I have a two nodes WebLogic (and a positively ancient version of WebLogic to boot) cluster that I plan to retire where WebLogic will be replaced by WildFly and Apache with Nginx. The problem I am facing right now is how to replace mod_weblogic from the Apache configuration:
<IfModule mod_weblogic.c>
WebLogicHost 192.168.0.1
WebLogicPort 7003
</IfModule>
<LocationMatch "/services/.*/(buy|sell|status)">
SetHandler weblogic-handler
WebLogicCluster 192.168.0.1:7003,192.168.0.2:7003
PathTrim /services
PathPrepend /requestprocessor
WLIOTimeoutSecs 600
</LocationMatch>
In this example, from what I understand, provides mod_weblogic load balancing between the two nodes, right? I have to admit that I have no idea how this module works, only that I am about to replace it… :-)
How can I achieve the same result with Nginx and WildFly?
I found a guide on the Nginx website about load balancing ( https://docs.nginx.com/nginx/deployment-guides/jboss-load-balancing-nginx-plus/) and I guess the big question is if there is anything in the functionality of mod_weblogic that I am missing or if doing as the guide suggests will provide the desired result?
You can do load balancing with a lot of tools now. for example haproxy
http://biemond.blogspot.com/2010/04/high-availability-load-balancer-for.html
or nginx https://www.nginx.com/blog/load-balance-oracle-weblogic-server/
or apache https://theheat.dk/blog/?p=916
or varnish https://varnish-cache.org/
they all have similar abilities. as far as I know, now mod_weblogic does not have any specialty other then nginx or varnish or haproxy. apache proxy module can be hard to configure but still does the job.
long time ago there was no nginx or varnish there people start using mod_weblogic. it was a default product for weblogic. now we have all other options. you just need to test and fine-tune your choice.
Related
I use angular on the front end and .net5 on te backend. I deploy my backend to ubuntu 20.04 server and run it with nginx.
I faced this issue while attempt to login. My get functions works well but login(post) is not.
I searched hours and hours and add add_header Access-Control-Allow-Origin *; to my etc/nginx/sites-available/default file.
But nothing changes. Do you have any idea?
Does your .NET backend allows CORS
e.g
have a look at https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-6.0
Also while you are modifying NGINX conf make sure to restart the service.
e.g
sudo systemctl restart nginx
I'm a Fedora 29 enduser looking for a way perform GeoIP blocking via NGINX without having to pay a lot of $$ for Nginx Plus. I saw NGINX can be setup to include modules and wanted to ask if there are any open-source modules that can be used to perform basic GeoIP blocking.
Thanks,
You can build nginx and add the geoip module from nginx https://nginx.org/en/docs/http/ngx_http_geoip_module.html by adding "--with-http_geoip_module" to the nginx build configuration.
Then in your nginx.conf you specify geoip_country or geoip_city followed by a path to a geoip db
https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-by-geoip/ can also help with setting up geoip for either open-source or nginx plus
Edit: GeoIP is deprecated but will still work for existing installs.
You can build GeoIP2 from source here https://github.com/leev/ngx_http_geoip2_module with nginx in a similar manner as before
Here is the newer geoip2 database Geolite2 Country
I'm using vagrant (VVV actually) to run local wordpress installs. I want to test different behaviors for different GEO's on my local machine instead of upload it every time to the server which is annoying.
So, I've tried to install the GeoIP nginx module to the local machine with the following guide https://piwik.org/faq/how-to/faq_166/ (and a bit more google but it doesn't matter at the moment).
When I'm using ./configure the following is exists:
checking for GeoIP library ... found
checking for GeoIP IPv6 support ... found
I've also set the .dat files in my conf file, and set the $_SERVER (fastcgi_param) parameters - so they displayed when I'm printing the $_SERVER var.
But those GeoIP vars are empty. I'm not sure about the reason, but 2 things is bothering me. First, when I'm write nginx -V in the terminal the argument --with-http_geoip_module is missing. Second, could it actually works if the REMOTE_ADDR (IP) is not my real IP? (192.168.1.50 for example).
nginx is a bit strange for me, so sorry if something isn't exact..
--
Operating system - macOS, nginx version - 1.3.15, running with VVV (vagrant box)
If there is a reverse proxy in front of your nginx, use geoip_proxy to set IPs whose X-Forwarded-For-Header can be trusted.
You can also use that without actually having a reverse proxy when you're developing. Add your local IP to the geoip_proxy-list and set the X-Forwarded-For-Header to your public IP in your browser (use a plugin like Modify Headers).
I'm trying to configure the access to an alfresco webdav directory.
Alfreso is in local ip 192.168.1.25. If I mount (with mount.davfs http:// 192.168.1.25 :8080) , it works ok.
If I configure jkmount in the apache server (in another local ip, 192.168.1.111), when I mount it (with mount.davfs http:// public /alfresco), it doesn't work. The mount error is:
mount.davfs: connection timed out two times;
trying one last time
mount.davfs: server temporarily unreachable;
mounting anyway
However, if I mount the URL with firefox, chrome, or Windows net share, it works ok.
I've tried different jkmount options, rewrites, etc., and with firefox and others it works ok, but it fails using mount (and I must use mount or any other command line tool).
Cadaver also fails.
