spants Posted December 24, 2015 Share Posted December 24, 2015 @CHBMB: Thanks a lot for your kind support! On the Apache side it all seems to work fine now. I still have to seek support for a strange MySQL error. But that's another day's work. Could you do a writeup for spot web on this docker please? I'm using an old docker that I wrote but would like to get it running a little smoother - especially as a newsnab server happy xmas Tony Quote Link to comment
CHBMB Posted December 24, 2015 Share Posted December 24, 2015 Jonathan, I might be wrong, but from looking in the container and checking the dockerfile perl is indeed present and located in /usr/lib/ not /usr/bin/ I'll play around a bit more... EDIT: I think I was wrong, there are perl directories located within the container at the above location but I don't think libapache2-mod-perl2 is installed.. smdion is the creator of this particular container, so I'll point him this way... I got Perl running, how do I freeze the container so it doesn't blow away my changes if I restart the machine? If the container can be build with the libapache2-mod-perl2 installed, I'd be fine. jonathan it'd need a modification (minor) to the dockerfile I think.... I'll need to talk to smdion and the others about it, but I could fork and create a test in my personal repo for the time being.. I don't think there's an easy way to "freeze" the container and prevent the changes being reverted In the meantime, let me know exactly the steps you do to install the necessary modules and I'll do what I can.. Quote Link to comment
m1ll3rt1m3 Posted December 25, 2015 Share Posted December 25, 2015 So I am trying to put pretty much everything through this proxy, and for the most part it's working. The problem comes into play when I try to proxy plex with it's own subdomain. A friend of mine is using apache with a very similar config. <VirtualHost *:80> ServerName example.com ServerAlias www.example.com DocumentRoot /config/www <Directory /config/www/> AllowOverride All </Directory> Redirect permanent / https://example.com/ </VirtualHost> exit <VirtualHost *:443> ServerName example.com ServerAlias www.example.com ServerAdmin webmaster@localhost DocumentRoot /config/www <Directory /config/www/> AllowOverride All </Directory> SSLCertificateFile /config/keys/root/ssl.crt SSLCertificateKeyFile /config/keys/root/decrypted.cert.key SSLCertificateChainFile /config/keys/root/sub.class1.server.ca.pem SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder On SSLSessionTickets Off Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff SSLCompression off SSLUseStapling on SSLEngine on SSLProxyEngine On RewriteEngine On ProxyPreserveHost On <Location /couchpotato> ProxyPass http://192.168.0.245:5050/couchpotato ProxyPassReverse http://192.168.0.245:5050/couchpotato </Location> <Location /sonarr> ProxyPass http://192.168.0.245:8989/sonarr ProxyPassReverse http://192.168.0.245:8989/sonarr </Location> <Location /nzbget> ProxyPass http://192.168.0.245:6789/nzbget ProxyPassReverse http://192.168.0.245:6789/nzbget </Location> <Location /headphones> ProxyPass http://192.168.0.245:8181/headphones ProxyPassReverse http://192.168.0.245:8181/headphones </Location> <Location /plexpy> ProxyPass http://192.168.0.245:8180/plexpy ProxyPassReverse http://192.168.0.245:8180/plexpy </Location> <Location /requests> ProxyPass http://192.168.0.245:3000/requests ProxyPassReverse http://192.168.0.245:3000/requests </Location> <Location /deluge/> RequestHeader append X-Deluge-Base "/deluge" ProxyPass http://192.168.0.245:8112/ ProxyPassReverse http://192.168.0.245:8112/ </Location> <Location /guacamole/> Order allow,deny Allow from all ProxyPass http://192.168.0.245:9050/guacamole/ flushpackets=on ProxyPassReverse http://192.168.0.245:9050/guacamole/ </Location> </VirtualHost> <VirtualHost *:443> ServerName plex.example.com ServerAlias example.com ServerAdmin webmaster@localhost DocumentRoot /config/www <Directory /config/www/> AllowOverride All </Directory> SSLCertificateFile /config/keys/plex/plex.ssl.crt SSLCertificateKeyFile /config/keys/plex/decyrpted.plex.ssl.key SSLCertificateChainFile /config/keys/plex/root.crt SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder On SSLSessionTickets Off Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff SSLCompression off SSLUseStapling on SSLEngine on SSLProxyEngine On RewriteEngine On ProxyPreserveHost On <Location /> AuthType Basic AuthName "Restricted area" AuthUserFile /config/www/.htpasswd Require valid-user </Location> <Proxy *> Order deny,allow Allow from all </Proxy> ProxyRequests Off ProxyPass / http://192.168.0.245:32400/ ProxyPassReverse / http://192.168.0.245:32400/ RewriteEngine on RewriteCond %{REQUEST_URI} !^/web RewriteCond %{HTTP:X-Plex-Device} ^$ RewriteRule ^/$ /web/$1 [R,L] </VirtualHost> If I remove the plex.example.com virtual host it works fine. As soon as it gets added apache fails across the board. Quote Link to comment
