Foreman behind apache reverse proxy

Support
1

Hello,

I have a apache server with ssl reverse proxying for a couple internal
sites.

I'd like to reverse proxy foreman as well with a /foreman url.

I've disabled require_ssl on foreman, and setup proxypass on my ssl box,
but when I try to hit https://proxy.external.box/foreman I get redirected
to http://proxy.external.box/user/login instead of
https://proxy.external.box/foreman/user/login.

  1. If I can change foreman's url to be http://foreman.internal.box/foreman
    I shouldn't have to worry about rewrites, but I don't know where to change
    this. I tried in foreman/settings.yaml without any luck
  2. I don't understand why the redirect is to an http url instead of https.

Configs:

Apache:

<VirtualHost default:443>

<Location /foreman>
ProxyPass http://foreman.internal.box/
ProxyPassReverse http://foreman.internal.box/
</Location>

</VirtualHost>

/etc/foreman/settings.yaml:

··· --- ### File managed with puppet ### ## Module: 'foreman'

#your default puppet server - can be overridden in the host level
#if none specified, plain “puppet” will be used.
#:puppet_server: puppet
:url: “http://foreman.internal.box/foreman” #<---- THIS DOESN’T SEEM TO
HAVE ANY EFFECT
:unattended: true
:puppetconfdir: /etc/puppet/puppet.conf
:login: true
:require_ssl: false
:locations_enabled: false
:organizations_enabled: false

Thanks

2

I've modified /var/share/foreman/config.ru to include the web subdir:

-map ENV['RAILS_RELATIVE_URL_ROOT'] || '/' do
+map ENV['RAILS_RELATIVE_URL_ROOT'] || '/foreman/' do

And changed the apache config file 05-foreman.conf:

-PassengerPreStart http://foreman.internal.box/
+PassengerPreStart http://foreman.internal.box/foreman/

So now I can browse to http://foreman.internal.box/foreman/ and get the
main page, but none of the links on the page include /foreman/ ie:
Monitor -> Dashboard is: http://foreman.internal.box/dashboard instead of
http://foreman.internal.box/foreman/dashboard

Are the internal application links absolute, or is there somewhere else I
can set the relative url to include /foreman/ ?

Thanks,
Steve

··· On Thursday, 22 January 2015 15:23:59 UTC-8, steved0ca wrote: > > Hello, > > I have a apache server with ssl reverse proxying for a couple internal > sites. > > I'd like to reverse proxy foreman as well with a /foreman url. > > I've disabled require_ssl on foreman, and setup proxypass on my ssl box, > but when I try to hit https://proxy.external.box/foreman I get redirected > to http://proxy.external.box/user/login instead of > https://proxy.external.box/foreman/user/login. > > 1. If I can change foreman's url to be http://foreman.internal.box/foreman > I shouldn't have to worry about rewrites, but I don't know where to change > this. I tried in foreman/settings.yaml without any luck > 2. I don't understand why the redirect is to an http url instead of https. > > Configs: > > Apache: > > > ... > > ProxyPass http://foreman.internal.box/ > ProxyPassReverse http://foreman.internal.box/ > > ... > > > > > /etc/foreman/settings.yaml: > > --- > ### File managed with puppet ### > ## Module: 'foreman' > > > #your default puppet server - can be overridden in the host level > #if none specified, plain "puppet" will be used. > #:puppet_server: puppet > :url: "http://foreman.internal.box/foreman" #<---- THIS DOESN'T SEEM TO > HAVE ANY EFFECT > :unattended: true > :puppetconfdir: /etc/puppet/puppet.conf > :login: true > :require_ssl: false > :locations_enabled: false > :organizations_enabled: false > > > Thanks >
3

Previous changes were unnecessary.

Working config – edit Apache config: 05-foreman.conf

Global virtualhost settings add:

SetEnv RAILS_RELATIVE_URL_ROOT "/foreman"
Alias /foreman /usr/share/foreman/public

··· On Monday, 26 January 2015 13:08:45 UTC-8, steved0ca wrote: > > I've modified /var/share/foreman/config.ru to include the web subdir: > > -map ENV['RAILS_RELATIVE_URL_ROOT'] || '/' do > +map ENV['RAILS_RELATIVE_URL_ROOT'] || '/foreman/' do > > And changed the apache config file 05-foreman.conf: > > -PassengerPreStart http://foreman.internal.box/ > +PassengerPreStart http://foreman.internal.box/foreman/ > > So now I can browse to http://foreman.internal.box/foreman/ and get the > main page, but none of the links on the page include /foreman/ ie: > Monitor -> Dashboard is: http://foreman.internal.box/dashboard instead of > http://foreman.internal.box/foreman/dashboard > > Are the internal application links absolute, or is there somewhere else I > can set the relative url to include /foreman/ ? > > Thanks, > Steve > > > On Thursday, 22 January 2015 15:23:59 UTC-8, steved0ca wrote: >> >> Hello, >> >> I have a apache server with ssl reverse proxying for a couple internal >> sites. >> >> I'd like to reverse proxy foreman as well with a /foreman url. >> >> I've disabled require_ssl on foreman, and setup proxypass on my ssl box, >> but when I try to hit https://proxy.external.box/foreman I get >> redirected to http://proxy.external.box/user/login instead of >> https://proxy.external.box/foreman/user/login. >> >> 1. If I can change foreman's url to be >> http://foreman.internal.box/foreman I shouldn't have to worry about >> rewrites, but I don't know where to change this. I tried in >> foreman/settings.yaml without any luck >> 2. I don't understand why the redirect is to an http url instead of https. >> >> Configs: >> >> Apache: >> >> >> ... >> >> ProxyPass http://foreman.internal.box/ >> ProxyPassReverse http://foreman.internal.box/ >> >> ... >> >> >> >> >> /etc/foreman/settings.yaml: >> >> --- >> ### File managed with puppet ### >> ## Module: 'foreman' >> >> >> #your default puppet server - can be overridden in the host level >> #if none specified, plain "puppet" will be used. >> #:puppet_server: puppet >> :url: "http://foreman.internal.box/foreman" #<---- THIS DOESN'T SEEM TO >> HAVE ANY EFFECT >> :unattended: true >> :puppetconfdir: /etc/puppet/puppet.conf >> :login: true >> :require_ssl: false >> :locations_enabled: false >> :organizations_enabled: false >> >> >> Thanks >> >