Cockpit: Cant proxy from apache.

Created on 19 Feb 2018  路  8Comments  路  Source: cockpit-project/cockpit

Hi,
I have a webpage (on https) that proxy several services from a second node. But for some reason, following the tutorial on the wiki (https://github.com/cockpit-project/cockpit/wiki/Proxying-Cockpit-over-Apache-with-LetsEncrypt ) is not working as expected for me. Not as expected cause Im able to get to the page and I see the page title that gets the name of the node, but the page is completely blank. What I would expect is to get proxied to the same local node (ex 127.0.0.1:9090) from www.domain.com/cabina/ .

Any help would be appreciated.

Apache config:

SSLProxyEngine on
        ProxyPreserveHost On
        ProxyRequests Off

        RewriteEngine On
        RewriteCond %{HTTP:Upgrade} =websocket
        RewriteRule /cabina/(.*)           ws://localhost:9090/ [P,L]
        RewriteCond %{HTTP:Upgrade} !=websocket
        RewriteRule /cabina/(.*)           http://localhost:9090/ [P,L]


        # Proxy to your local cockpit instance
        ProxyPass "/cabina/" "http://127.0.0.1:9090/"
        ProxyPassReverse "/cabina/" "http://127.0.0.1:9090/"


Cockpit config:

[WebService]
Origins = https://www.domain.com http://127.0.0.1:9090
ProtocolHeader = X-Forwarded-Proto
AllowUnencrypted = true

Any suggestions what I might be missing or what I could try?!

Thanks,
Joel

question

Most helpful comment

@vazquezrodjoel , I just spent all night trying to figure this out, and then I found this thread:
https://github.com/cockpit-project/cockpit/issues/1803

and here's the config I used:

 <IfModule mod_ssl.c>                                                                                                                                   
<VirtualHost *:443>                                                                                                                                     
        ServerAdmin [email protected]                                                                                                                 
        ServerName server.domain.com                                                                                                               

        SSLCertificateFile /etc/letsencrypt/live/domain/fullchain.pem                                                                   
        SSLCertificateKeyFile /etc/letsencrypt/live/domain/privkey.pem                                                                  
        Include /etc/letsencrypt/options-ssl-apache.conf                                                                                                

        SSLProxyEngine On                                                                                                                               
        SSLProxyVerify none                                                                                                                             
        SSLProxyCheckPeerCN Off                                                                                                                         
        SSLProxyCheckPeerName Off                                                                                                                       
        SSLProxyCheckPeerExpire Off                                                                                                                     

        ProxyPreserveHost On                                                                                                                            
        ProxyRequests Off                                                                                                                               

        ProxyPass /cockpit/socket wss://localhost:9090/cockpit/socket                                                                                   
        ProxyPassReverse /cockpit/socket wss://sub.domain.com/cockpit/socket                                                                    

        ProxyPass "/" "https://127.0.0.1:9090/"                                                                                                         
        ProxyPassReverse "/" "https://sub.domain.com/"                                                                                          

</VirtualHost>                                                                                                                                          
</IfModule> 

all credit and Thanks to @fedoraptor for posting his config.

All 8 comments

Any ideas?? Set individually, they work fine...

@vazquezrodjoel , I just spent all night trying to figure this out, and then I found this thread:
https://github.com/cockpit-project/cockpit/issues/1803

and here's the config I used:

 <IfModule mod_ssl.c>                                                                                                                                   
<VirtualHost *:443>                                                                                                                                     
        ServerAdmin [email protected]                                                                                                                 
        ServerName server.domain.com                                                                                                               

        SSLCertificateFile /etc/letsencrypt/live/domain/fullchain.pem                                                                   
        SSLCertificateKeyFile /etc/letsencrypt/live/domain/privkey.pem                                                                  
        Include /etc/letsencrypt/options-ssl-apache.conf                                                                                                

        SSLProxyEngine On                                                                                                                               
        SSLProxyVerify none                                                                                                                             
        SSLProxyCheckPeerCN Off                                                                                                                         
        SSLProxyCheckPeerName Off                                                                                                                       
        SSLProxyCheckPeerExpire Off                                                                                                                     

        ProxyPreserveHost On                                                                                                                            
        ProxyRequests Off                                                                                                                               

        ProxyPass /cockpit/socket wss://localhost:9090/cockpit/socket                                                                                   
        ProxyPassReverse /cockpit/socket wss://sub.domain.com/cockpit/socket                                                                    

        ProxyPass "/" "https://127.0.0.1:9090/"                                                                                                         
        ProxyPassReverse "/" "https://sub.domain.com/"                                                                                          

</VirtualHost>                                                                                                                                          
</IfModule> 

all credit and Thanks to @fedoraptor for posting his config.

@darioce is the author of that wiki page. @darioce do you have suggestions?

Thanks guys for the feedback. I was able to modify my configuration to work...

Cheers!

@vazquezrodjoel would you mind posting your modified configuration? i am still unable to get cockpit to work with an apache reverse proxy.

9543 seems to be related, and the reverse proxy section got updated since.

Does applying the updated proxy configuration fix the problem?

Sorry for the late answer.

This is very outdated, and not actionable, closing.

@vazquezrodjoel , I just spent all night trying to figure this out, and then I found this thread:

1803

and here's the config I used:

 <IfModule mod_ssl.c>                                                                                                                                   
<VirtualHost *:443>                                                                                                                                     
        ServerAdmin [email protected]                                                                                                                 
        ServerName server.domain.com                                                                                                               

        SSLCertificateFile /etc/letsencrypt/live/domain/fullchain.pem                                                                   
        SSLCertificateKeyFile /etc/letsencrypt/live/domain/privkey.pem                                                                  
        Include /etc/letsencrypt/options-ssl-apache.conf                                                                                                

        SSLProxyEngine On                                                                                                                               
        SSLProxyVerify none                                                                                                                             
        SSLProxyCheckPeerCN Off                                                                                                                         
        SSLProxyCheckPeerName Off                                                                                                                       
        SSLProxyCheckPeerExpire Off                                                                                                                     

        ProxyPreserveHost On                                                                                                                            
        ProxyRequests Off                                                                                                                               

        ProxyPass /cockpit/socket wss://localhost:9090/cockpit/socket                                                                                   
        ProxyPassReverse /cockpit/socket wss://sub.domain.com/cockpit/socket                                                                    

        ProxyPass "/" "https://127.0.0.1:9090/"                                                                                                         
        ProxyPassReverse "/" "https://sub.domain.com/"                                                                                          

</VirtualHost>                                                                                                                                          
</IfModule> 

all credit and Thanks to @fedoraptor for posting his config.

Thank very very much dude.

Was this page helpful?
0 / 5 - 0 ratings