I would like to reroute my apache to a different system folder.
Currently I have this setting
<VirtualHost *:443>
ServerName blaah.com
SSLCertificateFile /etc/ssl/certs/blaah.crt
SSLCertificateKeyFile /etc/ssl/private/blaah.key
SSLCertificateChainFile /etc/ssl/certs/DigiCertCA.crt
DocumentRoot /var/www/blaah
Alias /webalizer /var/www/webalizer
<Directory /var/www/webalizer>
Allow from 192.168.0.0/16
Deny from all
AuthType Basic
AuthName webalizer
AuthUserFile /var/www/webalizer/.htpasswd
Require valid-user
</Directory>
ProxyPass /gogs http://127.0.0.1:3000
<LocationMatch "^/blaah/blaah/">
Deny from all
</LocationMatch>
<LocationMatch "^/maintenance">
Allow from IP
Deny from all
</LocationMatch>
</VirtualHost>
So basically when going to servername blaah.com you get directed to a service.
Now I want to do a maintenance on that service, that means I have to reroute them.
But I want to test out that endpoint, so when you write blaah.com/maintenance (the last Location Match should cover that) you get directed to /var/www/maintenance. That folder holds a single index.html that tells you that an maintenance is underway. How can I accomplish that?
In nginx I would do multiple locations and then change document root and tryfiles.
Figured it out.
Used
Alias /maintenance /var/www/maintenance
<Directory /var/www/maintenance">
Allow from IP
</Directory>
Good evening,
I am trying to set up my apache2 reverse proxy
(following https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy)
for etherpad lite
(following https://www.howtoforge.com/tutorial/ubuntu-etherpad-editor-server-installation/, except for the nginx part).
I use http->ssl redirection. Since I use letsencrypt I can only access domain.com and not etherpad.domain.com (at least firefox won't let me and I want to avoid changing that certificate each time I add a new site). So I would like to access my etherpad just as I do access my other sites: domain.com/etherpad. However I always get a 404 trying to get to the site. Looking at a working example, in my nextcloud.conf file I have a line saying:
Alias /nextcloud /local/path/to/nextcloud
However the etherpad reverse proxy virtual host file looks entirely different, the key difference is etherpad not having a local folder but only a mysql database. (Please correct me if this is wrong)
So I tried changing the ssl example from the second link to the following, but it does not work. Please understand that I changed domain name and some internal paths, but "apache2ctl configtest" succeeds and the service is running without error.
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName randomisedDomain.com/etherpad
# SSL configuration
SSLEngine on
# If you hold wildcard certificates for your domain the next two lines are not necessary.
SSLCertificateFile "/working/path/to/fullchain.pem"
SSLCertificateKeyFile "/working/path/to/privkey.pem"
ProxyVia On
ProxyRequests Off
ProxyPreserveHost on
<Location />
AuthType Basic
AuthName "Welcome to the randomisedDomain.com Etherpad"
AuthUserFile /working/path/to/etherpad.passwd
#AuthGroupFile /path/to/svn.group
Require user etherpad
ProxyPass http://localhost:9001/ retry=0 timeout=30
ProxyPassReverse http://localhost:9001/
</Location>
<Location /socket.io>
# This is needed to handle the websocket transport through the proxy, since
# etherpad does not use a specific sub-folder, such as /ws/ to handle this kind of traffic.
# Taken from https://github.com/ether/etherpad-lite/issues/2318#issuecomment-63548542
# Thanks to beaugunderson for the semantics
RewriteEngine On
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:9001/socket.io/$1 [P,L]
ProxyPass http://localhost:9001/socket.io retry=0 timeout=30
ProxyPassReverse http://localhost:9001/socket.io
</Location>
<Proxy *>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Proxy>
</VirtualHost>
Any help for rerouting the localhost domain to randomisedDomain.com/etherpad is greatly appreciated !
