[volunteergrid2-l] New Node
Brad Rupp
bradrupp at gmail.com
Tue Feb 1 03:59:40 PST 2011
The following is what I had to do to configure a reverse proxy on my
node. I am running SuSE Linux, so the configuration is specific to that.
- Configure the Tahoe web server to only listen on 127.0.0.1:3456.
tahoe.cfg: web.port=tcp:3456:interface=127.0.0.1
- Configure Apache to listen on port 3456.
/etc/apache2/listen.conf: Listen 10.1.1.10:3456
- Configure a virtual host in Apache to act as a reverse proxy.
/etc/apache2/vhost.d/tahoe.conf: See attached.
tahoe.conf references the digest password file via the AuthUserFile
directive. I created this via the htdigest2 utility that ships with Apache.
I also had to configure Apache to load the following modules:
mod_auth_digest
mod_proxy
mod_proxy_http
mod_authn_file
I did this via sysconfig in SuSE.
That is it. I will plan to add this information to the Wiki.
Thanks,
Brad
On 1/31/2011 7:23 AM, Jody Harris wrote:
> Brad,
>
> I would like to ALSO do this with my node. Can you send me a copy of the
> apach configuration? It nice nice to have this documented in our wiki.
>
> j
> ----
> - Think carefully.
>
>
> On Mon, Jan 31, 2011 at 3:55 AM, Brad Rupp <bradrupp at gmail.com
> <mailto:bradrupp at gmail.com>> wrote:
>
> On 1/29/2011 9:31 AM, Shawn Willden wrote:
>
> Yeah, Jody took them down until he can figure out how to secure them
> behind a reverse proxy. If you want to make your welcome page (by
> default on port 3456) accessible to the net but protected behind a
> password-protected proxy, then we'd all have a way to check the
> connectivity of our own nodes. I could set up a reverse proxy
> for my
> own, but it would require figuring out how... and you already know!
>
> --
> Shawn
>
>
> That is a great idea Shawn. Done.
>
> http://if3-1.no-ip.org:3456/
>
> Your credentials will be your e-mail address as listed in the
> gateway. Expect a private e-mail from me with your password. Please
> let me know if you would like a different password as I currently
> don't have a password portal.
>
> A few items to note.
>
> - I chose digest authentication instead of basic authentication for
> security reasons. If that causes any problems let me know.
>
> - I am unable to host this over SSL right now. I don't think that
> should be a big deal.
>
> - I had to map the address space to the /vg2 directory (e.g.
> http://if3-1.no-ip.org:3456/vg2/). This is because of a bug in IE
> (see
> http://stackoverflow.com/questions/2192811/digest-authentication-not-working-on-ie8-firefox-and-chrome-are-fine
> for a few more details). This may cause problems later once files
> start being managed via the gateway. I just can't tell yet. If we
> don't care about IE, I can get rid of the vg2 mapping. Firefox and
> Chrome work fine either way.
>
> Jody, let me know if you would rather host this on your node. I
> don't mind either way.
>
> Thanks,
>
> Brad
>
> _______________________________________________
> volunteergrid2-l mailing list
> volunteergrid2-l at tahoe-lafs.org <mailto:volunteergrid2-l at tahoe-lafs.org>
> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
> http://bigpig.org/twiki/bin/view/Main/WebHome
>
>
>
>
> _______________________________________________
> volunteergrid2-l mailing list
> volunteergrid2-l at tahoe-lafs.org
> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/volunteergrid2-l
> http://bigpig.org/twiki/bin/view/Main/WebHome
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: tahoe.conf
URL: <http://tahoe-lafs.org/cgi-bin/mailman/private/volunteergrid2-l/attachments/20110131/4b39b5f9/attachment.ksh>
More information about the volunteergrid2-l
mailing list