4

How to get the original IP address in Apache2 behind Nginx

Nginx as a reverse proxy for Apache

A traditional setup is having Nginx as a frontend and then running Apache through reverse proxy. The Apache logs become full of just a single IP address, the accesses from the Nginx server – usually 127.0.0.1 if you are running both on the same server.

No more GeoIP decisions on the backend or any other feature by remote address.

But we know that Nginx passes along the original client IP address on a HTTP header named X-Forwarded-For to the backend server. It would be awesome if Apache could deal with that,

Have no fear, Reverse Proxy Add Forward is here!

Fortunately there is already a module that injects the IP on a special header to the HTTP request to Apache: mod_rpaf

The installation couldn’t be more simple than

$ sudo apt-get install libapache2-mod-rpaf

It will enabled it automatically

/etc/apache2/mods-enabled/rpaf.conf
/etc/apache2/mods-enabled/rpaf.load

In Nginx I usually include /etc/nginx/proxy.conf in my configuration. It already has these lines to help that everything works easily

proxy_set_header    Host            $host;
proxy_set_header    X-Real-IP       $remote_addr;
proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;

Just restart the Apache server

$ sudo service apache2 restart

But there’s a problem

Unfortunately it won’t work if you are using Ubuntu 12.04.

mod_rpaf is not working on Precise !

There is a bug with the package that is known to Canonical since last December as you can see in the bug track. Being a LTS version I don’t understand this attitude from them.

$ cat /etc/apache2/mods-enabled/rpaf.conf 

RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 ::1

And the problem is that it is originally named mod_rpaf-2.0.c.

$ strings /usr/lib/apache2/modules/mod_rpaf.so | grep mod_rpaf
mod_rpaf.so
mod_rpaf-2.0.c
Enable mod_rpaf
Let mod_rpaf set the hostname from X-Host header and update vhosts

Just edit the first line of /etc/apache2/mods-enabled/rpaf.conf and change it to


Restart again the Apache2 server and you will start to get all those remote IPs on your log files.

Conclusion

If it was not for the known bug this post could have been just one line to install mod_rpaf

:-)

0

Where is my add-apt-repository in Ubuntu Server LTS 12.04 ?

Yes, where is it ?

biafra@vm:~$ sudo add-apt-repository ppa:rwky/redis
[sudo] password for biafra: 
sudo: add-apt-repository: command not found

So, you are using the latest stable and supported LTS server distribution from Ubuntu. And it doesn’t install the package to simplify the management of PPA repositories (Personal Package Archives). The de facto Ubuntu repository for all people.

They even state that in the help text:

Read about installing

“Read about installing”

But don’t despair! They could already had installed it with one of the upgrades but… They forgot it. add-apt-repository comes with package python-software-properties

$ sudo apt-get install python-software-properties

And now at last:

biafra@vm:~$ sudo add-apt-repository ppa:rwky/redis
You are about to add the following PPA to your system:
 Redis is a in memory persistent datastore. This is package kept up
to date with the latest stable version from http://redis.io it uses
an upstart script instead of an init script which fits nicely with
the newer ubuntu distributions.

For support email admin {at} rwky {dot} net

For support in other distributions please contact me at the above
address and I'll consider other builds if there is demand.

If you like this package please consider flattring me
http://flattr.com/thing/360264/Redis-package-for-Ubuntu

Sponsored by @Food_Nation http://www.food-nation.co.uk/
 More info: https://launchpad.net/~rwky/+archive/redis
Press [ENTER] to continue or ctrl-c to cancel adding it

gpg: keyring `/tmp/tmp48ytqX/secring.gpg' created
gpg: keyring `/tmp/tmp48ytqX/pubring.gpg' created
gpg: requesting key 5862E31D from hkp server keyserver.ubuntu.com
gpg: /tmp/tmp48ytqX/trustdb.gpg: trustdb created
gpg: key 5862E31D: public key "Launchpad PPA for Rowan" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
OK

I hope this will help you like it helped me!

0

Connecting Thunderbird to an Exchange Calendar

Or How to Install an Add On .xpi in Thunderbird

You have your Ubuntu Desktop running smooth. Thunderbird is connecting to the corporate Exchange server through IMAP. However you can’t deal with all those appointments and meeting requests.

Add-ons you will need

You will need two Add-ons:

  • Lightning
  • Exchange 2007/2010 Calendar and Tasks Provider

Lightning is a calendar and task extension.

Open Thunderbird and go to your menu Tools / Add-ons. Select Get Add-ons.
If “Lightning” appears right away just click on it and added it. If not you have to use the search box. Keep in mind that you are looking just for “Lightning”. It will show up many add-ons with similar names. Continue to the next search page if there’s no add-on named just “Lightning”.

And now you think you could do the same for the second add-on. Wrong!
You must go here and download the Development Version 3.1.x.

Now you have the second add-on in a file named exchangecalendar-3.1.x.xpi

How do I install a .xpi add-on in Thunderbird ?

Well, you won’t find a menu option to do that. Go again to Tools / Add-ons / Get Add-ons. Now just click on the tools icon and select Install Add-on From File....

Tools for all add-ons

Conclusion

There’s now one less argument for the Management to go against Linux on the Desktop. And this is a really important one on the Corporation world. Unfortunately you can’t continue to not attend meetings with the excuse you were not invited or that it was not on your calendar :-)