apache.rst 2.22 KB
Newer Older
fv3rdugo's avatar
fv3rdugo committed
1
2
Run Hypnotoad service and Apache as a proxy for it.

3
4
5
6
7
8
9
Upgrading
---------

Even if you had Apache proxy already set up you must add some
configuration options. Check Hypnotoad, modules and configuration
and make sure it is exactly like this.

10
11
12
13
14
15
16
17
18
19
Configure Hypnotoad proxy
-------------------------

First of all you need to tell *hypnotoad* we are behind a proxy.
This allows Mojolicious to automatically pick up the X-Forwarded-For
and X-Forwarded-Proto headers.

Edit the file */etc/rvd_front.conf* and make sure there is a line with *proxy => 1*
inside hypnotoad.

20
21
::

22
23
24
25
26
27
28
29
30
31
32
   hypnotoad => {
       pid_file => '/var/run/ravada/rvd_front.pid'
      ,listen => ['http://*:8081']
      ,proxy => 1
   }

Restart the front server to reload this configuration:


.. prompt:: bash $

33
    sudo systemctl restart rvd_front
34
35


Fernando Verdugo's avatar
Fernando Verdugo committed
36
37
38
Install Apache
--------------

Fernando Verdugo's avatar
Fernando Verdugo committed
39
.. prompt:: bash #
Fernando Verdugo's avatar
Fernando Verdugo committed
40

Fernando Verdugo's avatar
Fernando Verdugo committed
41
    apt-get install apache2
Fernando Verdugo's avatar
Fernando Verdugo committed
42

fv3rdugo's avatar
fv3rdugo committed
43
44
45
Enable apache modules
---------------------

Francesc Guasch's avatar
Francesc Guasch committed
46
47
48
49
Enable these modules.

.. Tip:: Do it even it is not the first time you set up Apache. We added some modules in the latest release.

Fernando Verdugo's avatar
Fernando Verdugo committed
50
.. prompt:: bash #
fv3rdugo's avatar
fv3rdugo committed
51

Francesc Guasch's avatar
Francesc Guasch committed
52
    a2enmod ssl proxy proxy_http proxy_connect proxy_wstunnel headers
fv3rdugo's avatar
fv3rdugo committed
53
54
55
56
57
58

Apache Proxy Configuration
--------------------------

Link the https configuration and add the proxy lines.

Fernando Verdugo's avatar
Fernando Verdugo committed
59
.. prompt:: bash #
fv3rdugo's avatar
fv3rdugo committed
60

Fernando Verdugo's avatar
Fernando Verdugo committed
61
    a2ensite default-ssl
fv3rdugo's avatar
fv3rdugo committed
62

Francesc Guasch's avatar
Francesc Guasch committed
63
64
65
Edit /etc/apache2/sites-enabled/default-ssl.conf.

.. Tip:: Do not forget new *ProxyPass* and *RequestHeader* lines added in the last release.
fv3rdugo's avatar
fv3rdugo committed
66
67
68
69
70
71
72

::

    <IfModule mod_ssl.c>
        <VirtualHost _default_:443>
            ProxyRequests Off
            ProxyPreserveHost On
Francesc Guasch's avatar
Francesc Guasch committed
73
            ProxyPass /ws/ ws://localhost:8081/ws/ keepalive=On
fv3rdugo's avatar
fv3rdugo committed
74
75
            ProxyPass / http://localhost:8081/ keepalive=On
            ProxyPassReverse / http://localhost:8081/
Francesc Guasch's avatar
Francesc Guasch committed
76
            RequestHeader set X-Forwarded-Proto "https"
fv3rdugo's avatar
fv3rdugo committed
77
78
79
80
81
82
83
84
85
86
87
88
89
90

Apache redirect to https
------------------------

Redirect all the connections to https.

Edit /etc/apache2/sites-enabled/000-default.conf

::

    <VirtualHost *:80>
        ServerName hostname.domainname
        Redirect / https://hostname.domainname/
    </virtualhost>
Fernando Verdugo's avatar
Fernando Verdugo committed
91
92
    
.. Tip:: Remember restart Apache2 service, with ``systemctl restart apache2`` or ``services apache2 restart``.
93
94
95

.. prompt:: bash $

96
    sudo systemctl restart apache2
97