Apache Zenoss Reverse Proxy « Core Systems, Inc.

Apache Zenoss Reverse Proxy

A few steps in making my zenoss installation more usefull.

1. Get rid of the localhost.localdomain in alert messages.

Settings -> Daemons -> zenactions -> zopeurl

Put in the full URL as it will be seen and appended to by alert messages. Because I anticipated using SSL my zopeurl looked something like this: https://myserver.name:2345

2. Create a http.conf file for my prxied service

vi /etc/http/conf.d/myserver.name-2345.conf

Listen 0.0.0.0:2345

NameVirtualHost myserver.name:2345 <VirtualHost <http server IP Address>:2345>


ServerName myserver.name
ProxyRequests Off

RewriteEngine on

RewriteLog /var/log/httpd/myserver.name-2345-rewrite_log

RewriteLogLevel 1
SSLEngine On

SSLCACertificateFile /etc/httpd/conf/myserver.name/ssl/ssl-cachain.pem

SSLCertificateFile /etc/httpd/conf/myserver.name/ssl/cert.pem

SSLCertificateKeyFile /etc/httpd/conf/myserver.name/ssl/key.pem

SSLProtocol TLSv1 SSLv3

SSLCipherSuite HIGH
ErrorLog logs/myserver.name-2345-error_log

CustomLog logs/myserver.name-2345-access_log common
SetEnv force-proxy-request-1.0.1

SetEnv proxy-nokeepalive 1

ProxyPass / http://127.0.0.1:8080/VirtualHostBase/https/myserver.name:2345/VirtualHostRoot/

<Proxy *>

Order deny,allow

Allow from all

</Proxy>
<Files ~ "\.(inc|class)$">

Deny from all

</Files>

</VirtualHost>

Personally I like to keep the .conf file in a single location. I use /etc/http/conf/myserver.name/

In that directory I place my ssl and any related conf files then, from inside the conf.d directory I ln -s ../conf/myserver.name/myserver.name-2345.conf ./

From there I check the conf/myserver.name into a git repo. A note on this. Beware of putting sensitive data like the key file into a shared repository.

So… that’s it. Restart apache and you should be able to hit the secure site.

An easy way to create and manage certs if you are going with self signed is TinyCA2

Props go out to http://jang.blogs.ilrt.org/2009/05/28/zenoss-general-zope-behind-an-apache-proxy/ for the actual URL to redirect to.

Tags: Apache, Reverse Proxy, Zenoss

This entry was posted on Thursday, July 1st, 2010 at 5:39 pm and is filed under Linux Admin. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Apache Zenoss Reverse Proxy”

Ulf says:

July 30, 2010 at 9:59 am

Thanks! Works perfectly with Nginx as well…

Apache Zenoss Reverse Proxy

One Response to “Apache Zenoss Reverse Proxy”

Leave a Reply