/ Zope / Apsis / Pound Mailing List / Archive / 2012 / 2012-06 / Need help with config

[ << ] [ >> ]

[ Missing carriage return in Headers if ... ] [ General question regarding handling dead backends ... ]

Need help with config
Benjamin Schweikert <b.schweikert(at)googlemail.com>		 2012-06-20 18:42:44 [ FULL ] 
Hi everybody,
currently I use pound as a reverse proxy. Everything what is outside 
(internet) has to be https and everything what is insade my lan is http. 
I use this to have one cert for all my servers like lighttpd, apache, 
subsonic etc. I simply don't want to have a unecrypted connection if I 
want to listen to my music with subsonic at home when I am at work.

I managed this all with this config:

ListenHTTPS
     Address 0.0.0.0
     Port    443
     Cert "/etc/pound/selfsigned.pem"
     xHTTP 1
     HeadRemove "X-SSL-Request"
     HeadRemove "X-Forwarded-For"
     AddHeader  "X-SSL-Request: 1"
     Service
            BackEnd
                 Address 192.168.2.2
                 Port    80
            End
     End
End

On Ip is a lighttpd server I use as a proxy for rewriting URLS and 
ports, so that I can reach everything by <ip>/music, <ip>/wiki etc.

With two apps I have problems: amapche and gateone.
Ampache is incredible slow and does not show any graphics, just text and 
the pound log says this:

Jun 20 18:27:09 ipfire pound: 79.238.xxx.xxx GET /ampache/ HTTP/1.1 - 
HTTP/1.1 302 Found (<ip>/- -> 192.168.2.2:80) 0.794 sec
Jun 20 18:27:09 ipfire pound: 79.238.xxx.xxx GET /ampache/login.php 
HTTP/1.1 - HTTP/1.1 200 OK (<ip>/- -> 192.168.2.2:80) 0.348 sec

gateone is this saying:

Jun 20 18:27:07 ipfire pound: 79.238.xxx.xxx GET /gateone/ws HTTP/1.1 - 
HTTP/1.1 400 Bad Request (<ip>/- -> 192.168.2.2:80) 0.005 sec

I googled a lot and found out, that the proxy of lighttpd does not 
handle these request very good. I want to test, whether pound could do 
this rewriting/redirecting better:

I want that all requests from https://<ip>/gateon/ go to 
192.168.2.3:4430/gateone/ (yes differnt ip than my config has currently 
- gateone is on another server)

All expamle configs I found on the net didn't work. So I hope somebody 
could help me to find the right entrance for this problem.
thx.

Ben
Re: [Pound Mailing List] Need help with config
Robert Segall <roseg(at)apsis.ch>		 2012-06-21 18:44:03 [ FULL ] 
On Wed, 2012-06-20 at 18:42 +0200, Benjamin Schweikert wrote:[...]

Try

ListenHTTPS
      # Listening on 0.0.0.0 is not a very good idea, but it works
      Address 0.0.0.0
      Port    443
      Cert "/etc/pound/selfsigned.pem"
      xHTTP 1
      HeadRemove "X-SSL-Request"
      HeadRemove "X-Forwarded-For"
      AddHeader  "X-SSL-Request: 1"
      # groupon service
      Service
             URL "^/groupon"
             BackEnd
                  Address 192.168.2.3
                  Port    4430
             End
      End
      # catch-all service
      Service
             BackEnd
                  Address 192.168.2.2
                  Port    80
             End
      End
End
[...]
Re: [Pound Mailing List] Need help with config
Benjamin Schweikert <b.schweikert(at)googlemail.com>		 2012-06-21 19:52:50 [ FULL ] 
Hi,
thank you for your help. This is working!

There is a problem with websocket connections. Is my setup capable of 
this? Or any other ideas how this could be working?

Ben


Am 21.06.2012 18:44, schrieb Robert Segall:[...][...][...]
MailBoxer