Kopano webapp behind httpd proxy

Hi All,

I just change to kopano community edition and i think it is great! However i got a problem if i want to access the webapp application behind my apache proxy.

I get my logon screen, but after i login i get an error: 404 it cant find /webapp/webapp

How can i resolve this? My proxy settings are:

<VirtualHost *:443>
DocumentRoot /var/www/
ServerName mydomain
ServerAdmin ben@example.com
# Indexes + Directory RoNoneot.
DirectoryIndex index.html index.php
ProxyPreserveHost On
SSLProxyENgine On
SSLProxyCheckPeerCN off
SSLProxyVerify none
SSLProxyCheckPeerName off
ProxyVia full
<proxy>
Order deny,allow
Allow from all
</proxy>
ProxyPass / https://192.168.2.8/webapp/ flushpackets=On keepalive=Off
ProxyPassReverse / https://192.168.2.8/webapp/
SetEnv proxy-sendchunks 1

Hi,
in /etc/kopano/webapp/config.php
find this line: define(‘INSECURE_COOKIES’,false); and set it to true: define(‘INSECURE_COOKIES’,true);
restart apache2 and test if it works.

@walterhof

Hi this is not the sollution. I believe it had something to do with the url. HTTPd want to redirect me to https://xxxxxx/webapp/webapp/

And ofcourse it Can not find the path?

Hi,

the location in your ProxyPass is wrong, replace / with /webapp should work.

ProxyPass /webapp https://192.168.2.8/webapp/ flushpackets=On keepalive=Off
ProxyPassReverse /webapp https://192.168.2.8/webapp/

We do not use flushpackets=On keepalive=Off.

I jus switched to nginx. But have same problem wat should the proxy_pass be on nginx and the location?

Coffee_is_life

Hello @ckruijntjens,

i bet your apache config on your real webapp-server is rewriting from https://192.168.2.8 to https://192.168.2.8/webapp

if it does and your proxy does the same and it will append to https://192.168.2.8/webapp/webapp
change your config in proxy so it wont rewrite and access the server without /webapp. the rest will be done on the webapp-system.

coffee_is_life

@coffee_is_life Hi how Can I stop rewrite of the url so that it Will keep https://192.168.2.8/webapp ???

In nginx?

@coffee_is_life hi,

i just went to my config again. If i enter the url manual it all works. However when i enter webmail.xxxxxxxxx.nl it redirects me to the root of nginx. I want to redirect to webmail.xxxxxxxx.nl/webapp

How can i do this in nginx without the error to many redirects?

Coffee_is_life

Hello @ckruijntjens,

im not familiar with ngnix configuration, so im not much help there, After googling “ngnix config rewrite rule” i found this:
https://www.nginx.com/blog/creating-nginx-rewrite-rules/

so i thing there must be something like this:

server {
rewrite ^(/webmail.xxxxxx.nl/)$ $1/webapp break;
rewrite ^(/webmail.xxxxxx.nl\//)$ https://webmail.xxxxxxxx.nl/webapp break;
}

the breake will cause nginx to stop the rewriting otherwise it may append these changes.
The “$” in the regex is used to define that here is the end of the url.

you need to check if ngnix is interpreting http and https before the regex, then you need to change
rewrite ^(/webmail.xxxxxx.nl//)$ https://webmail.xxxxxxxx.nl/webapp break; to this:
rewrite ^(https://webmail.xxxxxx.nl//)$ https://webmail.xxxxxxxx.nl/webapp break;

in addition nginx provides a rewrite_log:

Syntax: 	rewrite_log on | off;
Default: rewrite_log off;

if set to on, nginx will log rewritings into error.log on level NOTICE

try with these and report back :)

coffee_is_life

@walterhof

Hi @Coffee_is_life

ProxyPass /webapp https://192.168.2.8/webapp/
ProxyPassReverse /webapp https://192.168.2.8/webapp/

I Just did the above in my apache (httpd) server to check if this is correct. However if i do the above it get an access denied error. (No access)

Forbidden
You don’t have permission to access / on this server.

tosty

On our Proxmox servers we use with Apache something like this:

<IfModule mod_ssl.c>
  <VirtualHost *:443>
    ServerName example.de
    ServerAdmin webmaster@example.de
    DocumentRoot /var/www/html

    ProxyRequests Off
    ProxyPreserveHost On

    <Location /webapp>
      ProxyPass http://192.168.1.2/webapp
      ProxyPassReverse http://192.168.1.2/webapp
    </Location>

    <Location /caldav>
      ProxyPass http://192.168.1.2/caldav
      ProxyPassReverse http://192.168.1.2/caldav
    </Location>

    <Location /Microsoft-Server-ActiveSync>
      ProxyPass http://192.168.1.2/Microsoft-Server-ActiveSync
      ProxyPassReverse http://192.168.1.2/Microsoft-Server-ActiveSync
    </Location>
...
  </VirtualHost>
</IfModule>

tosty

And for nginx something like:

server {
  listen *:443 ssl;
  server_name example.de;

  ## --------------------------------------------------------------------
  ## SSL Settings
  ## --------------------------------------------------------------------
  ssl on;

  ssl_certificate      ...
  ssl_certificate_key  ...

  include /etc/nginx/conf.d/ssl.conf;

  ## --------------------------------------------------------------------
  ## Log File Settings
  ## --------------------------------------------------------------------
  access_log  /var/log/nginx/access.log main;
  error_log  /var/log/nginx/error.log;

  location /webapp {
    proxy_pass http://192.168.1.2:80;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_set_header X-Forwarded-Host $host:$server_port;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    # proxy_buffering off;
    access_log  /var/log/nginx/webapp.access.log main;
    proxy_redirect http://example.de:80 https://example.de;
  }
...
}

map $http_upgrade $connection_upgrade {
        default upgrade;
        '' close;