Task #3104
closed
Please install a reverse proxy over dev2.d4science.org
100%
Description
Currently the tomcat 7 installation on dev2.d4science.org runs over 8080 port. We should move to https and use a reverse proxy.
Please consider that there exists 2 aliases for dev2 (dev4 and dev1) which will be used by end users. Just like in production we'll have (infra-gateway, and aliases i-marine, services etc pointing to it). Overall we should be able to access dev2 as https://dev4.d4science.org and https://dev1.d4science.org
In the "old" but still ON dev portals, tomcat6 based (dev and dev3.d4science.org) we have an apache2 reverse proxy installed locally. This solution is fine with me for dev2 but if you want to use a separate HA reverse proxy that terminates the SSL requests of course is ok too.
Updated by Massimiliano Assante over 9 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 10
@andrea.dellamico@isti.cnr.it have the https certificates arrived?
Updated by Andrea Dell'Amico over 9 years ago
A complete reinstall is ongoing for dev2.d4science.org. It will be configured in the same way of infra-gateway and infra-gateway-db combined (so the database will be local).
On top of it, a haproxy will be installed and it will run as reverse proxy and ssl terminator.
Updated by Andrea Dell'Amico over 9 years ago
- % Done changed from 10 to 60
The VM has been reconfigured and ready to answer on port 8080.
I'm starting the work on the haproxy configuration and the procedure to obtain X.509 certificates from letsencrypt.org
Updated by Massimiliano Assante over 9 years ago
- Assignee changed from _InfraScience Systems Engineer to Andrea Dell'Amico
Updated by Andrea Dell'Amico over 9 years ago
- Status changed from In Progress to Feedback
- % Done changed from 60 to 100
The haproxy configuration is complete, and the SSL certificates installed.
I used the letsencrypt tools for the SSL part, see #3164
Updated by Massimiliano Assante over 9 years ago
- Status changed from Feedback to Closed
