Reverse proxy frontend: Difference between revisions
From MoodleDocs
(New page: == The instructions to run apache as a reverse proxy of other apache in internal network assume the following == * You run Apache 2.2 both in the backend and the frontend. * You run RHEL 5...) |
No edit summary |
||
Line 1: | Line 1: | ||
== The instructions to run apache as a reverse proxy of other apache in internal network assume the following == | == The instructions to run apache as a reverse proxy of other apache in internal network assume the following == | ||
* You need ssl for authentication. | |||
* You run Apache 2.2 both in the backend and the frontend. | * You run Apache 2.2 both in the backend and the frontend. | ||
* You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10). | * You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10). | ||
* You run Apache 2.2 as the frontend in any modern OS. | * You run Apache 2.2 as the frontend in any modern OS using trainer.moodle.org as url (My frontend apache runs on Windows 2003). | ||
* You installed moodle 1.9 to run from "/" the internal http server. | * You installed moodle 1.9 to run from "/" the internal http server with SSL support on 10.1.1.24. | ||
* You have an external facing apache using SSL. | |||
== Configuration for the external server == | |||
http.conf | |||
(snip) | |||
ProxyPass / http://10.1.1.24/ | |||
ProxyPassReverse / http://10.1.1.24/ | |||
(snip) | |||
Include conf/http-ssl.conf | |||
http-ssl.conf | |||
(snip) | |||
ProxyPass / http://10.1.1.24/ | |||
ProxyPassReverse / http://10.1.1.24/ | |||
(snip) | |||
== config.php == | |||
<?php /// Moodle Configuration File | |||
unset($CFG); | |||
$CFG->dbtype = 'mysql'; | |||
$CFG->dbhost = 'localhost'; | |||
$CFG->dbname = 'moodle'; | |||
$CFG->dbuser = 'moodleuser'; | |||
$CFG->dbpass = 'XXXXXXXX'; | |||
$CFG->dbpersist = false; | |||
$CFG->prefix = 'mdl_'; | |||
$CFG->wwwroot = 'http://trainer.moodle.org'; | |||
$CFG->dirroot = '/var/www/moodle'; | |||
$CFG->dataroot = '/opt/moodle_data'; | |||
$CFG->admin = 'admin'; | |||
$CFG->directorypermissions = 00777; // try 02777 on a server in Safe Mode | |||
require_once("$CFG->dirroot/lib/setup.php"); | |||
// MAKE SURE WHEN YOU EDIT THIS FILE THAT THERE ARE NO SPACES, BLANK LINES, | |||
// RETURNS, OR ANYTHING ELSE AFTER THE TWO CHARACTERS ON THE NEXT LINE. | |||
?> | |||
== The tricky part == | |||
* Go to Administration ► Security ► HTTP security and set '''Use HTTPS for loginsloginhttps''' to true. | |||
* You need to have the previous setup ready or you may lock yourself out of the server. |
Revision as of 20:02, 1 April 2009
The instructions to run apache as a reverse proxy of other apache in internal network assume the following
- You need ssl for authentication.
- You run Apache 2.2 both in the backend and the frontend.
- You run RHEL 5.2 Application stack 2 in the backend (php 5.2.6 + mysql 5 + apache 2.2.10).
- You run Apache 2.2 as the frontend in any modern OS using trainer.moodle.org as url (My frontend apache runs on Windows 2003).
- You installed moodle 1.9 to run from "/" the internal http server with SSL support on 10.1.1.24.
- You have an external facing apache using SSL.
Configuration for the external server
http.conf
(snip) ProxyPass / http://10.1.1.24/ ProxyPassReverse / http://10.1.1.24/ (snip) Include conf/http-ssl.conf
http-ssl.conf
(snip) ProxyPass / http://10.1.1.24/ ProxyPassReverse / http://10.1.1.24/ (snip)
config.php
<?php /// Moodle Configuration File unset($CFG); $CFG->dbtype = 'mysql'; $CFG->dbhost = 'localhost'; $CFG->dbname = 'moodle'; $CFG->dbuser = 'moodleuser'; $CFG->dbpass = 'XXXXXXXX'; $CFG->dbpersist = false; $CFG->prefix = 'mdl_'; $CFG->wwwroot = 'http://trainer.moodle.org'; $CFG->dirroot = '/var/www/moodle'; $CFG->dataroot = '/opt/moodle_data'; $CFG->admin = 'admin'; $CFG->directorypermissions = 00777; // try 02777 on a server in Safe Mode require_once("$CFG->dirroot/lib/setup.php"); // MAKE SURE WHEN YOU EDIT THIS FILE THAT THERE ARE NO SPACES, BLANK LINES, // RETURNS, OR ANYTHING ELSE AFTER THE TWO CHARACTERS ON THE NEXT LINE. ?>
The tricky part
- Go to Administration ► Security ► HTTP security and set Use HTTPS for loginsloginhttps to true.
- You need to have the previous setup ready or you may lock yourself out of the server.