9:01 a.m.
Hi Team,
i'm trying to switch from nginx to lighttpd as kimchi proxy. I
successfully create the proxy on port 8001, but the problem is the
redirection from http to https.
To try this, do:
1) Install lighttpd
2) Start kimchi, kill nginx process
3) Run lighttpd with this configuration (save to /etc/kimchi/lighttpd.conf):
# Variables
var.log_root = "/var/log/lighttpd"
var.server_root = "/var/www"
var.state_dir = "/var/run"
var.home_dir = "/var/lib/lighttpd"
var.conf_dir = "/etc/lighttpd"
var.vhosts_dir = server_root + "/vhosts"
var.cache_dir = "/var/cache/lighttpd"
var.socket_dir = home_dir + "/sockets"
# Server settings
server.username = "lighttpd"
server.groupname = "lighttpd"
server.document-root = server_root + "/lighttpd"
server.pid-file = state_dir + "/lighttpd.pid"
server.errorlog = log_root + "/error.log"
# Server modules
server.modules = (
"mod_proxy",
"mod_redirect",
"mod_accesslog",
)
# debug settings
debug.log-request-handling = "enable"
debug.log-request-header = "enable"
debug.log-request-header-on-error = "enable"
debug.log-response-header = "enable"
debug.log-file-not-found = "enable"
debug.log-condition-handling = "enable"
# VIRTUAL HOSTS
# Main server
$SERVER["socket"] == ":8001" {
server.port = 8001
ssl.engine = "enable"
ssl.pemfile = "/etc/kimchi/kimchi.pem"
# server.document-root = server_root + "/lighttpd"
proxy.debug = 1
proxy.server = ( "" => ( ( "host" =>
"127.0.0.1", "port" => 8010 )))
}
# redirect from http to https
$SERVER["socket"] == ":8000" {
server.port = 8000
server.document-root = server_root + "/lighttpd"
$HTTP["host"] =~ "[^0-9:]*" {
url.redirect = ("[^0-9:]*" => "https://%0:8001$0")
}
}
4) Run with /usr/sbin/lighttpd -D -f /etc/kimchi/lighttpd.conf.
You will can access https://localhost:8001 with no problems, but, if you
try to access localhost:8000, you will be redirect to
https://127.0.0.1:8010.
I did not understand why this is happening. Can someone please take a look?
--
Ramon Nunes Medeiros
Kimchi Developer
Software Engineer - Linux Technology Center Brazil
IBM Systems & Technology Group
Phone : +55 19 2132 7878
ramonn(a)br.ibm.com
7:15 a.m.
Hi Ramon,
I found out the following links that can help you:
- http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps
- http://stackoverflow.com/questions/21429267/lighttpd-http-to-https
On 14/01/2015 12:01, Ramon Medeiros wrote:
Hi Team,
i'm trying to switch from nginx to lighttpd as kimchi proxy. I
successfully create the proxy on port 8001, but the problem is the
redirection from http to https.
To try this, do:
1) Install lighttpd
2) Start kimchi, kill nginx process
3) Run lighttpd with this configuration (save to
/etc/kimchi/lighttpd.conf):
# Variables
var.log_root = "/var/log/lighttpd"
var.server_root = "/var/www"
var.state_dir = "/var/run"
var.home_dir = "/var/lib/lighttpd"
var.conf_dir = "/etc/lighttpd"
var.vhosts_dir = server_root + "/vhosts"
var.cache_dir = "/var/cache/lighttpd"
var.socket_dir = home_dir + "/sockets"
# Server settings
server.username = "lighttpd"
server.groupname = "lighttpd"
server.document-root = server_root + "/lighttpd"
server.pid-file = state_dir + "/lighttpd.pid"
server.errorlog = log_root + "/error.log"
# Server modules
server.modules = (
"mod_proxy",
"mod_redirect",
"mod_accesslog",
)
# debug settings
debug.log-request-handling = "enable"
debug.log-request-header = "enable"
debug.log-request-header-on-error = "enable"
debug.log-response-header = "enable"
debug.log-file-not-found = "enable"
debug.log-condition-handling = "enable"
# VIRTUAL HOSTS
# Main server
$SERVER["socket"] == ":8001" {
server.port = 8001
ssl.engine = "enable"
ssl.pemfile = "/etc/kimchi/kimchi.pem"
# server.document-root = server_root + "/lighttpd"
proxy.debug = 1
proxy.server = ( "" => ( ( "host" =>
"127.0.0.1", "port" => 8010 )))
}
# redirect from http to https
$SERVER["socket"] == ":8000" {
server.port = 8000
server.document-root = server_root + "/lighttpd"
$HTTP["host"] =~ "[^0-9:]*" {
url.redirect = ("[^0-9:]*" => "https://%0:8001$0")
}
}
4) Run with /usr/sbin/lighttpd -D -f /etc/kimchi/lighttpd.conf.
You will can access https://localhost:8001 with no problems, but, if
you try to access localhost:8000, you will be redirect to
https://127.0.0.1:8010.
