please how to set Github 6.0 with Apache2?
Gitlab is installed according to the original instructions
Adjustment in Unicorn.rb
...
#listen "/home/git/gitlab/tmp/sockets/gitlab.socket", :backlog => 64
#listen "127.0.0.1:8080", :tcp_nopush => true
listen "127.0.0.1:8080"
...
My Apache2 conf is :
<VirtualHost *:80>
ServerName git.domain.com
ErrorLog /var/log/apache2/gitlab_error.log
CustomLog /var/log/apache2/gitlab_access.log combined
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8080/
<Location />
ProxyPassReverse /
Order deny,allow
Allow from all
</Location>
</VirtualHost>
Bud i get :
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /users/sign_in.
Reason: Error reading from remote server
Thank you
In case this helps anyone else;
I had this same problem, but it was a lack of disk space in my case. I deleted some large backups and restarted apache with service httpd restart and my gitlab came back.
Related
I need to run grafana and kibana on a same server while running behind Apache2 reverse proxy
I manage to succeed with kibana, but grafana cause me some problems; in fact I don't how how to run the sub path.
I want these two services to run like this : X.X.X.X/kibana and X.X.X.X/grafana.
Here is my apache2 config and my grafana settings:
<VirtualHost *:80>
ServerName http://myipadress/kibana
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://myipadress:5601/
ProxyPassReverse / http://myipadress:5601/
</VirtualHost>
#--------------GRAFANA----------------------------
<VirtualHost *:80>
ServerName http://myipadress/grafana
ProxyRequests On
ProxyPreserveHost On
ProxyPass / http://myipadress:3000/
ProxyPassReverse / http://myipadress:3000/
</VirtualHost>
For grafana :
protocol = http
http_port = 3000
domain = myipadress
root_url = %(protocol)s://%(domain)s:%(http_port)s/grafana
serve_from_sub_path = true
Does anyone know what I did wrong
Cheers
Hello after loosing too much time on it, I decided to change my reverse proxy and use NGINX.
I fact, there is a example of configuration in grafana's documentation, and I just added these lines
location /kibana {
proxy_pass http://localhost:5601/kibana;
}
And it just work for me
I have a wildfly application configured to work with keycloak sso , this application works fine,
now we have to have a apache server acting as proxy before the keycloak and wildflyserver.this is the configuration file for apache , when hit in browser it gives too many redirects , do I need to configure anything in keycloak side or apache side ?
#NameVirtualHost *:443
<VirtualHost *:443>
ServerAdmin postmaster#xxx.yyy.icg
DocumentRoot "c:\xampp\htdocs\xxx.yyy.com"
ServerName xxx.yyy.com
ServerAlias www.xxx.yyy.com
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerExpire off
SSLEngine on
SSLCertificateFile "conf/ssl.crt/app.pem"
SSLCertificateKeyFile "conf/ssl.key/cert.key"
ErrorLog "logs/xxx.yyy.com-error.log"
CustomLog "logs/xxx.yyy.com-error.log" combined
ProxyPass "/" "http://10.0.144.246:8060/app1"
ProxyPassReverse "/" "http://10.0.144.246:8060/app1"
<Location /app1>
ProxyPass http://http://10.0.144.246:8060/app1
ProxyPassReverse http://10.0.144.246:8060/app1
Order Allow,Deny
Allow from all
</Location>
</VirtualHost>
We experienced the exact same issue with the similar setup of Keycloak and NGINX and we managed to fix it by enabling the sticky session on NGINX.
I have a container mapped by Nginx on example.org/portia/test, structured as follow:
Container exposes only port 9001, where an Apache instance as proxy is listening.
A Django server is running on 8000, all traffic for /api and /server_capabilities is sent to him.
Another Django server is running on 9002, which handles websockets on /ws path.
a scheme of my network
I'm trying to add OpenIdConnect authentication using the mod_auth_openidc plugin for Apache, I want to protect the entire virtual host.
So far I reach the correct login page on auth-example.org, I login with my credentials and the auth server redirects me with the correct URI. Ngnix answers me with a 400 error.
request sent with a lot of cookies
The auth server is used by several application inside mydomain.org, so I guess something is wrong with my Apache configuration file.
