[Fixed] Problems deploying in a virtual machine behind Apache reverse proxy


#1

Hi.

My issue is similar to this one: https://github.com/RocketChat/Rocket.Chat/issues/8323

I have a virtualbox virtual machine with ubuntu, and I have installed Rocketchat there using snap. I have redirected the port 60112 in the host to the port 80 in the virtual machine, and the vm redirect traffic from port 80 to port 3000 (iptables rule). In this way, I can access to rocketchat with my-host-url.com:60110. For some reason, if I redirect the port 60110 in host to port 3000 in guest, it doesn’t work (browser keep loading ad infinitum) :frowning:

Ok, so now I want to access my rocket chat using its own domain, let’s say my-chat.com, that is pointing to the host IP address. In my host machine, I’m using apache so I have set up the following apache site:

<VirtualHost *:80>
        ServerName my-chat.com

        RewriteEngine On
        RewriteCond %{HTTP:Upgrade} =websocket [NC]
        RewriteRule /(.*)           ws://localhost:60010/$1 [P,L]
        RewriteCond %{HTTP:Upgrade} !=websocket [NC]
        RewriteRule /(.*)           http://localhost:60010/$1 [P,L]

        <Location />
          Order allow,deny
          Allow from all
        </Location>

        ProxyPass         / http://127.0.0.1:60010/
        ProxyPassReverse  / http://127.0.0.1:60010/
        ProxyPreserveHost on
</VirtualHost>

Note that I’m not using HTTPS yet.

Ok, so now, if I open the browser and I go to http://my-chat.com I get a “503 Service Unavailable” Apache error.

Apache log has this:

[Thu May 10 18:52:57.809370 2018] [authz_core:debug] [pid 8456:tid 140691250312960] mod_authz_core.c(828): [client 147.96.25.69:42752] AH01628: authorization result: granted (no directives)
[Thu May 10 18:52:57.809456 2018] [proxy:debug] [pid 8456:tid 140691250312960] mod_proxy.c(1104): [client 147.96.25.69:42752] AH01143: Running scheme http handler (attempt 0)
[Thu May 10 18:52:57.809471 2018] [proxy:debug] [pid 8456:tid 140691250312960] proxy_util.c(2020): AH00942: HTTP: has acquired connection for ()
[Thu May 10 18:52:57.809482 2018] [proxy:debug] [pid 8456:tid 140691250312960] proxy_util.c(2072): [client 147.96.25.69:42752] AH00944: connecting http://localhost:60010/ to localhost:60010
[Thu May 10 18:52:57.809683 2018] [proxy:debug] [pid 8456:tid 140691250312960] proxy_util.c(2206): [client 147.96.25.69:42752] AH00947: connected / to localhost:60010
[Thu May 10 18:52:57.809799 2018] [proxy:error] [pid 8456:tid 140691250312960] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:60010 (
) failed
[Thu May 10 18:52:57.809815 2018] [proxy_http:error] [pid 8456:tid 140691250312960] [client 147.96.25.69:42752] AH01114: HTTP: failed to make connection to backend: localhost
[Thu May 10 18:52:57.809841 2018] [proxy:debug] [pid 8456:tid 140691250312960] proxy_util.c(2035): AH00943: HTTP: has released connection for ()
[Thu May 10 18:52:57.858726 2018] [authz_core:debug] [pid 8457:tid 140691250312960] mod_authz_core.c(828): [client 147.96.25.69:42754] AH01628: authorization result: granted (no directives), referer: http://my-chat.com/
[Thu May 10 18:52:57.858811 2018] [proxy:debug] [pid 8457:tid 140691250312960] mod_proxy.c(1104): [client 147.96.25.69:42754] AH01143: Running scheme http handler (attempt 0), referer: http://my-chat.com/
[Thu May 10 18:52:57.858825 2018] [proxy:debug] [pid 8457:tid 140691250312960] proxy_util.c(2020): AH00942: HTTP: has acquired connection for (
)
[Thu May 10 18:52:57.858836 2018] [proxy:debug] [pid 8457:tid 140691250312960] proxy_util.c(2072): [client 147.96.25.69:42754] AH00944: connecting http://localhost:60010/favicon.ico to localhost:60010, referer: http://my-chat.com/
[Thu May 10 18:52:57.859058 2018] [proxy:debug] [pid 8457:tid 140691250312960] proxy_util.c(2206): [client 147.96.25.69:42754] AH00947: connected /favicon.ico to localhost:60010, referer: http://my-chat.com/
[Thu May 10 18:52:57.859147 2018] [proxy:error] [pid 8457:tid 140691250312960] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:60010 () failed
[Thu May 10 18:52:57.859163 2018] [proxy_http:error] [pid 8457:tid 140691250312960] [client 147.96.25.69:42754] AH01114: HTTP: failed to make connection to backend: localhost, referer: http://my-chat.com/
[Thu May 10 18:52:57.859171 2018] [proxy:debug] [pid 8457:tid 140691250312960] proxy_util.c(2035): AH00943: HTTP: has released connection for (
)


#2

I fixed it!
In case it helps, I think it had to do with the order of the config instructions as order matters in Apache config files.

Now, so this is my working configuration file for the chat.conf Apache site:

<VirtualHost *:80>
        ServerAdmin admin@my-chat.com
        ServerName my-chat.com
        ServerAlias www.my-chat.com

        ErrorLog /var/log/chat.domain.com_error.log
        TransferLog /var/log/chat.domain.com_access.log
        LogLevel info

        <Location />
                Order allow,deny
                Allow from all
        </Location>

        RewriteEngine On
        RewriteCond %{HTTP:Upgrade} =websocket [NC]
        RewriteRule /(.*)           ws://localhost:60110/$1 [P,L]
        RewriteCond %{HTTP:Upgrade} !=websocket [NC]
        RewriteRule /(.*)           http://localhost:60110/$1 [P,L]

        ProxyPassReverse / http://localhost:60110/
</VirtualHost>

port 60110 works both redirecting it to port 3000 in the VM (preferred) or redirecting it to port 80 and them, from inside the VM, redirect port 80 to port 3000 (see this answer to know how to do this second redirection).