I did not understand why this is happening. Can someone please take a
look?
8:28 a.m.
On 01/15/2015 10:15 AM, Aline Manera wrote:
Hi Ramon,
I found out the following links that can help you:
- http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps
- http://stackoverflow.com/questions/21429267/lighttpd-http-to-https
I used this links to do the config. I need to understand if lighttpd has
some problem to redirect traffic between virtual hosts.
On 14/01/2015 12:01, Ramon Medeiros wrote:
> Hi Team,
>
> i'm trying to switch from nginx to lighttpd as kimchi proxy. I
> successfully create the proxy on port 8001, but the problem is the
> redirection from http to https.
>
> To try this, do:
>
> 1) Install lighttpd
>
> 2) Start kimchi, kill nginx process
>
> 3) Run lighttpd with this configuration (save to
> /etc/kimchi/lighttpd.conf):
>
> # Variables
> var.log_root = "/var/log/lighttpd"
> var.server_root = "/var/www"
> var.state_dir = "/var/run"
> var.home_dir = "/var/lib/lighttpd"
> var.conf_dir = "/etc/lighttpd"
> var.vhosts_dir = server_root + "/vhosts"
> var.cache_dir = "/var/cache/lighttpd"
> var.socket_dir = home_dir + "/sockets"
>
> # Server settings
> server.username = "lighttpd"
> server.groupname = "lighttpd"
> server.document-root = server_root + "/lighttpd"
> server.pid-file = state_dir + "/lighttpd.pid"
> server.errorlog = log_root + "/error.log"
>
> # Server modules
> server.modules = (
> "mod_proxy",
> "mod_redirect",
> "mod_accesslog",
> )
>
> # debug settings
> debug.log-request-handling = "enable"
> debug.log-request-header = "enable"
> debug.log-request-header-on-error = "enable"
> debug.log-response-header = "enable"
> debug.log-file-not-found = "enable"
> debug.log-condition-handling = "enable"
>
> # VIRTUAL HOSTS
>
> # Main server
> $SERVER["socket"] == ":8001" {
> server.port = 8001
> ssl.engine = "enable"
> ssl.pemfile = "/etc/kimchi/kimchi.pem"
> # server.document-root = server_root + "/lighttpd"
> proxy.debug = 1
> proxy.server = ( "" => ( ( "host" =>
"127.0.0.1", "port" => 8010
> )))
> }
>
> # redirect from http to https
> $SERVER["socket"] == ":8000" {
> server.port = 8000
> server.document-root = server_root + "/lighttpd"
>
> $HTTP["host"] =~ "[^0-9:]*" {
> url.redirect = ("[^0-9:]*" => "https://%0:8001$0")
> }
> }
>
>
> 4) Run with /usr/sbin/lighttpd -D -f /etc/kimchi/lighttpd.conf.
>
> You will can access https://localhost:8001 with no problems, but, if
> you try to access localhost:8000, you will be redirect to
> https://127.0.0.1:8010.
>
> I did not understand why this is happening. Can someone please take a
> look?
>
--
Ramon Nunes Medeiros
Kimchi Developer
Software Engineer - Linux Technology Center Brazil
IBM Systems & Technology Group
Phone : +55 19 2132 7878
ramonn(a)br.ibm.com
7:59 a.m.
On 01/15/2015 11:28 AM, Ramon Medeiros wrote:
On 01/15/2015 10:15 AM, Aline Manera wrote:
>
> Hi Ramon,
>
> I found out the following links that can help you:
>
> - http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps
> - http://stackoverflow.com/questions/21429267/lighttpd-http-to-https
>
I figure out what was happening. These links are for simple proxy,
lighttpd only supports reverse proxy in version 1.5, most distros uses
1.4. For reverse proxies, we need to use mod_proxy_core:
http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModProxyCore
I used this links to do the config. I need to understand if lighttpd
has some problem to redirect traffic between virtual hosts.
> On 14/01/2015 12:01, Ramon Medeiros wrote:
>> Hi Team,
>>
>> i'm trying to switch from nginx to lighttpd as kimchi proxy. I
>> successfully create the proxy on port 8001, but the problem is the
>> redirection from http to https.