For clarity's sake, I can't touch Nginx or the auth server confs.
apache_site.conf
<VirtualHost *:9001>
ServerAdmin webmaster#localhost
DocumentRoot /app/portiaui/dist
ServerName www.example.org
ServerAlias example.org
#ProxyRequests On
Alias /static /app/portiaui/dist
OIDCProviderMetadataURL https://www.auth-example.org/auth/realms/master/.wel$
OIDCRedirectURI https://example.org/portia/test/callback
OIDCCryptoPassphrase <much secret>
OIDCClientID portia
OIDCClientSecret <much private>
OIDCCookiePath example.org/portia/test/
OIDCCookieDomain example.org
<Location /static>
Require all granted
</Location>
<Location /api>
Require all granted
ProxyPass http://127.0.0.1:8000/api
ProxyPassReverse http://127.0.0.1:8000/api
ProxyPreserveHost On
</Location>
<Location /server_capabilities>
Require all granted
ProxyPass http://127.0.0.1:8000/server_capabilities
ProxyPassReverse http://127.0.0.1:8000/server_capabilities
ProxyPreserveHost On
</Location>
<Location /ws> # mod_proxy_wstunnel is enabled
RequestHeader set Host "127.0.0.1:9002"
ProxyPreserveHost On
ProxyPass http://127.0.0.1:9002/ws
ProxyPassReverse http://127.0.0.1:9002/ws
</Location>
<Location />
AuthType openid-connect
Require valid-user
</Location>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
The cookie path setting in OIDCCookiePath only needs to contain the actual path, not the host. In fact I'd start without using any of OIDCCookiePath or OIDCCookieDomain.
The answer of Hans Z. suggests me to change also OIDCRedirectURI in a relative path.
Setting OIDCRedirectURI /callbacksolved the issue: my Apache instance doesn't receives the entire URL www.example.org/portia/test/callback but only the last part of the path. This is due to the front side Nginx instance.
Here is my apache2 virtual host config -
<VirtualHost *:80>
ServerName A.B.com
ProxyPreserveHost Off
ProxyPass / http://<ServerIP>:<appPort>/<app>/ timeout=3600 Keepalive=On
ProxyPassReverse / http://<ServerIP>:<appPort>/<app>/
ProxyTimeout 3600
</VirtualHost>
<Location "/">
Order allow,deny
Allow from all
</Location>
I have a route 53 entry for A.B.com pointing to this machine (the one with apache2)
I have ran a2ensite.. I am getting a 503 service unavailable on hitting A.B.com
However, A.B.com:appPort/app is working..
This definitely means I am missing something in apache2 configuration.. Can anyone point me out?
ProxyPreserveHost Off
should be on, and not need to mention http://, but in route you can mention http://.
further please check and paste error logs.
I have 2 web applications running under Tomcat6. Currently, I can access one of them via mod_proxy with the following config...
<VirtualHost xxx.xxx.xxx.xxx:80>
ServerAdmin email#email.com
ServerName staging.domain.com
ProxyPass /app1 http://localhost:8080/app1
ProxyPassReverse /app1 http://localhost:8080/app1
</VirtualHost>
Now, I can access app1 via http://staging.domain.com/app1. I also want to be able to access app2 the same way: http://staging.domain.com/app2. I configured a second VirtualHost however, only the first one works. Is this even possible, to proxy 2 web apps under a single domain? If so, any hints, tips, tricks would be greatly appreciated.
Ah, you're already pretty much doing it: just add extra ProxyPass/ProxyPassReverse statements.
<VirtualHost xxx.xxx.xxx.xxx:80>
ServerAdmin email#email.com
ServerName staging.domain.com
ProxyPass /app1 http://localhost:8080/app1
ProxyPassReverse /app1 http://localhost:8080/app1
ProxyPass /app2 http://localhost:8080/app2
ProxyPassReverse /app2 http://localhost:8080/app2
ProxyPass /app3 http://localhost:8080/app3
ProxyPassReverse /app3 http://localhost:8080/app3
</VirtualHost>