I am new both to Apache and HAporxy. I have been tasked to create a reverse proxy

August 27, 2018 534 views
Apache CentOS

Hi guys,

I am new both to Apache and HAporxy. I have been tasked to create a reverse proxy.

One example of what needs to be dun:

client ==?= moodle.mycompany.com ==> proxy ==> moodle01.mycompany.net/elearning

client ==?= data.mycompany.com ==> proxy ==> backend.data/foo

Both connection from client to proxy and from proxy to backend need to be over SSl - this is working

When client tries to connect she/ he must present cert - this is working

“land” to backend subfolder - this is working when testing from LAN

client shoud allways see just moodle.mycompany.com never backend.moodle/elearning - not working

When I test from my LAN reverse proxy is working, client lands to subfolder on lweb server, but url that is displayed is from backend server, when i test outside my LAN, client lands on root of web server.

I am quite new to all this, and as much as Itry to read on the subject I am not certain what is what and what I need to do.

Here is my config so far:

frontend

frontend Proxy

bind *:443 ssl crt /etc/ssl/data.pem crt /etc/ssl/moodle.pem ca-file /etc/ssl//sca.pem verify required

acl for manipulation

acl urlmoodle hdrbeg(host) -i moodle

acl urlepero hdrbeg(host) -i data

backend

usebackend moodle if urlmoodle

usebackend data if urldata

backend moodle

server moodle-01 moodle01.mycompany.net:443 ssl crt /etc/ssl/certs/intermediate.pem verify none

reqrep ^([^\ :])\ (.) \1\ /elearning/\2

backend data

server data1 data.mycompany.com:443 ssl crt /etc/ssl/certs/intermediate.pem verify none

1 Answer

Hey friend!

So this is a fun project to start with! Totally possible to do though, I don’t think this is going to be the one that causes you too many headaches. You seem to already have a good mind for it.

Now, for my time, there is no simpler configuration than Apache. A thousand Nginx users just turned their heads toward me and I want to apologize to them in advance. To me the syntax is just easier, and frankly it’s probably plenty for your need. Check out this guide:

https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension

This is an older tutorial but honestly, this process hasn’t changed in a long time. Imagine this is your total virtual host for the first example you needed:

<VirtualHost *:*>
    ServerName moodle.mycompany.com
    ProxyPreserveHost On
    ProxyPass / http://moodle01.mycompany.net/elearning/
    ProxyPassReverse / http://moodle01.mycompany.net/elearning/
</VirtualHost>

There are always more complicated circumstances than the ones in my head, so forgive me if this does leave out a need. That said, I honestly think it could be as simple as that. The steps in that tutorial will lead you all the way through the requirements, as it isn’t as simple as “install apache and plug in that code” (need to enable extensions, etc). Hopefully it helps!

Jarland

by O.S. Tezer
In this DigitalOcean article, we are going to see set up Apache on Ubuntu 13 and use it as a reverse-proxy to welcome incoming connections and redirect them to application server(s) running on the same network. For this purpose, we are going to use and work with the mod_proxy extension and several other related Apache modules.
Have another answer? Share your knowledge.