But I would like to do this all on port 80 or 443. Can anyone provide guidance on how to configure Apache to run as a reverse proxy in front of this type of set up so the web applications would be reachable via a simple url path ?
I think I understand what you’re asking. I run a server like this, 1 public IP address, several web apps each on a different port. To enable secure sites (https) I use certbot. It undertands apache, and can get and install free certificates from Let’s Encrypt and update the apache config files for you. It also will optionally create a re-direct so if a user tries http://your-site.com it redirects to https://your-site.com, and behind the scenes redirects to the port your app is using. The user’s browser still shows https://your-site.com.
You may need to install certbot on your server, but once installed run this command:
sudo certbot --apache
It will confirm which sites you want to enable and if you want the automatic redirect.
I recommend taking a backup of your server before you do this, just in case you don’t get the expected results. I run my servers as virtual machines, so I make sure I have a snapshot I can restore if anything goes wrong.
Firstly you set up your virtual website configs on apache’s sites_available folder as usual .
For each webapp an own file of course with different proxypass portnumber:
ProxyPass / http://localhost:port
To prevent Lets Encrypt to proceed forward you should add:
ProxyPass /.well-known !
Secondly I strongly suggest to use DNS names or at least subdomains. Direct IP calls are blocked in most firewalls and IDS/IPS systems.
You can see a complete Apache config in my Article “Gitea instead of GitHub” (Link) where I am basically doing the same but with gitea webapp.
[quote=491869:@Tomas Jakobs]Firstly you set up your virtual website configs on apache’s sites_available folder as usual .
For each webapp an own file of course with different proxypass portnumber:
ProxyPass / http://localhost:port
To prevent Lets Encrypt to proceed forward you should add:
ProxyPass /.well-known !
Secondly I strongly suggest to use DNS names or at least subdomains. Direct IP calls are blocked in most firewalls and IDS/IPS systems.
You can see a complete Apache config in my Article “Gitea instead of GitHub” (Link) where I am basically doing the same but with gitea webapp.[/quote]
Launching…
The application has gone off-line. Please try again later.
This application has encountered an error and cannot continue.
Unfortunately, I could not get it to work in the manner I had planned.
In every case, that application would launch, but as described in Vigia Lin post, would go off-line. It appears the URL’s generated by the application would not get reverse proxied correctly.
The only way I could get it to work was via a different hostname per application.