Here's my basic setup:
Router forwarding port's 80 and 443 to Ubuntu Server 14.04 running apache. Works great.
Running several virtual machines (QEMU/KVM) on Ubuntu server. VM's are in bridged mode so they have their own internal IP address.
I would like to redirect all traffic for subdomain to the VM's for handling.
Ex:
sub1.example.com -> VM1
sub2.example.com -> VM2
sub3.example.com -> VM3
I would like this to forward ssl requests to the VM for handling.
Currently I'm getting redirect loops or ssl errors, regardless of what I try. I can get non-ssl to work, but I'm not sure how to setup the Ubuntu server to handle and forward requests for HTTP and HTTPS.
Edit:
Here are my current virtual hosts files:
<VirtualHost *:80>
ServerName sub1.example.com
ProxyPreserveHost On
ProxyPass / http://192.168.1.78/
ProxyPassReverse / http://192.168.1.78/
</VirtualHost>
<VirtualHost *:443>
ServerName sub1.exmaple.com
ProxyPreserveHost On
ProxyPass / http://192.168.1.78/
ProxyPassReverse / http://192.168.1.78/
</VirtualHost>
I know this isn't correct, but not sure how to do it. The main server will receive request from http://sub1.example.com and https://sub1.example.com
Edit 2:
I forgot to mention that I have this working for non-ssl using this:
<VirtualHost *:80>
ServerName zab.example.com # this forwards to my zabbix VM
ProxyPreserveHost on
ProxyPass / http://192.168.1.64/
ProxyPassReverse / http://192.168.1.64/
</VirtualHost>
This takes incoming requests for zab.example.com and forwards them to my Zabbix VM at 192.168.1.64. So port 80 redirects to VM's are working well.
Thanks for any help!
Edit 3:
I'm still missing something (again, I'm a novice 🙂 )
Here are all my virtual hosts:
WAN -> 192.168.1.66 (Main Server)
<VirtualHost *:80>
ServerName file.example.com
redirect permanent / https://file.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName file.example.com
SSLEngine On
SSLCertificateFile /home/js/Seafile/file_ws_ee.crt
SSLCertificateKeyFile /home/js/Seafile/file.example.com.key
SSLCertificateChainFile /home/js/Seafile/GeoTrustDVSSLCAG4.cer
SSLProxyEngine On
ProxyPreserveHost off
ProxyRequests off
ProxyPass / http://file.example.com/
ProxyPassReverse / http://file.example.com/
</VirtualHost>
Internal VM 192.168.1.78 (running Seafile)
<VirtualHost *:80>
ServerName file.example.com
redirect permanent / https://file.example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName file.example.com
DocumentRoot /var/www
Alias /media /home/js/Seafile/seafile-server-latest/seahub/media
SSLEngine On
SSLCertificateFile /home/js/Seafile/file_ws_ee.crt
SSLCertificateKeyFile /home/js/Seafile/file.example.com.key
SSLCertificateChainFile /home/js/Seafile/GeoTrustDVSSLCAG4.cer
RewriteEngine On
<Location /media>
Require all granted
</Location>
#
# seafile fileserver
#
ProxyPass /seafhttp http://127.0.0.1:8082
ProxyPassReverse /seafhttp http://127.0.0.1:8082
RewriteRule ^/seafhttp - [QSA,L]
#
# seahub
#
RewriteRule ^/(media.*)$ /$1 [QSA,L,PT]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ /seahub.fcgi/$1 [QSA,L,E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</VirtualHost>
Running wget file.example.com results in:
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://file.example.com/ [following]
20 redirections exceeded.
Thoughts?
Best Answer
Trying to have apache pass SSL to another server serving SSL is more trouble than it's worth. You're better off having it handled at the main apache server. It's just easier that way. Here's an example of what I've done for one of my five subdomains. I've taken out any extra configuration options that aren't relevant to your question.