Trying to get proxy to work for matrix
Added by TaylorP almost 4 years ago
I'm trying to use mod_proxy to get lighttpd to redirect traffic on a certain subdomain to a local service and back but for some reason the following isn't working
$HTTP["host"] =~ "matrix\.website\.com { #SSL SETTINGS $SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.ca-file = "/etc/letsencrypt/live/website.com/chain.pem" ssl.pemfile = "/etc/letsencrypt/live/website.com/merged.pem" } proxy.server = ("" => (( "host" => "127.0.0.1", "port" => 8448, ))) }
I checked both matrix and lighttpd logs, neither are producing any errors I think that this is a bug with my lighttpd config. Also when I do try to go to matrix.website.com I get a 500 error.
Replies (8)
RE: Trying to get proxy to work for matrix - Added by gstrauss almost 4 years ago
$SERVER["socket"]
needs to be at the top level of the config. The host name is not known before the client connects to the socket.
$SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.ca-file = "/etc/letsencrypt/live/website.com/chain.pem" ssl.pemfile = "/etc/letsencrypt/live/website.com/merged.pem" $HTTP["host"] =~ "matrix\.website\.com { proxy.server = ("" => (( "host" => "127.0.0.1", "port" => 8448, ))) } }
RE: Trying to get proxy to work for matrix - Added by TaylorP almost 4 years ago
Yeah but I host multiple websites on my server some of which need to have different certificates. I've been using the following config and I know it works perfectly with the exception of the proxy issue above.
# Remove www prefix
$HTTP["host"] =~ "^www\.(.*)" {
url.redirect = ( "^/(.*)" => "https://%1/$1" )
}
# Force TLS
$HTTP["scheme"] == "http" {
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
# Virtual Hosts
# Refuse domainless access
$HTTP["host"] == "XXX.XXX.XXX.XXX" {
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/ssl/ssl.pem"
ssl.ca-file = "/etc/lighttpd/ssl/ssl.crt"
}
url.redirect = (".*" => "https://i.kym-cdn.com/entries/icons/original/000/000/091/TrollFace.jpg")
}
$HTTP["host"] =~ "site1\.com|www\.site1\.com" {
server.document-root = "/srv/www/site1"
#server.error-handler-404 = "/"
#SSL SETTINGS
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.ca-file = "/etc/letsencrypt/live/site1.com/chain.pem"
ssl.pemfile = "/etc/letsencrypt/live/site1.com/merged.pem"
}
}
$HTTP["host"] == "dev.site1.com" {
server.document-root = "/srv/www/dev"
#server.error-handler-404 = "/"
#SSL SETTINGS
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.ca-file = "/etc/letsencrypt/live/site1.com/chain.pem"
ssl.pemfile = "/etc/letsencrypt/live/site1.com/merged.pem"
}
}
$HTTP["host"] =~ "site2\.com" {
server.document-root = "/srv/www/site2"
#server.error-handler-404 = "/404.html"
#SSL SETTINGS
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.ca-file = "/etc/letsencrypt/live/site2.com/chain.pem"
ssl.pemfile = "/etc/letsencrypt/live/site2.com/merged.pem"
}
}
$HTTP["host"] =~ "matrix\.site3\.com" {
#SSL SETTINGS
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.ca-file = "/etc/letsencrypt/live/site3.com/chain.pem"
ssl.pemfile = "/etc/letsencrypt/live/site3.com/merged.pem"
proxy.server = ("" => (("host" => "127.0.0.1", "port" => 8448)))
}
# proxy.server = ("" => ((
# "host" => "127.0.0.1",
# "port" => 8448,
# )))
}
$HTTP["host"] =~ "site3\.com|www\.site3\.com" {
server.document-root = "/srv/www/site3"
server.error-handler-404 = "/404.html"
#SSL SETTINGS
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.ca-file = "/etc/letsencrypt/live/site3.com/chain.pem"
ssl.pemfile = "/etc/letsencrypt/live/site3.com/merged.pem"
}
$HTTP["url"] =~ "/apps|/apps/" {
scgi.protocol = "uwsgi"
scgi.server = (
"/" => (( "host" => "127.0.0.1", "port" => 3031, "check-local" => "disable" )),
)
}
}
If there's a better way to do this please let me know.
RE: Trying to get proxy to work for matrix - Added by gstrauss almost 4 years ago
If there's a better way to do this please let me know.
You asked what you were doing wrong. Someone more knowledgeable than you answered.
$SERVER["socket"] needs to be at the top level of the config. The host name is not known before the client connects to the socket.
That's the answer. You seem not to like that answer. That's your problem, not mine.
Please read the lighttpd mod_openssl documentation.
$SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/ssl/ssl.pem" # ... } $HTTP["host"] =~ "^(www\.)?site1\.com$" { ssl.pemfile = "/etc/letsencrypt/live/site1.com/fullchain.pem" # ... } $HTTP["host"] == "site2.com" { ssl.pemfile = "/etc/letsencrypt/live/site2.com/fullchain.pem" # ... }
RE: Trying to get proxy to work for matrix - Added by TaylorP almost 4 years ago
Alright so what is the best way to use different certificates for different domains?
RE: Trying to get proxy to work for matrix - Added by gstrauss almost 4 years ago
Alright so what is the best way to use different certificates for different domains?
Asked and already answered. I think you should spend more time reading and less time responding.
RE: Trying to get proxy to work for matrix - Added by TaylorP almost 4 years ago
Yes I agree I think you should actually read my question instead of giving half ass'd passive aggressive answers that don't even address my problem. Thank you for absolutely nothing.
RE: Trying to get proxy to work for matrix - Added by gstrauss almost 4 years ago
You, sir/ma'am, are arrogant in your ignorance. The answer was already posted above, with a coded example.
RE: Trying to get proxy to work for matrix - Added by TaylorP almost 4 years ago
That answer doesn't address multiple domains and it didn't even work.