CHBMB Posted December 25, 2015 Share Posted December 25, 2015 Well at least you've worked out what the problem is... What does the log file show, not the docker container log but the one in your appdata... Quote Link to comment
m1ll3rt1m3 Posted December 25, 2015 Share Posted December 25, 2015 Here are the logs from today. I have made several attempts since this morning so this should be everything involved. [Fri Dec 25 07:06:33.256182 2015] [mpm_prefork:notice] [pid 73] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.16. Set the 'ServerName' directive globally to suppress this message [Fri Dec 25 07:26:44.829615 2015] [:notice] [pid 9624] FastCGI: process manager initialized (pid 9624) [Fri Dec 25 07:26:44.854913 2015] [mpm_prefork:notice] [pid 9623] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [Fri Dec 25 07:26:44.855302 2015] [core:notice] [pid 9623] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [Fri Dec 25 07:30:18.056901 2015] [mpm_prefork:notice] [pid 9623] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.17. Set the 'ServerName' directive globally to suppress this message [Fri Dec 25 07:30:28.297599 2015] [:notice] [pid 77] FastCGI: process manager initialized (pid 77) [Fri Dec 25 07:30:28.325521 2015] [mpm_prefork:notice] [pid 72] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [Fri Dec 25 07:30:28.325742 2015] [core:notice] [pid 72] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [Fri Dec 25 08:02:46.877503 2015] [mpm_prefork:notice] [pid 72] AH00169: caught SIGTERM, shutting down [Fri Dec 25 08:02:47.906380 2015] [:notice] [pid 182] FastCGI: process manager initialized (pid 182) [Fri Dec 25 08:02:47.977489 2015] [mpm_prefork:notice] [pid 179] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [Fri Dec 25 08:02:47.977710 2015] [core:notice] [pid 179] AH00094: Command line: '/usr/sbin/apache2' [Fri Dec 25 08:02:48.669340 2015] [mpm_prefork:notice] [pid 179] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.17. Set the 'ServerName' directive globally to suppress this message [Fri Dec 25 08:02:49.727242 2015] [:notice] [pid 223] FastCGI: process manager initialized (pid 223) [Fri Dec 25 08:02:49.765997 2015] [mpm_prefork:notice] [pid 222] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [Fri Dec 25 08:02:49.766239 2015] [core:notice] [pid 222] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [Fri Dec 25 08:11:51.715671 2015] [mpm_prefork:notice] [pid 222] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.18. Set the 'ServerName' directive globally to suppress this message [Fri Dec 25 08:48:48.901231 2015] [:notice] [pid 6631] FastCGI: process manager initialized (pid 6631) [Fri Dec 25 08:48:48.930577 2015] [mpm_prefork:notice] [pid 6630] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [Fri Dec 25 08:48:48.930967 2015] [core:notice] [pid 6630] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [Fri Dec 25 08:48:59.583948 2015] [mpm_prefork:notice] [pid 6630] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.19. Set the 'ServerName' directive globally to suppress this message [Fri Dec 25 08:49:09.746374 2015] [:notice] [pid 77] FastCGI: process manager initialized (pid 77) [Fri Dec 25 08:49:09.776339 2015] [mpm_prefork:notice] [pid 72] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [Fri Dec 25 08:49:09.776626 2015] [core:notice] [pid 72] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [Fri Dec 25 10:24:46.768869 2015] [mpm_prefork:notice] [pid 72] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.20. Set the 'ServerName' directive globally to suppress this message [Fri Dec 25 10:35:49.053935 2015] [:notice] [pid 77] FastCGI: process manager initialized (pid 77) [Fri Dec 25 10:35:49.080646 2015] [mpm_prefork:notice] [pid 72] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [Fri Dec 25 10:35:49.080894 2015] [core:notice] [pid 72] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [Fri Dec 25 12:45:05.535052 2015] [mpm_prefork:notice] [pid 72] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.22. Set the 'ServerName' directive globally to suppress this message [Fri Dec 25 13:20:10.562323 2015] [:notice] [pid 75] FastCGI: process manager initialized (pid 75) [Fri Dec 25 13:20:10.618927 2015] [mpm_prefork:notice] [pid 71] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [Fri Dec 25 13:20:10.619205 2015] [core:notice] [pid 71] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' Quote Link to comment
