[volunteergrid2-l] New Node

Brad Rupp bradrupp at gmail.com
Tue Feb 1 03:59:40 PST 2011


The following is what I had to do to configure a reverse proxy on my 
node.  I am running SuSE Linux, so the configuration is specific to that.

- Configure the Tahoe web server to only listen on 127.0.0.1:3456.
tahoe.cfg: web.port=tcp:3456:interface=127.0.0.1

- Configure Apache to listen on port 3456.
/etc/apache2/listen.conf: Listen 10.1.1.10:3456

- Configure a virtual host in Apache to act as a reverse proxy.
/etc/apache2/vhost.d/tahoe.conf: See attached.

tahoe.conf references the digest password file via the AuthUserFile 
directive.  I created this via the htdigest2 utility that ships with Apache.

I also had to configure Apache to load the following modules:

mod_auth_digest
mod_proxy
mod_proxy_http
mod_authn_file

I did this via sysconfig in SuSE.

That is it.  I will plan to add this information to the Wiki.

Thanks,

Brad

On 1/31/2011 7:23 AM, Jody Harris wrote:
> Brad,
>
> I would like to ALSO do this with my node. Can you send me a copy of the
> apach configuration? It nice nice to have this documented in our wiki.
>
> j
> ----
> - Think carefully.
>
>
> On Mon, Jan 31, 2011 at 3:55 AM, Brad Rupp <bradrupp at gmail.com
> <mailto:bradrupp at gmail.com>> wrote:
>
>     On 1/29/2011 9:31 AM, Shawn Willden wrote:
>
>         Yeah, Jody took them down until he can figure out how to secure them
>         behind a reverse proxy.  If you want to make your welcome page (by
>         default on port 3456) accessible to the net but protected behind a
>         password-protected proxy, then we'd all have a way to check the
>         connectivity of our own nodes.  I could set up a reverse proxy
>         for my
>         own, but it would require figuring out how... and you already know!
>
>         --
>         Shawn
>
>
>     That is a great idea Shawn.  Done.
>
>     http://if3-1.no-ip.org:3456/
>
>     Your credentials will be your e-mail address as listed in the
>     gateway. Expect a private e-mail from me with your password.  Please
>     let me know if you would like a different password as I currently
>     don't have a password portal.
>
>     A few items to note.
>
>     - I chose digest authentication instead of basic authentication for
>     security reasons.  If that causes any problems let me know.
>
>     - I am unable to host this over SSL right now.  I don't think that
>     should be a big deal.
>
>     - I had to map the address space to the /vg2 directory (e.g.
>     http://if3-1.no-ip.org:3456/vg2/).  This is because of a bug in IE
>     (see
>     http://stackoverflow.com/questions/2192811/digest-authentication-not-working-on-ie8-firefox-and-chrome-are-fine
>     for a few more details).  This may cause problems later once files
>     start being managed via the gateway.  I just can't tell yet.  If we
>     don't care about IE, I can get rid of the vg2 mapping.  Firefox and
>     Chrome work fine either way.
>
>     Jody, let me know if you would rather host this on your node.  I
>     don't mind either way.
>
>     Thanks,
>
>     Brad
>
>     _______________________________________________
>     volunteergrid2-l mailing list
>     volunteergrid2-l at tahoe-lafs.org <mailto:volunteergrid2-l at tahoe-lafs.org>
>     http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
>     http://bigpig.org/twiki/bin/view/Main/WebHome
>
>
>
>
> _______________________________________________
> volunteergrid2-l mailing list
> volunteergrid2-l at tahoe-lafs.org
> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
> http://bigpig.org/twiki/bin/view/Main/WebHome
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: tahoe.conf
URL: <http://tahoe-lafs.org/cgi-bin/mailman/private/volunteergrid2-l/attachments/20110131/4b39b5f9/attachment.ksh>


More information about the volunteergrid2-l mailing list