Best regards
MAPster
I recently installed Munin on my machines. I got everything to work and the data is actually being drawn on the graphs! :)
But, for some reason, when I click on each individual graph, it brings me to the dynazoom page but it's all plain text with no images :(
Here is my apache.conf:
# Enable this for template generation
Alias /munin /var/cache/munin/www
# Enable this for cgi-based templates
#Alias /munin-cgi/static /var/cache/munin/www/static
#ScriptAlias /munin-cgi /usr/lib/munin/cgi/munin-cgi-html
#<Location /munin-cgi>
# Order allow,deny
# Allow from localhost 127.0.0.0/8 ::1
# AuthUserFile /etc/munin/munin-htpasswd
# AuthName "Munin"
# AuthType Basic
# require valid-user
#</Location>
<Directory /var/cache/munin/www>
Order allow,deny
# Allow from localhost 127.0.0.0/8 ::1
Allow from all
Options None
AllowOverride None
# This file can be used as a .htaccess file, or a part of your apache
# config file.
#
# For the .htaccess file option to work the munin www directory
# (/var/cache/munin/www) must have "AllowOverride all" or something
# close to that set.
#
AuthUserFile /etc/munin/munin-htpasswd
AuthName "Munin"
AuthType Basic
require valid-user
# This next part requires mod_expires to be enabled.
#
# Set the default expiration time for files to 5 minutes 10 seconds from
# their creation (modification) time. There are probably new files by
# that time.
#
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault M310
</IfModule>
</Directory>
# Enables fastcgi for munin-cgi-html if present
#<Location /munin-cgi>
# <IfModule mod_fastcgi.c>
# SetHandler fastcgi-script
# </IfModule>
#</Location>
#<Location /munin-cgi/static>
# SetHandler None
#</Location>
# Enables fastcgi for munin-cgi-graph if present
ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
<Location /munin-cgi/munin-cgi-graph>
Order allow,deny
Allow from localhost 127.0.0.0/8 ::1
# AuthUserFile /etc/munin/munin-htpasswd
# AuthName "Munin"
# AuthType Basic
# require valid-user
<IfModule mod_fcgid.c>
SetHandler fcgid-script
</IfModule>
<IfModule !mod_fcgid.c>
SetHandler cgi-script
</IfModule>
</Location>
ScriptAlias /munin-cgi/munin-cgi-html /usr/lib/munin/cgi/munin-cgi-html
<Location /munin-cgi/munin-cgi-html>
Order allow,deny
Allow from localhost 127.0.0.0/8 ::1
# AuthUserFile /etc/munin/munin-htpasswd
# AuthName "Munin"
# AuthType Basic
# require valid-user
<IfModule mod_fcgid.c>
SetHandler fcgid-script
</IfModule>
<IfModule !mod_fcgid.c>
SetHandler cgi-script
</IfModule>
</Location>
Any reason why this could not be working? If I haven't given enough information, please let me know. Thank you
Enabling the apache2 cgi (or cgid) makes the dynazoom work.
sudo a2enmod cgi; sudo service apache2 restart
I had the same issue on Ubuntu 14.04.
By checking /var/log/apache2/error.log I found the script complaining about missing modules:
Can't locate CGI/Fast.pm in #INC (you may need to install the CGI::Fast module) (#INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl) at /usr/lib/munin/cgi/munin-cgi-graph line 36.
I did install the CGI::Fast module to solve the issue:
sudo apt-get install libcgi-fast-perl
There is no need for any rewrite rule as indicated in another answer. Packages in Ubuntu 14.04 have the path names configured correctly.
In addition to ermannob's answer; my apache2 error.log reported
AH01797: client denied by server configuration: /usr/lib/munin/cgi/munin-cgi-graph
which stopped me from messing around with file permissions within the OS and caused me to look at the apache config. All that was required was to change
<Location /munin-cgi/munin-cgi-graph>
Order allow,deny
Allow from localhost 127.0.0.0/8 ::1
...
in /etc/apache2/conf-enabled/munin.conf, to
<Location /munin-cgi/munin-cgi-graph>
Require all granted
Options FollowSymLinks SymLinksIfOwnerMatch
I did not need to install any fastcgi packages and followed the tutorial here. They suggest that configuration be added to the apache.conf file directly, however, relaxing the permissions in the conf-enabled/munin.conf file (for /munin, /munin-cgi/munin-cgi-graph and /munin-cgi/munin-cgi-html) was sufficient. I omitted the changes to apache.conf.
When running Ubuntu 14.04 I fixed this on my own servers by updating the apache config in /etc/apache2/conf-available/munin.conf from 2.2 style to 2.4
Example:
<Directory /var/cache/munin/www>
Order allow,deny
Allow from localhost 127.0.0.0/8 ::1
....
</Directory>
needs to be changed to
<Directory /var/cache/munin/www>
# Order allow,deny
# Allow from localhost 127.0.0.0/8 ::1
Require all granted
....
</Directory>
or you could do
Require host localhost
or
Require ip 127.0.0.0/8 ::8
see apache documentation about the changes here. By the time I realized this, I had already gone through and installed FastCGI and the perl module listed in this thread. This change would need to be done to all the location/directory areas you see in munin.conf.