JonathanM Posted December 26, 2015 Share Posted December 26, 2015 Jonathan, I might be wrong, but from looking in the container and checking the dockerfile perl is indeed present and located in /usr/lib/ not /usr/bin/ I'll play around a bit more... EDIT: I think I was wrong, there are perl directories located within the container at the above location but I don't think libapache2-mod-perl2 is installed.. smdion is the creator of this particular container, so I'll point him this way... I got Perl running, how do I freeze the container so it doesn't blow away my changes if I restart the machine? If the container can be build with the libapache2-mod-perl2 installed, I'd be fine. jonathan it'd need a modification (minor) to the dockerfile I think.... I'll need to talk to smdion and the others about it, but I could fork and create a test in my personal repo for the time being.. I don't think there's an easy way to "freeze" the container and prevent the changes being reverted In the meantime, let me know exactly the steps you do to install the necessary modules and I'll do what I can.. Simple change, exec into the container and sudo apt-get install libapache2-mod-perl2 I'm trying to overcome the next hurdle, which is a lack of permissions somewhere. Perl is definitely working, as long the the script is self contained. As soon as I try to write a file in the /config/www hierarchy, perl fails to create the file with a permissions issue. Thing is, the folders are world writeable, both from inside the container and on the unraid side. I'm wondering if the docker mapping mechanism is foiling the permissions for perl somehow. I'm tired of banging on it for now, I'll do some more testing later, to see if I can write to a folder not located in the mapped config area of the docker. Quote Link to comment
smoldersonline Posted December 28, 2015 Share Posted December 28, 2015 Could you do a writeup for spot web on this docker please? I'm using an old docker that I wrote but would like to get it running a little smoother - especially as a newsnab server happy xmas Tony Maybe https://github.com/spotweb/spotweb/wiki/Spotweb-als-Newznab-Provider can help. I followed these steps and it works fine (for me): Make sure that mod_rewrite is enabled and AllowOverride is set (more info). Create a file called .htaccess and enter the following: RewriteEngine on RewriteCond %{REQUEST_URI} !api/ RewriteRule api/?$ index.php?page=newznabapi [QSA] RewriteRule details/([^/]+) index.php?page=getspot&messageid=$1 [L] If your spotweb installation is not in your www-root dir, but in a subfolder, you should add a line with the RewriteBase in your .htaccess.. It should look like the following (change the third line for your situation): RewriteEngine on RewriteCond %{REQUEST_URI} !api/ RewriteBase /spotweb/ RewriteRule api/?$ index.php?page=newznabapi [QSA] RewriteRule details/([^/]+) index.php?page=getspot&messageid=$1 [L] If you made the installation with apt-get, the last line needs to look like this: RewriteRule api/?$ /spotweb/index.php?page=newznabapi [QSA] RewriteRule details/([^/]+) /spotweb/index.php?page=getspot&messageid=$1 [L] Happy New Year! Quote Link to comment
spants Posted December 28, 2015 Share Posted December 28, 2015 Maybe https://github.com/spotweb/spotweb/wiki/Spotweb-als-Newznab-Provider can help. I followed these steps and it works fine (for me): Happy New Year! Thank you - I had found that page and it works fine..... I think that there is a spotweb fork that works better for sonarr - will check it out and report back. Happy New Year! Quote Link to comment
methanoid Posted January 7, 2016 Share Posted January 7, 2016 What base image are these Dockers based on? Is there an easy way to tell for other Dockers which image they are based on. Ideally more efficient to get Dockers all based on same base image? Quote Link to comment
j0nnymoe Posted January 7, 2016 Share Posted January 7, 2016 What base image are these Dockers based on? Is there an easy way to tell for other Dockers which image they are based on. Ideally more efficient to get Dockers all based on same base image? The base image for our dockers is a fork of the phusion base image with our additional tweaks. Quote Link to comment
Squid Posted January 8, 2016 Share Posted January 8, 2016 What base image are these Dockers based on? Is there an easy way to tell for other Dockers which image they are based on. Ideally more efficient to get Dockers all based on same base image? If you've installed Community Applications, then clicking on the icon for any docker app (or plugin for that matter) will show a pop-up which includes (amongst other things) the base image for the docker. Quote Link to comment
keepitshut Posted January 10, 2016 Share Posted January 10, 2016 Hi do you all intend to add lets encrypt support to this apache docker any time soon? Quote Link to comment
