[Support] Linuxserver.io - Apache

linuxserver.io

By linuxserver.io
in Docker Containers

Recommended Posts

  • Replies 294
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

CHBMB
CHBMB

Just change Apache to use 444 and change the forwarding in your router   OR   Turn off/reallocate  443/SSL in Unraid

nerv
nerv

I decided to give nginx and lets encrypt a try. If you're just using this for reverse proxy, I found it 10x easier to setup, and much better/faster.   Best of luck if that's not going to wor

Posted Images

Cliffy Noob

Cliffy

Posted
Posted (edited)

I have a range of static public IP addresses.  I pointed the subdomain to one of the public IP addresses other than the IP address of my router.  If I forward the ports I will then lose access to my router remotely.  The port forwarding is only forwarding the requests from the router IP and not the subdomain IP.

Edited by Cliffy
Link to comment
CHBMB Veteran

CHBMB

Posted
Posted

Think about how incoming data needs to be routed. Browser sends request to domain name and goes to WAN IP, gets directed to your router on port 80 or 443 depending on whether you're using http or https and you want it to get to Apache, so router needs to forward those requests on to your Unraid server on whatever ports you've mapped them to be.

If your router is already using 443 or god forbid 80 (unsecure) then how can your router work out what to send to your router webui and what to send to Apache)

Personally I think router/firewall remote management is a silly idea, why anyone would want to make their firewall open to WAN is a mystery to me and I'd turn it off.

Sent from my LG-H815 using Tapatalk

Link to comment
Cliffy Noob

Cliffy

Posted
Posted

Thanks CHBMB... that all makes sense. :)  However I would like to assign a different IP other than that of my router since I have other IPs available.  I have other websites running on other IPs as well on an Ubuntu server with 1:1 NAT without any issues for years.  I was hoping it was as simple as setting up a 1:1 Nat with the local IP of my apache docker, but as I mentioned it breaks the connection when I enable 1:1 Nat on my router.  The docker can no longer access the internet.

 

Link to comment
Cliffy Noob

Cliffy

Posted
Posted (edited)

I own a range of 8 public static IP addresses.  Example: 1.1.1.178-185 

They are all routed to my router by my ISP.  I use different IPs for different services behind my router and route them using 1:1 NAT.

 

For example let's say that the IP 1.1.1.178 is a public IP and it's the IP of my router.  

 

1.1.1.180 is also a public IP which I have setup a 1:1 NAT to a local linux webserver on my network.  This works fine.

 

Lets say 1.1.1.181 is the IP I want to forward to my new apache docker on my network.   When I setup 1:1 nat on this public IP (1.1.1.181) to the local network IP of my docker, the docker can no longer access the internet.  I'm guessing there is a gateway / DNS / routing issue perhaps with the br0 docker network?

Edited by Cliffy
Link to comment
Cliffy Noob

Cliffy

Posted
Posted
1 minute ago, CHBMB said:

Why don't you get it all up and running then activate macvlan, then at least you'll know which bit to concentrate on.

 

As far as I know I have it all up and running.  My apache docker works and serves the pages I want when I browse the local IP.  I'm using br0 because I don't know of any other way (or how to)  give my docker an IP address other than the IP of my unraid server.  If I don't use br0, my apache docker will have the same IP as my unraid server which is a problem because it uses both ports 80 and 443.  Maybe I'm going about this all wrong I don't know. :)  I know my basic way around networking, but not so much with vlans, bridging, etc...

Link to comment
Cliffy Noob

Cliffy

Posted
Posted
13 minutes ago, CHBMB said:

Change the container port to 81 and 444 on the host side and port forward from 80 to 81 and 443 to 444

Sent from my LG-H815 using Tapatalk
 

I'm not sure I follow this.   So I shouldn't be using br0, but instead use host.  Then change ports to 81 and 444?    Then forward the ports 80 to 81 to my unraid box from my router?  MY router does not allow me to forward one port to a different port.

Link to comment
CHBMB Veteran

CHBMB

Posted
Posted
Just now, Cliffy said:

I'm not sure I follow this.   So I shouldn't be using br0, but instead use host.  Then change ports to 81 and 444?    Then forward the ports 80 to 81 to my unraid box from my router?  MY router does not allow me to forward one port to a different port.

 

I'd be surprised if you can't port forward to a different port, every router I've used can do that.  I suppose if it's an ISP supplied thing it could be an issue.

Link to comment
Cliffy Noob

Cliffy

Posted
Posted (edited)
2 minutes ago, CHBMB said:

 

I'd be surprised if you can't port forward to a different port, every router I've used can do that.  I suppose if it's an ISP supplied thing it could be an issue.

It's not supplied by my ISP. I'm using a Cisco RV082 router.  It has pretty basic functions.  

Edited by Cliffy
Link to comment
CHBMB Veteran

CHBMB

Posted
Posted (edited)

You have one publicly facing WAN IP right?  So you can only have one webserver.  If you want to forward requests to different webservers within your LAN based on which domain name is requested, then that's an issue with your router and would require some pretty fancy routing.  Look at something like pfsense.

 

You could setup various virtual hosts on your one webserver.

 

You can change the port Unraid uses to something other than 80 and 443, but that still won't solve the above problem.

 

Bottom line, I think to do what you want to do, you're going to need to upgrade your router.

