Koozali.org: home of the SME Server

Full ProxyPass

Offline Pol1987

  • 11
  • +0/-0
Full ProxyPass
« on: February 08, 2011, 02:18:25 PM »
Hello,

I Have a question, at home i have two SME Servers, both are using the webserver functionality and on the second server (server only, the first is server & Gateway) i have installed Zarafa. With the help of a ProxyPass i would like to forward a specific domain to the second server inside my network.

I have followed the following commands, and added a subdomain on my first gateway server:
db domains set proxypassdomain.com domain
db domains setprop proxypassdomain.com Nameservers internet
db domains setprop proxypassdomain.com ProxyPassTarget http://xxx.xxx.xxx.xxx/
db domains setprop proxypassdomain.com TemplatePath ProxyPassVirtualHosts
signal-event domain-create proxypassdomain.com

http://xxx.xxx.xxx.xxx/ >> i have used the internal IP address of the server (192.168.0.20 [gateway/other server=192.168.0.1)

The ProxyPass is working fine and when i access the domain from the internet the first server will pass all the webserver functionality through to the second server. There is only one problem when i try to reach /webmail /webaccess /zarafa i see in my browser that the browser will be forwarded to the following adress:

http://192.168.0.20/webmail (or /zarafa /webaccess)

From the internet isn't this accessible and that is logical, but what am i'm doing wrong so that the proxypass works fine and also the webmail of zarafa is accessible...??

I think that the problem is related with the fact that the tree options (/webmail /zarafa /webaccess) are sort of hyperlinks to /usr/share/zarafa-webaccess... But how do i solve the problem...?

Or do i just need to do another proxypass?

hopefully someone can help me and sorry for my 'bad' English  ;-)

thanks!

Offline cactus

  • *
  • 4,880
  • +3/-0
    • http://www.snetram.nl
Re: Full ProxyPass
« Reply #1 on: February 08, 2011, 06:04:53 PM »
Mine are working flawlessly. I host a second domain on an internal server and configured the ProxyPass like this:

Code: [Select]
second-domian.tld=domain
    Nameservers=internet
    ProxyPassTarget=http://10.0.10.94/
    TemplatePath=ProxyPassVirtualHosts

The DNS entries in for the second domain in the internal DNS point to my outside facing IP (WAN) of the server connected to my internet connection. When I access my second domain using the domain name from inside and outside of the network everything works as intended and I never see the internal IP address (10.0.10.94).

Can you show the verbatim output of:
Code: [Select]
db domains show proxypassdomain.com
Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)

Offline Pol1987

  • 11
  • +0/-0
Re: Full ProxyPass
« Reply #2 on: February 09, 2011, 07:21:28 AM »
Hello Cactus,

Thanks for the fast reply! First.. The website on the second domain server works fine and when i reach it from the internet it works also fine. When i make a directory in the /home/e-smith/files/ibays/Primary/html/ folder, this folder will also be visible from the outside 'world'. But only when i try to access /webmail /zarafa or /webaccess this only works from the network itself and not from the internet.

the output of "db domains show second-domain.nl" is:

Code: [Select]
second-domain.nl=domain
    Content=rk_domein
    Description=RK Domain
    Nameservers=localhost
    ProxyPassTarget=http://192.168.0.20/
    TemplatePath=ProxyPassVirtualHosts

This output is given on the gateway server!


Offline cactus

  • *
  • 4,880
  • +3/-0
    • http://www.snetram.nl
Re: Full ProxyPass
« Reply #3 on: February 09, 2011, 07:44:06 AM »
Your problem is that you are trying to do two things with your entry, which AFAICT is not supported. You are trying to ProxyPass as well as point to an ibay, it is either one or the other.

