I have a CentOS 6.9 server that is running a DokuWiki under HTTPD 2.2. This wiki is installed in /var/www/html/dokuwiki. Therefore, when you type myserver.com/dokuwiki, it enters the wiki. If you type myserver.com, a simple index.html file (/var/www/html/index.html) is shown with links to the Wiki and GitLab.
Now I have installed GitLab and configured it to also use HTTPD (by default it comes with NGINX integrated). Both GitLab and DokuWiki are working correctly if I launch them by themselves, but I cannot find the way to make them visible at the same time.
What I would like is: if the user types myserver.com, show the index.html with two links: one to the wiki (myserver.com/dokuwiki) and the other link to the GitLab server (myserver.com/gitlab). By clicking on each, the user can access the desired service.
What happens is that if put the configuration of gitlab with precedence over the other (by changing the name to 00-gitlab.conf, for example), the configuration of the wiki doesn't work and when you type either myserver.com or myserver.com/dokuwiki, it doesn't find anything (
Not found "/" is shown) because it uses the other rules and there is no match (due to the Location directive of GitLab, I guess). GitLab works OK in this case.
If I put the configuration of the Wiki with precedence, I get a 404 error when I try to access myserver.com/gitlab because this rule is more general and therefore it ignores the other with the Location directive. The Index and the Wiki work OK in this case.
Here are the Virtual Hosts configurations for both, stored in /etc/httpd/conf.d. Everything is SSL and it is working OK. The configuration for HTTP (port 80) is virtually the same but I did not include it here. I also have NameVirtualHost *:443 in httpd.conf.
Wiki/Root:
<VirtualHost *:443>
ServerName myserver.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
</VirtualHost>
GitLab
<VirtualHost *:443>
ServerName myserver.com
ServerSignature Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
<Location /gitlab>
Order deny,allow
Allow from all
ProxyPassReverse http://127.0.0.1:8181
ProxyPassReverse http://myserver.com/gitlab
</Location>
RewriteEngine on
#Forward all requests to gitlab-workhorse except existing files like error documents
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads/.*
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
# needed for downloading attachments
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public/
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 502 /502.html
ErrorDocument 503 /503.html
# It is assumed that the log directory is in /var/log/httpd.
# For Debian distributions you might want to change this to
# /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/myserver_error.log
CustomLog /var/log/httpd/logs/myserver_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/myserver_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/myserver.log combined
</VirtualHost>
Thanks.
I found the solution. I only need one VirtualHost and to correctly define my proxypass.
Here's the working file:
<VirtualHost *:443>
ServerName myserver.com
DocumentRoot /var/www/html
SSLEngine on
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
ServerSignature Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
Alias /gitlab /opt/gitlab/embedded/service/gitlab-rails/public
<Location /gitlab>
Order deny,allow
Allow from all
ProxyPass http://127.0.0.1:8181
ProxyPassReverse http://127.0.0.1:8181
ProxyPassReverse http://myserver.com/gitlab
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads/.*
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 502 /502.html
ErrorDocument 503 /503.html
</Location>
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/myserver_error.log
CustomLog /var/log/httpd/logs/myserver_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/myserver_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/myserver.log combined
</VirtualHost>