I had the same problem on Debian 8. I've edited the file /etc/munin/apache24.conf like that:
Alias /munin /var/cache/munin/www
<Directory /var/cache/munin/www>
Require all granted
Options FollowSymLinks SymLinksIfOwnerMatch
</Directory>
ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
<Location /munin-cgi/munin-cgi-graph>
Require all granted
Options FollowSymLinks SymLinksIfOwnerMatch
<IfModule mod_fcgid.c>
SetHandler fcgid-script
</IfModule>
<IfModule !mod_fcgid.c>
SetHandler cgi-script
</IfModule>
</Location>
Then I installed the libapache2-mod-fcgid as mentioned earlier.
After a munin-node restart, it's working correctly.
You should change the configuration part about the munin-cgi-graph, setting the same permissions as the main section. Here's your configuration:
# Enables fastcgi for munin-cgi-graph if present
ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
<Location /munin-cgi/munin-cgi-graph>
Order allow,deny
Allow from localhost 127.0.0.0/8 ::1
# AuthUserFile /etc/munin/munin-htpasswd
# AuthName "Munin"
# AuthType Basic
# require valid-user
<IfModule mod_fcgid.c>
SetHandler fcgid-script
</IfModule>
<IfModule !mod_fcgid.c>
SetHandler cgi-script
</IfModule>
</Location>
change it to this:
# Enables fastcgi for munin-cgi-graph if present
ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
<Location /munin-cgi/munin-cgi-graph>
Order allow,deny
# Allow from localhost 127.0.0.0/8 ::1
Allow from all
AuthUserFile /etc/munin/munin-htpasswd
AuthName "Munin"
AuthType Basic
require valid-user
<IfModule mod_fcgid.c>
SetHandler fcgid-script
</IfModule>
<IfModule !mod_fcgid.c>
SetHandler cgi-script
</IfModule>
</Location>
Additionally I had to install the libcgi-fast-perl package, doing this:
sudo apt-get install libcgi-fast-perl
Checking /var/log/apache2/error.log helped me a lot.
I had experienced the same behavior in Ubuntu 14.04 LTS. The reason was the image URL in the dynazoom page was incorrectly using /cgi-bin/munin-cgi-graph/ instead of /munin-cgi/munin-cgi/graph/ so instead of hunting down in the code to fix this bug I worked around it with a quick rewrite rule:
RewriteRule ^/cgi-bin/munin-cgi-graph/(.*) /$1
Hope this helps
In my case following https://bugs.launchpad.net/ubuntu/+source/munin/+bug/1258026 and http://munin-monitoring.org/wiki/MuninConfigurationMasterCGI worked.
The only problematic part was where to put Apache virtual host configuration, it turned out that placing it at /etc/apache2/sites-enabled/001-munin.conf worked.
I've been trying to make my graphite server work but after reading so many tutorials of how to install and configure everything, I'm still stuck.
At this point, if I use a simple virtualHost, I can see that the apache2 is working fine ("It works!"), but once I enable the other site where the graphite is configured, I get a 503.
could anyone tell me whats wrong in my definitions? Thanks in advance!
# the main httpd.conf
#NameVirtualHost *:80
# This line also needs to be in your server's config.
# LoadModule wsgi_module modules/mod_wsgi.so
# You need to manually edit this file to fit your needs.
# This configuration assumes the default installation prefix
# of /opt/graphite/, if you installed graphite somewhere else
# you will need to change all the occurances of /opt/graphite/
# in this file to your chosen install location.
<IfModule !wsgi_module.c>
LoadModule wsgi_module modules/mod_wsgi.so
</IfModule>
# XXvX You need to set this up!
# Read http://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGISocketPrefix
WSGISocketPrefix run/wsgi
<VirtualHost *:80>
ServerName graphite
DocumentRoot "/opt/graphite/webapp"