>>
>> To try this, do:
>>
>> 1) Install lighttpd
>>
>> 2) Start kimchi, kill nginx process
>>
>> 3) Run lighttpd with this configuration (save to
>> /etc/kimchi/lighttpd.conf):
>>
>> # Variables
>> var.log_root = "/var/log/lighttpd"
>> var.server_root = "/var/www"
>> var.state_dir = "/var/run"
>> var.home_dir = "/var/lib/lighttpd"
>> var.conf_dir = "/etc/lighttpd"
>> var.vhosts_dir = server_root + "/vhosts"
>> var.cache_dir = "/var/cache/lighttpd"
>> var.socket_dir = home_dir + "/sockets"
>>
>> # Server settings
>> server.username = "lighttpd"
>> server.groupname = "lighttpd"
>> server.document-root = server_root + "/lighttpd"
>> server.pid-file = state_dir + "/lighttpd.pid"
>> server.errorlog = log_root + "/error.log"
>>
>> # Server modules
>> server.modules = (
>> "mod_proxy",
>> "mod_redirect",
>> "mod_accesslog",
>> )
>>
>> # debug settings
>> debug.log-request-handling = "enable"
>> debug.log-request-header = "enable"
>> debug.log-request-header-on-error = "enable"
>> debug.log-response-header = "enable"
>> debug.log-file-not-found = "enable"
>> debug.log-condition-handling = "enable"
>>
>> # VIRTUAL HOSTS
>>
>> # Main server
>> $SERVER["socket"] == ":8001" {
>> server.port = 8001
>> ssl.engine = "enable"
>> ssl.pemfile = "/etc/kimchi/kimchi.pem"
>> # server.document-root = server_root + "/lighttpd"
>> proxy.debug = 1
>> proxy.server = ( "" => ( ( "host" =>
"127.0.0.1", "port" =>
>> 8010 )))
>> }
>>
>> # redirect from http to https
>> $SERVER["socket"] == ":8000" {
>> server.port = 8000
>> server.document-root = server_root + "/lighttpd"
>>
>> $HTTP["host"] =~ "[^0-9:]*" {
>> url.redirect = ("[^0-9:]*" =>
"https://%0:8001$0")
>> }
>> }
>>
>>
>> 4) Run with /usr/sbin/lighttpd -D -f /etc/kimchi/lighttpd.conf.
>>
>> You will can access https://localhost:8001 with no problems, but, if
>> you try to access localhost:8000, you will be redirect to
>> https://127.0.0.1:8010.
>>
>> I did not understand why this is happening. Can someone please take
>> a look?
>>
>
--
Ramon Nunes Medeiros
Kimchi Developer
Software Engineer - Linux Technology Center Brazil
IBM Systems & Technology Group
Phone : +55 19 2132 7878
ramonn(a)br.ibm.com
10:47 a.m.
I forgot one thing:
lighttpd uses pem file for ssl. So you will need to concatenate the
certificate and the key:
cat /etc/kimchi/kimchi-cert.pem /etc/kimchi/kimchi-key.pem >
/etc/kimchi/kimchi.pem
On 01/14/2015 12:01 PM, Ramon Medeiros wrote:
Hi Team,
i'm trying to switch from nginx to lighttpd as kimchi proxy. I
successfully create the proxy on port 8001, but the problem is the
redirection from http to https.
To try this, do:
1) Install lighttpd
2) Start kimchi, kill nginx process
3) Run lighttpd with this configuration (save to
/etc/kimchi/lighttpd.conf):
# Variables
var.log_root = "/var/log/lighttpd"
var.server_root = "/var/www"
var.state_dir = "/var/run"
var.home_dir = "/var/lib/lighttpd"
var.conf_dir = "/etc/lighttpd"
var.vhosts_dir = server_root + "/vhosts"
var.cache_dir = "/var/cache/lighttpd"
var.socket_dir = home_dir + "/sockets"
# Server settings
server.username = "lighttpd"
server.groupname = "lighttpd"
server.document-root = server_root + "/lighttpd"
server.pid-file = state_dir + "/lighttpd.pid"
server.errorlog = log_root + "/error.log"
# Server modules
server.modules = (
"mod_proxy",
"mod_redirect",
"mod_accesslog",
)
# debug settings
debug.log-request-handling = "enable"
debug.log-request-header = "enable"
debug.log-request-header-on-error = "enable"
debug.log-response-header = "enable"
debug.log-file-not-found = "enable"
debug.log-condition-handling = "enable"
# VIRTUAL HOSTS
# Main server
$SERVER["socket"] == ":8001" {
server.port = 8001
ssl.engine = "enable"
ssl.pemfile = "/etc/kimchi/kimchi.pem"
# server.document-root = server_root + "/lighttpd"
proxy.debug = 1
proxy.server = ( "" => ( ( "host" =>
"127.0.0.1", "port" => 8010 )))
}
# redirect from http to https
$SERVER["socket"] == ":8000" {
server.port = 8000
server.document-root = server_root + "/lighttpd"
$HTTP["host"] =~ "[^0-9:]*" {
url.redirect = ("[^0-9:]*" => "https://%0:8001$0")
}
}
4) Run with /usr/sbin/lighttpd -D -f /etc/kimchi/lighttpd.conf.
You will can access https://localhost:8001 with no problems, but, if
you try to access localhost:8000, you will be redirect to
https://127.0.0.1:8010.
I did not understand why this is happening. Can someone please take a
look?
--
Ramon Nunes Medeiros
Kimchi Developer
Software Engineer - Linux Technology Center Brazil
IBM Systems & Technology Group
Phone : +55 19 2132 7878
ramonn(a)br.ibm.com
3632
days inactive
3634
days old
4 comments
2 participants
participants (2)
-
Aline Manera -
Ramon Medeiros