<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Do you have...<br>
<br>
__PACKAGE__->config( <br>
using_frontend_proxy => 1,<br>
);<br>
<br>
?<br>
<br>
<br>
<div class="moz-cite-prefix">On 07/08/2015 03:46 PM, Bernhard Bauch
wrote:<br>
</div>
<blockquote cite="mid:52B778EF-D825-4C01-AA57-B1B0A440FE66@zsi.at"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
dear all,
<div><br>
</div>
<div>another deployment question :)</div>
<div>suroundings: catalyst, psgi, starman, apache2.</div>
<div>but in our setup there are *two* apache2s doing reverse
proxies before the requests reaches the starman server.</div>
<div><br>
</div>
<div>so what happend:</div>
<div><br>
</div>
<div>the http headers look like this (for catalyst)</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>X-FORWARDED-FOR:
<clients-ip>, <proxy2-ip> </div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>REQUEST_IP_ADDRESS:
<proxy2-ip> </div>
<div><br>
</div>
<div>what Plack::Middleware::ReverseProxy does it puts the LAST ip
in the forwarded-for header into </div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>$env->{REMOTE_ADDR}</div>
<div>which is actually not the IP of the client.</div>
<div>why is that happening ?</div>
<div>shouldn't it take the first IP, so catalyst has access to the
original requests IP ?</div>
<div><br>
</div>
<div>my apache proxy configs look like this...</div>
<div>is there something wrong with the proxies config ?</div>
<div><br>
</div>
<div>thanks for hints!</div>
<div>cheers, bernhard</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>--------------------</div>
<div>proxy 1 (connectivity from "outside")-</div>
<div><br>
</div>
<div>
<div><VirtualHost *:80></div>
</div>
<div><br>
</div>
<div> ServerName <a moz-do-not-send="true"
href="http://publicdomain.com">publicdomain.com</a><br>
<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>ProxyRequests
Off<br>
<Proxy *><br>
Order deny,allow<br>
Allow from all<br>
</Proxy><br>
ProxyPass / <span
class="Apple-tab-span" style="white-space:pre"> </span> <a
moz-do-not-send="true" href="http://10.0.200.8:80/">http://10.0.200.8:80/</a><br>
ProxyPassReverse / <span
class="Apple-tab-span" style="white-space:pre"> </span> <a
moz-do-not-send="true" href="http://10.0.200.8:80/">http://10.0.200.8:80/</a><br>
ProxyPreserveHost On<br>
</VirtualHost></div>
<div><br>
</div>
<div>
<div>--------------------</div>
<div>proxy 2 (connectivity from "inside")</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div><VirtualHost *:80></div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>ServerName
<a moz-do-not-send="true" href="http://publicdomain.com">publicdomain.com</a></div>
<div><br>
</div>
<div><span class="Apple-tab-span" style="white-space:pre"> </span>#
don't loose time with IP address lookups <br>
<span class="Apple-tab-span" style="white-space:pre"> </span>HostnameLookups
Off<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>#
helpful for named virtual hosts <br>
<span class="Apple-tab-span" style="white-space:pre"> </span>UseCanonicalName
Off<br>
<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>#
---------------------------<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>#
HANDLE STATIC FILES<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>#
---------------------------<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>Alias
/static /usr/local/....MyApp/root/static<br>
<span class="Apple-tab-span" style="white-space:pre"> </span><Location
/static><br>
<span class="Apple-tab-span" style="white-space:pre"> </span>
SetHandler default-handler<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>
# allow access (thats new in apache 2.4. see <a
moz-do-not-send="true"
href="http://httpd.apache.org/docs/2.4/upgrading.html#access">http://httpd.apache.org/docs/2.4/upgrading.html#access</a>)<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>
Require all granted<br>
<span class="Apple-tab-span" style="white-space:pre"> </span></Location><br>
<span class="Apple-tab-span" style="white-space:pre"> </span>ProxyPass
/static/ !<br>
<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>#
---------------------------<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>#
DYNAMIC REQUESTS (starman)<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>#
---------------------------<br>
<span class="Apple-tab-span" style="white-space: pre;"> </span>RewriteEngine
On<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>ProxyPreserveHost
On<br>
<br>
<span class="Apple-tab-span" style="white-space:pre"> </span>ProxyPass
/ <a moz-do-not-send="true"
href="http://localhost:5000/">http://localhost:5000/</a><br>
<span class="Apple-tab-span" style="white-space:pre"> </span>ProxyPassReverse
/ <a moz-do-not-send="true"
href="http://localhost:5000/">http://localhost:5000/</a></div>
<div></VirtualHost><br>
<br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
<div>
<div style="color: rgb(0, 0, 0); letter-spacing: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
word-wrap: break-word; -webkit-nbsp-mode: space;
-webkit-line-break: after-white-space;">
<div style="color: rgb(0, 0, 0); letter-spacing: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
word-wrap: break-word; -webkit-nbsp-mode: space;
-webkit-line-break: after-white-space;">
<div style="color: rgb(0, 0, 0); letter-spacing: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
word-wrap: break-word; -webkit-nbsp-mode: space;
-webkit-line-break: after-white-space;">
<div style="color: rgb(0, 0, 0); letter-spacing: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px; word-wrap: break-word; -webkit-nbsp-mode: space;
-webkit-line-break: after-white-space;">
<div>—</div>
<div>Bernhard Bauch</div>
<div>Webdevelopment</div>
<div><br>
</div>
<div>
<div>ZSI-Zentrum für Soziale Innovation GmbH<br>
Centre for Social Innovation<br>
<br>
Linke Wienzeile 246, A-1150 Wien, Austria</div>
<div>Mail: <a moz-do-not-send="true"
href="mailto:bauch@zsi.at">bauch@zsi.at</a></div>
</div>
<div>Skype: berni-zsi</div>
<div><br>
</div>
<div><br>
</div>
</div>
</div>
</div>
</div>
<br class="Apple-interchange-newline">
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
List: <a class="moz-txt-link-abbreviated" href="mailto:Catalyst@lists.scsys.co.uk">Catalyst@lists.scsys.co.uk</a>
Listinfo: <a class="moz-txt-link-freetext" href="http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst">http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst</a>
Searchable archive: <a class="moz-txt-link-freetext" href="http://www.mail-archive.com/catalyst@lists.scsys.co.uk/">http://www.mail-archive.com/catalyst@lists.scsys.co.uk/</a>
Dev site: <a class="moz-txt-link-freetext" href="http://dev.catalyst.perl.org/">http://dev.catalyst.perl.org/</a>
</pre>
</blockquote>
<br>
</body>
</html>