Access your Cockpit by domain within a Reverse proxy setup with Apache2
Short post about how to set your Cockpit instance to be accessed via Subdmain in a a reverse proxy configuration with Apache2 and ssl
Short tutorial about how to config your Cockpit instance to be accessed by domain instead of IP address.
If you don't know Cockpit yet it is a "Cockpit is a web-based graphical interface for servers" that helps you to manage your web server via Web.
Prerequisites
- A server running with an Apache2 site
- A reverse proxy setup with an existing Cockpit instance
Hands on π
Create or add to your /etc/cockpit/cockpit.conf the following lines:
[WebService]
Origins = https://somedomain1.com https://somedomain2.com:9090Restart cockpit service with:
sudo systemctl restart cockpit
Edit your Apache2 site.conf (for example sudo nano /etc/apache2/sites-enabled/cockpit.your-domain.com-le-ssl.conf) so it looks like the following:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName cockpit.your-domain.com
SSLCertificateFile /etc/letsencrypt/live/cockpit.your-domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cockpit.your-domain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ProxyPreserveHost On
ProxyRequests Off
# allow for upgrading to websockets
RewriteEngine On
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteRule /(.*) ws://127.0.0.1:9090/$1 [P,L]
RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteRule /(.*) http://127.0.0.1:9090/$1 [P,L]
# Proxy to your local cockpit instance
ProxyPass / http://127.0.0.1:9090/
ProxyPassReverse / http://127.0.0.1:9090/
</VirtualHost>
</IfModule>the important part is the Rewrite section for upgrading Websockets.
Lastly reloads Apache2 service by sudo systemctl reload apache2
Comments ()