Changes between Initial Version and Version 1 of how-to/servers/configure-nodejs-with-apache


Ignore:
Timestamp:
Apr 27, 2013, 3:22:34 AM (12 years ago)
Author:
Ross
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • how-to/servers/configure-nodejs-with-apache

    v1 v1  
     1== How to configure a nodejs app with apache using ssl ==
     2
     3This is a description of a specific implementation of [ethercalc.net ethercalc] on mcchesney.mayfirst.org using https only.  You will not get the full setup guide for ethercalc and this implementation has not been tested and may not work on our shared infrastructure.
     4
     5After installing ethercalc into a local nodejs instance and acquiring a ssl certificate, the ethercalc instance can be from `calc@mcchesney.mayfirst.org:~/` with the following command:
     6
     7{{{
     8nohup /usr/local/bin/node ./nodejs/node-v0.8.18/node_modules/ethercalc/bin/ethercalc --keyfile keys/calc.mayfirst.org.key --certfile keys/calc.mayfirst.org.crt --basepath https://calc.mayfirst.org:8000 &
     9}}}
     10
     11In this case the ethercalc x509 implementation produces a visitable domain at https://calc.mayfirst.org:8000 .  In order to remove the port number on the end of the url, apache needs to be involved in the process or another server needs to handle requests on port 443.  Configuring apache to handle these requests `mod_proxy` must be enabled in apache with the following commands.
     12
     13{{{
     14a2enmod proxy
     15a2enmod proxy_http
     16service apache2 restart
     17}}}
     18
     19Next a virtual host with it's own ip address needs to exist.  The apache virtual host config looks something like this:
     20
     21{{{
     220 mcchesney:/etc/apache2/sites-available# cat calc.mayfirst.org.ssl
     23<VirtualHost 209.234.253.233:443>
     24        # web config for calc.mayfirst.org
     25        ServerName calc.mayfirst.org
     26        # ServerAlias www.calc.mayfirst.org
     27
     28        <Proxy *>
     29          Order deny,allow
     30          Allow from all
     31        </Proxy>
     32
     33        #SSL Stuff
     34        SSLEngine On
     35        SSLProxyEngine On
     36        SSLCertificateFile /home/calc/keys/calc.mayfirst.org.apache.crt
     37        SSLCertificateKeyFile /home/calc/keys/calc.mayfirst.org.key
     38        SSLCertificateChainFile /home/calc/keys/calc.mayfirst.org.apache.intermediate.crt
     39
     40        ProxyPreserveHost On
     41        ProxyRequests off
     42        ProxyPass / https://calc.mayfirst.org:8000/
     43        ProxyPassReverse / https://calc.mayfirst.org:8000/
     44</VirtualHost>
     450 mcchesney:/etc/apache2/sites-available#
     46}}}
     47
     48The most unique parts of this virtual host are the references to Proxy commands and the <Proxy *> components.  With this configuration, https://calc.mayfirst.org actually passes information to and from https://calc.mayfirst.org:8000. 
     49
     50Also note that in this particular configuration the virtual host uses a different set of ssl certificate files than the ethercalc configuration.  This may not be necessary, and the cert information remains the same.  The only difference is the apache certificates get chain loaded and the ethercalc cert has a combined root and intermediate certificate.
     51
     52Generally, this approach should work for most nodejs apps, though there may be more lag for realtime editing.