On Thu, Mar 15, 2012 at 4:11 PM, Douglas Hubler <[email protected]> wrote:
> I had to unraveled apache config in 4.6 when we introduced cfengine.
> For admin interface I decided to go for simple apache config instead
> of static html landing page w/meta tag. I came up with an apache
> config. This redirects http requests to admin ui to https and
> redirects "/" to "/sipxconfig". This works, i just want to pass this
> thru and apache gurus for validation.
>
> RewriteEngine On
> RewriteCond %{SERVER_PORT} !^443$
> RewriteRule ^/sipxconfig/(.*)$ https://%{SERVER_NAME}/sipxconfig/$1 [L,R]
> RewriteRule ^/+$ https://%{SERVER_NAME}/sipxconfig/ [L,R]
>
> ProxyPass /sipxconfig http://127.0.0.1:12000/sipxconfig
> ProxyPassReverse /sipxconfig http://127.0.0.1:12000/sipxconfig
>
>
> P.S. I took care of this by removing "base" tag altogether
> http://thread.gmane.org/gmane.comp.voip.sipx.devel/6362
> Damian never said why tag was needed at all. I read up on the base
> tag and i don't think we need it. Basic test verifies we do not need
> it.
>
I think that was a remnant of a control mechanism to keep anyone from
trying to use it as a webserver. I still don't think hosting websites on
your phone system is a good idea, but... if you want to push all your
http/https traffic through another pipe via your own firewalls the standard
apache way of doing this will work and be easier for the masses (I count
myself as a mass sometimes).
>
> P.P.S. We using the apache server now that's managed by the OS
> instead of launching an apache instance with a separate config file.
>
YAY! So this config change goes in the sipx config file. do you mean it
will be moved into the apache config file or that we are o longer going to
pull the apache rpm's in from sipfoundry's source, instead being able to
use the OS specific version and writing the httpd to use the sipx specific
config? That's what I think you kinda said anyway.
>
> P.P.P.S This means we can remove https listener on sipxconfig or any
> other internal service if we want and proxy them all thru single
> apache server. I'll wait on this one. But it will definitely make
> installing web certs easier if nothing else.
>
WOOHOO! I think it will be easier for those of use who want to split the
web interface from the sip interface on a system and be able to proxy web
requests through commodity links. Does that make sense?
> _______________________________________________
> sipx-users mailing list
> [email protected]
> List Archive: http://list.sipfoundry.org/archive/sipx-users/
>
--
~~~~~~~~~~~~~~~~~~
Tony Graziano, Manager
Telephone: 434.984.8430
sip: [email protected]
Fax: 434.465.6833
~~~~~~~~~~~~~~~~~~
Linked-In Profile:
http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
Ask about our Internet Fax services!
~~~~~~~~~~~~~~~~~~
--
LAN/Telephony/Security and Control Systems Helpdesk:
Telephone: 434.984.8426
sip: [email protected]
Helpdesk Customers: http://myhelp.myitdepartment.net
Blog: http://blog.myitdepartment.net
_______________________________________________
sipx-users mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users/