Narnian Posted January 10, 2016 Share Posted January 10, 2016 Anybody got a reverse proxy config for Piwigo? Hey Gog, I don't use Piwigo, but thought I'd load it up and see if I can solve this one. There are two options 1. Run in a separate subdomain - This is by far the easiest option... so url would be photos.server.com (Photos could be changed to whatever you want naturally) 2. Edit both the default.conf for the Apache container and the default.conf for the Piwigo container. Making basic changes to both it is possible to get this working on server.com/gallery (It is possible to change the name gallery to something else but would again require changes to the name of the folder in the www directory in the Piwigo container. Essentially the default.conf in the Piwigo container should read <VirtualHost *:80> DocumentRoot /config/www/ <Directory /config/www/gallery/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order deny,allow Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> And the relevant bit in the Apache container default.conf would be <Location /gallery> ProxyPass http://192.168.0.1:8095/gallery ProxyPassReverse http://192.168.0.1:8095/gallery </Location> If you do want to change gallery to something else, then in the configs above change every instance of gallery to whatever you like, then in the config folder of Piwigo then do two extra steps. 1. Go into the www folder in the Piwigo container and rename gallery to whatever it is you chose 2. Restart the piwigo docker container. That should work. Found this quite testing tbh as essentially trying to juggle two Apache configs at the same time, interesting nonetheless. I haven't tested it extensively so please do before you commit a ton of time configuring the rest of it and please let me know how you got on with it. Hope that helps. CHBMB I have been trying to tackle this for days for subsonic (I have ssl keys but before I go down that scary road I want to see it work without them when I try placing them in keys the server overwrites the certs.) I set up unRaid on port 8008 I have cloudflare all set up with page rules configured with *.example.com and example.com/* maces clodflare ddns is working fine and resolving. What I am looking at here is you have gallery under the www should I be placing my dockers in the www? I just want the url to read as the url and not the host ip address. Which is what I always seem to be getting. When I try changing the ssl and point to another folder for my own keys the server stops. Any help would be appreciated. I am hoping to do this with emby as well. Quote Link to comment
CHBMB Posted January 10, 2016 Share Posted January 10, 2016 CHBMB I have been trying to tackle this for days for subsonic (I have ssl keys but before I go down that scary road I want to see it work without them when I try placing them in keys the server overwrites the certs.) I set up unRaid on port 8008 I have cloudflare all set up with page rules configured with *.example.com and example.com/* maces clodflare ddns is working fine and resolving. What I am looking at here is you have gallery under the www should I be placing my dockers in the www? I just want the url to read as the url and not the host ip address. Which is what I always seem to be getting. When I try changing the ssl and point to another folder for my own keys the server stops. Any help would be appreciated. I am hoping to do this with emby as well. So I don't use cloudflare, I tried it but it created more issues for me than it fixed.... You install a docker container as normal and use this container as a reverse proxy... If you look at the bit here, you'll see that the default.conf I'm referring to is actually in the piwigo container (A lot of of our container actually contain a webserver within them) Essentially the default.conf in the Piwigo container I'm sorry but I'm not quite understanding what your config is like and as always it's impossible to troubleshoot without seeing your config files I'm afraid... Quote Link to comment
