Re: [users@httpd] Forwarding question.

Fri, 09 Feb 2024 06:30:59 -0800 

On 2/8/2024 23:58:07, Frank Gingras wrote:
. . .


    There are some issues accessing from off premises, that is, when
    requests are entering via the internet facing router.  Like 301 and 400
    errors.

    Configuration is like this:

    Internet router->
    
server-with-apache-redirect-to->server-eith-docker-nginx-reverse-proxy-acme-custom-app.
    The domain names are the same on each server.  Currently believe they
    must be for certificate generation and use.

    The virtual host on apache is configured thusly:

    <VirtualHost *:80>
           ServerName www.my-domain.com <http://www.my-domain.com>
           ServerAlias www.my-domain.org <http://www.my-domain.org>
    my-domain.com <http://my-domain.com> my-domain.org
    <http://my-domain.org>
           ProxyPass "/"  "http://www.my-domain.com/
    <http://www.my-domain.com/>"
           ProxyPassReverse "/"  "http://my-domain.com/
    <http://my-domain.com/>"
    </VirtualHost>
    <VirtualHost *:443>
    #     SSLEngine ON
           ServerName www.my-domain.com <http://www.my-domain.com>
           ServerAlias www.my-domain.org <http://www.my-domain.org>
    my-domain.com <http://my-domain.com> my-domain.org
    <http://my-domain.org>
           ProxyPass "/"  "https://www.my-domain.com/
    <https://www.my-domain.com/>"
           ProxyPassReverse "/"  "https://www.my-domain.com/
    <https://www.my-domain.com/>"
    </VirtualHost>

    On the apache server the hosts files is used to resolve the host names
    to the target server.

    Where have I gone wrong?

    ---------------------------------------------------------------------
    To unsubscribe, e-mail: [email protected]
    <mailto:[email protected]>
    For additional commands, e-mail: [email protected]
    <mailto:[email protected]>


Why are you using nginx at all in this set up?



The application, a FOSS project, provided a docker image to ease setup 
for internet access, that includes the app, nginx and an 
"acme-companion" for certificate generation.



I can add that the certificate, via the app and Lets Encrypt, seems to 
have generated and installed properly, which suggests the basic 
forwarding worked.



Also, if I hack the local dns to resolve to the nginx box rather than 
the apache box (avoiding the forward) things work fine.  Only when it 
resolves to the apache box, as would access via the internet router 
(which of course involves an IP forward) does the problem surface.





---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]























					Reply via email to