I think you should remove the first two properties like this:

Code: [Select]
db domains delprop second-domain Content
db domains delprop second-domain Description
signal-event domain-modify second-domain
Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)

Offline Pol1987

  • 11
  • +0/-0
Re: Full ProxyPass
« Reply #4 on: February 09, 2011, 07:48:49 AM »
Hello,

That worked fine now my output shows:

Code: [Select]
second-domain.nl=domain
    Nameservers=localhost
    ProxyPassTarget=http://192.168.0.20/
    TemplatePath=ProxyPassVirtualHosts

But shouldn't Nameservers be set to internet in stead of localhost?

And yes i try to reach an ibay but that normally works fine, i also have installed a long time ago on my gateway server and there it worked very well, so i think it should be possible to work like a proxypass or doesn't it?

Offline cactus

  • *
  • 4,880
  • +3/-0
    • http://www.snetram.nl
Re: Full ProxyPass
« Reply #5 on: February 09, 2011, 09:33:46 AM »
But shouldn't Nameservers be set to internet in stead of localhost?
Yes, AFAICT from the information you provided.
Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)

Offline Pol1987

  • 11
  • +0/-0
Re: Full ProxyPass
« Reply #6 on: February 09, 2011, 09:43:36 AM »
Hello Cactus,

Now my db settings are ok:

Code: [Select]
second-domain.nl=domain
    Nameservers=internet
    ProxyPassTarget=http://192.168.0.20/
    TemplatePath=ProxyPassVirtualHosts

But the zarafa webmail is still nog accessible...

In the httpd.conf of the second server (second domain) the /webmail /zarafa /webaccess are redirected to /usr/share/zarafa-webaccess

Code: [Select]
    </Location>

    Alias        /zarafa   /usr/share/zarafa-webaccess
    Alias        /webmail   /usr/share/zarafa-webaccess
    Alias        /webaccess   /usr/share/zarafa-webaccess
    Alias        /mobile   /usr/share/zarafa-webaccess-mobile
    Alias        /Microsoft-Server-ActiveSync   /var/www/html/z-push/index.php

The website self "second-domain.nl" isn't needed, only the zarafa webmail function of the server so maybe it is possible (as you earlier described) to redirect the second domain directly to the "share" for the webmail so the webmail function is working properly??


Thanks a lot!


Offline Pol1987

  • 11
  • +0/-0
Re: Full ProxyPass
« Reply #7 on: February 09, 2011, 02:54:47 PM »
Hello Cactus,

I finally get it working... The solution was in the fact that the ProxyPreserveHost must be set ON instead of the default OFF. This is what i have done:

Code: [Select]
cp /etc/e-smith/templates/etc/httpd/conf/httpd.conf/ProxyPassVirtualHosts/26RewriteTraceAndTrack /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/ProxyPassVirtualHosts/

cd /etc/e-smith/templates-custom/etc/httpd/conf/httpd.conf/ProxyPassVirtualHosts/

nano 26RewriteTraceAndTrack

Then added the following to the end of the file: ProxyPreserveHost On

Code: [Select]
    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
    ProxyPreserveHost On

And at the end then expanding the config file

Code: [Select]
signal-event remoteaccess-update
Now when the host is preserved the webmail function works great and everything is working fine!

Thanks a lot for the fast responses! And maybe some other guys will need the above information also! (maybe usefull to add a db setprop for this issue?)

Thanks!
« Last Edit: February 09, 2011, 02:56:45 PM by Pol1987 »

Offline cactus

  • *
  • 4,880
  • +3/-0
    • http://www.snetram.nl
Re: Full ProxyPass
« Reply #8 on: February 09, 2011, 08:18:14 PM »
I finally get it working... The solution was in the fact that the ProxyPreserveHost must be set ON instead of the default OFF. This is what i have done:
OK, so it seems that the functionality on your internal server needs the original Host: line from the HTTP request. Thanks for posting back, it indeed might help someone else.
Be careful whose advice you buy, but be patient with those who supply it. Advice is a form of nostalgia, dispensing it is a way of fishing the past from the disposal, wiping it off, painting over the ugly parts and recycling it for more than its worth ~ Baz Luhrmann - Everybody's Free (To Wear Sunscreen)