Narnian Posted January 11, 2016 Share Posted January 11, 2016 Sorry for the delay here is my apache/site-conf file <VirtualHost *:443> SSLEngine On SSLCertificateFile /config/ssl-certs/ssl.crt SSLCertificateKeyFile /config/ssl-certs/decrypted.cert.key SSLProxyEngine on #ServerAdmin [email protected] DocumentRoot /config/www ServerName subsonic.example.com # Possible values include: debug, info, notice, warn, error, crit ,alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/subsonic-access.log combined ErrorLog ${APACHE_LOG_DIR}/subsonic-error.logProxyHTMLStripComments on <Location /> ProxyRequests off RequestHeader unset Accept-Encoding ProxyPass http://192.168.0.14:4040/ ProxyPassReverse http://192.168.0.14:4040/ Order allow,deny Allow from all </Location> <VirtualHost> #####hernandito##### <VirtualHost *:80> ServerName example.us ServerAlias example.us ServerAdmin webmaster@localhost DocumentRoot /config/www/ ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://192.168.0.14:4040/ ProxyPassReverse / http://192.168.0.14:4040/ </VirtualHost> The top portion was taken from here http://www.jamescoyle.net/how-to/875-reverse-proxy-subsonic-with-apache I have no idea where this is supposed to go although he is trying to tell me...Add the below text to a new sites-available Apache configuration file. vi /etc/apache2/sites-available/subsonic hernandito his set up works except I get the ip address and not the nice subsonic.example.com Here is the error log from apache.... [sun Jan 10 19:03:56.460281 2016] [:notice] [pid 77] FastCGI: process manager initialized (pid 77) [sun Jan 10 19:03:56.470621 2016] [ssl:warn] [pid 73] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [b][sun Jan 10 19:03:56.470710 2016] [ssl:warn] [pid 73] AH01909: RSA certificate configured for www.mydomain.us:443 does NOT include an ID which matches the server name[/b] [sun Jan 10 19:03:56.472532 2016] [mpm_prefork:notice] [pid 73] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [sun Jan 10 19:03:56.472590 2016] [core:notice] [pid 73] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [sun Jan 10 19:12:25.181494 2016] [mpm_prefork:notice] [pid 73] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.31. Set the 'ServerName' directive globally to suppress this message [sun Jan 10 19:41:13.103881 2016] [:notice] [pid 75] FastCGI: process manager initialized (pid 75) [sun Jan 10 19:41:13.115261 2016] [mpm_prefork:notice] [pid 70] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [sun Jan 10 19:41:13.115403 2016] [core:notice] [pid 70] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [sun Jan 10 19:59:56.537628 2016] [mpm_prefork:notice] [pid 70] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.31. Set the 'ServerName' directive globally to suppress this message [sun Jan 10 19:59:59.678707 2016] [:notice] [pid 111] FastCGI: process manager initialized (pid 111) [sun Jan 10 19:59:59.689983 2016] [mpm_prefork:notice] [pid 110] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [sun Jan 10 19:59:59.690085 2016] [core:notice] [pid 110] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [sun Jan 10 20:00:21.604346 2016] [mpm_prefork:notice] [pid 110] AH00169: caught SIGTERM, shutting down AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.32. Set the 'ServerName' directive globally to suppress this message [sun Jan 10 20:00:26.459896 2016] [:notice] [pid 75] FastCGI: process manager initialized (pid 75) [sun Jan 10 20:00:26.471272 2016] [mpm_prefork:notice] [pid 71] AH00163: Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.14 OpenSSL/1.0.1f configured -- resuming normal operations [sun Jan 10 20:00:26.471381 2016] [core:notice] [pid 71] AH00094: Command line: '/usr/sbin/apache2 -D FOREGROUND' [sun Jan 10 20:14:05.279242 2016] [mpm_prefork:notice] [pid 71] AH00169: caught SIGTERM, shutting down Hope you can help and thank you for all your hard work, I do learn a lot following you gentlemen. Quote Link to comment
CHBMB Posted January 11, 2016 Share Posted January 11, 2016 Ok, so looking at your config it's not immediatelty obvious to me what's going on. However, here's mine that I used with madsonic, so should be similar... <VirtualHost *:80> ServerName music.SERVER.COM ServerAdmin webmaster@localhost <Location /> Order deny,allow Deny from all </Location> RewriteEngine On RewriteRule ^/?(.*) https://music.SERVER.COM/$1 [R=301,L] </VirtualHost> <VirtualHost *:443> ServerName music.SERVER.COM ServerAdmin webmaster@localhost DocumentRoot /config/www/ SSLCertificateFile /config/keys/music/ssl.crt SSLCertificateKeyFile /config/keys/music/decryptedssl.key SSLCertificateChainFile /config/keys/music/sub.class1.server.ca.pem SSLEngine on SSLProxyEngine On RewriteEngine On ProxyPreserveHost On SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS SSLHonorCipherOrder on <Location /> AuthUserFile /config/keys/.htpasswd AuthType Basic AuthName "Music" Require valid-user ProxyPass http://192.168.0.1:4040/ ProxyPassReverse http://192.168.0.1:4040/ </Location> This redirects all traffic to SSL but if you wanted to use http then this would work... <VirtualHost *:80> ServerName music.SERVER.COM ServerAdmin webmaster@localhost <Location /> ProxyPass http://192.168.0.1:4040/ ProxyPassReverse http://192.168.0.1:4040/ </Location> </VirtualHost> It's format is slightly different, but I think it's easier to read in this format, especially when you end up with a lot more programs reverse proxied and start adding in your own stuff.... Try that and let us know how you get on... Quote Link to comment
