On Wed, 2012-06-20 at 18:42 +0200, Benjamin Schweikert wrote:
> Hi everybody,
> currently I use pound as a reverse proxy. Everything what is outside
> (internet) has to be https and everything what is insade my lan is http.
> I use this to have one cert for all my servers like lighttpd, apache,
> subsonic etc. I simply don't want to have a unecrypted connection if I
> want to listen to my music with subsonic at home when I am at work.
>
> I managed this all with this config:
>
> ListenHTTPS
> Address 0.0.0.0
> Port 443
> Cert "/etc/pound/selfsigned.pem"
> xHTTP 1
> HeadRemove "X-SSL-Request"
> HeadRemove "X-Forwarded-For"
> AddHeader "X-SSL-Request: 1"
> Service
> BackEnd
> Address 192.168.2.2
> Port 80
> End
> End
> End
>
> On Ip is a lighttpd server I use as a proxy for rewriting URLS and
> ports, so that I can reach everything by <ip>/music, <ip>/wiki etc.
>
> With two apps I have problems: amapche and gateone.
> Ampache is incredible slow and does not show any graphics, just text and
> the pound log says this:
>
> Jun 20 18:27:09 ipfire pound: 79.238.xxx.xxx GET /ampache/ HTTP/1.1 -
> HTTP/1.1 302 Found (<ip>/- -> 192.168.2.2:80) 0.794 sec
> Jun 20 18:27:09 ipfire pound: 79.238.xxx.xxx GET /ampache/login.php
> HTTP/1.1 - HTTP/1.1 200 OK (<ip>/- -> 192.168.2.2:80) 0.348 sec
>
> gateone is this saying:
>
> Jun 20 18:27:07 ipfire pound: 79.238.xxx.xxx GET /gateone/ws HTTP/1.1 -
> HTTP/1.1 400 Bad Request (<ip>/- -> 192.168.2.2:80) 0.005 sec
>
> I googled a lot and found out, that the proxy of lighttpd does not
> handle these request very good. I want to test, whether pound could do
> this rewriting/redirecting better:
>
> I want that all requests from https://<ip>/gateon/ go to
> 192.168.2.3:4430/gateone/ (yes differnt ip than my config has currently
> - gateone is on another server)
>
> All expamle configs I found on the net didn't work. So I hope somebody
> could help me to find the right entrance for this problem.
> thx.
>
> Ben
>
>
> --
> To unsubscribe send an email with subject unsubscribe to [email protected].
> Please contact [email protected] for questions.
Try
ListenHTTPS
# Listening on 0.0.0.0 is not a very good idea, but it works
Address 0.0.0.0
Port 443
Cert "/etc/pound/selfsigned.pem"
xHTTP 1
HeadRemove "X-SSL-Request"
HeadRemove "X-Forwarded-For"
AddHeader "X-SSL-Request: 1"
# groupon service
Service
URL "^/groupon"
BackEnd
Address 192.168.2.3
Port 4430
End
End
# catch-all service
Service
BackEnd
Address 192.168.2.2
Port 80
End
End
End
--
Robert Segall
Apsis GmbH
Postfach, Uetikon am See, CH-8707
Tel: +41-32-512 30 19
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