ErrorLog /opt/graphite/storage/log/webapp/error.log
CustomLog /opt/graphite/storage/log/webapp/access.log common
# I've found that an equal number of processes & threads tends
# to show the best performance for Graphite (ymmv).
WSGIDaemonProcess graphite processes=5 threads=5 display-name='%{GROUP}' inactivity-timeout=120
WSGIProcessGroup graphite
WSGIApplicationGroup %{GLOBAL}
WSGIImportScript /opt/graphite/conf/graphite.wsgi process-group=graphite application-group=%{GLOBAL}
# XXX You will need to create this file! There is a graphite.wsgi.example
# file in this directory that you can safely use, just copy it to graphite.wgsi
WSGIScriptAlias / /opt/graphite/conf/graphite.wsgi
Alias /content/ /opt/graphite/webapp/content/
<Location "/content/">
SetHandler None
</Location>
# XXX In order for the django admin site media to work you
# XXX You need to set this up!
# Read http://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGISocketPrefix
WSGISocketPrefix run/wsgi
<VirtualHost *:80>
ServerName graphite
DocumentRoot "/opt/graphite/webapp"
ErrorLog /opt/graphite/storage/log/webapp/error.log
CustomLog /opt/graphite/storage/log/webapp/access.log common
# I've found that an equal number of processes & threads tends
# to show the best performance for Graphite (ymmv).
WSGIDaemonProcess graphite processes=5 threads=5 display-name='%{GROUP}' inactivity-timeout=120
WSGIProcessGroup graphite
WSGIApplicationGroup %{GLOBAL}
WSGIImportScript /opt/graphite/conf/graphite.wsgi process-group=graphite application-group=%{GLOBAL}
# XXX You will need to create this file! There is a graphite.wsgi.example
# file in this directory that you can safely use, just copy it to graphite.wgsi
WSGIScriptAlias / /opt/graphite/conf/graphite.wsgi
Alias /content/ /opt/graphite/webapp/content/
<Location "/content/">
SetHandler None
</Location>
# XXX In order for the django admin site media to work you
# must change #DJANGO_ROOT# to be the path to your django
# installation, which is probably something like:
# /usr/lib/python2.6/site-packages/django
Alias /media/ "#DJANGO_ROOT#/contrib/admin/media/"
<Location "/media/">
SetHandler None
</Location>
# The graphite.wsgi file has to be accessible by apache. It won't
# be visible to clients because of the DocumentRoot though.
<Directory /opt/graphite/conf/>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
ServerName 54.12.34.222
Give in your public IP there. Why again do you mave multiple VirtualHosts defined in there?
<IfModule !wsgi_module.c>
LoadModule wsgi_module modules/mod_wsgi.so
</IfModule>
# XXX You need to set this up!
# Read http://code.google.com/p/modwsgi/wiki/ConfigurationDirectives#WSGISocketPrefix
WSGISocketPrefix run/wsgi
<VirtualHost *:80>
ServerName 54.100.200.100
DocumentRoot "/opt/graphite/webapp"
ErrorLog /opt/graphite/storage/log/webapp/error.log
CustomLog /opt/graphite/storage/log/webapp/access.log common
# I've found that an equal number of processes & threads tends
# to show the best performance for Graphite (ymmv).
WSGIDaemonProcess graphite processes=5 threads=5 display-name='%{GROUP}' inactivity-timeout=120
WSGIProcessGroup graphite
WSGIApplicationGroup %{GLOBAL}
WSGIImportScript /opt/graphite/conf/graphite.wsgi process-group=graphite application-group=%{GLOBAL}
# XXX You will need to create this file! There is a graphite.wsgi.example
# file in this directory that you can safely use, just copy it to graphite.wgsi
WSGIScriptAlias / /opt/graphite/conf/graphite.wsgi
Alias /content/ /opt/graphite/webapp/content/
<Location "/content/">
SetHandler None
</Location>
# XXX In order for the django admin site media to work you
# must change #DJANGO_ROOT# to be the path to your django
# installation, which is probably something like:
# /usr/lib/python2.6/site-packages/django
Alias /media/ "#DJANGO_ROOT#/contrib/admin/media/"
<Location "/media/">
SetHandler None
</Location>
# The graphite.wsgi file has to be accessible by apache. It won't
# be visible to clients because of the DocumentRoot though.
<Directory /opt/graphite/conf/>
Order deny,allow
Allow from all
</Directory>
<Directory /opt/graphite/webapp>
Order deny,allow
Deny from all
AllowOverride All
AuthName "Graphite web access"
AuthType Basic
AuthUserFile /opt/graphite/passwd/passwords
Require user webyog
Allow from 122.181.14.62, 202.191.170.90
Satisfy Any
</Directory>
</VirtualHost>
I have enabled the status mod
<IfModule mod_status.c>
ExtendedStatus On
<Location /server-status>
SetHandler server-status
#Order deny,allow
#Deny from all
#Allow from localhost 127.0.0.1
</Location>
</IfModule>
can i add an basic authentication without AuthUserFile? i just want to define username an password in my config file