound >> CMakeFiles/pound.dir/src/pound.c.o: In function `main': >> pound.c:(.text+0xf8): undefined reference to `getentropy' >> collect2: error: ld returned 1 exit status >> make[2]: *** [pound] Error 1 >> make[1]: *** [CMakeFiles/pound.dir/all] Error 2 >> make: *** [all] Error 2 >> >> getentropy looks to be added in a later version of glibc than we have in >> Centos 7.8 repository. >> >> >> So, what can I do? Could you clarify how to build this version? >> >> Probably, it is a basic problem. But I am not expert enough. >> >> >> thank you for your help, >> >> Christian COMMARMOND >> >> >> Le mar. 5 mai 2020 à 22:04, Carsten Leonhardt <mailto:l...@debian.org> a >> écrit : >> Hi Robert, >> >> I found more things to report: >> >> The setuid call needs to come after the setgid call, otherwise the right >> to change gid is lost when the uid is changed away from root. So the >> lines 117-121 and 122-126 need to be switched in src/pound.c. >> >> >> With the configuration below, pound doesn't answer requests but uses >> 100% CPU. http://localhost:80 works, but http://localhost:8080 doesn't. >> >> Regards, >> >> Carsten >> >> ------8<-----8<------8<------ >> Global: >> User: "_pound" >> Group: "_pound" >> >> Backends: >> - &be >> Address: 127.0.0.1 >> Port: 80 >> >> HTTPListeners: >> - Address: 127.0.0.1 >> Port: 8080 >> Services: >> - Backends: >> - *be >> >> HTTPSListeners: >> ------8<-----8<------8<------ >> >> -- >> pound mailing list >> mailto:pound@apsis.ch >> https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch >> >> -- >> pound mailing list >> pound@apsis.ch >> https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch >> >
-- pound mailing list pound@apsis.ch https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch