From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1M1Uyj-0008Br-Nm for garchives@archives.gentoo.org; Wed, 06 May 2009 00:27:17 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F1D1BE0374; Wed, 6 May 2009 00:27:15 +0000 (UTC) Received: from mail.fraggod.net (unknown [91.191.238.58]) by pigeon.gentoo.org (Postfix) with ESMTP id AEBE0E0374 for ; Wed, 6 May 2009 00:27:15 +0000 (UTC) Received: from coercion (coercion.core [IPv6:2001:470:1f0b:11de::13]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mail.fraggod.net (Postfix) with ESMTPSA id 85F0B101FEA for ; Wed, 6 May 2009 06:27:14 +0600 (YEKST) Date: Wed, 6 May 2009 06:24:08 +0600 From: Mike Kazantsev To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] A networking question... Message-ID: <20090506062408.7b03652d@coercion> In-Reply-To: <4A00AF76.9010509@shic.co.uk> References: <4A00A266.9070102@shic.co.uk> <200905052324.07892.saschahlusiak@arcor.de> <4A00AF76.9010509@shic.co.uk> X-Mailer: Claws Mail 3.7.1 (GTK+ 2.14.7; i686-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/lJ8T=Ab75VQ9fyAXmxa/Z.k"; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-Archives-Salt: 22e211f1-264b-4d16-b853-c07e1284faf3 X-Archives-Hash: a7361cc317d9250b2b091ee81c61ff49 --Sig_/lJ8T=Ab75VQ9fyAXmxa/Z.k Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Tue, 05 May 2009 22:28:22 +0100 Steve wrote: > Sascha Hlusiak wrote: > > The easiest thing would probably be to just use ssh port forwarding bec= ause=20 > > you already have all the pieces running anyway. Wouldn't a simple > > > > ssh -L 12345:secondapache:https user@remotessh ... > I really want to avoid having to access a non-standard port from the=20 > URLs - I want to use the final URLs exactly as they will be once the=20 > in-development website is eventually deployed. But you don't have to! Just setup first apache to forward requests to the second one in any way you like using mod_rewrite: RewriteRule /remote/(.*) http://localhost:1235/$1 [P] The rule might need some correction, but it's here just to illustrate the point. That way you can bind any number of "remote" servers to local urls, served (in the end) by the same apache. http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html Also I think it's worth mentioning that apache isn't well suited for such a tasks if both local and remote targets get similar load - lite frontend server or reverse proxy (like nginx, lighttpd, squid, haproxy etc) should save a lot of workload. Even more, if you'll make it serve static content as well, and optimally get apache out of the equation at all ;) Another point is that apache isn't any good at mangling http headers as well, so you should make sure that remote scripts won't redirect user to 'localhost:12345' or use HTTP_HOST var from CGI interface (since it'd be set to the same localhost), using *_X_* vars instead. Alternative is, again, to install something that can mangle headers and that's any of the daemons mentioned above. --=20 Mike Kazantsev // fraggod.net --Sig_/lJ8T=Ab75VQ9fyAXmxa/Z.k Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) iEYEARECAAYFAkoA2K0ACgkQASbOZpzyXnHR2gCgwbC0GVcI4Q+GzT3o1KbxcLKb /qwAnidSfzLBfTd/wXYuTnGWlvTa5ISJ =6PHp -----END PGP SIGNATURE----- --Sig_/lJ8T=Ab75VQ9fyAXmxa/Z.k--