将 Apache 重定向到子文件夹中的其他服务

tag-icon tag-icon apache-2.2 virtualhost redirect gitlab
将 Apache 重定向到子文件夹中的其他服务

我有一台 CentOS 6.9 服务器,它在 Apache/HTTPD 2.2 下运行 DokuWiki。此 wiki 安装在 中/var/www/html/dokuwiki。因此,当您输入 时myserver.com/dokuwiki,它会进入 wiki。如果您输入myserver.com,则会显示一个简单的index.html文件 ( /var/www/html/index.html),其中包含指向 Wiki 和 GitLab 的链接。

现在我已经安装了 GitLab 并将其配置为也使用 HTTPD(默认情况下它集成了 NGINX)。GitLab 和 DokuWiki 都如果我自己启动它们,它们就能正常工作,但我找不到让它们同时可见的方法。

我想要的是:如果用户输入myserver.com,则显示index.html带有两个链接的 :一个链接指向 wiki ( myserver.com/dokuwiki),另一个链接指向 GitLab 服务器 ( myserver.com/gitlab)。通过单击每个链接,用户可以访问所需的服务。

实际情况是,如果将 gitlab 的配置置于其他配置之上(00-gitlab.conf例如,通过将名称更改为),wiki 的配置将不起作用,并且当您输入 或 时myserver.commyserver.com/dokuwiki它不会找到任何内容( Not found "/"显示),因为它使用了其他规则并且没有匹配项(Location我猜是由于 GitLab 的指令)。在这种情况下,GitLab 可以正常工作。

如果我优先考虑 Wiki 的配置,那么当我尝试访问时,我会收到 404 错误,myserver.com/gitlab因为此规则更通用,因此它会忽略其他带有Location指令的规则。在这种情况下,索引和 Wiki 工作正常。

以下是两者的虚拟主机配置,存储在 中/etc/httpd/conf.d。一切都是 SSL,并且运行正常。HTTP(端口 80)的配置几乎相同,但我没有将其包含在此处。我也NameVirtualHost *:443httpd.conf

维基/根:

<VirtualHost *:443>
    ServerName myserver.com
    DocumentRoot /var/www/html
    SSLEngine on
    SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
    SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
</VirtualHost>

GitLab

<VirtualHost *:443>
  ServerName myserver.com
  ServerSignature Off
  ProxyPreserveHost On
  AllowEncodedSlashes NoDecode

  SSLEngine on
  SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
  SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key

  SSLProtocol all -SSLv2
  SSLHonorCipherOrder on
  SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
  Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"

  <Location /gitlab>
    Order deny,allow
    Allow from all

    ProxyPassReverse http://127.0.0.1:8181
    ProxyPassReverse http://myserver.com/gitlab
  </Location>
  RewriteEngine on

  #Forward all requests to gitlab-workhorse except existing files like error documents
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
  RewriteCond %{REQUEST_URI} ^/uploads/.*
  RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
  # needed for downloading attachments
  DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public/

  #Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
  ErrorDocument 404 /404.html
  ErrorDocument 422 /422.html
  ErrorDocument 500 /500.html
  ErrorDocument 502 /502.html
  ErrorDocument 503 /503.html

  # It is assumed that the log directory is in /var/log/httpd.
  # For Debian distributions you might want to change this to
  # /var/log/apache2.
  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  ErrorLog /var/log/httpd/logs/myserver_error.log
  CustomLog /var/log/httpd/logs/myserver_forwarded.log common_forwarded
  CustomLog /var/log/httpd/logs/myserver_access.log combined env=!dontlog
  CustomLog /var/log/httpd/logs/myserver.log combined
</VirtualHost>

谢谢。

答案1

您缺少ProxyPass指令,并且有ProxyPassReverse两次,具有不同的值。只有其中一个会被使用。

正确的应该是:

ProxyPass http://127.0.0.1:8181
ProxyPassReverse http://127.0.0.1:8181

并且您应该只有一个虚拟主机:

<VirtualHost *:443>
    ServerName myserver.com
    DocumentRoot /var/www/html
    SSLEngine on
    SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
    SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key

    <Location /gitlab>
      Order deny,allow
      Allow from all

      ProxyPassReverse http://127.0.0.1:8181
      ProxyPassReverse http://myserver.com/gitlab
    </Location>    
</VirtualHost>

此外,您必须在 gitlab 中配置正确的基本 URL。

答案2

感谢 Gerald,我找到了解决方案。事实上,问题在于我有两个虚拟主机,而我只需要其中一个。然后,我只需要为 GitLab 配置子目录的具体内容。这是我的工作配置:

<VirtualHost *:443>
ServerName myserver.com
DocumentRoot /var/www/html
SSLEngine on

SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
ServerSignature Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode

SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key

Alias /gitlab  /opt/gitlab/embedded/service/gitlab-rails/public
<Location /gitlab>
    Order deny,allow
    Allow from all

    ProxyPass http://127.0.0.1:8181
    ProxyPassReverse http://127.0.0.1:8181
    ProxyPassReverse http://myserver.com/gitlab
    RewriteEngine on

    RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
    RewriteCond %{REQUEST_URI} ^/uploads/.*
    RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
    ErrorDocument 404 /404.html
    ErrorDocument 422 /422.html
    ErrorDocument 500 /500.html
    ErrorDocument 502 /502.html
    ErrorDocument 503 /503.html
  </Location>
  LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
  ErrorLog /var/log/httpd/logs/myserver_error.log
  CustomLog /var/log/httpd/logs/myserver_forwarded.log common_forwarded
  CustomLog /var/log/httpd/logs/myserver_access.log combined env=!dontlog
  CustomLog /var/log/httpd/logs/myserver.log combined

</VirtualHost>

相关内容