Warning |
---|
Advanced level feature: skills with Apache or Nginx web server configuration and SSL are required. See the 'Current Issues' section below for details of problems you may encounter if you enable this feature. |
...
Code Block |
---|
<VirtualHost *:443> ServerName example.opmantek.com SSLEngine on SSLProxyEngine On ProxyRequests Off SSLCertificateFile /etc/ssl/certs/example/cert.pem SSLCertificateKeyFile /etc/ssl/certs/example/privkey.pem SSLCertificateChainFile /etc/ssl/certs/example/fullchain.pem RequestHeader set X-Forwarded-Proto "https" # Proxy the websocket connection and rewrite the header ProxyPassMatch ^(\/(en|es)\/omk\/opEvents\/ws\/.*)$ ws://localhost:8042/$1 # Proxy the rest of the applicationRewriteEngine On ProxyPass /en/omk http://localhost:8042/en/omkRewriteCond %{REQUEST_URI} ^/en/omk/opEvents/ws/(.*) ProxyPassRewriteRule /es/omk http(.*) ws://localhost:8042/esen/omk/opEvents/ws/%1 [P,L] ProxyPass /omk http://localhost:8042/omk ProxyPassReverse / http:// # Proxy the rest of the application ProxyPass /en/omk http://localhost:8042/en/omk ErrorDocument 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>' </VirtualHost> <VirtualHost *:80> ServerName example.opmantek.com Redirect 301 / https://example.opmantek.com/ </VirtualHost> |
If you receive a "server connection terminated before websocket handshake" response from the browser dev tools console with the above configuration for rhel/centos, then you need to handle the proxy as a rewrite rule , and then proxy that back to the webclient.
Code Block |
---|
replace: ProxyPassMatch ^(\/(en|es)\/omk\/opEvents\/ws\/.*)$ ws://localhost:8042/$1 With: RewriteEngine On RewriteCond %{REQUEST_URI} ^/en/omk/opEvents/ws/(.*) RewriteRule /(.*) ws://localhost:8042/en/omk/opEvents/ws/%1 [P,L] ProxyPass /es/omk http://localhost:8042/es/omk ProxyPass /omk http://localhost:8042/omk ProxyPassReverse / http://localhost:8042/ ErrorDocument 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>' </VirtualHost> <VirtualHost *:80> ServerName example.opmantek.com Redirect 301 / https://example.opmantek.com/ </VirtualHost> |
Settings which you will need to modify from the example
...
This configuration is also to ensure you can proxy websocket connections for ubuntu 20.04 and over for ubuntu, Ubuntu does not support the required apache2 version needed for opevents realtime gui so if you wish to enable this feature and use Ubuntu you will need to follow these steps.
...
Name | Value | Example | Apache Docs |
---|---|---|---|
ServerName | FQDN of the server which users will refer to it by | monit-prod.opmantek.com | https://httpd.apache.org/docs/2.4/vhosts/name-based.html |
SSLCertificateKeyFile | Server PEM-encoded private key file | /etc/ssl/certs/example/privkey.pem | https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile |
SSLCertificateChainFile | (Before apache 2.4.8) File of PEM-encoded Server CA Certificates | /etc/ssl/certs/example/fullchain.pem | https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile |
fcgiwrap.socket | allows you to set up a socket for communication between a web server and fcgiwrap to handle FastCGI requests | /var/run/fcgiwrap.socket |
...