Univention Bugzilla – Full Text Bug Listing |
Summary: | univention-apache should provide a configurable *:80 and *:443 VirtualHost | ||
---|---|---|---|
Product: | UCS | Reporter: | Dirk Wiesenthal <wiesenthal> |
Component: | Docker | Assignee: | Dirk Wiesenthal <wiesenthal> |
Status: | CLOSED FIXED | QA Contact: | Florian Best <best> |
Severity: | normal | ||
Priority: | P5 | CC: | best, gohmann, hahn, requate |
Version: | UCS 4.0 | Keywords: | interim-2 |
Target Milestone: | UCS 4.1 | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | --- | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | |||
Bug Blocks: | 40338 |
Description
Dirk Wiesenthal
2015-07-01 14:04:40 CEST
univention-apache 8.0.0-2.243.201508141344 Can you move sites-available/ssl to sites-available/00ssl ? Otherwise apps may accidentally define itself as the default virtualhost (apachectl -S). The included configuration files are in "alphabetical order" (http://httpd.apache.org/docs/2.2/en/mod/core.html#include). I have renamed ssl to default-ssl as this site already exists in apache and probably is the correct one to use (if we use "default" as the non-ssl site). I also added /etc/apache2/ucs-sites.conf /etc/apache2/conf.d/ucs.conf to not mess up the site definitions. /etc/apache2/ucs-sites.conf may be useful as a MultiFile, but I am unsure, so I did not do it. It looks like the change breaks something, see 80_docker/55_app_modproxy App access via HTTP → OK App access via HTTP → FAILED UCS host system access via HTTPS → OK >>> r = urllib2.urlopen('http://master090.autotest090.local/xb7egqxn7v/index.txt') >>> r = urllib2.urlopen('https://master090.autotest090.local/xb7egqxn7v/index.txt') Traceback (most recent call last): File "<stdin>", line 1, in <module> File "/usr/lib/python2.7/urllib2.py", line 127, in urlopen return _opener.open(url, data, timeout) File "/usr/lib/python2.7/urllib2.py", line 407, in open response = meth(req, response) File "/usr/lib/python2.7/urllib2.py", line 520, in http_response 'http', request, response, code, msg, hdrs) File "/usr/lib/python2.7/urllib2.py", line 445, in error return self._call_chain(*args) File "/usr/lib/python2.7/urllib2.py", line 379, in _call_chain result = func(*args) File "/usr/lib/python2.7/urllib2.py", line 528, in http_error_default raise HTTPError(req.get_full_url(), code, msg, hdrs, fp) urllib2.HTTPError: HTTP Error 500: Proxy Error >>> r = urllib2.urlopen('https://master090.autotest090.local/') >>> Fixed in univention-apache 8.0.0-5.247.201510061758 *** Bug 39560 has been marked as a duplicate of this bug. *** univention-apache 8.0.0-7.250.201510271700 OK: Fix, all variants (HTTP, HTTPS, custom virtual hosts, ...) are still working OK: Changelog (s/VHost/VirtualHost/ in svn r65098) OK: Code OK: apachectl -S (default virtualhost) I still dislike the site 'default-ssl' because a site 'app-foo' with VirtualHost *:443 would overwrite our default SSL page. Well, apps/third party components must name their sites "e*" then. UCS 4.1 has been released: https://docs.software-univention.de/release-notes-4.1-0-en.html https://docs.software-univention.de/release-notes-4.1-0-de.html If this error occurs again, please use "Clone This Bug". |