WebSocket reverse proxy with Apache 2.4

Posted on 09/12/2020 by cellie

To allow access to my local smartMeterLogger I setup a virtual host energie.wasietsmet.nl.

This means setting up a reverse proxy for the websocket running on the smartMeterLogger.
First thing to do is to enable proxy_wstunnel with a2enmod.
Then set up the virtual host. See below how to.
Don’t forget to reload the settings in Apache2!

<VirtualHost *:80>
ServerName energie.wasietsmet.nl

  ProxyRequests Off
 
  ProxyPreserveHost On
 
  ProxyPass / "http://192.168.0.107/"
  ProxyPassReverse / "http://192.168.0.107/"
        
  RewriteEngine on
  RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
  RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
  RewriteRule .* ws://192.168.0.107%{REQUEST_URI} [P]

SetEnvIf Request_URI "^/events" dontlog
SetEnvIf Request_URI "^/raw" dontlog
 
CustomLog "|/usr/bin/rotatelogs /var/www/energie.wasietsmet.nl/log/access%d-%m-%Y 86400" vhost_combined env=!dontlog
ErrorLog "|/usr/bin/rotatelogs /var/www/energie.wasietsmet.nl/log/error%d-%m-%Y 86400"
</VirtualHost>

Links:

http://aripratech.com/reverse-proxy-websockets-with-apache-httpd-server/

Add password to Apache2 directory.

Posted on 14/02/2020 by cellie

Put something like this in your sitename.conf:

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName muziek.wasietsmet.nl
DocumentRoot "/mnt/music"

<Directory "/mnt/music">
  Allow from all
  AuthUserFile /var/www/muziek.wasietsmet.nl/.wachtwoord
  AuthType Basic
  AuthName "muziek"
  Require valid-user
</Directory>

CustomLog "|/usr/bin/rotatelogs /var/www/muziek.wasietsmet.nl/log/access%d-%m-%Y 86400" vhost_combined env=!dontlog
ErrorLog "|/usr/bin/rotatelogs /var/www/muziek.wasietsmet.nl/log/error%d-%m-%Y 86400"

SSLCertificateFile
...

</IfModule>

Use htpasswd -c /var/www/muziek.wasietsmet.nl/.wachtwoord $USERNAME to create the .wachtwoord file.

Don’t serve .git folder on Apache2

Posted on 29/11/2018 by cellie

Add this to /etc/apache2/apache2.conf:

# do not serve .git folders by default
<DirectoryMatch "^/.*/\.git/">
    Require all denied
</DirectoryMatch>

( Apache 2.4 – Ubuntu 18.04.1 LTS )

Aquacontrol over SSL.

Posted on 18/04/2018 by cellie

Het 5-stappenplan:

We hebben in dit voorbeeld al een werkende VirtualHost voor de site salamanders.wasietsmet.nl op poort 80.

Installeer de certificaten via de CertBot van Let’sEncrypt.
De 7 lokale virtualhosts werden hier allemaal netjes automagisch van een SSL certificaat voorzien.
(Ja echt zo simpel.)
Continue reading →

Apache2 proxy setup.

Posted on 17/01/2018 by cellie

Om lan servers via internet te benaderen en daarbij niet te veel poorten te hoeven openen kun je Apache2 gebruiken als proxy server.

Voorbeeld salamanders:

Opslaan als salamanders.wasietsmet.nl.conf in /etc/apache2/sites-available.

<VirtualHost *:80>

    Servername salamanders.wasietsmet.nl

    ProxyRequests Off

    ProxyPreserveHost On

    <Location />
        ProxyPass "http://192.168.0.199/"
        ProxyPassReverse "http://192.168.0.199/"
    </Location>

    SetEnvIf Request_URI "^/api/getdevice" dontlog

    CustomLog "|/usr/bin/rotatelogs /var/www/salamanders.wasietsmet.nl/log/access%d-%m-%Y 86400" vhost_combined env=!dontlog
    ErrorLog "|/usr/bin/rotatelogs /var/www/salamanders.wasietsmet.nl/log/error%d-%m-%Y 86400"

</VirtualHost>

Nu alleen nog Apache2 op de hoogte stellen:

a2ensite salamanders*
service apache2 reload

En het werkt.

De links:

https://www.leaseweb.com/labs/2014/12/tutorial-apache-2-4-transparent-reverse-proxy/
https://www.howtoforge.com/setenvif_apache2
https://www.jamescoyle.net/how-to/116-simple-apache-reverse-proxy-example

NFS setup 2017

Posted on 07/06/2017 by cellie

on the server:

/etc/exports

/media/storage 192.168.2.0/24(no_subtree_check,insecure,rw)
/media/movie 192.168.2.0/24(no_root_squash,rw,async,no_subtree_check)
/var/www 192.168.2.0/24(rw,no_subtree_check)

on pc clients:

/etc/fstab

192.168.2.2:/media/storage /media/storage nfs auto,rw,hard,intr 0 0
192.168.2.2:/var/www /mnt/www nfs auto,rw,hard,intr 0 0

on Enigma2 clients: