Versions Compared

Old Version 25

changes.mady.by.user Louis Tissington

Saved on

compared with

New Version 26

changes.mady.by.user Louis Tissington

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Warning

Advanced level feature: skills with Apache or Nginx web server configuration and SSL are required.

See the 'Current Issues' section below for details of problems you may encounter if you enable this feature.

...

Code Block
<VirtualHost *:443>
        ServerName example.opmantek.com

        SSLEngine on
        SSLProxyEngine On
        ProxyRequests Off

        SSLCertificateFile    /etc/ssl/certs/example/cert.pem
        SSLCertificateKeyFile /etc/ssl/certs/example/privkey.pem
        SSLCertificateChainFile /etc/ssl/certs/example/fullchain.pem

        RequestHeader set X-Forwarded-Proto "https"

		# Proxy the websocket connection and rewrite the header          ProxyPassMatch ^(\/(en|es)\/omk\/opEvents\/ws\/.*)$
 ws://localhost:8042/$1 		# Proxy the rest of the applicationRewriteEngine On
       ProxyPass /en/omk http://localhost:8042/en/omkRewriteCond %{REQUEST_URI} ^/en/omk/opEvents/ws/(.*)
        ProxyPassRewriteRule /es/omk http(.*) ws://localhost:8042/esen/omk/opEvents/ws/%1 [P,L] 
   
    ProxyPass  /omk http://localhost:8042/omk
        ProxyPassReverse / http:// # Proxy the rest of the application
        ProxyPass /en/omk http://localhost:8042/en/omk
		ErrorDocument 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>'

</VirtualHost>
<VirtualHost *:80>
    ServerName example.opmantek.com
    Redirect 301 / https://example.opmantek.com/
</VirtualHost>

If you receive a "server connection terminated before websocket handshake" response from the browser dev tools console with the above configuration for rhel/centos, then you need to handle the proxy as a rewrite rule , and then proxy that back to the webclient. 

Code Block
replace: 
ProxyPassMatch ^(\/(en|es)\/omk\/opEvents\/ws\/.*)$  ws://localhost:8042/$1

With: 
 RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/en/omk/opEvents/ws/(.*)
    RewriteRule /(.*) ws://localhost:8042/en/omk/opEvents/ws/%1 [P,L] ProxyPass /es/omk http://localhost:8042/es/omk
        ProxyPass /omk http://localhost:8042/omk
        ProxyPassReverse / http://localhost:8042/
		ErrorDocument 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>'

</VirtualHost>
<VirtualHost *:80>
    ServerName example.opmantek.com
    Redirect 301 / https://example.opmantek.com/
</VirtualHost>


Settings which you will need to modify from the example

...

NameValueExampleApache Docs
ServerNameFQDN of the server which users will refer to it bymonit-prod.opmantek.comhttps://httpd.apache.org/docs/2.4/vhosts/name-based.html
SSLCertificateKeyFileServer PEM-encoded private key file/etc/ssl/certs/example/privkey.pemhttps://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile
SSLCertificateChainFile(Before apache 2.4.8) File of PEM-encoded Server CA Certificates/etc/ssl/certs/example/fullchain.pemhttps://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile
fcgiwrap.socketallows you to set up a socket for communication between a web server and fcgiwrap to handle FastCGI requests /var/run/fcgiwrap.socket

...