Narnian Posted January 15, 2016 Share Posted January 15, 2016 Sorry for the delay I am a truck driver who goes away for short periods. I will try it out and let you know as soon as I do. Quote Link to comment
Pducharme Posted January 15, 2016 Share Posted January 15, 2016 Hi ! question for you, I have smdion Apache Reverse Proxy running well. Should I move to the new linuxserver.io Apache docker ? How can I easily migrate to the linuxserver version ?? Can I re-use my certs, config, etc. from my current ReverseProxy docker ? Quote Link to comment
CHBMB Posted January 15, 2016 Share Posted January 15, 2016 Hi ! question for you, I have smdion Apache Reverse Proxy running well. Should I move to the new linuxserver.io Apache docker ? How can I easily migrate to the linuxserver version ?? Can I re-use my certs, config, etc. from my current ReverseProxy docker ? Hey Pducharme I migrated, but it's not a drop in replacement as the structure of the appdata folder and some of the naming is different. Best thing to do is pull this version using a different appdata folder and then copy the SSL files across to their new location, the .conf file requires a few edits in terms of locations but it's five minutes work with search and replace once you work out what the differences are. I would migrate purely because smdion's original version is no longer being developed so any security improvements in Apache won't be reflected in the original container, but there's no desperate rush at the moment. Hope that helps Quote Link to comment
tooviral Posted January 16, 2016 Share Posted January 16, 2016 Hi do you all intend to add lets encrypt support to this apache docker any time soon? Any idea if this will be added?? I've noticed the nginx docker with it, but I'm more comfortable with apache myself. Quote Link to comment
gshlomi Posted January 17, 2016 Share Posted January 17, 2016 Hi do you all intend to add lets encrypt support to this apache docker any time soon? Any idea if this will be added?? I've noticed the nginx docker with it, but I'm more comfortable with apache myself. +1 Quote Link to comment
Pducharme Posted January 17, 2016 Share Posted January 17, 2016 Thanks to all for the help. I migrated my apache ReverseProxy (smdion) to this new L|S.io Docker. I have a new question... I'm using the .htpasswd file to control my /something for lots of web GUI (all dockerize). This is working great, but i want to know if it's possible to NOT ask any authentication if request come from my own LAN (192.168.2.x). Is there a setting I can put in the apache Conf file so it would skip the Auth if it's from the LAN ? Quote Link to comment
michaelmcq Posted January 26, 2016 Share Posted January 26, 2016 I've just done that exact thing <Location /plexpy/> AuthUserFile /config/.htpasswd AuthType Basic AuthName Login Require valid-user Order allow,deny Allow from 192.168.1.0/24 Satisfy any ProxyPass http://192.168.1.114:8181/plexpy/ ProxyPassReverse http://192.168.1.114:8181/plexpy/ </Location> Quote Link to comment
johnodon Posted February 15, 2016 Share Posted February 15, 2016 Looking for some help with reverse proxy...but my situation is a little different. For what I am trying to accomplish, most information can be found here: https://github.com/dperson/openvpn-client And here: https://www.reddit.com/r/docker/comments/3w0498/docker_containers_routed_through_openvpn_client/ And here: http://lime-technology.com/forum/index.php?topic=46605.0 I am running an OpenVPN client container which establishes a connection with my PIA VPN. I am also successfully routing all traffic from my Deluge container through the OPVN client container (using the --net=container:openvpn extra parameter). This switch basically tells the Deluge container to use the OPVN client container as its network (rather than Host or Bridge). Everything seems to be working as expected as the Deluge container is getting its DNS entries from the OPVN container and the routes look correct (I can see my PIA gateway listed). My last hurdle is to be able to manage deluge via the webui from my local network (192.168.1.x). Everything that I have read says that you use a reverse proxy to accomplish this (see first 2 links above). Sounds great...except I am "reverse proxy challenged". Any help would be appreciated. I already have the LSIO Apache container installed. I've tried to play around with the default.conf but I am not getting any love. John Quote Link to comment
gshlomi Posted February 16, 2016 Share Posted February 16, 2016 Any chance of Let's Encrypt anytime soon? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.