Usecase
Sometimes you need to access your XL Deploy or XL Release servers from behind a Proxy server for various reasons. This guide will help you get started with setting up a proxy server quickly. This is based on Ubuntu but you can easily modify it according to your OS.
Environment
XL Release, XL Deploy, Ubuntu
Steps to Follow
Configure Forward Proxy Server
- Install core product
Install Apache, if not already done:
root@shashank-forward-proxy-server:/home/shashank# apt-get install-y apache2
apache2-doc apache2-utils
- Install the necessary modules
Issue the command below to install modules required for proxy server:
root@shashank-forward-proxy-server:/home/shashank# apt-get install libapache2-mod
-proxy-html libxml2-dev
- Enable Apache modules
Issue the command below to enable all the required Apache modules:
root@shashank-forward-proxy-server:/home/shashank# a2enmod proxy proxy_ajp proxy_http
rewrite deflate headers proxy_balancer proxy_connect proxy_html
- Configure proxy
Create an Apache proxy configuration file that will hold the information required for proxying. Start with creating a file:
root@shashank-forward-proxy-server:/home/shashank# vim /etc/apache2/mods-available/
proxy.conf
Enter the following text:
<IfModule mod_proxy.c>
# If you want to use apache2 as a forward proxy, uncomment the
# 'ProxyRequests On' line and the <Proxy *> block below.
# WARNING: Be careful to restrict access inside the <Proxy *> block.
# Open proxy servers are dangerous both to your network and to the
# Internet at large.
#
# If you only want to use apache2 as a reverse proxy/gateway in
# front of some web application server, you DON'T need
# 'ProxyRequests On'.
ProxyRequests On
<Proxy *>
# AddDefaultCharset off
# Require all denied
# #Require local
</Proxy>
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
#ProxyVia Off
</IfModule>
- Define port for proxy server
Now we need to define the port on which our proxy server must run. Issue this command after backing up the original file.
root@shashank-forward-proxy-server:/home/shashank# sed -i -e 's/80/8889/g'
/etc/apache2/ports.conf
You can see that we replaced the default port 80 with 8889. Choose any available port that you like.
- Define a Virtual Host
It's now time to define a Virtual Host which is a separate instance of your web-server (remember you can host multiple sites on a single Apache server). We are defining it to enable more fine-grained logs & port. Start with backing up the original default Virtual Host.
Now edit the /etc/apache2/sites-enabled/000-default.conf file to define logs location & port. Below are the contents of this file:
<VirtualHost *:8889>
ErrorLog /var/log/apache2/error_forward_proxy.log
CustomLog /var/log/apache2/access_forward_proxy.log combined
</VirtualHost>
- Enable the Virtual Host
Now enable your newly created Virtual Host.
root@shashank-forward-proxy-server:/home/shashank# a2ensite 000-default.conf
- Restart Apache
The configuration is done and you must restart Apache to load the new settings:
root@shashank-forward-proxy-server:/home/shashank# service apache2 restart
* Restarting web server apache2 [Fri Jun 23 09:09:32.982307 2017] [proxy_html:notice]
[pid 2940:tid 140143966525312] AH01425: I18n support in mod_proxy_html requires
mod_xml2enc. Without it, non-ASCII characters in proxied pages are likely to display
incorrectly.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name,
using node2.shashank.com. Set the 'ServerName' directive globally to suppress this message
Configure Client
After configuring the Proxy server, you need to configure your client machine to be able to proxy requests via your Proxy server.
Additional Information
If you check the /var/log/apache2/access_forward_proxy.log file, you will see that requests made from the client to XLD/R server are proxying through your Proxy server.
Comments
Please sign in to leave a comment.