comparison doc/src/site/markdown/server-setup.md @ 1681:6d5e04a54848

updated server-setup documentation. fixed broken link.
author Robert Casties <casties@mpiwg-berlin.mpg.de>
date Wed, 14 Mar 2018 19:43:12 +0100
parents 28df291d4e26
children 7e4396e467de
comparison
equal deleted inserted replaced
1680:395d56ba0112 1681:6d5e04a54848
1 # Server setups for digilib 1 # Server setup for digilib
2 2
3 There are a variety of ways to deploy digilib on different server configurations for production sites. 3 There are a variety of ways to deploy digilib on different server configurations for production sites.
4 4
5 Here are some examples. 5 Here are some examples and tips.
6 6
7 ## nginx as proxy 7 ## nginx as proxy
8 8
9 This is an example configuration for `nginx` as a proxy for a single instance 9 This is an example configuration for `nginx` as a proxy for a single instance
10 of digilib (listening on port `8080`) that handles transport encryption and 10 of digilib (listening on port `8080`) that handles transport encryption and
33 proxy_pass http://localhost:8080; 33 proxy_pass http://localhost:8080;
34 } 34 }
35 } 35 }
36 ``` 36 ```
37 37
38 ## Resources 38 ### Resources
39 39
40 - the [nginx documentation](nginx.org/en/docs/) 40 - the [nginx documentation](nginx.org/en/docs/)
41
42 ## Apache as proxy and load-balancer
43
44 This is an example configuration for [Apache](https://httpd.apache.org/) as a proxy and load balancer for two instances of
45 digilib (one running on localhost, port 8080 and another on otherserver, port 8080), using SSL and http/2:
46
47 ```
48 <VirtualHost *:443>
49 # HTTP/2 protocol (Apache 2.4.29 and later)
50 Protocols h2 http/1.1
51 ServerName digilib.example.com
52 SSLCertificateFile /etc/ssl/private/digilib-cert.pem
53 SSLCertificateKeyFile /etc/ssl/private/digilib-key.pem
54 SSLEngine on
55
56 DocumentRoot /var/www
57 <Directory />
58 Options FollowSymLinks
59 AllowOverride None
60 </Directory>
61 <Directory /var/www/>
62 Options Indexes FollowSymLinks MultiViews
63 AllowOverride None
64 Order allow,deny
65 allow from all
66 </Directory>
67
68 ErrorLog ${APACHE_LOG_DIR}/digilib-ssl-error.log
69 LogLevel warn
70 CustomLog ${APACHE_LOG_DIR}/digilib-ssl-access.log combined
71
72 # do not forward-proxy!
73 ProxyRequests off
74 # set proxy proto header
75 RequestHeader set X-Forwarded-Proto "https"
76 # digilib instances
77 <Proxy balancer://digilibs>
78 BalancerMember http://127.0.0.1:8080
79 BalancerMember http://otherserver.example.com:8080
80 </Proxy>
81 # balance by busy-ness
82 ProxyPass /digitallibrary balancer://digilibs/digitallibrary lbmethod=bybusyness
83 ProxyPassReverse /digitallibrary balancer://digilibs/digitallibrary
84
85 # balancer-manager frontend (be careful!)
86 <Location /balancer-manager>
87 SetHandler balancer-manager
88 Require host localhost
89 </Location>
90 </VirtualHost>
91 ```
92
93 ## Jetty behind a proxy
94
95 When you are using [Jetty](https://www.eclipse.org/jetty/) as servlet container behind an Apache or nginx proxy
96 then you should make sure that Jetty processes the `X-Forwarded-*` headers from the proxy server to derive the
97 correct request URL for the servlets.
98
99 Please see [this information for Jetty 9.4](http://www.eclipse.org/jetty/documentation/9.4.x/configuring-connectors.html#_proxy_load_balancer_connection_configuration) or [this information for Jetty 8 and earlier versions](https://wiki.eclipse.org/Jetty/Tutorial/Apache#Configuring_mod_proxy_http).