Regards,
Thanks Heiko,
I've set up the virtual host with (Alfresco Server is in another server):
ProxyPass /alfresco ajp://192.168.1.25:8009/alfresco
ProxyPassReverse /alfresco ajp://192.168.1.25:8009/alfresco
<Location /alfresco/webdav/ >
<Limit OPTIONS PROPFIND GET REPORT MKACTIVITY PROPPATCH PUT CHECKOUT MKCOL MOVE COPY DELETE LOCK UNLOCK MERGE>
Order Deny,Allow
Allow from all
Satisfy Any
</Limit>
</Location>
And the problem persists: I mount it with firefox (and chrome, etc.) ok, but it fails with mount.davfs or cadaver. It doesn't work with curl too.
In alfresco-global.properties, this lines are commented:
# URL Generation Parameters (The ${localname} token is replaced by the local server name)
#-------------
#alfresco.context=alfresco
#alfresco.host=${localname}
#alfresco.port=8080
#alfresco.protocol=http
#
#share.context=share
#share.host=${localname}
#share.port=8080
#share.protocol=http
Are they necessary?
Is there any other apache directive for this?
I also tried to offer the directory via apache with:
ProxyPassMatch ^/alfresco/(.*)$ "http://192.168.1.25:8080/alfresco/$1"
ProxyPassReverse /alfresco/ "http://192.168.1.25:8080/alfresco/"
and
JkMount /alfresco/* alfresco configuring jk workers.properties with:
worker.list=alfresco
worker.alfresco.type=ajp13
worker.alfresco.host= 192.168.1. 25
worker.alfresco.port=8009
worker.alfresco.lbfactor=1
worker.alfresco.socket_keepalive=1
worker.alfresco.socket_timeout=300
And the results are the same: It works in navigators but not in linux console.
I've set apache logs in debug mode for this virtual hosts, and when I mount it with firefox, it writes the right info (ajp conections, etc) but when I try to mount from linux terminal, the logs are empty. This is like the conection doesn't work, but only from console...
Thanks for your help, I keep looking for solutions...
Did you set up virtual host like described here?
Also you may need to set ProxyPreserveHost Directive or something similar depending on your apache mod (mod_http_ajp or mod_jk)
I installed RhodeCode 1.2.2 at a Windows 2008R2 (64Bit) box.
I had setup a IIS 7 as a Proxy Server (Application Request Routing + URL Rewrite) for RhodeCode running at 127.0.0.1:5000.
The Repository is reachable via "https://subdomain.domain.de".
At the repository summary, the Clone url points to:
https://[username]#127.0.0.1:5000/SomeProject
At the client side, I can clone the repository when replacing the
"127.0.0.1:5000" with "subdomain.domain.de".
For sure I would like that RhodeCode displays the Proxy url
("subdomain.domain.de") instead of the 127.XXX...
I search the web up and down and the only thing I found, was that
Apache has a "ProxyPreserveHost On" setting, which does the trick. However
I didn't found anything like that for IIS.
Is there somewhere a setting within the "production.ini" where I can
define the proxy url?
Or does someone found the well hidden setting within the IIS?
Any help is much appreciated :-)
thanks for your answer! I already use the ARR and setup the reverse proxy, I can access RhodeCode via the proxy. However, it looks like that the HTTP_HOST value is not forwarded to paster.
Within the IIS, I setup the following server variables and set them within the reverse proxy rule:
<set name="HTTP_HOST" value="[subdomain.domain.de]" />
<set name="HTTP_X_FORWARDED_SERVER" value="[subdomain.domain.de]" />
<set name="HTTP_X_ORIGINAL_HOST" value="[subdomain.domain.de]" />
<set name="HTTP_X_HTTP_HOST" value="[subdomain.domain.de]" />
<set name="HTTP_X_URL_SCHEME" value="https" />
but that have no affect at all.
At the linked previously answer, he suggested to copy these variable values back to the HTTP_HOST (within tomcat, should be paster in my case). That looks a bit overkilled to me, in comparsion to a simple "ProxyPreserveHost On" within apache. I have the feeling that I missed something here.
Cheers,
Sörnt
Itvan is correct, that will work.
Uncommenting the clone_uri will leave the default clone_uri. You can force the clone_uri to use your domain by having that line:
clone_uri = {scheme}://{user}{pass}[subdomain.domain.de]{path}
PS: Works on version 1.3.6
I'm working on out reverse proxying over https for rhodecode with apache on centos6 right now.
For Apache, the configuration noted by marcin of rhodecode fame is:
<VirtualHost *:80>
ServerName hg.myserver.com
ServerAlias hg.myserver.com
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
#important !
#Directive to properly generate url (clone url) for pylons
ProxyPreserveHost On
#rhodecode instance
ProxyPass / http://127.0.0.1:5000/
ProxyPassReverse / http://127.0.0.1:5000/
#to enable https use line below
#SetEnvIf X-Url-Scheme https HTTPS=1
</VirtualHost>
For the IIS equivilent of ProxyPreserveHost, see Application Request Routing, which was provided in a previously answer by a MSFT MVP.
The http server is actually python paste's httpserver, so referring to the python paste documentation for httpserver (egg#Paste:http is familiar right), there is no proxy configuration. You will have to reverse proxy in IIS (source)
I am unsure why marcin has opted to advise setting up the reverse proxy versus utilizing paste's httpserver support for https; but having IIS field the requests, and binding paste's httpserver to 127.0.0.1 is likely best choice.
I've just installed RhodeCode 1.3.3 and got into this issue. You can edit this line in configuration file to make it work:
## overwrite schema of clone url
## available vars:
## scheme - http/https
## user - current user
## pass - password
## netloc - network location
## path - usually repo_name
#clone_uri = {scheme}://{user}{pass}{netloc}{path}
clone_uri = {scheme}://{user}{pass}yourdomain.com{path}