Edited by CHBMB
Link to comment
Cliffy Noob

Cliffy

Posted
Posted

FIXED IT! :)   I have 1:1 Nat working.  I have 6 publicly facing WAN IPs and not 8 as I thought.   I was trying to give the broadcast IP to my apache docker.  Hence why it was working on the local network and not over the internet.  Thanks for all your help CHBMB and your suggestions... it got me thinking. :)

Link to comment
  • 1 month later...
Muff Rookie

Muff

Posted
Posted (edited)

Hi,

 

I need some help with the authentication part and it works if I remove the authentication.

I get the login prompt but I get the 500 error message (see screenshot).

 

And in the error.log file (/mnt/user/appdata/apache/log/apache) I get the following error:
[Mon Sep 11 11:35:46.281574 2017] [authn_file:error] [pid 85] (2)No such file or directory: [client 192.168.1.1:53553] AH01620: Could not open password file: /mnt/user/appdata/apache/login/.htpasswd

 

I've tried various configuration that I got from Google but it haven't resolved the issue so I hope that you can help me :) 

 

This is my config:

Location: /mnt/user/appdata/apache/apache/site-confs

Files: .htacces 

AuthName "Restricted Area"
AuthType Basic
AuthUserFile /mnt/user/appdata/apache/login/.htpasswd
AuthGroupFile /dev/null
<Files Transmission>
require valid-user
</Files>

and default.conf 

<VirtualHost *:80>
    DocumentRoot /config/www/

    <Directory "/config/www/">
        Options Indexes FollowSymLinks MultiViews
        AllowOverride all
            Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

<VirtualHost *:443>
    ServerName www.example.com
    SSLEngine on
    SSLCertificateFile "/config/keys/cert.crt"
    SSLCertificateKeyFile "/config/keys/cert.key"
  DocumentRoot /config/www/

    <Directory "/config/www/">
        Options Indexes FollowSymLinks MultiViews
        AllowOverride all
            Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

<Location /transmission>  
ProxyPass http://192.168.1.17:9091/transmission  
ProxyPassReverse http://192.168.1.17:9091/transmission   
AuthUserFile /mnt/user/appdata/apache/login/.htpasswd  
AuthType Basic  
AuthName “Transmission–Proxy”  
Require user trans 
</Location>

Location: /mnt/user/appdata/apache/login

File: .htpasswd 

trans:XflHKt0b76PEE

 

I've folloed this guid: https://www.linuxserver.io/2015/11/10/overview-reverse-proxy-with-docker/

 

Thank you!

Screenshot_1.jpg

Edited by Muff
Link to comment
  • 4 weeks later...
Eyeheartpie Noob

Eyeheartpie

Posted
Posted

I'm having an issue with a website I'm trying to host on the Apache docker. I set up mariadb and the apache containers, set up the databases, and installed wordpress to the apache container. When I visit the website via the local IP address and port of the apache docker container, it works fine, but when I try to get through with my domain name, it throws SSL related errors. If I try to go to https://mydomain.com:[ssl_port], it throws a NET::ERR_CERT_AUTHORITY_INVALID page that I can't get past, and if I go to http://mydomain.com:[non-ssl_port], it redirects to https://mydomain.com:[non-ssl_port] and shows a ERR_SSL_PROTOCOL_ERROR error.

 

I'm gathering that something is wrong my with my certs, but I'm not sure how they were generated, and how to get them fixed. Any help would be appreciated.

Link to comment
wayner Enthusiast

wayner

Posted
Posted

I want to be able to execute python scripts from my Apache docker.  This is generally done quite easily with Apache and I have it working on an Ubuntu VM on my unRAID server.  I think I have the config done ok,  but the issue appears to be that the docker does not have access to Python.  I do have Python installed on my unRAID host server - by that I mean that I can run Python code from an SSH session to root on my unRAID server - I don't remember if it was there by default or whether I installed it myself.  In my error log I see:  "/usr/bin/env: python: No such file or directory" which is why I am saying that python isn't available.  And from a bash prompt within the docker there is no access to python as "python --version" will give an error.

 

Is there any way to "poke a hole" in the container and have access to Python from within the Apache container?  Or is there a way to install Python within the container?  Or to have an additional docker container created that does contain Python?

 

And what is the right way to do changes to the Apache config?  Do you do this in .../appdata/apache/site-confs/default.conf or in .../appdata/apache/apache2.conf or somewhere else?  Does the docker not use sites-enabled as I thought that config files were supposed to follow this structure:

  

#       /etc/apache2/
#       |-- apache2.conf
#       |       `--  ports.conf
#       |-- mods-enabled
#       |       |-- *.load
#       |       `-- *.conf
#       |-- conf-enabled
#       |       `-- *.conf
#       `-- sites-enabled
#               `-- *.conf

 

Link to comment
BobPhoenix Proficient

BobPhoenix

Posted
Posted
7 hours ago, wayner said:

Or is there a way to install Python within the container? 

Here is how I installed Java 7 inside the Java 8 sagetv docker a long time ago as a test.  You can probably do something similar for python if no one else gives you a better idea: 

docker exec -it stuckless-sagetv-server-java8 /bin/bash
sudo add-apt-repository ppa:openjdk-r/ppa
sudo apt-get update
sudo apt-get install openjdk-7-jdk
sudo update-java-alternatives
sudo update-alternatives --config java

 

Link to comment
wayner Enthusiast

wayner

Posted
Posted

Thanks Bob - that worked  I am now able to execute my Hello World Python script.  Any idea how persistent this is?  When the Apache docker container is updated will I have to redo this?

In my instance I just did:  sudo apt-get install python 

 

The SageTV community comes through again!

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing